{ "Event": { "analysis": "0", "date": "2021-11-02", "extends_uuid": "", "info": "[CERT-FR] Campagnes d'hame\u00e7onnage du mode op\u00e9ratoire d'attaquants Nobelium", "publish_timestamp": "1646299998", "published": true, "threat_level_id": "4", "timestamp": "1700843537", "uuid": "6181159d-d7e0-422f-b7f5-26cc0abe1822", "Orgc": { "name": "CERT-FR_1510", "uuid": "56bdf779-46f8-4353-bdf9-2bb95bce2212" }, "Tag": [ { "colour": "#ff1f00", "local": "0", "name": "fr-classif:non-classifiees=\"NON-CLASSIFIEES\"", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "cossi:TLP=\"white\"", "relationship_type": "" }, { "colour": "#008e63", "local": "0", "name": "cossi:RechercheSourceOuverte=\"Autorisee\"", "relationship_type": "" }, { "colour": "#00714f", "local": "0", "name": "cossi:fiabilite=\"Bonne\"", "relationship_type": "" }, { "colour": "#ffffff", "local": "1", "name": "tlp:white", "relationship_type": "" }, { "colour": "#00714f", "local": "0", "name": "cert-fr:fiabilite=\"Bonne\"", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "tlp:clear", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "PAP:CLEAR", "relationship_type": "" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1635849629", "to_ids": true, "type": "comment", "uuid": "98fb6de0-6762-44c8-9d74-871e68120e72", "value": "Infrastructure de Commande et de Contr\u00f4le", "Tag": [ { "colour": "#00ae7a", "local": "0", "name": "DescriptionTechnique", "relationship_type": "" } ] } ], "Object": [ { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849629", "uuid": "e3f3284a-e6fa-4020-9a45-44f31f828deb", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "ff92d0f2-28cc-4277-bb6d-1cdc5c2f7315", "value": "2020-10-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "f2aa70f1-8c6a-4968-a3da-4bdb36fbc6a1", "value": "2020-12-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849629", "to_ids": true, "type": "ip-dst", "uuid": "8ed8b9a2-f95e-47f2-b4ad-1739dd5939f7", "value": "45.179.89.37", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849629", "to_ids": true, "type": "domain", "uuid": "e8aa928b-30cc-4739-aa1d-f78364f618c7", "value": "hanproud.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849629", "uuid": "77ea36fb-8bba-464b-86e3-d245b9881abb", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "690bd55c-c8ea-4c69-aa23-1f664a42ae70", "value": "2021-02-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "74c06d8b-3d74-4cfa-b6cc-64b76260adf2", "value": "2021-05-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849629", "to_ids": true, "type": "ip-dst", "uuid": "f0816314-14bf-4349-84cf-272c9ba17443", "value": "139.99.167.177", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849629", "to_ids": true, "type": "domain", "uuid": "c1b560f2-4279-40dc-b847-80fc0cf7ef7e", "value": "cbdnewsandreviews.net", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849629", "uuid": "9df5a183-c151-48ad-aa4c-b7efa7a40163", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "c87fe1af-4133-4a8b-9fc9-a675fcf7c74c", "value": "2021-02-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "7cf827d6-497d-46b2-92c8-2be3404d1bba", "value": "2021-06-25T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849629", "to_ids": true, "type": "ip-dst", "uuid": "c436199c-57c8-4c6c-90cd-a1e269801892", "value": "51.38.85.225", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849629", "to_ids": true, "type": "domain", "uuid": "9b485d25-f70a-4cde-b278-3f5d234620ea", "value": "cityloss.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849629", "uuid": "5329cc1e-65ca-4fe7-905c-ba0f82d62b73", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "91c1b8ec-d10d-4461-80ea-808c43137e33", "value": "2021-03-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849629", "to_ids": false, "type": "datetime", "uuid": "eed05c91-6968-4916-ab09-9d428d09cda9", "value": "2021-05-10T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849629", "to_ids": true, "type": "ip-dst", "uuid": "75f0061e-1d2a-42ff-8246-a3d40a0a97e2", "value": "190.183.61.30", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849629", "to_ids": true, "type": "domain", "uuid": "d57170cc-9cd1-4ae6-b5e6-9599622aad2e", "value": "businesssalaries.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "fdda2a1a-3913-4258-a5df-2b3b5a3e8612", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "df6b4e21-7279-4eaf-b24b-fcc68e61f802", "value": "2021-03-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "50a61e15-261d-4c30-8280-e3882782c082", "value": "2021-04-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "e7024505-5c9c-4ca7-b706-f93ce8f9892f", "value": "185.243.215.198", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "ebad7ad4-0c35-4ecd-a45c-1c25e9acc758", "value": "trendignews.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "04bb451f-4c0d-470e-b697-dde549b833c5", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "5a9cfce0-c7e2-403e-9226-af0dd29ecc92", "value": "2021-03-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "f3f12f81-d112-4825-ae12-3ff19431685a", "value": "2021-09-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "13b29835-5a4c-4cb6-ac34-d45dabd7dbe5", "value": "192.99.221.77", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "293f3c11-2c9d-426f-96ec-119e851da0aa", "value": "worldhomeoutlet.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "a29c4b43-221e-4cf8-8f5c-30ea2b1681fc", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "a5a28b82-8fac-4af5-812c-e87c48a72021", "value": "2021-03-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "0a43ca51-bee5-47f8-bbe1-f18478fee1b4", "value": "2021-04-25T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "5bc978d9-ec4c-4007-9a36-d6c40953a5f7", "value": "37.120.247.135", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "f403ffa1-bdbc-4ab4-9aa1-993a43210008", "value": "giftbox4u.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "f89ed523-59cb-4401-a433-b46bbe6867c6", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "ffc860ef-c16e-419d-9bcd-eed6981f3beb", "value": "2021-03-25T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "5740e050-cc5a-4632-9ff4-42502270184b", "value": "2021-07-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "e177e415-9059-4a3b-9e33-300776e4fcd7", "value": "45.80.148.166", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "b419e4e1-6321-423f-9fbe-4359a5fe55f3", "value": "myexpertforum.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "397c3a84-cd04-43cf-b290-2d65d18e5a41", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "2aa132e5-7ca5-4573-aca1-5b36a2159c05", "value": "2021-04-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "39e2e369-e203-4486-8e9d-2adca3660175", "value": "2021-05-20T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "2e115bf3-be6e-44a5-b771-a32fd324ca45", "value": "45.135.167.27", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "10d2e608-9820-4af2-8029-45eedd7b3353", "value": "doggroomingnews.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "a5fc60c2-0ef1-4eaf-bfa8-862e886a6512", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "798cdbf4-ca73-4b67-8caf-17afc036f484", "value": "2021-04-10T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "29b16ead-28ef-4629-81c4-cbcb7544e5cb", "value": "2021-09-15T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "b71497f5-297c-4897-a72f-67d24e450db4", "value": "188.68.250.182", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "c2c0ac1b-8cfc-407b-a566-bcc48dc5796a", "value": "alifemap.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849630", "uuid": "23a3b255-c0f2-4d5c-aee2-e1dd94d8fcdc", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "0ff95223-50c9-4215-ba43-cde0b08c728f", "value": "2021-04-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849630", "to_ids": false, "type": "datetime", "uuid": "57e1fdb5-5169-4228-8be5-96c2e3eb5d3b", "value": "2021-06-25T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849630", "to_ids": true, "type": "ip-dst", "uuid": "ef750cc0-dcc9-4551-9465-b1193daa7cb1", "value": "54.38.137.218", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849630", "to_ids": true, "type": "domain", "uuid": "5b936046-31eb-4354-a05d-c2709faa8a7b", "value": "enpport.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "7d667263-5619-48f0-8c67-e3969913b5c1", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "17986ed2-8280-43c6-8c0a-1888a2086f6e", "value": "2021-04-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "61ba2a71-809f-4690-9945-3f9ca64806a8", "value": "2021-06-24T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "288068f9-eebc-4541-a6a4-223eaae24311", "value": "83.171.237.173", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "42496a42-072d-4bb9-8e58-d25a97e147af", "value": "theyardservice.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "4a731b21-9535-44ba-a031-49cb3844685b", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "346c448c-7024-4a3c-9ec3-b31fcd37c283", "value": "2021-04-20T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "f37821f1-98c4-44f7-b818-3da4bae3bea3", "value": "2021-09-01T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "e87b792b-27b1-4a9c-a832-9a55fb31fc3d", "value": "37.59.225.51", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "da69cd92-183d-4a90-af2f-8c6ab901d623", "value": "celebsinformation.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "4f5a5f32-8def-45ea-b358-97cea364a3ae", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "f6002b98-279f-4294-96f0-c373e2d02a8d", "value": "2021-02-20T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "fb6f85b1-1bc6-4fb2-acbd-ddc4adb88bff", "value": "2021-06-10T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "1c4a1ca6-dc05-4cc1-b50e-89106cc8ce1a", "value": "31.42.177.114", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "320d3105-1407-4118-868a-becb86fb5900", "value": "dailydews.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "63d2e15d-291d-494d-98fd-df898902fed6", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "c1e0cba3-3df6-478c-ae62-3cf1d0eaa921", "value": "2021-06-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "f3a6ffbc-a3cc-4e54-85c4-ffc613902a2c", "value": "2021-06-15T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "bce01ce4-e28b-4db0-8fb4-27307e069130", "value": "81.17.30.46", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "3b0a3204-8c57-4d8b-89bd-3f0366866f90", "value": "ideasofbusiness.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "57a89186-cf43-47bd-9c2c-29fbbb0850d1", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "683631b7-1a1c-46d4-b31b-10bf1a7d5247", "value": "2021-02-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "8b0a4646-a735-43d4-babb-28432d2e8209", "value": "2021-08-15T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "dce44fdf-28d4-45bc-be11-1feaf1b8d869", "value": "79.143.87.166", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "c860fcbb-c944-40a3-ba64-0b8b8f823b94", "value": "newminigolf.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "19eb5793-3293-42bf-baa0-4f3575d7acbf", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "7c3d3695-9dec-4b7e-a3ef-f47b48ae2294", "value": "2021-06-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "45b462d2-2ae2-44ba-bf02-8cc199e7f744", "value": "2021-10-25T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "4b1295c5-b6a6-46a1-875e-3e57c6123893", "value": "51.89.50.153", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "a13be87c-e242-40b6-b486-a65203128170", "value": "rchosts.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "59f80dc9-cb68-42cb-aa2d-a50a664a6530", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "0ddd41ce-e41f-4b90-97da-f98276831f61", "value": "2021-02-20T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849631", "to_ids": false, "type": "datetime", "uuid": "218ff801-f9df-44ea-918e-06ffa35c3ad2", "value": "2021-03-15T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849631", "to_ids": true, "type": "ip-dst", "uuid": "241bf609-b558-4e90-8ef5-45951afe7daa", "value": "51.254.241.158", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849631", "to_ids": true, "type": "domain", "uuid": "d15460f1-1323-4e7a-9f22-1cc8dd1a0715", "value": "stockmarketon.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849631", "uuid": "13232130-5088-4c44-a14b-c9762fa91e58", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "239afbd1-597b-4bdd-a416-c3875e085ff2", "value": "2021-03-10T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "77ba8e51-99d6-411d-861b-314e6b9adff7", "value": "2021-09-05T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849632", "to_ids": true, "type": "ip-dst", "uuid": "e0ff4181-53a6-497e-a92b-49813c1715da", "value": "91.234.254.144", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849632", "to_ids": true, "type": "domain", "uuid": "e46c658a-dbcd-4ab2-81e4-4146278343db", "value": "stonecrestnews.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849632", "uuid": "e5e89737-d90a-40fc-a679-6b4a8c7e2463", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "5dea6365-492e-4d68-81be-753b5ed9e678", "value": "2021-05-01T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "942ee708-a0d6-41e3-954a-cb81f7d2302d", "value": "2021-09-25T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849632", "to_ids": true, "type": "ip-dst", "uuid": "507fa69d-3220-4e0d-8352-ab42e7887f96", "value": "194.135.81.18", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849632", "to_ids": true, "type": "domain", "uuid": "1b1df484-6b15-4ea0-920e-f140b8983549", "value": "teachingdrive.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849632", "uuid": "5756b49f-8978-4733-96fb-f1258c013369", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "49ece1eb-736b-43ad-8dfa-3b9ef4a50106", "value": "2021-03-15T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "de098062-74c4-422f-a899-f317d748f3f1", "value": "2021-06-04T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849632", "to_ids": true, "type": "ip-dst", "uuid": "24b5ca52-2505-4f2b-8a77-7a03346b9004", "value": "185.158.250.239", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849632", "to_ids": true, "type": "domain", "uuid": "0fe725c2-1c98-4db5-bdb5-246191818ee8", "value": "newstepsco.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "6", "timestamp": "1635849632", "uuid": "f44a0497-e022-4713-8948-f73bce2d5b2c", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "first-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "c6f10de3-a114-4952-bc1a-e1c7516e2b99", "value": "2021-02-25T00:00:00+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-seen", "timestamp": "1635849632", "to_ids": false, "type": "datetime", "uuid": "a2768f2c-6ad1-47de-ae9a-dd3153406e2f", "value": "2021-06-10T00:00:00+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1635849632", "to_ids": true, "type": "ip-dst", "uuid": "82f2b29c-b8c5-4ff8-97db-d791c0e11a6a", "value": "195.206.181.169", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1635849632", "to_ids": true, "type": "domain", "uuid": "716b252c-54d8-4dba-b495-08742ce263b3", "value": "tacomanewspaper.com", "Tag": [ { "colour": "#e200a3", "local": "0", "name": "kill-chain:Command and Control", "relationship_type": "" }, { "colour": "#8a0064", "local": "0", "name": "kill-chain:Delivery", "relationship_type": "" } ] } ] } ] } }