adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/589b97f0-1e74-420b-bb3e-f4f302de0b81.json

245 lines
No EOL
9 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2017-02-08",
"extends_uuid": "",
"info": "OSINT - Trojan.Mirai.1 for Microsoft Windows",
"publish_timestamp": "1486592402",
"published": true,
"threat_level_id": "3",
"timestamp": "1486592381",
"uuid": "589b97f0-1e74-420b-bb3e-f4f302de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:tool=\"Mirai\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": false,
"type": "link",
"uuid": "589b97fd-34e4-4b0b-b58b-f4f502de0b81",
"value": "http://vms.drweb.com/virus/?_is=1&i=14934685",
"Tag": [
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
},
{
"colour": "#086200",
"local": false,
"name": "admiralty-scale:source-reliability=\"c\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": false,
"type": "text",
"uuid": "589b9819-64d4-44f1-9658-a46902de0b81",
"value": "A Trojan for Microsoft Windows written in C++. Designed to scan TCP ports from the indicated range of IP addresses in order to execute various commands and distribute other malware.\r\n\r\nWhen launched, the Trojan connects to its command and control server, downloads the configuration file (wpd.dat) and extracts the list of IP addresses. Then the scanner is launched: it refers to the listed addresses and simultaneously checks several ports"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": true,
"type": "sha1",
"uuid": "589b9849-0d4c-427d-aa16-474f02de0b81",
"value": "9575d5edb955e8e57d5886e1cf93f54f52912238"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": true,
"type": "sha1",
"uuid": "589b9849-e590-4f87-a607-48bd02de0b81",
"value": "f97e8145e1e818f17779a8b136370c24da67a6a5"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": true,
"type": "sha1",
"uuid": "589b984a-e0e0-4d0c-8acb-479002de0b81",
"value": "42c9686dade9a7f346efa8fdbe5dbf6fa1a7028e"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592275",
"to_ids": true,
"type": "sha1",
"uuid": "589b984b-f7d0-48b3-af9e-402102de0b81",
"value": "938715263e1e24f3e3d82d72b4e1d2b60ab187b8"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 938715263e1e24f3e3d82d72b4e1d2b60ab187b8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592280",
"to_ids": true,
"type": "sha256",
"uuid": "589b9918-7ffc-419f-855d-f4f502de0b81",
"value": "2d8cd23e33e56ab396960a0d426c232f6d8905e2ac5833f37c412b699135f6ce"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 938715263e1e24f3e3d82d72b4e1d2b60ab187b8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592281",
"to_ids": true,
"type": "md5",
"uuid": "589b9919-59d0-4dcf-869d-f4f502de0b81",
"value": "91a12a4cf437589ba70b1687f5acad19"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 938715263e1e24f3e3d82d72b4e1d2b60ab187b8",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592281",
"to_ids": false,
"type": "link",
"uuid": "589b991a-aeb0-4987-8d25-f4f502de0b81",
"value": "https://www.virustotal.com/file/2d8cd23e33e56ab396960a0d426c232f6d8905e2ac5833f37c412b699135f6ce/analysis/1486483551/"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 42c9686dade9a7f346efa8fdbe5dbf6fa1a7028e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592282",
"to_ids": true,
"type": "sha256",
"uuid": "589b991a-6678-47d4-a221-f4f502de0b81",
"value": "2de4851dcaaa4b5ed8421a0c72ceed64497c147d85cbfb1928d6baf7760c0c46"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 42c9686dade9a7f346efa8fdbe5dbf6fa1a7028e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592283",
"to_ids": true,
"type": "md5",
"uuid": "589b991b-f398-48a8-b18f-f4f502de0b81",
"value": "e7761db0f63bc09cf5e4193fd6926c5e"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 42c9686dade9a7f346efa8fdbe5dbf6fa1a7028e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592284",
"to_ids": false,
"type": "link",
"uuid": "589b991c-3a80-4baa-afc9-f4f502de0b81",
"value": "https://www.virustotal.com/file/2de4851dcaaa4b5ed8421a0c72ceed64497c147d85cbfb1928d6baf7760c0c46/analysis/1486484386/"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: f97e8145e1e818f17779a8b136370c24da67a6a5",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592285",
"to_ids": true,
"type": "sha256",
"uuid": "589b991d-3348-4eb8-9380-f4f502de0b81",
"value": "bdad4a77b678fda8328b2fae290e525a553c490214d43df377dbeb3132879673"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: f97e8145e1e818f17779a8b136370c24da67a6a5",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592285",
"to_ids": true,
"type": "md5",
"uuid": "589b991d-e264-4a07-b40d-f4f502de0b81",
"value": "297d1980ce171ddaeb7002bc020fe6b6"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: f97e8145e1e818f17779a8b136370c24da67a6a5",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592286",
"to_ids": false,
"type": "link",
"uuid": "589b991e-d240-42f3-9b61-f4f502de0b81",
"value": "https://www.virustotal.com/file/bdad4a77b678fda8328b2fae290e525a553c490214d43df377dbeb3132879673/analysis/1486484396/"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 9575d5edb955e8e57d5886e1cf93f54f52912238",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592287",
"to_ids": true,
"type": "sha256",
"uuid": "589b991f-5e20-468b-830c-f4f502de0b81",
"value": "4856706c088f66965d714fe09af22ee56d84483278582ff3dd8f98bc3c5862ab"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 9575d5edb955e8e57d5886e1cf93f54f52912238",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592287",
"to_ids": true,
"type": "md5",
"uuid": "589b991f-b4ac-40dd-a467-f4f502de0b81",
"value": "a3c09c2c3216a3a24dce18fd60a5ffc2"
},
{
"category": "Payload delivery",
"comment": "Trojan.Mirai.1 - Windows - Xchecked via VT: 9575d5edb955e8e57d5886e1cf93f54f52912238",
"deleted": false,
"disable_correlation": false,
"timestamp": "1486592288",
"to_ids": false,
"type": "link",
"uuid": "589b9920-aaf0-4d98-b09d-f4f502de0b81",
"value": "https://www.virustotal.com/file/4856706c088f66965d714fe09af22ee56d84483278582ff3dd8f98bc3c5862ab/analysis/1486590726/"
}
]
}
}
Reference in a new issue View git blame Copy permalink