adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/55749a9b-1880-4351-803c-47fc950d210b.json

506 lines
No EOL
16 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2015-06-05",
"extends_uuid": "",
"info": "OSINT Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense by Talos",
"publish_timestamp": "1433748964",
"published": true,
"threat_level_id": "3",
"timestamp": "1433705472",
"uuid": "55749a9b-1880-4351-803c-47fc950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705140",
"to_ids": false,
"type": "link",
"uuid": "55749ab4-c40c-440b-babd-2696950d210b",
"value": "http://blogs.cisco.com/security/talos/angler-update"
},
{
"category": "Payload delivery",
"comment": "Flash Exploit",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705192",
"to_ids": true,
"type": "sha256",
"uuid": "55749ae8-ee40-4160-be8b-4b44950d210b",
"value": "28f6b5f344f7d2bef75b30ba2e286ddff3d3a2009da1d01d7e30e21feecfde34"
},
{
"category": "Payload delivery",
"comment": "Cryptowall 3.0 Sample",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705212",
"to_ids": true,
"type": "sha256",
"uuid": "55749afc-d490-48bf-a1aa-4ebe950d210b",
"value": "023de93e9d686bf6a1f80ad68bde4f94c5100b534f95285c1582fb8b8be8d31f"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705301",
"to_ids": true,
"type": "hostname",
"uuid": "55749b55-32e4-4933-bd15-2696950d210b",
"value": "schapershonden-yhteenliittymin.inspirefilms.us"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705301",
"to_ids": true,
"type": "hostname",
"uuid": "55749b55-9f34-4a80-b8ab-2696950d210b",
"value": "capsteads-tmenupopup.mercuryoutboardnc.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "hostname",
"uuid": "55749b56-f5a0-43b1-ac26-2696950d210b",
"value": "mfrzdzjjpi.myftp.biz"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "domain",
"uuid": "55749b56-ed7c-4ba4-891a-2696950d210b",
"value": "traditionetgourmandises.fr"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "hostname",
"uuid": "55749b56-541c-4f8c-a601-2696950d210b",
"value": "convenzioni.ording.roma.it"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "domain",
"uuid": "55749b56-7f6c-443d-b1b5-2696950d210b",
"value": "99mkb.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "domain",
"uuid": "55749b56-17b0-4572-9011-2696950d210b",
"value": "hostyoursitehere.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "hostname",
"uuid": "55749b56-ffec-44f1-a18c-2696950d210b",
"value": "alpha.akesha.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "domain",
"uuid": "55749b56-6e90-4227-a995-2696950d210b",
"value": "andreiprundeanu.eu"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705302",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-0e50-4a1d-8ada-2696950d210b",
"value": "4042shopping.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-8a98-4b2b-9897-2696950d210b",
"value": "redstarfuochicinesi.it"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-cb48-4d78-ac11-2696950d210b",
"value": "alebehr.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-cb98-4f47-87d6-2696950d210b",
"value": "alchemyofpresence.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-7694-4be5-8b01-2696950d210b",
"value": "blationmedia.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-e694-47bb-a21c-2696950d210b",
"value": "jeanrey.fr"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "hostname",
"uuid": "55749b57-3788-49ad-b458-2696950d210b",
"value": "awynnejoinery.co.uk"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705303",
"to_ids": true,
"type": "domain",
"uuid": "55749b57-22a8-486c-9446-2696950d210b",
"value": "americanfamilyenergy.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-ef4c-40e5-805c-2696950d210b",
"value": "bezpiecznaswinka.pl"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-0e4c-40ae-86fa-2696950d210b",
"value": "buroroebers.nl"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "hostname",
"uuid": "55749b58-d838-429b-aa92-2696950d210b",
"value": "bebeamor.co.uk"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-ad70-4314-879a-2696950d210b",
"value": "jandchousecleaning.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-c640-4c1c-9681-2696950d210b",
"value": "asambleadedios.org"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-d50c-4f05-a50e-2696950d210b",
"value": "buhtime.by"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-4554-41d0-8270-2696950d210b",
"value": "asadiag.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705304",
"to_ids": true,
"type": "domain",
"uuid": "55749b58-20d8-41bd-88d5-2696950d210b",
"value": "beijerlandsekelnerrace.nl"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-e930-4c11-9ab4-2696950d210b",
"value": "atlantacustomwork.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-ba10-419b-aa8a-2696950d210b",
"value": "braingame.biz"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-3a24-43f2-9e35-2696950d210b",
"value": "doggonesigns.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-560c-447e-91b1-2696950d210b",
"value": "ancientvoyages.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-c7f4-4387-a1d0-2696950d210b",
"value": "gonavarro.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-2a10-4977-9f1b-2696950d210b",
"value": "sweetthangzdesserts.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-40ec-4d40-b835-2696950d210b",
"value": "brandgriffin.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705305",
"to_ids": true,
"type": "domain",
"uuid": "55749b59-7f20-4383-9c46-2696950d210b",
"value": "tarifair.fr"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705306",
"to_ids": true,
"type": "domain",
"uuid": "55749b5a-af4c-4db0-af55-2696950d210b",
"value": "alsblueshelpt.nl"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705328",
"to_ids": true,
"type": "ip-dst",
"uuid": "55749b70-f76c-44ae-a8b9-bda5950d210b",
"value": "78.46.250.103"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705328",
"to_ids": true,
"type": "ip-dst",
"uuid": "55749b70-b898-448c-9618-bda5950d210b",
"value": "194.6.233.7"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705328",
"to_ids": true,
"type": "ip-dst",
"uuid": "55749b70-d980-47ba-93fe-bda5950d210b",
"value": "94.131.14.23"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705328",
"to_ids": true,
"type": "ip-dst",
"uuid": "55749b70-f014-484d-af59-bda5950d210b",
"value": "94.242.198.221"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705328",
"to_ids": true,
"type": "ip-dst",
"uuid": "55749b70-21f8-4d2d-88dd-bda5950d210b",
"value": "173.227.247.35"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1433705345",
"to_ids": false,
"type": "comment",
"uuid": "55749b81-18e8-4aaf-93ec-4e57950d210b",
"value": "The large majority of the domains are residing on shared IP address space. To prevent affecting non-malicious domains hosted on these servers the IPs have been excluded."
}
]
}
}
Reference in a new issue View git blame Copy permalink