misp-circl-feed/feeds/circl/misp/578cde89-5064-4b29-96c5-45e6950d210f.json

579 lines
No EOL
17 KiB
JSON

{
"Event": {
"analysis": "0",
"date": "2016-07-18",
"extends_uuid": "",
"info": "Malspam 2016-07-18 .wsf (campaign: \"company database\")",
"publish_timestamp": "1468852881",
"published": true,
"threat_level_id": "3",
"timestamp": "1468852850",
"uuid": "578cde89-5064-4b29-96c5-45e6950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#3b7500",
"name": "circl:incident-classification=\"malware\""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849850",
"to_ids": true,
"type": "url",
"uuid": "578cdeba-c690-488e-8d7a-403a950d210f",
"value": "http://gv.com.my/qbnuau"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849850",
"to_ids": true,
"type": "hostname",
"uuid": "578cdeba-e67c-4f0e-979f-4bdf950d210f",
"value": "gv.com.my"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849851",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdebb-7cb4-4c25-832c-455b950d210f",
"value": "210.48.153.240"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849851",
"to_ids": true,
"type": "url",
"uuid": "578cdebb-1b0c-47ad-8402-445a950d210f",
"value": "http://dnp9.com/zpfqk2l"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849852",
"to_ids": true,
"type": "domain",
"uuid": "578cdebc-c080-450a-b067-42d1950d210f",
"value": "dnp9.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849852",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdebc-be94-45f7-9829-458f950d210f",
"value": "110.164.189.123"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849853",
"to_ids": true,
"type": "url",
"uuid": "578cdebd-f758-4456-b174-4f83950d210f",
"value": "http://cloudbws.com/m0tu07b"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849853",
"to_ids": true,
"type": "domain",
"uuid": "578cdebd-f728-4077-8e0c-4c8b950d210f",
"value": "cloudbws.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849853",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdebd-8c1c-4444-9fdf-4f0a950d210f",
"value": "192.186.201.200"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849854",
"to_ids": true,
"type": "url",
"uuid": "578cdebe-2cd0-4571-9790-4582950d210f",
"value": "http://blackdildo.net/h9kyu"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849854",
"to_ids": true,
"type": "domain",
"uuid": "578cdebe-dbac-4bc9-89d7-4265950d210f",
"value": "blackdildo.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849855",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdebf-9e70-4722-ba28-418c950d210f",
"value": "50.31.160.94"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849855",
"to_ids": true,
"type": "url",
"uuid": "578cdebf-af24-4352-903a-4d78950d210f",
"value": "http://vakantiehuisinauvergne.com/apyd17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849856",
"to_ids": true,
"type": "domain",
"uuid": "578cdec0-981c-4420-a095-4e9a950d210f",
"value": "vakantiehuisinauvergne.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849856",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdec0-759c-4d79-a1a4-4c7a950d210f",
"value": "185.27.173.22"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849857",
"to_ids": true,
"type": "url",
"uuid": "578cdec1-5ab8-4340-ae15-436d950d210f",
"value": "http://wcouto.com.br/9d207v"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849857",
"to_ids": true,
"type": "hostname",
"uuid": "578cdec1-d9cc-42ae-b475-491a950d210f",
"value": "wcouto.com.br"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849857",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdec1-7424-4940-bb77-49ba950d210f",
"value": "31.170.164.47"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849858",
"to_ids": true,
"type": "url",
"uuid": "578cdec2-8278-4c22-ba25-44f2950d210f",
"value": "http://anchortron.com/hiqsij"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849858",
"to_ids": true,
"type": "domain",
"uuid": "578cdec2-1a74-4568-990d-497e950d210f",
"value": "anchortron.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849859",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdec3-a928-4899-9293-4012950d210f",
"value": "192.186.209.130"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849859",
"to_ids": true,
"type": "url",
"uuid": "578cdec3-e520-4a3a-be4e-4676950d210f",
"value": "http://travoxsb.com/qmi5u0n"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849860",
"to_ids": true,
"type": "domain",
"uuid": "578cdec4-fa18-4e1c-95ff-4073950d210f",
"value": "travoxsb.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468849860",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cdec4-e6f0-47c5-9251-4d63950d210f",
"value": "110.4.45.235"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468850061",
"to_ids": false,
"type": "user-agent",
"uuid": "578cdf8d-5574-4992-a875-4231950d210f",
"value": "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468850083",
"to_ids": false,
"type": "email-subject",
"uuid": "578cdfa3-a058-4435-9e68-4629950d210f",
"value": "company database"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851314",
"to_ids": true,
"type": "url",
"uuid": "578ce472-b0a4-44e4-b143-41b8950d210f",
"value": "http://deanstum.com/z9opr"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851315",
"to_ids": true,
"type": "domain",
"uuid": "578ce473-eef8-4595-a83e-42b7950d210f",
"value": "deanstum.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851315",
"to_ids": true,
"type": "ip-dst",
"uuid": "578ce473-da54-408e-9292-4d5e950d210f",
"value": "192.186.229.69"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851316",
"to_ids": true,
"type": "url",
"uuid": "578ce474-6560-4f09-8a42-4efc950d210f",
"value": "http://gruposoluciomatica.com.br/ryi81"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851316",
"to_ids": true,
"type": "hostname",
"uuid": "578ce474-f32c-4f2c-b3ae-42d4950d210f",
"value": "gruposoluciomatica.com.br"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851317",
"to_ids": true,
"type": "ip-dst",
"uuid": "578ce475-03c0-4256-a403-4e8e950d210f",
"value": "187.17.98.182"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851317",
"to_ids": true,
"type": "url",
"uuid": "578ce475-0c20-4fac-bd46-4010950d210f",
"value": "http://serviceautoiasi.com/4tbvsfcz"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851318",
"to_ids": true,
"type": "domain",
"uuid": "578ce476-f1d8-4e41-b306-45ef950d210f",
"value": "serviceautoiasi.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851318",
"to_ids": true,
"type": "ip-dst",
"uuid": "578ce476-91c8-4a99-9d71-4723950d210f",
"value": "85.9.56.193"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851319",
"to_ids": true,
"type": "url",
"uuid": "578ce477-8f64-41c0-88e3-4196950d210f",
"value": "http://trans-free.ru/2hx1l"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851319",
"to_ids": true,
"type": "domain",
"uuid": "578ce477-893c-4460-8176-47f6950d210f",
"value": "trans-free.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851320",
"to_ids": true,
"type": "ip-dst",
"uuid": "578ce478-bf7c-4e76-83b0-475e950d210f",
"value": "77.222.62.144"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851320",
"to_ids": true,
"type": "url",
"uuid": "578ce478-55f8-4d9d-af31-4982950d210f",
"value": "http://s2mgmt.com/do40lc"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851321",
"to_ids": true,
"type": "domain",
"uuid": "578ce479-02cc-4d2c-aeb9-40b0950d210f",
"value": "s2mgmt.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468851321",
"to_ids": true,
"type": "ip-dst",
"uuid": "578ce479-ea2c-4056-93b8-4f87950d210f",
"value": "45.33.23.200"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852845",
"to_ids": true,
"type": "url",
"uuid": "578cea6d-4700-4ecf-ab61-49e6950d210f",
"value": "http://benavidezhoy.com/8zrg48k"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852847",
"to_ids": true,
"type": "domain",
"uuid": "578cea6f-b6e8-4640-ae92-43d8950d210f",
"value": "benavidezhoy.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852847",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cea6f-db94-4c9a-9258-43c3950d210f",
"value": "69.16.243.28"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852848",
"to_ids": true,
"type": "url",
"uuid": "578cea70-e7ec-40e4-bc7b-401a950d210f",
"value": "http://aquatixbottle.com/ygyngc"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852848",
"to_ids": true,
"type": "domain",
"uuid": "578cea70-0c38-4eeb-b007-4b78950d210f",
"value": "aquatixbottle.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852848",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cea70-963c-4c2f-85da-463e950d210f",
"value": "192.186.212.231"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852849",
"to_ids": true,
"type": "url",
"uuid": "578cea71-b670-421f-b78e-4d51950d210f",
"value": "http://davisdoherty.co.nz/g0vi70"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852849",
"to_ids": true,
"type": "hostname",
"uuid": "578cea71-f2d8-41c5-8fe2-42c4950d210f",
"value": "davisdoherty.co.nz"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468852850",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cea72-df10-43ba-9101-4ce5950d210f",
"value": "60.234.42.102"
}
]
}
}