{ "Event": { "analysis": "2", "date": "2013-03-24", "extends_uuid": "", "info": "OSINT OSX/Pintsized Backdoor Additional Details by Zataz / Eric Romang", "publish_timestamp": "1439900350", "published": true, "threat_level_id": "2", "timestamp": "1439887174", "uuid": "559f66e6-6e10-468f-9025-81c0950d210b", "Orgc": { "name": "CthulhuSPRL.be", "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f" }, "Tag": [ { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1436509950", "to_ids": false, "type": "link", "uuid": "559f66fe-4e38-43b8-9c23-f3af950d210b", "value": "http://eromang.zataz.com/2013/03/24/osx-pintsized-backdoor-additional-details/" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1436509982", "to_ids": false, "type": "text", "uuid": "559f671e-e834-4cb1-a733-82a8950d210b", "value": "Morpho" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1436509982", "to_ids": false, "type": "text", "uuid": "559f671e-03f8-4807-b1a5-82a8950d210b", "value": "Wild Neutron" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886921", "to_ids": true, "type": "md5", "uuid": "55d2ee49-0edc-47d7-87d8-966f950d210b", "value": "7fe4149b82516ae43938de6b8316ed84" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886921", "to_ids": true, "type": "md5", "uuid": "55d2ee49-79f4-4b58-a9c2-966f950d210b", "value": "2e35b9a683ccc2408fef5ca575abf0e6" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886922", "to_ids": true, "type": "md5", "uuid": "55d2ee4a-5ad8-4a53-bd24-966f950d210b", "value": "27f241c64303e4e2d1d94d3143a48eb9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886922", "to_ids": true, "type": "md5", "uuid": "55d2ee4a-9450-460a-899e-966f950d210b", "value": "2b9b84f0612d6f9d7efb705dd7522f83" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886922", "to_ids": true, "type": "md5", "uuid": "55d2ee4a-e3b8-4646-aecb-966f950d210b", "value": "34cee92669e0c60a9dbafae7319f49db" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886922", "to_ids": true, "type": "md5", "uuid": "55d2ee4a-9ef8-4190-82dc-966f950d210b", "value": "d3f151b246deb74890c612606c6ad044" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886922", "to_ids": true, "type": "md5", "uuid": "55d2ee4a-e8d4-4d2a-9d47-966f950d210b", "value": "f419dfb35a0d220c4c53c4a087c91d5e" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886923", "to_ids": true, "type": "md5", "uuid": "55d2ee4b-8704-4c0c-96e1-966f950d210b", "value": "59424d4a567ae809f96afc56d22892b2" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886923", "to_ids": true, "type": "md5", "uuid": "55d2ee4b-cdd8-4dd3-b30b-966f950d210b", "value": "0ec55685affc322a5d7be2e9ca1f9cbf" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886923", "to_ids": true, "type": "md5", "uuid": "55d2ee4b-6760-49d4-ba62-966f950d210b", "value": "3a861b8526e397b3684a99f363ec145b" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886923", "to_ids": true, "type": "md5", "uuid": "55d2ee4b-d988-42bf-a85b-966f950d210b", "value": "1582d68144de2808b518934f0a02bfd6" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439886923", "to_ids": true, "type": "md5", "uuid": "55d2ee4b-9790-4076-b9bc-966f950d210b", "value": "622fc8b7daf425aed7f9ffa97e30c611" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887170", "to_ids": true, "type": "hostname", "uuid": "55d2ef42-1e4c-4a13-b5d7-a4cf950d210b", "value": "ads.digitalinsight-ltd.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887170", "to_ids": true, "type": "hostname", "uuid": "55d2ef42-5ab4-4bb0-9244-a4cf950d210b", "value": "ak.fbcbn.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887171", "to_ids": true, "type": "hostname", "uuid": "55d2ef43-d6ec-490f-8d0e-a4cf950d210b", "value": "cache.cloudbox-storage.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887171", "to_ids": true, "type": "domain", "uuid": "55d2ef43-4ba0-432b-a3dc-a4cf950d210b", "value": "cloudbox-storage.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887171", "to_ids": true, "type": "domain", "uuid": "55d2ef43-2a88-4744-9d97-a4cf950d210b", "value": "clust12-akmai.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887171", "to_ids": true, "type": "domain", "uuid": "55d2ef43-2d18-40c6-a939-a4cf950d210b", "value": "corp-appl.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887171", "to_ids": true, "type": "domain", "uuid": "55d2ef43-3bc0-4e99-921a-a4cf950d210b", "value": "digitalinsight-ltd.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887172", "to_ids": true, "type": "hostname", "uuid": "55d2ef44-aee4-47e7-a16d-a4cf950d210b", "value": "fb.clust12-akmai.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887172", "to_ids": true, "type": "domain", "uuid": "55d2ef44-05f4-40aa-98c9-a4cf950d210b", "value": "fbcbn.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887172", "to_ids": true, "type": "hostname", "uuid": "55d2ef44-1ba8-4b59-8038-a4cf950d210b", "value": "fbu.clust12-akmai.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887172", "to_ids": true, "type": "hostname", "uuid": "55d2ef44-4a50-44b7-be0f-a4cf950d210b", "value": "img.digitalinsight-ltd.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887172", "to_ids": true, "type": "domain", "uuid": "55d2ef44-0200-4e04-a99e-a4cf950d210b", "value": "jdk-update.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887173", "to_ids": true, "type": "hostname", "uuid": "55d2ef45-7fe4-48b0-830d-a4cf950d210b", "value": "pop.digitalinsight-ltd.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887173", "to_ids": true, "type": "hostname", "uuid": "55d2ef45-ccd8-488c-add3-a4cf950d210b", "value": "static.ak.fbcbn.net" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887173", "to_ids": true, "type": "hostname", "uuid": "55d2ef45-4ad4-48df-a552-a4cf950d210b", "value": "ww1.jdk-update.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887173", "to_ids": true, "type": "hostname", "uuid": "55d2ef45-aaec-426e-bd31-a4cf950d210b", "value": "www.digitalinsight-ltd.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1439887173", "to_ids": true, "type": "hostname", "uuid": "55d2ef45-8494-4cf8-b4f3-a4cf950d210b", "value": "www.jdk-update.com" } ] } }