misp-circl-feed/feeds/circl/misp/593a41df-b920-4f52-bbc3-4abd950d210f.json

842 lines
No EOL
24 KiB
JSON

{
"Event": {
"analysis": "1",
"date": "2017-06-09",
"extends_uuid": "",
"info": "M2M - Jaff 2017-06-06 : \"Order\" - \"MX-2310U_20170606_123456.pdf\"",
"publish_timestamp": "1496991356",
"published": true,
"threat_level_id": "3",
"timestamp": "1496991290",
"uuid": "593a41df-b920-4f52-bbc3-4abd950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#006c6c",
"local": false,
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Jaff\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990176",
"to_ids": true,
"type": "md5",
"uuid": "593a41e0-b224-4faa-ba18-4728950d210f",
"value": "76e150bceffaee4322fa70b2c48ced16"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990176",
"to_ids": true,
"type": "md5",
"uuid": "593a41e0-6114-4fab-8a66-497e950d210f",
"value": "5ca3d8cf1cde038e762b535ec4e905fe"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990177",
"to_ids": true,
"type": "url",
"uuid": "593a41e1-8e34-4bc2-bcca-4898950d210f",
"value": "http://10minutesto1.net/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990177",
"to_ids": true,
"type": "hostname",
"uuid": "593a41e1-3098-4ffb-bfdb-4f73950d210f",
"value": "10minutesto1.net"
},
{
"category": "Network activity",
"comment": "10minutesto1.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990178",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41e2-7a04-4f4e-9a83-4159950d210f",
"value": "104.219.248.47"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990179",
"to_ids": true,
"type": "url",
"uuid": "593a41e3-57b8-4f06-a5ac-8bcc950d210f",
"value": "http://cafe-bg.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990179",
"to_ids": true,
"type": "hostname",
"uuid": "593a41e3-465c-4126-a411-46f4950d210f",
"value": "cafe-bg.com"
},
{
"category": "Network activity",
"comment": "cafe-bg.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990180",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41e4-9bf4-4fcf-95b3-488b950d210f",
"value": "193.68.112.65"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990180",
"to_ids": true,
"type": "url",
"uuid": "593a41e4-bed0-4bc2-86c3-46e6950d210f",
"value": "http://cifroshop.net/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990181",
"to_ids": true,
"type": "hostname",
"uuid": "593a41e5-2834-4b8a-86da-49ae950d210f",
"value": "cifroshop.net"
},
{
"category": "Network activity",
"comment": "cifroshop.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990181",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41e5-e89c-4a73-9db8-4f3a950d210f",
"value": "62.113.208.201"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990182",
"to_ids": true,
"type": "url",
"uuid": "593a41e6-d35c-482f-8440-41d7950d210f",
"value": "http://community-gaming.de/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990183",
"to_ids": true,
"type": "hostname",
"uuid": "593a41e7-e7e8-47d9-8e10-4786950d210f",
"value": "community-gaming.de"
},
{
"category": "Network activity",
"comment": "community-gaming.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990183",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41e7-d49c-423b-93b2-436b950d210f",
"value": "93.90.178.67"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990184",
"to_ids": true,
"type": "url",
"uuid": "593a41e8-bce8-40e9-9b9b-8a4b950d210f",
"value": "http://cor-huizer.nl/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990184",
"to_ids": true,
"type": "hostname",
"uuid": "593a41e8-2570-4ca0-b852-4e13950d210f",
"value": "cor-huizer.nl"
},
{
"category": "Network activity",
"comment": "cor-huizer.nl",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990185",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41e9-530c-4229-9979-4f0f950d210f",
"value": "87.239.14.40"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990185",
"to_ids": true,
"type": "url",
"uuid": "593a41e9-d090-4123-b1d4-436b950d210f",
"value": "http://essentialnulidtro.com/af/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990186",
"to_ids": true,
"type": "hostname",
"uuid": "593a41ea-aef4-4601-a3e8-4936950d210f",
"value": "essentialnulidtro.com"
},
{
"category": "Network activity",
"comment": "essentialnulidtro.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990186",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"value": "119.28.85.128"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990187",
"to_ids": true,
"type": "url",
"uuid": "593a41eb-0288-4606-9f93-431b950d210f",
"value": "http://lcpinternational.fr/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990187",
"to_ids": true,
"type": "hostname",
"uuid": "593a41eb-f058-4ba7-b448-49f1950d210f",
"value": "lcpinternational.fr"
},
{
"category": "Network activity",
"comment": "lcpinternational.fr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990188",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41ec-9a2c-48ed-904e-46f4950d210f",
"value": "81.88.48.95"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990189",
"to_ids": true,
"type": "url",
"uuid": "593a41ed-b2e4-4e8b-a24b-4130950d210f",
"value": "http://luxurious-ss.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990189",
"to_ids": true,
"type": "hostname",
"uuid": "593a41ed-84b4-47ac-9a50-4d98950d210f",
"value": "luxurious-ss.com"
},
{
"category": "Network activity",
"comment": "luxurious-ss.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990190",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41ee-4668-4308-bbcf-4f97950d210f",
"value": "107.180.4.132"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990190",
"to_ids": true,
"type": "url",
"uuid": "593a41ee-c7b0-4e71-8602-4b4a950d210f",
"value": "http://makh.ch/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990191",
"to_ids": true,
"type": "hostname",
"uuid": "593a41ef-7d54-4d56-a94e-43ef950d210f",
"value": "makh.ch"
},
{
"category": "Network activity",
"comment": "makh.ch",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990191",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41ef-caac-4c80-a0aa-4728950d210f",
"value": "149.126.4.78"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990192",
"to_ids": true,
"type": "url",
"uuid": "593a41f0-da5c-4822-ac44-8a4b950d210f",
"value": "http://marcelrahner.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990192",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f0-a9d8-43a0-a526-46e6950d210f",
"value": "marcelrahner.com"
},
{
"category": "Network activity",
"comment": "marcelrahner.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990193",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41f1-3920-4151-b6be-4bda950d210f",
"value": "195.178.14.13"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990193",
"to_ids": true,
"type": "url",
"uuid": "593a41f1-65a4-4eea-9dd8-4897950d210f",
"value": "http://mciverpei.ca/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990194",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f2-1814-4fcd-85ff-4902950d210f",
"value": "mciverpei.ca"
},
{
"category": "Network activity",
"comment": "mciverpei.ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990195",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41f3-bc54-41c2-a784-4801950d210f",
"value": "69.90.161.10"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990195",
"to_ids": true,
"type": "url",
"uuid": "593a41f3-b658-47ec-af91-4728950d210f",
"value": "http://mitservices.net/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990196",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f4-84f0-40b7-b61f-8a4b950d210f",
"value": "mitservices.net"
},
{
"category": "Network activity",
"comment": "mitservices.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990196",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41f4-99c0-4818-b93b-46e6950d210f",
"value": "208.91.198.19"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990197",
"to_ids": true,
"type": "url",
"uuid": "593a41f5-88b8-4206-94b7-4cb9950d210f",
"value": "http://myinti.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990197",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f5-e5d4-4411-bdf2-8bcc950d210f",
"value": "myinti.com"
},
{
"category": "Network activity",
"comment": "myinti.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990198",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41f6-2b74-449f-b5cb-46f4950d210f",
"value": "103.26.99.147"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990199",
"to_ids": true,
"type": "url",
"uuid": "593a41f7-cca8-465b-b501-45d6950d210f",
"value": "http://mymobimarketing.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990199",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f7-03cc-49f3-9803-49b2950d210f",
"value": "mymobimarketing.com"
},
{
"category": "Network activity",
"comment": "mymobimarketing.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990200",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41f8-91fc-41ff-b179-4c50950d210f",
"value": "184.154.159.194"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990200",
"to_ids": true,
"type": "url",
"uuid": "593a41f8-1f4c-4dc2-8cfa-45b9950d210f",
"value": "http://oneby1.jp/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990201",
"to_ids": true,
"type": "hostname",
"uuid": "593a41f9-44c4-4867-9586-8bcc950d210f",
"value": "oneby1.jp"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990205",
"to_ids": true,
"type": "url",
"uuid": "593a41fd-a310-48f6-ad1e-8bcc950d210f",
"value": "http://rhiannonwrites.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990206",
"to_ids": true,
"type": "hostname",
"uuid": "593a41fe-32fc-4dd0-89c3-8a4b950d210f",
"value": "rhiannonwrites.com"
},
{
"category": "Network activity",
"comment": "rhiannonwrites.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990206",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a41fe-82e4-4500-a84d-4b3b950d210f",
"value": "192.124.249.5"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990207",
"to_ids": true,
"type": "url",
"uuid": "593a41ff-e3ac-460e-a28d-40c1950d210f",
"value": "http://sdmqgg.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990208",
"to_ids": true,
"type": "hostname",
"uuid": "593a4200-03f4-4f0c-80e9-40f5950d210f",
"value": "sdmqgg.com"
},
{
"category": "Network activity",
"comment": "sdmqgg.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990209",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4201-af84-4092-9bdb-4d80950d210f",
"value": "120.76.113.75"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990209",
"to_ids": true,
"type": "url",
"uuid": "593a4201-c300-4406-a2af-4728950d210f",
"value": "http://sextoygay.be/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990210",
"to_ids": true,
"type": "hostname",
"uuid": "593a4202-1d84-4de9-8ccc-4133950d210f",
"value": "sextoygay.be"
},
{
"category": "Network activity",
"comment": "sextoygay.be",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990210",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4202-6a18-4cfb-b20f-46f4950d210f",
"value": "178.237.37.39"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990211",
"to_ids": true,
"type": "url",
"uuid": "593a4203-81bc-4008-b72c-4e80950d210f",
"value": "http://siddhashrampatrika.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990211",
"to_ids": true,
"type": "hostname",
"uuid": "593a4203-9ad4-4b5a-8f60-42f1950d210f",
"value": "siddhashrampatrika.com"
},
{
"category": "Network activity",
"comment": "siddhashrampatrika.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990212",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4204-5334-48e9-a9ff-422a950d210f",
"value": "103.53.43.45"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990212",
"to_ids": true,
"type": "url",
"uuid": "593a4204-0918-4fcd-a404-4f24950d210f",
"value": "http://stlawyers.ca/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990213",
"to_ids": true,
"type": "hostname",
"uuid": "593a4205-ef04-433f-9cc8-42c5950d210f",
"value": "stlawyers.ca"
},
{
"category": "Network activity",
"comment": "stlawyers.ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990214",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4206-8cac-4b75-b731-4f3e950d210f",
"value": "107.154.105.172"
},
{
"category": "Network activity",
"comment": "stlawyers.ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990214",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4206-b69c-4f87-99df-418e950d210f",
"value": "107.154.106.172"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990214",
"to_ids": true,
"type": "url",
"uuid": "593a4206-88e8-47ba-8457-4218950d210f",
"value": "http://studyonazar.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990215",
"to_ids": true,
"type": "hostname",
"uuid": "593a4207-fa80-4507-bfc3-4007950d210f",
"value": "studyonazar.com"
},
{
"category": "Network activity",
"comment": "studyonazar.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990215",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4207-efdc-4da7-898a-46f4950d210f",
"value": "94.102.7.15"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990216",
"to_ids": true,
"type": "url",
"uuid": "593a4208-2e20-4c1a-972e-4d9a950d210f",
"value": "http://supplementsandfitness.com/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990216",
"to_ids": true,
"type": "hostname",
"uuid": "593a4208-db38-4951-a9cf-47b6950d210f",
"value": "supplementsandfitness.com"
},
{
"category": "Network activity",
"comment": "supplementsandfitness.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990217",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a4209-3180-4269-bc68-8bcc950d210f",
"value": "103.211.216.130"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990218",
"to_ids": true,
"type": "url",
"uuid": "593a420a-d21c-42ca-b992-8a4b950d210f",
"value": "http://zechsal.pl/jt7677g6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990218",
"to_ids": true,
"type": "hostname",
"uuid": "593a420a-e9a0-4cb6-bf22-45c8950d210f",
"value": "zechsal.pl"
},
{
"category": "Network activity",
"comment": "zechsal.pl",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990219",
"to_ids": false,
"type": "ip-dst",
"uuid": "593a420b-7c7c-46a4-834d-4a3a950d210f",
"value": "193.70.95.56"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990219",
"to_ids": true,
"type": "url",
"uuid": "593a420b-b8ac-49a0-88cb-46e6950d210f",
"value": "http://whoisfoxxrobiouy.net/a5/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1496990220",
"to_ids": true,
"type": "hostname",
"uuid": "593a420c-72a0-44d7-8112-48f1950d210f",
"value": "whoisfoxxrobiouy.net"
}
]
}
}