adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/55c98ff2-f2fc-4284-8a34-f483950d210b.json

1584 lines
No EOL
48 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2015-08-10",
"extends_uuid": "",
"info": "OSINT The Italian Connection: An analysis of exploit supply chains and digital quartermasters by Shadowserver",
"publish_timestamp": "1439284620",
"published": true,
"threat_level_id": "2",
"timestamp": "1439277902",
"uuid": "55c98ff2-f2fc-4284-8a34-f483950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439272971",
"to_ids": false,
"type": "link",
"uuid": "55c9900b-ff40-479f-b25c-783f950d210b",
"value": "http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277199",
"to_ids": false,
"type": "link",
"uuid": "55c9a090-4bdc-4b6e-a267-354c950d210b",
"value": "https://drive.google.com/file/d/0Bw35r_AUUldgRUZfeVBjZVJWWXM/view?usp=sharing"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277200",
"to_ids": false,
"type": "link",
"uuid": "55c9a090-328c-4dc1-a05d-354c950d210b",
"value": "https://docs.google.com/spreadsheets/d/1qEG16_zIYYfdxBPfT9cscR5rHG1OphI0Cdof_WlJjOg/pub?output=xlsx"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277334",
"to_ids": true,
"type": "md5",
"uuid": "55c9a116-dc18-4aeb-87e5-354c950d210b",
"value": "dceae0d1a680bc098bae9da466e12610"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277334",
"to_ids": true,
"type": "md5",
"uuid": "55c9a116-ad48-4953-b203-354c950d210b",
"value": "5392f1399a49935817669d22e5e644ea"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277334",
"to_ids": true,
"type": "md5",
"uuid": "55c9a116-5ac0-4a82-821c-354c950d210b",
"value": "da6c98d8f37290a10119fbca33eec58a"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277334",
"to_ids": true,
"type": "md5",
"uuid": "55c9a116-ecc4-48a3-ba45-354c950d210b",
"value": "878d13b8ceb49cfe9ff1b063bffeb9a9"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277335",
"to_ids": true,
"type": "md5",
"uuid": "55c9a117-4b28-46c5-9795-354c950d210b",
"value": "079a440bee0f86d8a59ebc5c4b523a07"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277335",
"to_ids": true,
"type": "md5",
"uuid": "55c9a117-6fc4-4db7-9ab9-354c950d210b",
"value": "2c6126e9f308d1be11553978e8a97621"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277335",
"to_ids": true,
"type": "md5",
"uuid": "55c9a117-7848-47f5-9194-354c950d210b",
"value": "75dc1e22e16c39e3532673f75fd41b93"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277335",
"to_ids": true,
"type": "md5",
"uuid": "55c9a117-aaa4-487b-aec2-354c950d210b",
"value": "00591821f328911380277272164d08cd"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277335",
"to_ids": true,
"type": "md5",
"uuid": "55c9a117-50d4-45f8-8f86-354c950d210b",
"value": "0b3a047d31461e20887bb1d32b4e472f"
},
{
"category": "Payload delivery",
"comment": "HT_Exploit CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277336",
"to_ids": true,
"type": "md5",
"uuid": "55c9a118-0c54-4981-a542-354c950d210b",
"value": "f46019f795bd721262dc69988d7e53bc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277346",
"to_ids": true,
"type": "md5",
"uuid": "55c9a122-d848-46a7-8344-354c950d210b",
"value": "557f8d4c6f8b386c32001def807dc715"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277346",
"to_ids": true,
"type": "md5",
"uuid": "55c9a122-b950-4cc1-99c1-354c950d210b",
"value": "e9a57f70f739cb26dc053238b0a97425"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277372",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13c-1894-49b2-b6f8-3121950d210b",
"value": "ceda2299257c96e60ead75fce414c68d"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277372",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13c-de70-4ef4-aea0-3121950d210b",
"value": "726bd0bd6cca8d481cf6165c95528caa"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277372",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13c-e8ec-4c72-b7ec-3121950d210b",
"value": "b65076f4cb6e74429dd02fcacda0bec3"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277372",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13c-8d24-4c6b-b494-3121950d210b",
"value": "8a8e9bbf1ca2a926f0a5d06217eeea55"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277373",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13d-0bc8-4048-940f-3121950d210b",
"value": "054d9852de6983116bd3d521e8d73296"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277373",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13d-94a8-4d4a-84d0-3121950d210b",
"value": "15112a53fcecc4c666a82ca84a853716"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277373",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13d-3410-4df8-899f-3121950d210b",
"value": "727dd4a7aae56a8202c5aa7758ea5d46"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277373",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13d-c3c4-45e0-b04b-3121950d210b",
"value": "e33cf5b9f3991a8ee4e71f4380dd7eb1"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277373",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13d-81f4-4bb0-a6c2-3121950d210b",
"value": "451c52652ddb28e9071078f214a327a7"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277374",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13e-9d40-4436-a60f-3121950d210b",
"value": "b1238ccbb10af3e81110d3afacd98161"
},
{
"category": "Payload delivery",
"comment": "flash_exploit_002 CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277374",
"to_ids": true,
"type": "md5",
"uuid": "55c9a13e-4ac8-4b90-a0a7-3121950d210b",
"value": "b7d39c5833e5896b7f5849966095a4bf"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277401",
"to_ids": true,
"type": "md5",
"uuid": "55c9a159-5edc-4e68-8e5d-3108950d210b",
"value": "c101d289d36558c6fbe388d32bd32ab4"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277401",
"to_ids": true,
"type": "md5",
"uuid": "55c9a159-7fb8-400e-81f0-3108950d210b",
"value": "9bf3e6a95a261a449be02ac03d4f0523"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277402",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15a-f528-45d4-befb-3108950d210b",
"value": "42b091f63548fccbbd87f8c06b632dda"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277402",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15a-af9c-4e34-bfe6-3108950d210b",
"value": "dccb71a74f719aa23e8bbb51ec037f56"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277402",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15a-1f1c-40f9-b65e-3108950d210b",
"value": "e15fb188c0c50d62657c7fd368a9a4ab"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277402",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15a-6068-4428-b3bc-3108950d210b",
"value": "53473af71d40568d25da87fc41dfe500"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277402",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15a-7448-4381-8db0-3108950d210b",
"value": "5beb4504fe22e859a2b09cd5a654b23e"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277403",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15b-1fd4-4933-829f-3108950d210b",
"value": "9647626a70f006b49bc35d110aaadf8a"
},
{
"category": "Payload delivery",
"comment": "exp1_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277403",
"to_ids": true,
"type": "md5",
"uuid": "55c9a15b-4478-45ec-ab95-3108950d210b",
"value": "4dd21fd277c772bcf8b9d1d72bf68de8"
},
{
"category": "Payload delivery",
"comment": "exp2_fla/MainTimeline CVE-2015-5122",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277437",
"to_ids": true,
"type": "md5",
"uuid": "55c9a17d-f79c-46f9-b7b6-354d950d210b",
"value": "195bdc84f114c282e61f206dc88cd26d"
},
{
"category": "Payload delivery",
"comment": "movie_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277457",
"to_ids": true,
"type": "md5",
"uuid": "55c9a191-a2bc-44cb-8d61-354d950d210b",
"value": "edcd313791506c623d8a2a88b9b0e84c"
},
{
"category": "Payload delivery",
"comment": "movie_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277457",
"to_ids": true,
"type": "md5",
"uuid": "55c9a191-14c8-4eff-a7d1-354d950d210b",
"value": "83388058055d325a2fa5288182a41e89"
},
{
"category": "Payload delivery",
"comment": "movie_fla/MainTimeline CVE-2015-5119",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277457",
"to_ids": true,
"type": "md5",
"uuid": "55c9a191-cd64-4f31-bcd1-354d950d210b",
"value": "aa9eded1eb95f026aaf84919cc27ad32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277478",
"to_ids": false,
"type": "vulnerability",
"uuid": "55c9a1a6-b068-4506-8cd9-354c950d210b",
"value": "CVE-2015-5119"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277478",
"to_ids": false,
"type": "vulnerability",
"uuid": "55c9a1a6-c83c-47df-a513-354c950d210b",
"value": "CVE-2015-5122"
},
{
"category": "Payload delivery",
"comment": "HT_exploit.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277540",
"to_ids": true,
"type": "md5",
"uuid": "55c9a1e4-3e3c-4991-8f5e-3108950d210b",
"value": "55bc2ac6bfcaaf9364a67cbd837aa66e"
},
{
"category": "Payload delivery",
"comment": "MyClass.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277555",
"to_ids": true,
"type": "md5",
"uuid": "55c9a1f3-a97c-46fc-8db7-2128950d210b",
"value": "3652a267b318b13c99c1a817416406ee"
},
{
"category": "Payload delivery",
"comment": "MyClass1.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277569",
"to_ids": true,
"type": "md5",
"uuid": "55c9a201-0080-471f-815e-28c3950d210b",
"value": "4b705980ed1b07becd76f47e007b5b3a"
},
{
"category": "Payload delivery",
"comment": "MyClass2.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277581",
"to_ids": true,
"type": "md5",
"uuid": "55c9a20d-85c4-4d66-8e65-355a950d210b",
"value": "955de95974a6228846cea327772815fe"
},
{
"category": "Payload delivery",
"comment": "MyUtils.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277602",
"to_ids": true,
"type": "md5",
"uuid": "55c9a222-ae44-4435-be83-80e8950d210b",
"value": "23489ab7e77f7c69db3e2c6fd791bddb"
},
{
"category": "Payload delivery",
"comment": "ShellWin32.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277611",
"to_ids": true,
"type": "md5",
"uuid": "55c9a22b-8db0-4e34-be09-80e8950d210b",
"value": "2d34c498fa0a65a59fd724d1d5466fbc"
},
{
"category": "Payload delivery",
"comment": "\u00c2\u00a7bin_bin$cdc90048eba972f1f617b202a379b8d8-1052822192\u00c2\u00a7.as",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277627",
"to_ids": true,
"type": "md5",
"uuid": "55c9a23b-9188-4952-baa5-354d950d210b",
"value": "b5847d4f60ecba8a09a019d8826a6a18"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277749",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b5-d574-4464-9a0e-28c3950d210b",
"value": "00bdfdbc00dd1faa7896926b99444e2f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277749",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b5-1410-441e-9b5b-28c3950d210b",
"value": "026cb3d736b6cd7d3529e04e72d35923"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277749",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b5-1b4c-44df-8643-28c3950d210b",
"value": "033ec22cedaaf87f35024104ec4ec7a6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277750",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b6-a6f0-4e67-9f96-28c3950d210b",
"value": "058fe24b7de10d915737ede604b3954e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277750",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b6-c8ec-4cd5-a3ec-28c3950d210b",
"value": "0a28f677465fdf76689ca2fcabc68d53"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277750",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b6-f6d0-427a-b92b-28c3950d210b",
"value": "12aba18ebd49f917c42e08aed6a2d48a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277750",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b6-7988-4893-9c65-28c3950d210b",
"value": "13943e2d51bc32daa8199dfe4473b620"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277750",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b6-25fc-4b1c-9f47-28c3950d210b",
"value": "16664601808c8aa59ecd11c37042b81f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277751",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b7-5c54-4ec1-a1e6-28c3950d210b",
"value": "1b127227d6228ce32b93d197756b6708"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277751",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b7-b0fc-40d1-8ffa-28c3950d210b",
"value": "1cb92899533679ebc17fd81c3d4059a7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277751",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b7-e334-4a52-a747-28c3950d210b",
"value": "1ed9c8e84f55c337584869a25b06f453"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277751",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b7-5794-4486-8293-28c3950d210b",
"value": "21feb2974475a85b2cdf9cc196064796"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277751",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b7-7940-4797-8904-28c3950d210b",
"value": "29c555ab97f74d957dce14c961d07eff"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277752",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b8-ddd0-46c0-b45f-28c3950d210b",
"value": "2ad0335cc530ebfe59901e4d3b31db7b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277752",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b8-e2ac-44e6-97b0-28c3950d210b",
"value": "34b614df1e57f2ce95997f85078de2f9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277752",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b8-2bb8-48b4-8d35-28c3950d210b",
"value": "3614e902f822b6c30e024b80e7f1487b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277752",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b8-29c0-4acb-b92e-28c3950d210b",
"value": "36f87c500445e056005beec62f6684b1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277752",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b8-6ba0-4c86-adbf-28c3950d210b",
"value": "37862fa22c69e945ba6ec5492e518558"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277753",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b9-3640-4156-a0a3-28c3950d210b",
"value": "3e7f8f4f2fdd7c587d0212ad38c10805"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277753",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b9-6068-41f1-898a-28c3950d210b",
"value": "3fa797e193ff815afc9378c3a025bcde"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277753",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b9-2900-4a97-8388-28c3950d210b",
"value": "46997daab86bef5a7eaaa705924c1e2a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277753",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b9-111c-49aa-8cc6-28c3950d210b",
"value": "4cfeff03580ef09b8dc7cf098bb057e3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277753",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2b9-c878-44df-9b1e-28c3950d210b",
"value": "4de5d537bd29289703bf7bf5a54f6c8a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277754",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2ba-103c-4c54-b5ef-28c3950d210b",
"value": "4eaa236e48598bce7e9b67edb143ca79"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277754",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2ba-1c10-4356-a3ce-28c3950d210b",
"value": "504eedb7ed01bc7748d2bdaf7f0e48cc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277754",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2ba-2c78-4e91-872d-28c3950d210b",
"value": "522eed25db0776b18e3a0385ff1f2f74"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277754",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2ba-cffc-465a-a34b-28c3950d210b",
"value": "535f6f7b3a21d53b4b316b322d238ada"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277754",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2ba-955c-42ee-afd7-28c3950d210b",
"value": "541f6853cef8144574d8fcdb89aef9e1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277755",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bb-fa9c-44af-b7a9-28c3950d210b",
"value": "57fab79d1f3836561c5da600c8ed2773"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277755",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bb-0cbc-45eb-98a8-28c3950d210b",
"value": "6302d1026fb32fe7ca579cb503c77234"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277755",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bb-8304-4cd3-8722-28c3950d210b",
"value": "6d8d6121af6ba6a8679b876faeb59c01"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277755",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bb-a368-4587-b9df-28c3950d210b",
"value": "76bbf9cfe6d6870d3e35cf038c39234c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277755",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bb-a8b0-4b42-bb5d-28c3950d210b",
"value": "784045c9663a0ac2c3e7509692e32919"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277756",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bc-fba4-4dcd-bc12-28c3950d210b",
"value": "785e8af0535717183f547b6d876513f0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277756",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bc-c4bc-45ac-8b37-28c3950d210b",
"value": "7d2e309c07099aaa2cf99d4075d77975"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277756",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bc-d7a8-4543-90de-28c3950d210b",
"value": "80512010e667756f7d611f5cc6a6f9bb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277756",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bc-3130-46f9-b964-28c3950d210b",
"value": "85fda4eca55c317752eeabfcba3579a9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277756",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bc-27cc-4d62-b3e7-28c3950d210b",
"value": "8afb5ce6428615b8bf8c3246bbf964ad"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277757",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bd-c844-47e3-9f90-28c3950d210b",
"value": "8e52606b6c31f27b5984ac086f8c0b0f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277757",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bd-3de8-4da8-9734-28c3950d210b",
"value": "94dc2df0886a9b4be8c00336b3b5da5e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277757",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bd-d8f4-45ed-91f5-28c3950d210b",
"value": "aaa62d5f0e348f0e890ad9d3f71e448d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277757",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bd-3a00-49f2-b353-28c3950d210b",
"value": "abf00336a309976e60909e08008836f8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277757",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bd-1480-496d-9390-28c3950d210b",
"value": "acf3b75887d85dcc046792fd83664ef6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277758",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2be-6f04-4aba-ade6-28c3950d210b",
"value": "b067468484fa4fc1bb27a1a4dcead881"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277758",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2be-7b58-4952-a1ed-28c3950d210b",
"value": "b1bbf35ca05af9486bdfbcbc00961eb7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277758",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2be-30e0-4dce-aad2-28c3950d210b",
"value": "b45bec70393db70c3c7c6d5f643cdd64"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277758",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2be-0c54-4b37-827e-28c3950d210b",
"value": "b55e7fd5b60ddd9e19feb8a839f4e6e6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277758",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2be-f6d0-41cc-a733-28c3950d210b",
"value": "b7fb0e9c99b9d4acf0b27b3cd42ae15d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277759",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bf-a7f0-49fb-82d1-28c3950d210b",
"value": "bbf32eeb560a42a3a69beaed645e7777"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277759",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bf-59f8-4a6c-b747-28c3950d210b",
"value": "c15fb58e768f7625393a8dbbf01c9c26"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277759",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bf-9544-4543-8eb5-28c3950d210b",
"value": "cb713b544dce5a2505e393f6587aaa47"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277759",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bf-9b10-4c81-9b3e-28c3950d210b",
"value": "d5288a98aa9a5f101b9608962d165fcc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277759",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2bf-df64-44dc-9e17-28c3950d210b",
"value": "d536c4b71d131848e965c4524780a8aa"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277760",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2c0-c6e0-4910-9757-28c3950d210b",
"value": "d5e55bf308d670d68e1ad610e1d2efe3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277760",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2c0-dfe4-4211-9b15-28c3950d210b",
"value": "e1cd6400f115f60213764347f927f7e6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277760",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2c0-e71c-4dbf-ab0f-28c3950d210b",
"value": "e78376c3ea222d46509900be990fba66"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277760",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2c0-f070-44e2-9bf9-28c3950d210b",
"value": "fa9142065d6550d729168b5977f2cf14"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277760",
"to_ids": true,
"type": "md5",
"uuid": "55c9a2c0-4ccc-4eeb-bf79-28c3950d210b",
"value": "ff989967416d02ede7a2a44667c02ff2"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277895",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a347-9518-48bf-a0a2-354b950d210b",
"value": "172.246.109.27"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277895",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a347-eb94-4dd2-838d-354b950d210b",
"value": "202.183.129.155"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277895",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a347-f500-4af1-a77e-354b950d210b",
"value": "203.249.88.243"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277896",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a348-67a0-4b6f-a48d-354b950d210b",
"value": "211.226.71.4"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277896",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a348-c888-4d27-87bf-354b950d210b",
"value": "213.186.164.211"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277896",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a348-2e50-435a-8b69-354b950d210b",
"value": "220.134.9.49"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277896",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a348-3d70-4668-aebb-354b950d210b",
"value": "223.25.233.248"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277896",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a349-5ddc-4dcf-b471-354b950d210b",
"value": "70.90.107.245"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277897",
"to_ids": true,
"type": "ip-dst",
"uuid": "55c9a349-4f68-4d69-b66c-354b950d210b",
"value": "95.110.210.31"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277897",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a349-d340-4cc9-a6a0-354b950d210b",
"value": "amxil.opmuert.org"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277897",
"to_ids": true,
"type": "domain",
"uuid": "55c9a349-bbd0-48d4-8ef7-354b950d210b",
"value": "appeal.ml"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277897",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a349-8f6c-48b7-8a80-354b950d210b",
"value": "bluecoat.isasecret.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277897",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a349-aae8-4a4d-af64-354b950d210b",
"value": "cdn.sanecat.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277898",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34a-7854-42c3-a7f6-354b950d210b",
"value": "dns.snakesearch.info"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277898",
"to_ids": true,
"type": "url",
"uuid": "55c9a34a-0ff4-45a5-859f-354b950d210b",
"value": "eniw577dlcp4zbag.onion"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277898",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34a-6f20-48dc-b396-354b950d210b",
"value": "fileshare.serveftp.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277898",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34a-58d0-43e6-b65b-354b950d210b",
"value": "inbox.webmailgoogle.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277898",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34a-bb90-4e1e-a485-354b950d210b",
"value": "jiussharefiles.ddns.net"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277899",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34b-3b78-412c-bb61-354b950d210b",
"value": "jp.virhub.biz"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277899",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34b-9aac-41f2-9d41-354b950d210b",
"value": "news.turkceil.tk"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277899",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34b-7028-41c0-9f9e-354b950d210b",
"value": "news.voanews.hk"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277899",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34b-dc38-4aec-9615-354b950d210b",
"value": "oop.jumpingcrab.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277899",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34b-77f8-4afe-ad28-354b950d210b",
"value": "sb.iffymonkey.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277900",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34c-60d4-40f7-83d4-354b950d210b",
"value": "sbuudd.webssl9.info"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277900",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34c-3f0c-40d8-a5b4-354b950d210b",
"value": "twnic.ignorelist.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277900",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34c-4d10-413d-94db-354b950d210b",
"value": "web.paramerat.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277900",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34c-981c-415c-8684-354b950d210b",
"value": "whois.nictr.info"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277900",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34c-5fa4-4b52-8258-354b950d210b",
"value": "win7.myz.info"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277901",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34d-ff30-49a9-82f2-354b950d210b",
"value": "www.aprilmusic.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277901",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34d-0580-45c9-af5c-354b950d210b",
"value": "www.mcafeea.cf"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277901",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34d-68ac-4e61-b5b5-354b950d210b",
"value": "www.n-fit-sub.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277901",
"to_ids": true,
"type": "url",
"uuid": "55c9a34d-a708-4481-987f-354b950d210b",
"value": "www.n-fit-sub.com/ec/index.php"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277901",
"to_ids": true,
"type": "url",
"uuid": "55c9a34d-4124-4bd1-9068-354b950d210b",
"value": "www.nichiiko-golf.com/news/index.php"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277902",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34e-3a40-46fe-99d4-354b950d210b",
"value": "www.wordpress.zzux.com"
},
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1439277902",
"to_ids": true,
"type": "hostname",
"uuid": "55c9a34e-3e44-45fb-b150-354b950d210b",
"value": "yunwu1.xicp.net"
}
]
}
}
Reference in a new issue View git blame Copy permalink