adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/dfd47825-5536-4360-833f-b72868ce8a2a.json

513 lines
23 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "0",
"date": "2023-03-14",
"extends_uuid": "",
"info": "NOBELIUM Uses Poland's Ambassador\u2019s Visit to the U.S. to Target EU Governments Assisting Ukraine",
"publish_timestamp": "1679483336",
"published": true,
"threat_level_id": "1",
"timestamp": "1679483329",
"uuid": "dfd47825-5536-4360-833f-b72868ce8a2a",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#0088cc",
"name": "misp-galaxy:microsoft-activity-group=\"NOBELIUM\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"APT29 - G0016\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"UNC2452 - G0118\""
},
{
"colour": "#028e1c",
"name": "misp-galaxy:threat-actor=\"UNC2452\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Native API - T1106\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Drive-by Compromise - T1189\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Trusted Relationship - T1199\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1406\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Web Service - T1102\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"User Execution - T1204\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Boot or Logon Autostart Execution - T1547\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Phishing - T1566\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Compromise Infrastructure - T1584\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Web Services - T1584.006\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1192\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1566.002\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Malicious File - T1204.002\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Registry Run Keys / Startup Folder - T1547.001\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Registry Run Keys / Startup Folder - T1060\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"HTML Smuggling - T1027.006\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Bidirectional Communication - T1102.002\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:clear"
},
{
"colour": "#0088cc",
"name": "misp-galaxy:region=\"150 - Europe\""
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "e563d09d-6058-4104-99e9-e79723ee0238",
"value": "e957326b2167fa7ccd508cbf531779a28bfce75eb2635ab81826a522979aeb98"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "6c97fefc-4cd9-4a96-89fc-68b18fc1d104",
"value": "dffaefaabbcf6da029f927e67e38c0d1e6271bf998040cfd6d8c50a4eff639df"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "fddafd79-ff8d-44ff-8c2b-2a73950f7df8",
"value": "dbb39c2f143265ad86946d1c016226b0e01614af35a2c666afa44ac43b76b276"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "0942be9b-847c-438a-b613-696ce960552b",
"value": "c1ebaee855b5d9b67657f45d6d764f3c1e46c1fa6214329a3b51d14eba336256"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "b483874d-d917-4315-b960-bc932acc677b",
"value": "505f1e5aed542e8bfdb0052bbe8d3a2a9b08fc66ae49efbc9d9188a44c3870ed"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "957e0b85-7fb3-473a-8ea1-4895db8c9b50",
"value": "4d92a4cecb62d237647a20d2cdfd944d5a29c1a14b274d729e9c8ccca1f0b68b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "e367a53d-2f54-436c-8c47-8c1f964297ad",
"value": "3a489ef91058620951cb185ec548b67f2b8d047e6fdb7638645ec092fc89a835"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679322239",
"to_ids": true,
"type": "sha256",
"uuid": "ca8258af-8ec9-4a8f-a36f-56af1226821e",
"value": "21a0b617431850a9ea2698515c277cbd95de4e59c493d0d8f194f3808eb16354"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "sha1",
"uuid": "d762968b-4a3a-47da-9109-9a6c5cec9af5",
"value": "8eb64670c10505322d45f6114bc9f7de0826e3a1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "sha1",
"uuid": "8941a758-861b-41f6-99f9-0ef933392612",
"value": "3fd43de3c9f7609c52da71c1fc4c01ce0b5ac74c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "sha1",
"uuid": "39ff865c-9197-4998-9273-ef6012cf5eac",
"value": "2a0478a22d27f7af98786e873b6c85c4ae2e3b2e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "064b05a1-b399-4477-bc4e-c9ff8d9d5412",
"value": "e693777a3a85583a1bbbd569415be09c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "c86a92bb-7e81-4cbd-b3c7-16b11b4f52b6",
"value": "e0cb8157e6791390463714b38158195a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "7241bc16-7eec-437b-94c8-f214e7674a7a",
"value": "cf36bf564fbb7d5ec4cec9b0f185f6c9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "0f14d6ca-512e-419f-b466-e7248729b475",
"value": "8d5c0f69c1caa29f8990fbc440ab3388"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "aca03861-2dcc-4531-8ca7-6268f040ab42",
"value": "89f716d32461880cd0359ffbb902f06e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "847e4cdd-584d-4ee8-bf00-0d9a6b555d93",
"value": "82ecb8474efe5fedcb8f57b8aafa93d2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "3e561e01-96af-44a3-9fe7-09eb9bf30c75",
"value": "67a6774fbc01eb838db364d4aa946a98"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "md5",
"uuid": "bb2c4e70-6c8a-4874-9e33-1a540448f6aa",
"value": "38b05aa4b5ba651ba95f7173c5145270"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "url",
"uuid": "52043d37-ebab-44a1-8eec-a37894d70749",
"value": "https://literaturaelsalvador.com/Instructions.html"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1679323149",
"to_ids": true,
"type": "url",
"uuid": "450cb8b4-9f57-4dee-ba53-0c31e59128e3",
"value": "https://literaturaelsalvador.com/Schedule.html"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Metadata used to generate an executive level report",
"meta-category": "misc",
"name": "report",
"template_uuid": "70a68471-df22-4e3f-aa1a-5a3be19f82df",
"template_version": "7",
"timestamp": "1679318068",
"uuid": "a59cab1a-1100-4cc7-b625-33a7fa39425c",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1679318068",
"to_ids": false,
"type": "link",
"uuid": "f03d7256-7859-4e94-a678-3061871d8c99",
"value": "https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1679318068",
"to_ids": false,
"type": "link",
"uuid": "f463855e-196b-46c8-bca6-e99e042a7898",
"value": "https://otx.alienvault.com/pulse/64160883fe275bce4bb6b07f"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "summary",
"timestamp": "1679318068",
"to_ids": false,
"type": "text",
"uuid": "c3169ae3-c39e-4bbd-a3bc-5d65b913caff",
"value": "NOBELIUM, aka APT29, is a sophisticated, Russian state-sponsored threat actor targeting Western countries. At the beginning of March, BlackBerry researchers observed a new campaign targeting European Union countries; specifically, its diplomatic entities and systems transmitting sensitive information about the region's politics, aiding Ukrainian citizens fleeing the country, and providing help to the government of Ukraine."
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1679318068",
"to_ids": false,
"type": "text",
"uuid": "956c20cb-4378-46f8-b86f-6101095caf51",
"value": "Blog"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An object describing a YARA rule (or a YARA rule name) along with its version.",
"meta-category": "misc",
"name": "yara",
"template_uuid": "b5acf82e-ecca-4868-82fe-9dbdf4d808c3",
"template_version": "6",
"timestamp": "1679319715",
"uuid": "eb3f981d-b9ad-4986-bf24-b738729f05b3",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "comment",
"timestamp": "1679319715",
"to_ids": false,
"type": "comment",
"uuid": "7c5a064e-a6ac-463c-8dae-d5d7ecd76b3b",
"value": "Yara rule based on code NOBELIUM_SpyDLL_March2023"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "reference",
"timestamp": "1679319715",
"to_ids": false,
"type": "link",
"uuid": "8548baad-389b-4442-bb18-f9c7d93bc90f",
"value": "https://otx.alienvault.com/indicator/yara/f7959f465becdc25d20f452cbd5d5759ea4a702e"
},
{
"category": "Payload installation",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "yara",
"timestamp": "1679319715",
"to_ids": true,
"type": "yara",
"uuid": "772343c6-2318-4779-847e-b5f9756e9a28",
"value": "rule NOBELIUM_SpyDLL_March2023 \r\n { \r\n meta: \r\n copyright = \"BlackBerry\" \r\n description = \"Yara rule based on code NOBELIUM_SpyDLL_March2023\" \r\n author = \"BlackBerry Threat Intelligence Team\" \r\n date = \"2023-03-07\" \r\n sha256 = \"e957326b2167fa7ccd508cbf531779a28bfce75eb2635ab81826a522979aeb98\" \r\n sha256 = \"4d92a4cecb62d237647a20d2cdfd944d5a29c1a14b274d729e9c8ccca1f0b68b\" \r\n sha256 = \"3a489ef91058620951cb185ec548b67f2b8d047e6fdb7638645ec092fc89a835\" \r\n strings: $1807379073_247 = { 8B ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? 48 ?? ?? ?? ?? 4C ?? ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 89 ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? 4C ?? ?? ?? ?? F7 ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? 48 ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 0F 10 ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? 48 ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 4C ?? ?? ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? 8B ?? ?? ?? 89 ?? 49 ?? ?? 89 ?? 49 ?? ?? 49 ?? ?? 48 ?? ?? 48 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? 0F 11 ?? ?? ?? 4C ?? ?? ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 9? 0F 10 ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? 5? 5? 5? 5? 41 ?? 41 ?? 41 ?? C3 } \r\n $1807233630_154 = { 48 ?? ?? ?? ?? ?? ?? 49 ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 49 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 49 ?? ?? 41 ?? ?? 4C ?? ?? 4D ?? ?? 48 ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 4D ?? ?? 45 ?? ?? 4C ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? 45 ?? ?? 45 ?? ?? BA ?? ?? ?? ?? 31 ?? FF 1? ?? ?? ?? ?? 85 ?? 0F 88 } \r\n $1807250632_125 = { 48 ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? 4D ?? ?? 48 ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 45 ?? ?? 4D ?? ?? 4C ?? ?? 4C ?? ?? C7 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 84 ?? 0F 85 } \r\n $1807244815_125 = { 48 ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? 49 ?? ?? 4C ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 45 ?? ?? 4D ?? ?? 4C ?? ?? 4C ?? ?? C7 ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 84 ?? 0F 85 } \r\n $1807376832_81 = { 41 ?? 41 ?? 41 ?? 41 ?? 5? 5? 5? 5? 48 ?? ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 41 ?? ?? ?? 0F 10 ?? 48 ?? ?? ?? ?? ?? ?? ?? 0F 10 ?? 49 ?? ?? 48 ?? ?? 4C ?? ?? 0F 11 ?? ?? ?? ?? ?? ?? 0F 11 ?? ?? ?? 83 ?? ?? ?? ?? 0F 11 ?? ?? ?? ?? ?? ?? 7D } \r\n $1807378924_80 = { 48 ?? ?? ?? ?? ?? ?? ?? 66 ?? ?? ?? E8 ?? ?? ?? ?? 0F 10 ?? ?? ?? ?? ?? ?? 0F 10 ?? ?? ?? ?? ?? ?? 0F 10 ?? ?? ?? ?? ?? ?? 0F 11 ?? ?? ?? ?? ?? ?? 8B ?? ?? ?? ?? ?? ?? 0F 11 ?? ?? ?? ?? ?? ?? 0F 11 ?? ?? ?? ?? ?? ?? 39 ?? ?? ?? ?? ?? ?? 74 } \r\n $1807227484_78 = { 31 ?? 31 ?? 4C ?? ?? FF D? 49 ?? ?? ?? 31 ?? 4D ?? ?? 4C ?? ?? F2 ?? 48 ?? ?? ?? ?? ?? ?? ?? 48 ?? ?? 48 ?? ?? ?? 4C ?? ?? F2 ?? 89 ?? ?? ?? 48 ?? ?? ?? ?? ?? ?? ?? 48 ?? ?? 4C ?? ?? 48 ?? ?? 44 ?? ?? ?? FF 1? ?? ?? ?? ?? 85 ?? 0F 84 } \r\n $1807233543_78 = { 4C ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? ?? ?? ?? ?? ?? 49 ?? ?? 48 ?? ?? ?? ?? 4C ?? ?? 49 ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? 41 ?? ?? E8 ?? ?? ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 45 ?? ?? 0F 85 } \r\n $1807231440_74 = { 4C ?? ?? 31 ?? 48 ?? ?? ?? ?? 41 ?? ?? ?? ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? ?? ?? 41 ?? ?? ?? ?? ?? 8A ?? ?? 48 ?? ?? ?? ?? 48 ?? ?? 42 ?? ?? ?? 0F BE ?? FF 1? ?? ?? ?? ?? 48 ?? ?? 4C ?? ?? E8 ?? ?? ?? ?? 48 ?? ?? ?? ?? ?? 75 } \r\n $1807236234_71 = { 41 ?? 41 ?? 41 ?? 41 ?? 5? 5? 5? 5? 48 ?? ?? ?? 45 ?? ?? 48 ?? ?? ?? ?? 48 ?
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "yara-rule-name",
"timestamp": "1679319715",
"to_ids": false,
"type": "text",
"uuid": "11879881-2eeb-46d7-966f-3e975568091a",
"value": "NOBELIUM_SpyDLL_March2023"
}
]
},
{
"comment": "CC=US ASN=AS19871 NETWORK-SOLUTIONS-HOSTING",
"deleted": false,
"description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "11",
"timestamp": "1679320216",
"uuid": "e611ac1d-7c57-484b-9c47-40da2960dfdd",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1679320216",
"to_ids": true,
"type": "ip-dst",
"uuid": "dd14147e-1de4-4f25-9f0f-75e2b0b15504",
"value": "108.167.180.186"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink