{ "Event": { "analysis": "0", "date": "2016-06-24", "extends_uuid": "", "info": "Malspam 2016-06-24 (Locky)", "publish_timestamp": "1466781496", "published": true, "threat_level_id": "3", "timestamp": "1466781260", "uuid": "576d3a39-fe90-4921-85cc-4e3c950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#3b7500", "local": "0", "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776190", "to_ids": true, "type": "url", "uuid": "576d3a7e-6310-4ee7-9f59-471f950d210f", "value": "http://neoventtechnologies.com/bvbebi" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776190", "to_ids": true, "type": "domain", "uuid": "576d3a7e-64ec-498d-bd9d-4746950d210f", "value": "neoventtechnologies.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776190", "to_ids": true, "type": "ip-dst", "uuid": "576d3a7e-ba14-4f53-b6fb-477c950d210f", "value": "23.229.235.65" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776190", "to_ids": true, "type": "url", "uuid": "576d3a7e-4c04-45d7-8485-4049950d210f", "value": "http://www.members.aon.at/~cfabian1/56v7o" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "hostname", "uuid": "576d3a7f-85f8-477a-b3dc-469b950d210f", "value": "www.members.aon.at" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "ip-dst", "uuid": "576d3a7f-dfd0-4cfe-8b0b-4c2f950d210f", "value": "195.3.96.72" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "url", "uuid": "576d3a7f-4d20-40c8-bc64-4dbf950d210f", "value": "http://sherlock.uvishere.com/lzjgi" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "hostname", "uuid": "576d3a7f-8420-4614-b5d1-48b0950d210f", "value": "sherlock.uvishere.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "ip-dst", "uuid": "576d3a7f-d254-40f6-bb7d-493a950d210f", "value": "69.195.124.97" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776191", "to_ids": true, "type": "url", "uuid": "576d3a7f-44fc-4b9f-b93b-4128950d210f", "value": "http://80.109.240.71/~m.lingg/ghpeaew" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776192", "to_ids": true, "type": "ip-dst", "uuid": "576d3a80-ab58-41e6-a6ae-43aa950d210f", "value": "80.109.240.71" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776192", "to_ids": true, "type": "url", "uuid": "576d3a80-c5dc-4e40-800d-47b1950d210f", "value": "http://formateam-finance.com/3n72h" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776192", "to_ids": true, "type": "domain", "uuid": "576d3a80-65fc-4439-84d1-400e950d210f", "value": "formateam-finance.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776192", "to_ids": true, "type": "ip-dst", "uuid": "576d3a80-9df0-410e-a14d-4414950d210f", "value": "213.186.33.4" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776192", "to_ids": true, "type": "url", "uuid": "576d3a80-4a84-4fb6-9bf4-42db950d210f", "value": "http://camera-test.hi2.ro/msjs" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776193", "to_ids": true, "type": "hostname", "uuid": "576d3a81-9874-4f9a-9f07-4d3b950d210f", "value": "camera-test.hi2.ro" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776193", "to_ids": true, "type": "ip-dst", "uuid": "576d3a81-7e20-4a84-8b50-4dc9950d210f", "value": "89.42.39.67" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776193", "to_ids": true, "type": "url", "uuid": "576d3a81-b5dc-4bcc-8511-477e950d210f", "value": "http://212.40.5.95/~tonex/9ln841" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776193", "to_ids": true, "type": "ip-dst", "uuid": "576d3a81-1d08-4015-aa0d-46e9950d210f", "value": "212.40.5.95" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776193", "to_ids": true, "type": "url", "uuid": "576d3a81-f694-45c2-b51d-41cb950d210f", "value": "http://217.26.70.230/~altomdo/09uom" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776194", "to_ids": true, "type": "ip-dst", "uuid": "576d3a82-04e4-45a7-beca-492a950d210f", "value": "217.26.70.230" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776194", "to_ids": true, "type": "url", "uuid": "576d3a82-6618-42a0-93e3-4684950d210f", "value": "http://www.hotelmoonnightnikola.free.bg/k499xf" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776194", "to_ids": true, "type": "hostname", "uuid": "576d3a82-1a34-46eb-be96-4b16950d210f", "value": "www.hotelmoonnightnikola.free.bg" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776194", "to_ids": true, "type": "ip-dst", "uuid": "576d3a82-5728-4d88-b437-4732950d210f", "value": "188.40.80.188" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776194", "to_ids": true, "type": "url", "uuid": "576d3a82-fcc4-49ad-b937-4829950d210f", "value": "http://camera-test.hi2.ro/kezw5md" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "url", "uuid": "576d3a83-7dd0-4bb2-b061-4da6950d210f", "value": "http://205.167.142.107/~3kelly/bqsm9" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "ip-dst", "uuid": "576d3a83-5c4c-4559-977f-4d45950d210f", "value": "205.167.142.107" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "url", "uuid": "576d3a83-697c-446c-bfca-4d04950d210f", "value": "http://www.fancyupage.com/webroot/1nemk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "hostname", "uuid": "576d3a83-898c-4997-add0-4c2c950d210f", "value": "www.fancyupage.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "ip-dst", "uuid": "576d3a83-c95c-456c-97ae-46ba950d210f", "value": "192.185.36.128" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776195", "to_ids": true, "type": "url", "uuid": "576d3a83-6ba8-4f2b-bc4f-4c94950d210f", "value": "http://www.beautycollegeofamca.com/h17if71" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776196", "to_ids": true, "type": "hostname", "uuid": "576d3a84-ebc0-4d8c-91d2-4cfe950d210f", "value": "www.beautycollegeofamca.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776196", "to_ids": true, "type": "ip-dst", "uuid": "576d3a84-3278-4c82-987f-4a18950d210f", "value": "23.229.191.132" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776196", "to_ids": true, "type": "url", "uuid": "576d3a84-6808-4055-966c-410b950d210f", "value": "http://23.229.137.8/~monkeyadvertisin/8vks94cb" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776196", "to_ids": true, "type": "ip-dst", "uuid": "576d3a84-2a34-4d9f-aada-41ab950d210f", "value": "23.229.137.8" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776197", "to_ids": true, "type": "url", "uuid": "576d3a85-7b94-4c1f-8800-44a3950d210f", "value": "http://emisije.sezamprodukcija.com/3o9v8rp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776197", "to_ids": true, "type": "hostname", "uuid": "576d3a85-1194-4994-8fad-4793950d210f", "value": "emisije.sezamprodukcija.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776197", "to_ids": true, "type": "ip-dst", "uuid": "576d3a85-b254-440d-a288-42be950d210f", "value": "195.154.187.199" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776197", "to_ids": true, "type": "url", "uuid": "576d3a85-cc3c-4748-bfa8-4ffe950d210f", "value": "http://www.cbactive.com/d8kn9vtb" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776197", "to_ids": true, "type": "hostname", "uuid": "576d3a85-f1f0-4d6f-903d-4df8950d210f", "value": "www.cbactive.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776198", "to_ids": true, "type": "ip-dst", "uuid": "576d3a86-81b4-4d0f-b0b7-472f950d210f", "value": "23.229.171.33" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776198", "to_ids": true, "type": "url", "uuid": "576d3a86-3138-4c3e-8b66-440e950d210f", "value": "http://ws.osenilo.com/7lurx" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776198", "to_ids": true, "type": "hostname", "uuid": "576d3a86-0920-498b-bb53-4fec950d210f", "value": "ws.osenilo.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776198", "to_ids": true, "type": "ip-dst", "uuid": "576d3a86-a970-430b-962e-448d950d210f", "value": "95.211.230.74" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776198", "to_ids": true, "type": "url", "uuid": "576d3a86-2968-4f06-a08f-47e6950d210f", "value": "http://sherlock.uvishere.com/jw0qtxrr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776199", "to_ids": true, "type": "url", "uuid": "576d3a87-e088-42bd-bed4-4f8d950d210f", "value": "http://67.199.50.113/a3cs5og0" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776199", "to_ids": true, "type": "ip-dst", "uuid": "576d3a87-6b0c-4dba-aab3-424a950d210f", "value": "67.199.50.113" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776199", "to_ids": true, "type": "url", "uuid": "576d3a87-6228-4809-9380-4b5c950d210f", "value": "http://queza.com/buodw" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776199", "to_ids": true, "type": "domain", "uuid": "576d3a87-e0c0-48de-86db-49ae950d210f", "value": "queza.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776199", "to_ids": true, "type": "ip-dst", "uuid": "576d3a87-23ac-4ee2-bc10-407a950d210f", "value": "81.88.57.68" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776200", "to_ids": true, "type": "url", "uuid": "576d3a88-a7b0-4051-9cc7-475e950d210f", "value": "http://noriegachiropracticclinics.com/g2isru1k" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776200", "to_ids": true, "type": "domain", "uuid": "576d3a88-b9c4-4aa3-948e-4b3b950d210f", "value": "noriegachiropracticclinics.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776200", "to_ids": true, "type": "ip-dst", "uuid": "576d3a88-39fc-416c-a8fd-4836950d210f", "value": "138.229.65.9" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776200", "to_ids": true, "type": "url", "uuid": "576d3a88-290c-4e62-973a-4abc950d210f", "value": "http://pinakfoods.com/794vi" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776200", "to_ids": true, "type": "domain", "uuid": "576d3a88-d5e0-464d-8744-450d950d210f", "value": "pinakfoods.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776201", "to_ids": true, "type": "ip-dst", "uuid": "576d3a89-8d14-4605-8907-4b0d950d210f", "value": "160.153.35.5" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776201", "to_ids": true, "type": "url", "uuid": "576d3a89-f648-442b-b188-452b950d210f", "value": "http://www.hotelmoonnightnikola.free.bg/mk6a3w3z" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776201", "to_ids": true, "type": "url", "uuid": "576d3a89-e8e8-479e-9d75-4b0d950d210f", "value": "http://www.beautycollegeofamca.com/gfzbzv9j" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776201", "to_ids": true, "type": "url", "uuid": "576d3a89-4f3c-4512-887d-4b18950d210f", "value": "http://layaligroup.com/3hcutyd" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776201", "to_ids": true, "type": "domain", "uuid": "576d3a89-4d08-4750-b484-45d5950d210f", "value": "layaligroup.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "ip-dst", "uuid": "576d3a8a-5f0c-48e8-b96f-4585950d210f", "value": "107.180.51.16" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "url", "uuid": "576d3a8a-5cc4-452b-bc88-48fe950d210f", "value": "http://salisburyjc.com/2l72hnm2" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "domain", "uuid": "576d3a8a-51fc-454f-b687-4876950d210f", "value": "salisburyjc.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "ip-dst", "uuid": "576d3a8a-385c-4573-a624-44f2950d210f", "value": "199.116.77.52" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "url", "uuid": "576d3a8a-3f9c-488c-bde0-469a950d210f", "value": "http://kksokol.euweb.cz/2d0b27" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776202", "to_ids": true, "type": "hostname", "uuid": "576d3a8a-1ec8-4579-8b13-41c6950d210f", "value": "kksokol.euweb.cz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466776203", "to_ids": true, "type": "ip-dst", "uuid": "576d3a8b-f06c-4b19-a406-4cb6950d210f", "value": "88.86.117.154" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466781259", "to_ids": true, "type": "url", "uuid": "576d4e4b-6ecc-4952-bc2c-4a09950d210f", "value": "http://210.116.102.7/2s4x7" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466781259", "to_ids": true, "type": "ip-dst", "uuid": "576d4e4b-6478-46b7-b746-495d950d210f", "value": "210.116.102.7" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466781259", "to_ids": true, "type": "url", "uuid": "576d4e4b-c338-4d05-a6eb-4dc6950d210f", "value": "http://217.26.70.100/~rollbar/f4duk2jd" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1466781260", "to_ids": true, "type": "ip-dst", "uuid": "576d4e4c-3328-4331-9cfe-4980950d210f", "value": "217.26.70.100" } ] } }