adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/59c8f958-be58-46da-8a21-4c5f950d210f.json

523 lines
No EOL
16 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "1",
"date": "2017-09-25",
"extends_uuid": "",
"info": "M2M - Locky 2017-09-25 : Affid=3, offline, \".ykcol\" : \"Message from 02087654321\" - \"Voice Message.7z\"",
"publish_timestamp": "1506344285",
"published": true,
"threat_level_id": "3",
"timestamp": "1506344280",
"uuid": "59c8f958-be58-46da-8a21-4c5f950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#006c6c",
"local": false,
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Locky\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "md5",
"uuid": "59c8f959-ac8c-4e13-936e-9b1f950d210f",
"value": "8dbdd9122dadc54f21747cc4f0ab267c"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f959-481c-4f85-a01f-4dd9950d210f",
"value": "http://artplast.uz/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f959-cd48-45c3-8d58-4c5f950d210f",
"value": "artplast.uz"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f977-c8b4-4c61-ba89-4c64950d210f",
"value": "http://asesoreszapico.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f978-11f8-4997-8f83-4d7e950d210f",
"value": "asesoreszapico.com"
},
{
"category": "Network activity",
"comment": "asesoreszapico.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f978-9e6c-4301-9e45-4ad5950d210f",
"value": "212.89.16.142"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f978-e850-40fd-85eb-9dc2950d210f",
"value": "http://asheardontheradiogreens.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f978-557c-42cb-8552-4dd6950d210f",
"value": "asheardontheradiogreens.com"
},
{
"category": "Network activity",
"comment": "asheardontheradiogreens.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f979-6138-4c7c-9cbc-4137950d210f",
"value": "199.30.241.139"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f979-2bec-4e95-9bee-4bf6950d210f",
"value": "http://audio-pa-service.de/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f979-e378-452d-9637-408a950d210f",
"value": "audio-pa-service.de"
},
{
"category": "Network activity",
"comment": "audio-pa-service.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f979-1298-4b34-a5e9-4c2f950d210f",
"value": "81.169.244.233"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f97a-7670-41df-976e-4c5f950d210f",
"value": "http://augsburger-maerchentheater.de/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f97a-7130-4898-874b-9dc2950d210f",
"value": "augsburger-maerchentheater.de"
},
{
"category": "Network activity",
"comment": "augsburger-maerchentheater.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f97c-71e0-45cf-a3a3-4c64950d210f",
"value": "94.102.214.231"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f97c-cc4c-44b9-a834-4c2f950d210f",
"value": "http://auto-ecole-prudence.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f97c-450c-41b9-b8f9-9b1f950d210f",
"value": "auto-ecole-prudence.com"
},
{
"category": "Network activity",
"comment": "auto-ecole-prudence.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f97c-07cc-4b9d-b850-4214950d210f",
"value": "193.227.248.247"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f97d-28d0-4993-bb4b-42ad950d210f",
"value": "http://automattenonline.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f97d-4d8c-4f56-94c2-45f8950d210f",
"value": "automattenonline.com"
},
{
"category": "Network activity",
"comment": "automattenonline.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f97d-4cbc-422c-bc56-4bcd950d210f",
"value": "149.210.129.109"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f97d-7e08-4283-a747-4bf6950d210f",
"value": "http://awoodshop.net/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f97e-e30c-41cd-926e-4678950d210f",
"value": "awoodshop.net"
},
{
"category": "Network activity",
"comment": "awoodshop.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f97e-8c5c-495e-b382-9b1f950d210f",
"value": "72.32.177.50"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f97e-e88c-4032-849d-4c5f950d210f",
"value": "http://azimuth.com.pt/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f97e-2678-46af-8143-9dc2950d210f",
"value": "azimuth.com.pt"
},
{
"category": "Network activity",
"comment": "azimuth.com.pt",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f97f-1d84-4154-b141-9b8f950d210f",
"value": "80.172.241.36"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f980-4d24-4b52-a6b8-45dd950d210f",
"value": "http://baburkuyumculuk.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f980-1a10-449c-8ff4-4db4950d210f",
"value": "baburkuyumculuk.com"
},
{
"category": "Network activity",
"comment": "baburkuyumculuk.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f980-3d88-4246-80ef-4f5e950d210f",
"value": "213.142.143.191"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f980-130c-4261-ade3-454a950d210f",
"value": "http://bagnolipisa.it/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f980-2a50-4b1a-8267-9dc2950d210f",
"value": "bagnolipisa.it"
},
{
"category": "Network activity",
"comment": "bagnolipisa.it",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f981-bd88-4432-b8c1-4c2f950d210f",
"value": "77.72.25.23"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "url",
"uuid": "59c8f981-d878-4b0d-8f17-4075950d210f",
"value": "http://barberomudanzas.com/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f981-1400-44b1-b1ed-4df4950d210f",
"value": "barberomudanzas.com"
},
{
"category": "Network activity",
"comment": "barberomudanzas.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f981-0550-4d85-b6e3-44da950d210f",
"value": "188.93.75.198"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344188",
"to_ids": true,
"type": "url",
"uuid": "59c8f982-981c-4dbb-a0e5-4797950d210f",
"value": "http://bor.uz/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f982-7b54-4776-921a-9dc2950d210f",
"value": "bor.uz"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344188",
"to_ids": true,
"type": "url",
"uuid": "59c8f988-7a04-42bb-a64e-4241950d210f",
"value": "http://tertrodefordown.info/af/YTkjdJH7w1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344188",
"to_ids": true,
"type": "hostname",
"uuid": "59c8f989-aeec-4911-a6f0-4f1a950d210f",
"value": "tertrodefordown.info"
},
{
"category": "Network activity",
"comment": "tertrodefordown.info",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344188",
"to_ids": false,
"type": "ip-dst",
"uuid": "59c8f98c-1ecc-45fc-a30f-40f3950d210f",
"value": "49.51.36.73"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 8dbdd9122dadc54f21747cc4f0ab267c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "sha256",
"uuid": "59c8fcfd-834c-42e6-862e-403d02de0b81",
"value": "b86a830769fcfd54201495353c5ab8931f7ca796ef54a2219a04b9e7cb7d2a7a"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 8dbdd9122dadc54f21747cc4f0ab267c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": true,
"type": "sha1",
"uuid": "59c8fcfd-39fc-469c-bdaf-4d5802de0b81",
"value": "7f07f3b5ba830d55822f75836f0bbbe0ef579256"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 8dbdd9122dadc54f21747cc4f0ab267c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506344189",
"to_ids": false,
"type": "link",
"uuid": "59c8fcfd-6024-4980-ba2c-4fe102de0b81",
"value": "https://www.virustotal.com/file/b86a830769fcfd54201495353c5ab8931f7ca796ef54a2219a04b9e7cb7d2a7a/analysis/1506338916/"
}
]
}
}
Reference in a new issue View git blame Copy permalink