84 lines
No EOL
2.2 KiB
JSON
84 lines
No EOL
2.2 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "2",
|
|
"date": "2018-06-05",
|
|
"extends_uuid": "",
|
|
"info": "Phishing Domains",
|
|
"publish_timestamp": "1528228393",
|
|
"published": true,
|
|
"threat_level_id": "3",
|
|
"timestamp": "1528228375",
|
|
"uuid": "5b16dcc8-2750-456f-8840-fbae0acd0835",
|
|
"Orgc": {
|
|
"name": "Synovus Financial",
|
|
"uuid": "5a68c02d-959c-4c8a-a571-0dcac0a8060a"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#ffffff",
|
|
"name": "tlp:white"
|
|
},
|
|
{
|
|
"colour": "#00b2d9",
|
|
"name": "veris:action:social:variety=\"Phishing\""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1528225151",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5b16dcc8-ff80-45d8-af41-fbae0acd0835",
|
|
"value": "elfsrush.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1528225152",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5b16dcc9-4800-453c-a5e0-fbae0acd0835",
|
|
"value": "web-traveller.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1528225154",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5b16dd24-3978-4273-ae98-09040acd0835",
|
|
"value": "edatasales.com"
|
|
},
|
|
{
|
|
"category": "Attribution",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1528225138",
|
|
"to_ids": false,
|
|
"type": "x509-fingerprint-sha1",
|
|
"uuid": "5b16dd72-f564-4957-bed4-fd3a0acd0835",
|
|
"value": "df7972bcdbf00300afcc3c9d8ea8e153efda87f8"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1528228375",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "5b16ea17-a1a8-41e5-996c-453a0acd0835",
|
|
"value": "Possibly related to Easy Auto Refresh Chrome Extension."
|
|
}
|
|
]
|
|
}
|
|
} |