{ "Event": { "analysis": "2", "date": "2015-10-09", "extends_uuid": "", "info": "OSINT Dyre Malware Campaigners Innovate with Distribution Techniques by ProofPoint", "publish_timestamp": "1446568535", "published": true, "threat_level_id": "3", "timestamp": "1446568457", "uuid": "561d86b1-3fdc-4229-84dd-1048950d210b", "Orgc": { "name": "CthulhuSPRL.be", "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#004646", "local": "0", "name": "type:OSINT", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1444775620", "to_ids": false, "type": "link", "uuid": "561d86c4-dba0-4b9a-8c7f-4253950d210b", "value": "https://www.proofpoint.com/us/dyre-malware-campaigners-innovate-distribution-techniques" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568433", "to_ids": true, "type": "ip-dst", "uuid": "5638e1f1-ed68-4c75-a3c9-2069950d210b", "value": "62.210.182.246" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568433", "to_ids": true, "type": "ip-dst", "uuid": "5638e1f1-f07c-4b89-bd8f-2069950d210b", "value": "178.162.193.207" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568434", "to_ids": true, "type": "ip-dst", "uuid": "5638e1f2-362c-44b0-802b-2069950d210b", "value": "197.149.90.166" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568434", "to_ids": true, "type": "sha256", "uuid": "5638e1f2-d0ec-4ac0-929a-2069950d210b", "value": "94ecc7d1f0fa098975a0984e55ba77ec93719b56dc3157d36311e18c51d581dc" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568435", "to_ids": true, "type": "url", "uuid": "5638e1f3-9910-4236-b4b2-2069950d210b", "value": "https://65.255.135.178/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568435", "to_ids": true, "type": "url", "uuid": "5638e1f3-1974-4709-b4e0-2069950d210b", "value": "https://188.93.122.150/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568436", "to_ids": true, "type": "url", "uuid": "5638e1f4-307c-4963-9c83-2069950d210b", "value": "https://88.93.122.150/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568436", "to_ids": true, "type": "url", "uuid": "5638e1f4-920c-46f0-ac7a-2069950d210b", "value": "https://67.222.201.105/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568437", "to_ids": true, "type": "url", "uuid": "5638e1f5-d67c-4212-9007-2069950d210b", "value": "https://212.72.123.130/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568437", "to_ids": true, "type": "url", "uuid": "5638e1f5-29d8-4d9f-8cbb-2069950d210b", "value": "https://50.24.13.21/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568438", "to_ids": true, "type": "url", "uuid": "5638e1f6-9020-4c68-812c-2069950d210b", "value": "https://186.16.203.154/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568438", "to_ids": true, "type": "url", "uuid": "5638e1f6-b890-4c0e-b368-2069950d210b", "value": "https://93.103.20.189/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568439", "to_ids": true, "type": "url", "uuid": "5638e1f7-882c-44a8-acd5-2069950d210b", "value": "https://190.121.163.46/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568439", "to_ids": true, "type": "url", "uuid": "5638e1f7-2ff0-4dcc-823a-2069950d210b", "value": "https://202.79.57.155/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568440", "to_ids": true, "type": "url", "uuid": "5638e1f8-a118-4599-9dd0-2069950d210b", "value": "https://202.70.89.57/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568440", "to_ids": true, "type": "url", "uuid": "5638e1f8-c240-439a-97af-2069950d210b", "value": "https://190.121.164.10/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568441", "to_ids": true, "type": "url", "uuid": "5638e1f9-e808-43c9-af43-2069950d210b", "value": "https://181.40.117.66/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568441", "to_ids": true, "type": "url", "uuid": "5638e1f9-0554-49f6-9458-2069950d210b", "value": "https://201.217.51.92/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568442", "to_ids": true, "type": "url", "uuid": "5638e1fa-10ec-4346-91a6-2069950d210b", "value": "https://94.40.82.66/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568442", "to_ids": true, "type": "url", "uuid": "5638e1fa-10e4-4484-bcdf-2069950d210b", "value": "https://69.9.204.114/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568443", "to_ids": true, "type": "url", "uuid": "5638e1fb-7de8-4838-8af4-2069950d210b", "value": "https://201.217.56.83/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568443", "to_ids": true, "type": "url", "uuid": "5638e1fb-6d3c-4a5a-8e8c-2069950d210b", "value": "https://24.33.131.116/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568444", "to_ids": true, "type": "url", "uuid": "5638e1fc-c81c-4e83-977e-2069950d210b", "value": "https://72.230.82.80/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568444", "to_ids": true, "type": "url", "uuid": "5638e1fc-9e24-4077-b9b0-2069950d210b", "value": "https://173.248.31.6/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568445", "to_ids": true, "type": "url", "uuid": "5638e1fd-91b8-4388-b27e-2069950d210b", "value": "https://208.117.68.78/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568445", "to_ids": true, "type": "url", "uuid": "5638e1fd-ba50-4049-903a-2069950d210b", "value": "https://69.144.171.44/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568445", "to_ids": true, "type": "url", "uuid": "5638e1fd-fafc-4ebd-b1d9-2069950d210b", "value": "https://24.148.217.188/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568446", "to_ids": true, "type": "url", "uuid": "5638e1fe-9bac-4388-bea8-2069950d210b", "value": "https://173.216.247.74/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568446", "to_ids": true, "type": "url", "uuid": "5638e1fe-2544-4805-a062-2069950d210b", "value": "https://37.57.144.177/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568447", "to_ids": true, "type": "url", "uuid": "5638e1ff-2098-4196-bfba-2069950d210b", "value": "https://68.70.242.203/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568447", "to_ids": true, "type": "url", "uuid": "5638e1ff-e1b8-4f2f-8597-2069950d210b", "value": "https://27.109.20.53/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568447", "to_ids": true, "type": "url", "uuid": "5638e1ff-0e88-4389-850e-2069950d210b", "value": "https://67.222.201.61/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568448", "to_ids": true, "type": "url", "uuid": "5638e200-58dc-47fc-bb98-2069950d210b", "value": "https://203.129.197.50/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568448", "to_ids": true, "type": "url", "uuid": "5638e200-bb90-410f-8c43-2069950d210b", "value": "https://112.133.203.43/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568449", "to_ids": true, "type": "url", "uuid": "5638e201-a00c-428e-98fc-2069950d210b", "value": "https://45.64.159.18/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568449", "to_ids": true, "type": "url", "uuid": "5638e201-e08c-4c22-804b-2069950d210b", "value": "https://150.129.49.11/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568449", "to_ids": true, "type": "url", "uuid": "5638e201-82d8-4311-964e-2069950d210b", "value": "https://213.92.138.154/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568450", "to_ids": true, "type": "url", "uuid": "5638e202-efc4-4a8b-9a67-2069950d210b", "value": "https://109.199.11.51/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568450", "to_ids": true, "type": "url", "uuid": "5638e202-5968-4134-b17e-2069950d210b", "value": "https://82.115.76.211/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568451", "to_ids": true, "type": "url", "uuid": "5638e203-385c-409b-9af0-2069950d210b", "value": "https://78.72.233.105/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568451", "to_ids": true, "type": "url", "uuid": "5638e203-4d40-4629-a798-2069950d210b", "value": "https://82.160.64.45/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568451", "to_ids": true, "type": "url", "uuid": "5638e203-5058-49e3-b0b2-2069950d210b", "value": "https://197.210.199.21/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568452", "to_ids": true, "type": "url", "uuid": "5638e204-4718-4d3b-a03c-2069950d210b", "value": "https://78.108.101.67/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568452", "to_ids": true, "type": "url", "uuid": "5638e204-a074-460d-98cf-2069950d210b", "value": "https://94.40.82.239/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568453", "to_ids": true, "type": "url", "uuid": "5638e205-7490-49d2-b0ea-2069950d210b", "value": "https://185.89.64.160/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568453", "to_ids": true, "type": "url", "uuid": "5638e205-8030-4af7-b68a-2069950d210b", "value": "https://87.126.65.67/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568453", "to_ids": true, "type": "url", "uuid": "5638e205-d7c0-4103-999f-2069950d210b", "value": "https://93.183.155.22/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568454", "to_ids": true, "type": "url", "uuid": "5638e206-4f8c-411c-abf8-2069950d210b", "value": "https://87.97.168.205/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568454", "to_ids": true, "type": "url", "uuid": "5638e206-70b8-4151-859d-2069950d210b", "value": "https://62.233.252.207/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568455", "to_ids": true, "type": "url", "uuid": "5638e207-187c-4154-b616-2069950d210b", "value": "https://85.11.144.37/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568455", "to_ids": true, "type": "url", "uuid": "5638e207-1ca0-4290-bdb4-2069950d210b", "value": "https://188.167.93.231/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568455", "to_ids": true, "type": "url", "uuid": "5638e207-536c-4159-b89d-2069950d210b", "value": "https://91.240.236.148/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568456", "to_ids": true, "type": "url", "uuid": "5638e208-6890-4992-bac3-2069950d210b", "value": "https://91.240.236.122/limto1.tar" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1446568456", "to_ids": true, "type": "url", "uuid": "5638e208-bfd8-4965-a312-2069950d210b", "value": "https://93.115.172.232/limto1.tar" } ] } }