{ "Event": { "analysis": "0", "date": "2016-10-16", "extends_uuid": "", "info": "Spam 2016-10-16 (mule acquisition) - probably related to Locky resources", "publish_timestamp": "1476594598", "published": true, "threat_level_id": "3", "timestamp": "1476594574", "uuid": "58030b52-b52c-41e7-93f6-43ae950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594567", "to_ids": true, "type": "url", "uuid": "58030b87-8db0-460f-b10d-4da6950d210f", "value": "http://bidprogroup.com/wp-content/plugins/contact-form-7/admin/images/" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594568", "to_ids": true, "type": "domain", "uuid": "58030b88-30e4-4f4c-8cdf-4a01950d210f", "value": "bidprogroup.com" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594568", "to_ids": true, "type": "ip-dst", "uuid": "58030b88-b5d0-4119-a90c-4edd950d210f", "value": "50.62.172.113" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594569", "to_ids": true, "type": "url", "uuid": "58030b89-5a44-44fd-97a6-4f39950d210f", "value": "http://bigway.com/installation2/tmp/rohi5l/par/users/" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594569", "to_ids": true, "type": "domain", "uuid": "58030b89-350c-41fe-a6a2-407e950d210f", "value": "bigway.com" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594570", "to_ids": true, "type": "ip-dst", "uuid": "58030b8a-08f8-4977-91d6-4986950d210f", "value": "69.168.8.211" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594570", "to_ids": true, "type": "url", "uuid": "58030b8a-aa0c-49f6-84f9-4d49950d210f", "value": "http://bikebreeze.com/wp-content/themes/CherryFramework/admin/images/" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594571", "to_ids": true, "type": "domain", "uuid": "58030b8b-4ba4-4d92-bb27-474f950d210f", "value": "bikebreeze.com" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594571", "to_ids": true, "type": "ip-dst", "uuid": "58030b8b-def8-4a45-a71a-4b40950d210f", "value": "166.62.10.183" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594572", "to_ids": true, "type": "url", "uuid": "58030b8c-86fc-4621-948a-42a4950d210f", "value": "http://billfoundation.org/wp-includes/js/tinymce/plugins/wptextpattern/" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594573", "to_ids": true, "type": "domain", "uuid": "58030b8d-7518-449b-8492-43d3950d210f", "value": "billfoundation.org" }, { "category": "Network activity", "comment": "compromised resource", "deleted": false, "disable_correlation": false, "timestamp": "1476594573", "to_ids": true, "type": "ip-dst", "uuid": "58030b8d-c9f8-4946-8dda-462c950d210f", "value": "52.202.112.204" } ] } }