adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/594252f6-6d34-496a-9746-413f950d210f.json

842 lines
No EOL
25 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "1",
"date": "2017-06-15",
"extends_uuid": "",
"info": "M2M - Jaff 2017-06-14 : \"Emailing: 123456789\" - \"123456789.ZIP\"",
"publish_timestamp": "1497616668",
"published": true,
"threat_level_id": "3",
"timestamp": "1497616658",
"uuid": "594252f6-6d34-496a-9746-413f950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#006c6c",
"local": false,
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Jaff\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "md5",
"uuid": "594252f6-0d08-4c8b-a1f6-443f950d210f",
"value": "184a66091326a882fc4425cb9b40194c"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "md5",
"uuid": "594252f7-e574-4b89-b7f2-486b950d210f",
"value": "dea5cd9dcf444d6107b14cabefbb1774"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "594252f8-1b64-4690-9e64-42e7950d210f",
"value": "http://16892.net/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "594252f8-1c88-4a22-9a0b-4b1a950d210f",
"value": "16892.net"
},
{
"category": "Network activity",
"comment": "16892.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "594252fd-7488-4084-9e0f-41a4950d210f",
"value": "199.79.63.100"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "594252fe-e8d0-49c1-a8c5-4fdb950d210f",
"value": "http://78tguyc876wwirglmltm.net/af/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "594252ff-0060-4d30-bd81-477f950d210f",
"value": "78tguyc876wwirglmltm.net"
},
{
"category": "Network activity",
"comment": "78tguyc876wwirglmltm.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425303-9b40-4920-9960-4c36950d210f",
"value": "119.28.85.128"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425304-4110-43c0-b26b-4752950d210f",
"value": "http://aarontax.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425304-0d50-403e-a134-4560950d210f",
"value": "aarontax.com"
},
{
"category": "Network activity",
"comment": "aarontax.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425305-1f4c-4ab9-bf60-40ec950d210f",
"value": "107.180.2.55"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425305-fba8-4eef-8a91-408b950d210f",
"value": "http://aristei.com.ar/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425306-f0bc-4cd5-ad90-414d950d210f",
"value": "aristei.com.ar"
},
{
"category": "Network activity",
"comment": "aristei.com.ar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425307-ea44-4ed0-9dc6-45b5950d210f",
"value": "190.105.227.224"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425307-4c58-4f84-a07a-4de0950d210f",
"value": "http://cigarconexion.in/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425308-eb3c-49f3-a57b-4ca8950d210f",
"value": "cigarconexion.in"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425309-6564-4eb1-9df8-4ca7950d210f",
"value": "http://cinema-strasbourg.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425309-7f70-4331-9b06-46f1950d210f",
"value": "cinema-strasbourg.com"
},
{
"category": "Network activity",
"comment": "cinema-strasbourg.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942530a-ea24-49ce-b9f7-44a2950d210f",
"value": "5.196.28.243"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942530a-79e4-4f4c-b162-47ca950d210f",
"value": "http://comfortdiscovered.com.au/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942530b-f230-4055-b228-4bea950d210f",
"value": "comfortdiscovered.com.au"
},
{
"category": "Network activity",
"comment": "comfortdiscovered.com.au",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942530c-edfc-47c4-9189-4232950d210f",
"value": "101.0.75.118"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942530c-1668-456d-9076-4e8e950d210f",
"value": "http://cupcakery.in/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942530d-f08c-40bd-b86b-4689950d210f",
"value": "cupcakery.in"
},
{
"category": "Network activity",
"comment": "cupcakery.in",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942530d-bb54-4abf-bd3c-4e1e950d210f",
"value": "103.195.185.222"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942530e-1594-4d17-9c86-49cc950d210f",
"value": "http://makkahhaj.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942530e-7280-46a7-801f-42ac950d210f",
"value": "makkahhaj.com"
},
{
"category": "Network activity",
"comment": "makkahhaj.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942530f-e7e8-4dfc-b234-4217950d210f",
"value": "162.215.252.26"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425310-9a34-4841-a20f-410b950d210f",
"value": "http://mediawax.be/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425310-8f70-48d5-b774-4f09950d210f",
"value": "mediawax.be"
},
{
"category": "Network activity",
"comment": "mediawax.be",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425311-dda0-4947-8156-49e5950d210f",
"value": "5.61.252.24"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425311-ef08-4799-9cd3-4d4d950d210f",
"value": "http://mokinukai.lt/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425312-3040-4859-b904-4d72950d210f",
"value": "mokinukai.lt"
},
{
"category": "Network activity",
"comment": "mokinukai.lt",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425312-dc14-4836-9b1b-4d28950d210f",
"value": "217.17.85.67"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425313-5d50-4746-84a8-4f77950d210f",
"value": "http://mseconsultant.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425314-3cfc-4261-a2ab-4f7d950d210f",
"value": "mseconsultant.com"
},
{
"category": "Network activity",
"comment": "mseconsultant.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425314-9328-40d0-bca1-4d1e950d210f",
"value": "107.154.163.119"
},
{
"category": "Network activity",
"comment": "mseconsultant.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425315-1430-4a62-b426-4fa4950d210f",
"value": "107.154.220.119"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425315-c2d8-4d23-8e8c-41ad950d210f",
"value": "http://qiyuner.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425316-ea30-4c52-8483-4ba9950d210f",
"value": "qiyuner.com"
},
{
"category": "Network activity",
"comment": "qiyuner.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425317-b518-4ccd-8e33-4be4950d210f",
"value": "115.28.21.247"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425317-d9c4-4fca-a990-46ff950d210f",
"value": "http://randomessstioprottoy.net/af/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425318-611c-4e77-a8b1-4acd950d210f",
"value": "randomessstioprottoy.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425319-5a30-47ff-b414-4129950d210f",
"value": "http://scjjh.cn/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425319-70a8-49de-8b70-4fb3950d210f",
"value": "scjjh.cn"
},
{
"category": "Network activity",
"comment": "scjjh.cn",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942531b-d848-43c1-9fbe-441e950d210f",
"value": "211.149.226.210"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942531c-3068-4604-9a43-4856950d210f",
"value": "http://sellityourway.nl/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942531c-3298-4248-b721-4632950d210f",
"value": "sellityourway.nl"
},
{
"category": "Network activity",
"comment": "sellityourway.nl",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942531d-f6e4-42b3-809c-48fc950d210f",
"value": "81.169.145.74"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942531d-f5a4-4628-a4a4-4398950d210f",
"value": "http://serajeadine.ir/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942531e-64cc-405f-a20f-410e950d210f",
"value": "serajeadine.ir"
},
{
"category": "Network activity",
"comment": "serajeadine.ir",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942531e-2a24-427a-b873-406f950d210f",
"value": "176.9.121.246"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "5942531f-137c-42a0-8495-46b8950d210f",
"value": "http://songtinmungtinhyeu.org/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "5942531f-5440-4fd1-9525-415a950d210f",
"value": "songtinmungtinhyeu.org"
},
{
"category": "Network activity",
"comment": "songtinmungtinhyeu.org",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425321-c584-4ce3-9de7-4ecd950d210f",
"value": "45.117.80.214"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425322-f118-4850-b50d-4047950d210f",
"value": "http://speedgrow.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425322-2798-4ff1-b8f5-4cbe950d210f",
"value": "speedgrow.com"
},
{
"category": "Network activity",
"comment": "speedgrow.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425323-45f4-4008-8147-4dbe950d210f",
"value": "116.12.48.139"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425324-d040-4556-9608-4653950d210f",
"value": "http://yuanhefruits.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425325-008c-458d-a957-4e45950d210f",
"value": "yuanhefruits.com"
},
{
"category": "Network activity",
"comment": "yuanhefruits.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425326-ae7c-4e26-9838-453d950d210f",
"value": "45.32.216.171"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425327-f080-4851-b6fc-423f950d210f",
"value": "http://zebtex.com/734fhrfrre"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425327-b210-4a85-850c-425a950d210f",
"value": "zebtex.com"
},
{
"category": "Network activity",
"comment": "zebtex.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "59425328-30ac-4f9d-819c-4285950d210f",
"value": "208.91.198.105"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "url",
"uuid": "59425328-f588-45b2-85f1-4886950d210f",
"value": "http://toronadrouuyrt5wwf.com/a5/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": true,
"type": "hostname",
"uuid": "59425329-9074-494a-83a8-4fe6950d210f",
"value": "toronadrouuyrt5wwf.com"
},
{
"category": "Network activity",
"comment": "toronadrouuyrt5wwf.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611077",
"to_ids": false,
"type": "ip-dst",
"uuid": "5942532b-963c-45d1-a969-499a950d210f",
"value": "119.28.98.205"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 184a66091326a882fc4425cb9b40194c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611104",
"to_ids": true,
"type": "sha256",
"uuid": "5943bb60-c634-4bbb-a898-440102de0b81",
"value": "135c71fda1624ba914f0e1cb7d6d769623f41b8bb08077b710c37b56351903f9"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 184a66091326a882fc4425cb9b40194c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611104",
"to_ids": true,
"type": "sha1",
"uuid": "5943bb60-9488-4159-85b4-401802de0b81",
"value": "4de7016ab381f9caa77c74525be30b2067024bf0"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 184a66091326a882fc4425cb9b40194c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611105",
"to_ids": false,
"type": "link",
"uuid": "5943bb61-5f8c-42d9-bf8e-4a8b02de0b81",
"value": "https://www.virustotal.com/file/135c71fda1624ba914f0e1cb7d6d769623f41b8bb08077b710c37b56351903f9/analysis/1497510333/"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: dea5cd9dcf444d6107b14cabefbb1774",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611105",
"to_ids": true,
"type": "sha256",
"uuid": "5943bb61-a8c8-4d76-9063-4fa202de0b81",
"value": "dd15ec17e469159196a0853bf14edb45a86054c71bc555e2cd0afc1c410917b2"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: dea5cd9dcf444d6107b14cabefbb1774",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611106",
"to_ids": true,
"type": "sha1",
"uuid": "5943bb62-2d04-41ad-baff-499f02de0b81",
"value": "69d5094172cc962acec44fcee4db19204a556009"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: dea5cd9dcf444d6107b14cabefbb1774",
"deleted": false,
"disable_correlation": false,
"timestamp": "1497611106",
"to_ids": false,
"type": "link",
"uuid": "5943bb62-e370-4a6a-978d-487e02de0b81",
"value": "https://www.virustotal.com/file/dd15ec17e469159196a0853bf14edb45a86054c71bc555e2cd0afc1c410917b2/analysis/1497608873/"
}
]
}
}
Reference in a new issue View git blame Copy permalink