misp-circl-feed/feeds/circl/misp/596c6ae1-d4f0-4d84-8718-4a50950d210f.json

111 lines
No EOL
3 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2017-07-12",
"extends_uuid": "",
"info": "HackShit phishing as a service",
"publish_timestamp": "1500277912",
"published": true,
"threat_level_id": "4",
"timestamp": "1500277889",
"uuid": "596c6ae1-d4f0-4d84-8718-4a50950d210f",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#326300",
"name": "circl:incident-classification=\"phishing\""
},
{
"colour": "#856c13",
"name": "Phishing"
},
{
"colour": "#00e7e7",
"name": "ecsirt:fraud=\"phishing\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277553",
"to_ids": false,
"type": "link",
"uuid": "596c6b31-c730-4996-9438-4312950d210f",
"value": "https://resources.netskope.com/h/i/352356475-phishing-as-a-service-phishing-revamped"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277723",
"to_ids": true,
"type": "hostname",
"uuid": "596c6bdb-1f2c-4d3a-9cc4-4909950d210f",
"value": "pod-1.logshit.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277723",
"to_ids": true,
"type": "hostname",
"uuid": "596c6bdb-8704-4b6a-a588-49cf950d210f",
"value": "pod.logshit.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277734",
"to_ids": true,
"type": "domain",
"uuid": "596c6be6-72c8-4412-84e1-4bd9950d210f",
"value": "hackshit.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277734",
"to_ids": true,
"type": "domain",
"uuid": "596c6be6-0b2c-4e5a-be5d-4cb8950d210f",
"value": "logshit.com"
},
{
"category": "Network activity",
"comment": "CDN, but the hostname is specific to this customer/site",
"deleted": false,
"disable_correlation": false,
"timestamp": "1500277864",
"to_ids": true,
"type": "hostname",
"uuid": "596c6c68-e7a0-4742-aaf2-4af3950d210f",
"value": "hspod-1.eu1.evennode.com"
}
]
}
}