misp-circl-feed/feeds/circl/misp/56d4b32d-664c-4647-a748-1362950d210f.json

{
  "Event": {
    "analysis": "2",
    "date": "2016-02-29",
    "extends_uuid": "",
    "info": "OSINT - New Hacking team samples (OSX)",
    "publish_timestamp": "1456781112",
    "published": true,
    "threat_level_id": "1",
    "timestamp": "1456781102",
    "uuid": "56d4b32d-664c-4647-a748-1362950d210f",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#004646",
        "local": false,
        "name": "type:OSINT",
        "relationship_type": ""
      },
      {
        "colour": "#3a7300",
        "local": false,
        "name": "circl:incident-classification=\"malware\"",
        "relationship_type": ""
      },
      {
        "colour": "#33FF00",
        "local": false,
        "name": "tlp:green",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "Payload delivery",
        "comment": "ZIP with dropper",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780424",
        "to_ids": true,
        "type": "sha256",
        "uuid": "56d4b488-ae78-464f-a218-1363950d210f",
        "value": "2ee9e9d9a0cd3cee6519e7b950821d5c90af03da665879615e52fd093dd8e947"
      },
      {
        "category": "Payload delivery",
        "comment": "Dropper binary",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780425",
        "to_ids": true,
        "type": "sha256",
        "uuid": "56d4b489-a684-4f7a-a0fb-1363950d210f",
        "value": "58e4e4853c6cfbb43afd49e5238046596ee5b78eca439c7d76bd95a34115a273"
      },
      {
        "category": "Network activity",
        "comment": "C&C",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780425",
        "to_ids": true,
        "type": "ip-dst",
        "uuid": "56d4b489-9400-4c37-8e64-1363950d210f",
        "value": "212.71.254.212"
      },
      {
        "category": "External analysis",
        "comment": "Imported via the freetext import.",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456781102",
        "to_ids": false,
        "type": "link",
        "uuid": "56d4b489-bab0-4bc1-bc3f-1363950d210f",
        "value": "https://reverse.put.as/2016/02/29/the-italian-morons-are-back-what-are-they-up-to-this-time/"
      },
      {
        "category": "Payload delivery",
        "comment": "Dropper binary - Xchecked via VT: 58e4e4853c6cfbb43afd49e5238046596ee5b78eca439c7d76bd95a34115a273",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780639",
        "to_ids": true,
        "type": "sha1",
        "uuid": "56d4b55f-1790-4a76-b14f-136602de0b81",
        "value": "df0c428657f8d317a9617a209ed1998860f22c42"
      },
      {
        "category": "Payload delivery",
        "comment": "Dropper binary - Xchecked via VT: 58e4e4853c6cfbb43afd49e5238046596ee5b78eca439c7d76bd95a34115a273",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780639",
        "to_ids": true,
        "type": "md5",
        "uuid": "56d4b55f-0494-4e05-bbd1-136602de0b81",
        "value": "e2b81bed4472087dca00bee18acbce04"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780640",
        "to_ids": false,
        "type": "link",
        "uuid": "56d4b560-1cec-475e-a298-136602de0b81",
        "value": "https://www.virustotal.com/file/58e4e4853c6cfbb43afd49e5238046596ee5b78eca439c7d76bd95a34115a273/analysis/1456779730/"
      },
      {
        "category": "Payload delivery",
        "comment": "ZIP with dropper - Xchecked via VT: 2ee9e9d9a0cd3cee6519e7b950821d5c90af03da665879615e52fd093dd8e947",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780640",
        "to_ids": true,
        "type": "sha1",
        "uuid": "56d4b560-f868-4c50-a9dd-136602de0b81",
        "value": "64341827760eb2d4ac4107b6d18c6942d3d69cba"
      },
      {
        "category": "Payload delivery",
        "comment": "ZIP with dropper - Xchecked via VT: 2ee9e9d9a0cd3cee6519e7b950821d5c90af03da665879615e52fd093dd8e947",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780640",
        "to_ids": true,
        "type": "md5",
        "uuid": "56d4b560-d8b8-4625-8d5b-136602de0b81",
        "value": "92d4556d3d594b987044106388d484b3"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1456780641",
        "to_ids": false,
        "type": "link",
        "uuid": "56d4b561-8b38-4590-9a9e-136602de0b81",
        "value": "https://www.virustotal.com/file/2ee9e9d9a0cd3cee6519e7b950821d5c90af03da665879615e52fd093dd8e947/analysis/1456767669/"
      }
    ]
  }
}