{ "Event": { "analysis": "0", "date": "2016-08-24", "extends_uuid": "", "info": "Malspam 2016-08-24 (.hta in .zip) - campaign: \"Emailing{N}.jpg\"", "publish_timestamp": "1472051117", "published": true, "threat_level_id": "3", "timestamp": "1472051070", "uuid": "57bd9b3a-c354-481c-b414-424e950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#3a7300", "local": false, "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043888", "to_ids": true, "type": "url", "uuid": "57bd9b70-b228-433e-88d7-45d3950d210f", "value": "http://mage4ever.0catch.com/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043888", "to_ids": true, "type": "hostname", "uuid": "57bd9b70-8eb0-4bdc-b294-4a19950d210f", "value": "mage4ever.0catch.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043889", "to_ids": true, "type": "ip-dst", "uuid": "57bd9b71-8a28-4f99-b486-4f2d950d210f", "value": "69.27.174.10" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043889", "to_ids": true, "type": "url", "uuid": "57bd9b71-59ec-474c-81cb-4034950d210f", "value": "http://www.agenziadini.it/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043889", "to_ids": true, "type": "hostname", "uuid": "57bd9b71-e5f8-4975-baec-4f1b950d210f", "value": "www.agenziadini.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043889", "to_ids": true, "type": "ip-dst", "uuid": "57bd9b71-5ab4-478b-8e30-41e7950d210f", "value": "213.205.40.169" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043889", "to_ids": true, "type": "url", "uuid": "57bd9b71-8f5c-4444-9d17-4c26950d210f", "value": "http://iesjaumei.edu.gva.es/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043890", "to_ids": true, "type": "hostname", "uuid": "57bd9b72-3058-4b0e-8ebe-41a1950d210f", "value": "iesjaumei.edu.gva.es" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043890", "to_ids": true, "type": "ip-dst", "uuid": "57bd9b72-3f50-421e-9451-4286950d210f", "value": "193.144.125.70" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043890", "to_ids": true, "type": "url", "uuid": "57bd9b72-9838-48b6-a1f3-4220950d210f", "value": "http://www.carloabati.com/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472043890", "to_ids": true, "type": "hostname", "uuid": "57bd9b72-df5c-460b-bac8-4dba950d210f", "value": "www.carloabati.com" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1472044043", "to_ids": false, "type": "email-subject", "uuid": "57bd9c0b-5b3c-43c1-a167-4a47950d210f", "value": "Emailing{N}.jpg" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051067", "to_ids": true, "type": "url", "uuid": "57bdb77b-9e78-4217-ae6e-450c950d210f", "value": "http://brunnenburg.de/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051067", "to_ids": true, "type": "domain", "uuid": "57bdb77b-b270-4809-9e79-489c950d210f", "value": "brunnenburg.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051067", "to_ids": true, "type": "ip-dst", "uuid": "57bdb77b-b6f4-4c2d-84ba-442b950d210f", "value": "212.40.179.74" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051068", "to_ids": true, "type": "url", "uuid": "57bdb77c-571c-4301-90c2-44d9950d210f", "value": "http://csmjs.cba.pl/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051068", "to_ids": true, "type": "hostname", "uuid": "57bdb77c-2614-4f20-9863-4736950d210f", "value": "csmjs.cba.pl" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051068", "to_ids": true, "type": "ip-dst", "uuid": "57bdb77c-413c-41e5-a46a-4b20950d210f", "value": "95.211.144.65" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051068", "to_ids": true, "type": "url", "uuid": "57bdb77c-c5c0-4326-82c8-4fb1950d210f", "value": "http://ficonline.cat/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051068", "to_ids": true, "type": "domain", "uuid": "57bdb77c-5f3c-4239-adf0-4992950d210f", "value": "ficonline.cat" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "ip-dst", "uuid": "57bdb77d-30ac-4dd6-9c3a-4308950d210f", "value": "134.0.14.63" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "url", "uuid": "57bdb77d-2c7c-4d98-bf14-4977950d210f", "value": "http://jon.nomaki.jp/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "hostname", "uuid": "57bdb77d-aa60-447f-add4-4cbb950d210f", "value": "jon.nomaki.jp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "ip-dst", "uuid": "57bdb77d-d4f4-4278-9202-445f950d210f", "value": "112.140.42.29" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "url", "uuid": "57bdb77d-3544-4a46-acbe-4b27950d210f", "value": "http://ajurveda.meganet.lt/GHBuyd472" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051069", "to_ids": true, "type": "hostname", "uuid": "57bdb77d-f5f4-4f4f-ba8e-4842950d210f", "value": "ajurveda.meganet.lt" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472051070", "to_ids": true, "type": "ip-dst", "uuid": "57bdb77e-a8a8-41fa-8028-428f950d210f", "value": "88.222.0.5" } ] } }