{ "Event": { "analysis": "2", "date": "2015-04-20", "extends_uuid": "", "info": "OSINT The Sofacy plot thickens by PwC", "publish_timestamp": "1498163174", "published": true, "threat_level_id": "2", "timestamp": "1498163079", "uuid": "55355951-0354-4d8a-8148-1bf9950d210b", "Orgc": { "name": "CthulhuSPRL.be", "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f" }, "Tag": [ { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#12e000", "local": false, "name": "misp-galaxy:threat-actor=\"Sofacy\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559658", "to_ids": false, "type": "link", "uuid": "5535596a-ad38-49dd-8ee3-470a950d210b", "value": "http://pwc.blogs.com/cyber_security_updates/2015/04/the-sofacy-plot-thickens.html" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559658", "to_ids": false, "type": "link", "uuid": "5535596a-b970-4b6d-906a-429f950d210b", "value": "http://pwc.blogs.com/files/cto-tib-20150420-01a.pdf" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559674", "to_ids": false, "type": "text", "uuid": "5535597a-8fc8-4e9f-a990-95bb950d210b", "value": "Sofacy" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559674", "to_ids": false, "type": "text", "uuid": "5535597a-0d70-4c4f-b300-95bb950d210b", "value": "APT28" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559674", "to_ids": false, "type": "text", "uuid": "5535597a-3fe0-4cb3-94ba-95bb950d210b", "value": "Sednit" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-b664-40c6-b5b2-411e950d210b", "value": "defencereview.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-e74c-4b25-8f15-47fd950d210b", "value": "brnlv-gv.eu" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-39e8-4ff5-a962-4915950d210b", "value": "militaryobserver.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-0f44-4d29-8730-4ba3950d210b", "value": "netassistcache.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-6b58-4add-9404-45ae950d210b", "value": "asus-service.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-3250-41cf-9e91-41e3950d210b", "value": "aolnets.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559725", "to_ids": true, "type": "domain", "uuid": "553559ad-5a30-420f-8ab2-4690950d210b", "value": "natopress.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-a054-4826-a9a5-4c2d950d210b", "value": "natopress.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-e928-4930-9a31-41aa950d210b", "value": "defencereview.eu" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-2e84-461e-811e-4ac5950d210b", "value": "intelsupport.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-1340-46c7-9f90-4f53950d210b", "value": "globalnewsweekly.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-2198-405e-949f-43e9950d210b", "value": "osce-oscc.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-120c-46a9-bca1-42e3950d210b", "value": "enisa-europa.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-dd68-462e-b9f6-4e8f950d210b", "value": "enisa-europa.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-e834-4ab1-ae31-4102950d210b", "value": "techcruncln.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559726", "to_ids": true, "type": "domain", "uuid": "553559ae-dfa0-4d16-85fa-4aea950d210b", "value": "nato-hq.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-29e8-4256-a07d-4444950d210b", "value": "iacr-tcc.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-c1b8-4589-ad23-41e4950d210b", "value": "nato-int.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-0178-466c-b7d6-4bda950d210b", "value": "nato-info.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-c894-4e3d-a609-4db6950d210b", "value": "bmlv-gv.eu" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-d82c-4b09-9db4-450d950d210b", "value": "foreignreview.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-a39c-4c80-b33c-4d12950d210b", "value": "mediarea.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-943c-47fa-ab66-4e90950d210b", "value": "osce-military.org" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-6a60-495f-a53a-4555950d210b", "value": "europeanda.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559727", "to_ids": true, "type": "domain", "uuid": "553559af-2c68-45e3-8103-4173950d210b", "value": "softupdates.info" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-af44-4289-b549-4427950d210b", "value": "settings-yahoo.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-7c90-4822-a2e3-46cb950d210b", "value": "settings-live.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-8848-41b2-aab1-4f82950d210b", "value": "delivery-yahoo.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-bdcc-4295-a93c-427b950d210b", "value": "privacy-yahoo.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-fd58-4754-b02a-46d3950d210b", "value": "privacy-live.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559728", "to_ids": true, "type": "domain", "uuid": "553559b0-fbc0-4d32-ab05-4617950d210b", "value": "westinqhousenuclear.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1429559760", "to_ids": true, "type": "hostname", "uuid": "553559b0-e838-4a20-be30-4bf3950d210b", "value": "webmail.westinqhousenuclear.com" } ] } }