{ "Event": { "analysis": "2", "date": "2014-10-23", "extends_uuid": "", "info": "OSINT Emerging Threat Alert - CVE-2014-4114 blog post by Cylance", "publish_timestamp": "1456154039", "published": true, "threat_level_id": "2", "timestamp": "1414548362", "uuid": "54504af8-1394-43b4-a97d-a3ab950d210b", "Orgc": { "name": "CthulhuSPRL.be", "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f" }, "Tag": [ { "colour": "#004646", "name": "type:OSINT" }, { "colour": "#33FF00", "name": "tlp:green" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548228", "to_ids": false, "type": "link", "uuid": "54504b04-e970-44ad-b24e-4f19950d210b", "value": "http://blog.cylance.com/emerging-threat-alert-cve-2014-4114" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548251", "to_ids": false, "type": "comment", "uuid": "54504b1b-3090-4da4-8591-8f41950d210b", "value": "Data encoded by David Andr\u00c3\u00a9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548269", "to_ids": false, "type": "vulnerability", "uuid": "54504b2d-fd18-4ef1-b8ec-48e5950d210b", "value": "CVE-2014-4114" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548285", "to_ids": false, "type": "text", "uuid": "54504b3d-bc0c-4fc9-be95-4c03950d210b", "value": "Sandworm" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548285", "to_ids": false, "type": "text", "uuid": "54504b3d-e584-4315-be7e-4548950d210b", "value": "Black energy" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-c1d0-4535-8d41-4f2c950d210b", "value": "70b8d220469c8071029795d32ea91829f683e3fbbaa8b978a31a0974daee8aaf" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-8348-41c3-bfd7-4d12950d210b", "value": "4b2b9c147ed28b8f908f96f0c0db8bf8a0da0ac47864bbe0b31c976a4229a2ea" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-ce68-4385-a0dc-48d7950d210b", "value": "30175747dda628bc4ad8353d8e71f17e44ec8dde36c81891ff539dcec5693420" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-5264-448a-96b5-4abb950d210b", "value": "2baba003ef1858b22c1968a2699269cb12d1c3ec117c4951d9775466eb4c7f76" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-ce80-4ab5-bd72-40fe950d210b", "value": "65a8bf996bfc23405be764266d7409a65fa936d19cee52b61ef83e29dcdd6230" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-626c-4b5e-880a-4607950d210b", "value": "bd2176b239d240232cdced2da9fc930e627a27190e7216142db93f6538b21006" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548334", "to_ids": true, "type": "sha256", "uuid": "54504b6e-22a8-46d9-a8c5-4c6b950d210b", "value": "6732379efe230b522185cde9c186bc2640a5dfc7e154a6037ee3bbe067d6e705" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-b2b8-406d-8af6-4182950d210b", "value": "f6a4c241b38226a8ba5cc7a954faef6d7dc0c308534722860d38f7b7aaadad75" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-1d08-431c-a9ca-4804950d210b", "value": "2731d7cfcde172e6dde879f9c26bddaa0d2b1beba9a27680fbd2fa37f9bf12b7" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-f9f4-4412-b084-42a6950d210b", "value": "ea72c79d15fb1b7765d40733a251f8e3b8aeb278cd2bbf429d64921155214b36" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-6e18-4418-9de8-4af9950d210b", "value": "980d577d3448477dbfe65316b42f2b970c3972e5b01be9abe7abba3568aa1de7" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-2074-4899-8d09-43da950d210b", "value": "0fda6c118fb7dc946440cb9225e32ab1825d87d4f088bb75a6eab7cef35433bc" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-6eac-48d3-905a-47fe950d210b", "value": "0f63c8f8f080aff491ffb5bb4fcbb23a4719f86df9435e06af42f835b31dc79b" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1414548362", "to_ids": true, "type": "sha256", "uuid": "54504b8a-1ac8-4590-9502-460f950d210b", "value": "2e73379dab7819b3c8a1956ea1e7cb647763e96daf65024e05314bda8044df0b" }, { "category": "Artifacts dropped", "comment": "Automatically added (via f6a4c241b38226a8ba5cc7a954faef6d7dc0c308534722860d38f7b7aaadad75)", "deleted": false, "disable_correlation": false, "timestamp": "1455833050", "to_ids": true, "type": "md5", "uuid": "56c63fda-e898-44bd-8a4a-5f51950d210f", "value": "48937e732d0d11e99c68895ac8578374" }, { "category": "Artifacts dropped", "comment": "Automatically added (via 2e73379dab7819b3c8a1956ea1e7cb647763e96daf65024e05314bda8044df0b)", "deleted": false, "disable_correlation": false, "timestamp": "1455833053", "to_ids": true, "type": "md5", "uuid": "56c63fdd-25fc-4b4a-b743-c654950d210f", "value": "37ca2ecb5e1fc89f73c6adc188ff685d" }, { "category": "Artifacts dropped", "comment": "Automatically added (via 0f63c8f8f080aff491ffb5bb4fcbb23a4719f86df9435e06af42f835b31dc79b)", "deleted": false, "disable_correlation": false, "timestamp": "1455833055", "to_ids": true, "type": "md5", "uuid": "56c63fdf-b504-48df-a63b-599d950d210f", "value": "b0dc4c3402e7999d733fa2b668371ade" }, { "category": "Artifacts dropped", "comment": "Automatically added (via f6a4c241b38226a8ba5cc7a954faef6d7dc0c308534722860d38f7b7aaadad75)", "deleted": false, "disable_correlation": false, "timestamp": "1455833051", "to_ids": true, "type": "sha1", "uuid": "56c63fdb-d94c-41d5-8a89-599c950d210f", "value": "118206d910f0036357b04c154da8966bcccd31b4" }, { "category": "Artifacts dropped", "comment": "Automatically added (via 2e73379dab7819b3c8a1956ea1e7cb647763e96daf65024e05314bda8044df0b)", "deleted": false, "disable_correlation": false, "timestamp": "1455833054", "to_ids": true, "type": "sha1", "uuid": "56c63fde-4b54-4d53-9e96-c650950d210f", "value": "858c589842029616d75db616f2097ee98414bfbc" }, { "category": "Artifacts dropped", "comment": "Automatically added (via 0f63c8f8f080aff491ffb5bb4fcbb23a4719f86df9435e06af42f835b31dc79b)", "deleted": false, "disable_correlation": false, "timestamp": "1455833056", "to_ids": true, "type": "sha1", "uuid": "56c63fe0-cbac-4e9d-8d3e-4b3d950d210f", "value": "2ff3b1e5a310983f7dd81daad89e9f1ba262a0e9" } ] } }