adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a26b77f-6250-4b25-bd53-4496950d210f.json

517 lines
No EOL
15 KiB
JSON
Raw Permalink Blame History

{
"Event": {
"analysis": "1",
"date": "2017-12-05",
"extends_uuid": "",
"info": "M2M - \"..doc\" 2017-12-01 : \"12_Invoice_3456\" - \"I_4321.7z\"",
"publish_timestamp": "1516291555",
"published": true,
"threat_level_id": "3",
"timestamp": "1516291548",
"uuid": "5a26b77f-6250-4b25-bd53-4496950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Fake Globe Ransomware\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": true,
"type": "md5",
"uuid": "5a26b77f-77bc-4bb8-9acb-c53a950d210f",
"value": "06c82e99dc35ab88f2db7868d30012a8"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": true,
"type": "url",
"uuid": "5a26b780-e510-47d8-9eb2-4b54950d210f",
"value": "http://basedow-bilder.de/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b780-33f0-45b9-b2d7-4ff4950d210f",
"value": "basedow-bilder.de"
},
{
"category": "Network activity",
"comment": "basedow-bilder.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b780-52c8-4195-aa36-4f6f950d210f",
"value": "194.116.187.130"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": true,
"type": "url",
"uuid": "5a26b781-7aac-46e3-9172-44e5950d210f",
"value": "http://centralbaptistchurchnj.org/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554491",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b781-7508-4345-b3a5-4bd5950d210f",
"value": "centralbaptistchurchnj.org"
},
{
"category": "Network activity",
"comment": "centralbaptistchurchnj.org",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b781-19a4-4ff4-8ac5-4449950d210f",
"value": "68.171.62.42"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b781-37c0-4b67-b809-464c950d210f",
"value": "http://highlandfamily.org/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b782-6298-48fc-add7-44b5950d210f",
"value": "highlandfamily.org"
},
{
"category": "Network activity",
"comment": "highlandfamily.org",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b782-a45c-40d9-9f13-4f3d950d210f",
"value": "98.124.252.66"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b782-f970-4a2d-b75f-493c950d210f",
"value": "http://motifahsap.com/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b782-6088-4119-bfec-4d40950d210f",
"value": "motifahsap.com"
},
{
"category": "Network activity",
"comment": "motifahsap.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b783-177c-4761-87f4-403b950d210f",
"value": "188.132.180.113"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b783-1048-4e2f-8cab-4a8d950d210f",
"value": "http://pdj.co.id/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b784-2874-4587-87b2-4cb8950d210f",
"value": "pdj.co.id"
},
{
"category": "Network activity",
"comment": "pdj.co.id",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b785-3c40-48e3-8143-4914950d210f",
"value": "202.169.44.166"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b785-9dd0-4ce1-a4be-49b5950d210f",
"value": "http://pragmaticinquiry.org/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b785-62f0-465d-a4ab-4500950d210f",
"value": "pragmaticinquiry.org"
},
{
"category": "Network activity",
"comment": "pragmaticinquiry.org",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b785-edb8-4ba6-bbb8-4b9c950d210f",
"value": "98.124.252.145"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b786-9368-42d7-b2f8-422a950d210f",
"value": "http://schwellenwertdaten.de/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b786-df34-4f97-a2b0-4275950d210f",
"value": "schwellenwertdaten.de"
},
{
"category": "Network activity",
"comment": "schwellenwertdaten.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b786-9034-4407-b0db-451a950d210f",
"value": "178.77.75.77"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b786-8848-4631-bcd0-441c950d210f",
"value": "http://shamanic-extracts.biz/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b786-4850-4c23-9063-43b6950d210f",
"value": "shamanic-extracts.biz"
},
{
"category": "Network activity",
"comment": "shamanic-extracts.biz",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b787-1538-4c8d-84f2-c53a950d210f",
"value": "62.212.154.98"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b787-c7cc-48db-8e01-43e8950d210f",
"value": "http://team-bobcat.org/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b787-c770-45cd-afb6-4ef8950d210f",
"value": "team-bobcat.org"
},
{
"category": "Network activity",
"comment": "team-bobcat.org",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b788-4fb8-4c86-b6ca-c6d3950d210f",
"value": "212.224.65.254"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b788-d4e8-4705-913c-4760950d210f",
"value": "http://troyriser.com/UYTd46732"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b788-602c-4e92-b6ef-479b950d210f",
"value": "troyriser.com"
},
{
"category": "Network activity",
"comment": "troyriser.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b788-5750-423c-b531-4d17950d210f",
"value": "98.124.251.167"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b788-d7c8-4dee-b871-4b51950d210f",
"value": "https://n224ezvhg4sgyamb.onion.link/shfgealjh.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b789-c144-4196-818c-44e0950d210f",
"value": "n224ezvhg4sgyamb.onion.link"
},
{
"category": "Network activity",
"comment": "n224ezvhg4sgyamb.onion.link",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b789-fa10-4394-9152-439d950d210f",
"value": "188.166.203.69"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "url",
"uuid": "5a26b789-ba7c-464c-b162-4b96950d210f",
"value": "http://summi.space/count.php?nu=105&fb=110"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "hostname",
"uuid": "5a26b789-b28c-4742-85c1-4e2d950d210f",
"value": "summi.space"
},
{
"category": "Network activity",
"comment": "summi.space",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a26b78a-b580-40eb-9968-47cf950d210f",
"value": "198.23.241.227"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 06c82e99dc35ab88f2db7868d30012a8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "sha256",
"uuid": "5a27bffc-2cf0-4653-b04f-bbba02de0b81",
"value": "e2209f339b2e5afbb40d4f3dfddf4939ffdb9accbb5253121707a5b1cde15dd2"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 06c82e99dc35ab88f2db7868d30012a8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": true,
"type": "sha1",
"uuid": "5a27bffc-35b4-441b-973f-bbba02de0b81",
"value": "4bcba41741021833e193e721f4461645ab7fdb43"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 06c82e99dc35ab88f2db7868d30012a8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512554492",
"to_ids": false,
"type": "link",
"uuid": "5a27bffc-4818-41fc-8ec6-bbba02de0b81",
"value": "https://www.virustotal.com/file/e2209f339b2e5afbb40d4f3dfddf4939ffdb9accbb5253121707a5b1cde15dd2/analysis/1512435065/"
},
{
"category": "Network activity",
"comment": "Found in file: scan_17.01.doc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1516289445",
"to_ids": true,
"type": "ip-dst",
"uuid": "5a60bda5-58ec-4ead-bd34-4dc6950d210f",
"value": "185.176.221.146"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1516289356",
"to_ids": true,
"type": "md5",
"uuid": "5a60bd4c-7658-4aee-8dfb-409c950d210f",
"value": "5c3d35bd9282f61e414319d9d98c80b5"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1516289378",
"to_ids": true,
"type": "md5",
"uuid": "5a60bd62-bbac-42dc-8c5d-4164950d210f",
"value": "b9f2699fc826f8109b12a17c1283ac3f"
},
{
"category": "Network activity",
"comment": "Found in file: scan_17.01.doc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1516289492",
"to_ids": true,
"type": "url",
"uuid": "5a60bdd4-af20-4e80-83dc-478a950d210f",
"value": "http://185.176.221.146/download/s/gtz"
}
]
}
}
Reference in a new issue View git blame Copy permalink