adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/55d58a12-3644-4378-8ca9-44a6950d210b.json

748 lines
No EOL
23 KiB
JSON
Raw Permalink Blame History

{
"Event": {
"analysis": "0",
"date": "2015-08-20",
"extends_uuid": "",
"info": "OSINT Cheshire Cat",
"publish_timestamp": "1440061755",
"published": true,
"threat_level_id": "1",
"timestamp": "1440060835",
"uuid": "55d58a12-3644-4378-8ca9-44a6950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440057994",
"to_ids": false,
"type": "link",
"uuid": "55d58a8a-fa5c-4e2d-bac4-4768950d210b",
"value": "http://kernelmode.info/forum/viewtopic.php?f=16&t=3981"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440057995",
"to_ids": false,
"type": "link",
"uuid": "55d58a8b-e044-40ca-abf3-4c2c950d210b",
"value": "https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Marquis-Boire"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440057995",
"to_ids": false,
"type": "link",
"uuid": "55d58a8b-0d10-410d-9354-4554950d210b",
"value": "https://otx.alienvault.com/pulse/55d3d4c74637f226f7391154/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058005",
"to_ids": false,
"type": "text",
"uuid": "55d58a95-daa0-4309-9cb8-41a3950d210b",
"value": "Cheshire Cat"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058069",
"to_ids": true,
"type": "sha256",
"uuid": "55d58ad5-f798-4f29-9fde-49ef950d210b",
"value": "63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058070",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad6-9b1c-4315-87e5-4b18950d210b",
"value": "apartmentsin-paris.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058070",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad6-42a8-471d-bde8-4de6950d210b",
"value": "au-skydivelessons.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058070",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad6-0800-43bb-a744-4b8d950d210b",
"value": "beautifuldaisies.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058070",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad6-5ea8-44a8-9250-45c3950d210b",
"value": "brazil-crazybungee.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058070",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad6-2c7c-46df-acfa-40e9950d210b",
"value": "bungee4you-br.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058071",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad7-053c-4bf6-bc43-401c950d210b",
"value": "bungee4you-uy.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058071",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad7-9938-4cf5-9b42-4c22950d210b",
"value": "bungeejumping-br.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058071",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad7-c2c0-48d1-93fa-4d39950d210b",
"value": "bungeejumping-uy.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058071",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad7-58b8-4e0a-887f-444b950d210b",
"value": "china-flowershop.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058071",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad7-6040-425a-b2da-47c5950d210b",
"value": "circlesofourlives-ir.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058072",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad8-90ec-476f-b0f8-4ec6950d210b",
"value": "clickflowers-hk.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058072",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad8-8b1c-4daf-a8ae-4cd2950d210b",
"value": "crazy-jump.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058072",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad8-4068-4766-8adf-422f950d210b",
"value": "crazyjump-uy.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058072",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad8-7af0-4255-bbb6-4017950d210b",
"value": "cropcirclestours.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058072",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad8-8e64-4cd6-a90a-47e8950d210b",
"value": "dive-extreme.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058073",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad9-332c-4204-9448-4867950d210b",
"value": "divextreme-ar.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058073",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad9-bea4-466d-95cd-455e950d210b",
"value": "divextreme-au.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058073",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad9-5a84-476f-9640-44b1950d210b",
"value": "euro-rafting.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058073",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad9-7ed0-4b83-85e4-4802950d210b",
"value": "eurorafting-tr.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058073",
"to_ids": true,
"type": "domain",
"uuid": "55d58ad9-8710-41db-b093-4b44950d210b",
"value": "franceholidayapartments.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058074",
"to_ids": true,
"type": "domain",
"uuid": "55d58ada-5dac-4142-b813-420f950d210b",
"value": "groupbungee-br.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058074",
"to_ids": true,
"type": "domain",
"uuid": "55d58ada-f3e4-4142-8cfa-4a33950d210b",
"value": "groupbungee-uy.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058074",
"to_ids": true,
"type": "domain",
"uuid": "55d58ada-4804-4b84-87e4-49c4950d210b",
"value": "groupdive-au.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058074",
"to_ids": true,
"type": "domain",
"uuid": "55d58ada-70f0-43dd-a0ed-4233950d210b",
"value": "groupdive.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058074",
"to_ids": true,
"type": "domain",
"uuid": "55d58ada-da7c-4abf-87df-4665950d210b",
"value": "holidayapartments-paris.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058075",
"to_ids": true,
"type": "domain",
"uuid": "55d58adb-dc78-4784-bf5e-4d60950d210b",
"value": "holidayapartments4you.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058075",
"to_ids": true,
"type": "domain",
"uuid": "55d58adb-2bf8-4d31-b3b8-4b11950d210b",
"value": "hongkong-bouquets.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058075",
"to_ids": true,
"type": "domain",
"uuid": "55d58adb-1538-47d7-a764-4a1c950d210b",
"value": "ir-cool.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058075",
"to_ids": true,
"type": "domain",
"uuid": "55d58adb-7cd8-48c1-90cc-4916950d210b",
"value": "irelancropcircles.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058075",
"to_ids": true,
"type": "domain",
"uuid": "55d58adb-5c20-4a4a-9e48-408b950d210b",
"value": "magnificentcircles.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058076",
"to_ids": true,
"type": "domain",
"uuid": "55d58adc-1efc-481d-ba4d-434e950d210b",
"value": "paris-holidayapartments.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058076",
"to_ids": true,
"type": "domain",
"uuid": "55d58adc-58fc-4c3e-b118-4fa6950d210b",
"value": "raftingholiday.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058076",
"to_ids": true,
"type": "domain",
"uuid": "55d58adc-94b4-439f-8245-40bd950d210b",
"value": "raftingtours-turkey.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058076",
"to_ids": true,
"type": "domain",
"uuid": "55d58adc-960c-4c90-af9d-4bcc950d210b",
"value": "rosesinchina.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058076",
"to_ids": true,
"type": "domain",
"uuid": "55d58adc-089c-41f5-8440-4d3c950d210b",
"value": "skydivelessons.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058077",
"to_ids": true,
"type": "domain",
"uuid": "55d58add-d078-45ba-aaa3-49cf950d210b",
"value": "stuntjumps.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058077",
"to_ids": true,
"type": "domain",
"uuid": "55d58add-9c94-4a8d-8ca1-4e07950d210b",
"value": "tandemskydive-ar.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058077",
"to_ids": true,
"type": "domain",
"uuid": "55d58add-828c-4c5d-8303-4865950d210b",
"value": "tandemskydive-au.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058077",
"to_ids": true,
"type": "domain",
"uuid": "55d58add-6274-46d9-8828-4e73950d210b",
"value": "turkeyextremerafting.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058077",
"to_ids": true,
"type": "domain",
"uuid": "55d58add-a2d4-490e-b924-4043950d210b",
"value": "uruguay-crazybungee.com"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058142",
"to_ids": true,
"type": "md5",
"uuid": "55d58b1e-8630-4ec2-ac16-4b94950d210b",
"value": "e2ca6cca598d47dee311f06920c1efde"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058142",
"to_ids": true,
"type": "md5",
"uuid": "55d58b1e-c448-4474-ba0a-496d950d210b",
"value": "4e0a3498438adda8c50c3e101cfa86c5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058143",
"to_ids": true,
"type": "md5",
"uuid": "55d58b1f-70a0-40c4-9bae-4d3a950d210b",
"value": "3ba57784d7fd4302fe74beb648b28dc1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058143",
"to_ids": true,
"type": "md5",
"uuid": "55d58b1f-66bc-4770-b9de-4f5c950d210b",
"value": "fa1e5eec39910a34ede1c4351ccecec8"
},
{
"category": "External analysis",
"comment": "Unconfirmed group name used by Kaspersky, menioned in the kernelMode forum thread",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440058234",
"to_ids": false,
"type": "text",
"uuid": "55d58b7a-a920-48ad-953c-44f3950d210b",
"value": "Flowershop"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: e2ca6cca598d47dee311f06920c1efde",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060835",
"to_ids": true,
"type": "sha1",
"uuid": "55d595a3-cec4-476c-84b0-0ec5950d210b",
"value": "7384156ef7282c4bb6a4d0d4e9498a6a40df2377"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: e2ca6cca598d47dee311f06920c1efde",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060835",
"to_ids": true,
"type": "sha256",
"uuid": "55d595a3-8e54-4af9-9a9d-0ec5950d210b",
"value": "dc18850d065ff6a8364421a9c8f9dd5fcce6c7567f4881466cee00e5cd0c7aa8"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060835",
"to_ids": false,
"type": "link",
"uuid": "55d595a3-d218-4f01-a17f-0ec5950d210b",
"value": "https://www.virustotal.com/file/dc18850d065ff6a8364421a9c8f9dd5fcce6c7567f4881466cee00e5cd0c7aa8/analysis/1439822856/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 4e0a3498438adda8c50c3e101cfa86c5",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060836",
"to_ids": true,
"type": "sha1",
"uuid": "55d595a4-a3f8-4bee-8eba-0ec5950d210b",
"value": "0655670f1cb40e84ba12adb9711f001269712054"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 4e0a3498438adda8c50c3e101cfa86c5",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060836",
"to_ids": true,
"type": "sha256",
"uuid": "55d595a4-7768-4726-b67f-0ec5950d210b",
"value": "ec41b029c3ff4147b6a5252cb8b659f851f4538d4af0a574f7e16bc1cd14a300"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060836",
"to_ids": false,
"type": "link",
"uuid": "55d595a4-32b0-4d21-98e5-0ec5950d210b",
"value": "https://www.virustotal.com/file/ec41b029c3ff4147b6a5252cb8b659f851f4538d4af0a574f7e16bc1cd14a300/analysis/1439558789/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: fa1e5eec39910a34ede1c4351ccecec8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060836",
"to_ids": true,
"type": "sha1",
"uuid": "55d595a4-c2f0-434c-8c47-0ec5950d210b",
"value": "ca3c5872080ec86a041b2b887caec9f28ba7b884"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: fa1e5eec39910a34ede1c4351ccecec8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060836",
"to_ids": true,
"type": "sha256",
"uuid": "55d595a4-eaa0-4fe5-ad8b-0ec5950d210b",
"value": "c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060837",
"to_ids": false,
"type": "link",
"uuid": "55d595a5-782c-46d7-a9bf-0ec5950d210b",
"value": "https://www.virustotal.com/file/c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532/analysis/1440038879/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 3ba57784d7fd4302fe74beb648b28dc1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060837",
"to_ids": true,
"type": "sha1",
"uuid": "55d595a5-e170-464e-8929-0ec5950d210b",
"value": "648a62d74ab1076e66a7a70f0899b8093eca2b01"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 3ba57784d7fd4302fe74beb648b28dc1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060837",
"to_ids": true,
"type": "sha256",
"uuid": "55d595a5-6f24-4901-bcf3-0ec5950d210b",
"value": "32159d2a16397823bc882ddd3cd77ecdbabe0fde934e62f297b8ff4d7b89832a"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060837",
"to_ids": false,
"type": "link",
"uuid": "55d595a5-a7f8-4e72-8fcd-0ec5950d210b",
"value": "https://www.virustotal.com/file/32159d2a16397823bc882ddd3cd77ecdbabe0fde934e62f297b8ff4d7b89832a/analysis/1439460874/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060837",
"to_ids": true,
"type": "md5",
"uuid": "55d595a5-aef8-436f-b9f4-0ec5950d210b",
"value": "7b0e7297d5157586f4075098be9efc8c"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060838",
"to_ids": true,
"type": "sha1",
"uuid": "55d595a6-f3f0-4163-9e01-0ec5950d210b",
"value": "421156c4858878ef8beeadf54c4549095445b682"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440060838",
"to_ids": false,
"type": "link",
"uuid": "55d595a6-f484-4119-84b7-0ec5950d210b",
"value": "https://www.virustotal.com/file/63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb/analysis/1439461052/"
}
]
}
}
Reference in a new issue View git blame Copy permalink