misp-circl-feed/feeds/circl/misp/55db9387-6a70-4fdd-8fee-6e76950d210b.json

622 lines
No EOL
20 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2015-08-24",
"extends_uuid": "",
"info": "OSINT New activity of the Blue Termite APT by AlienVault",
"publish_timestamp": "1498162738",
"published": true,
"threat_level_id": "2",
"timestamp": "1498162710",
"uuid": "55db9387-6a70-4fdd-8fee-6e76950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#004646",
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:threat-actor=\"Blue Termite\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440453535",
"to_ids": false,
"type": "link",
"uuid": "55db939f-46d4-4867-9d87-6070950d210b",
"value": "https://otx.alienvault.com/pulse/55db51554637f21c54c19363/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440453545",
"to_ids": false,
"type": "text",
"uuid": "55db93a9-df84-40b7-89e1-4c28950d210b",
"value": "Blue Termite"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485889",
"to_ids": false,
"type": "vulnerability",
"uuid": "55dc1201-38e4-424b-b789-44a1950d210b",
"value": "CVE-2015-5119"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485907",
"to_ids": true,
"type": "md5",
"uuid": "55dc1213-5904-442e-9cba-449a950d210b",
"value": "07aa0340ec0bfbb2e59f1cc50382c055"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485907",
"to_ids": true,
"type": "md5",
"uuid": "55dc1213-463c-4c3d-96a1-4119950d210b",
"value": "23f23e1345f6bc70af34604246d6300d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485907",
"to_ids": true,
"type": "md5",
"uuid": "55dc1213-0e34-4583-ad80-47c6950d210b",
"value": "302fbe13736403921ad7f9d310d7beb2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485908",
"to_ids": true,
"type": "md5",
"uuid": "55dc1214-c82c-4aef-afe6-445f950d210b",
"value": "3b42577bbd602934a728744f242ffe26"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485908",
"to_ids": true,
"type": "md5",
"uuid": "55dc1214-6018-4397-8532-4edd950d210b",
"value": "438a3b6783fb290197d3023ce441229c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485908",
"to_ids": true,
"type": "md5",
"uuid": "55dc1214-67b0-48ab-8eda-4aa6950d210b",
"value": "512d93c711f006891cbc124392c2e8d9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485908",
"to_ids": true,
"type": "md5",
"uuid": "55dc1214-b0cc-44ec-bf92-48ae950d210b",
"value": "8cc0f235189efcf3fe1c4ccc7527fcfc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485908",
"to_ids": true,
"type": "md5",
"uuid": "55dc1214-6ba8-478a-96b6-432b950d210b",
"value": "a421f5145eae2c68950cc3174e88870f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485909",
"to_ids": true,
"type": "md5",
"uuid": "55dc1215-5360-40c9-8525-47a6950d210b",
"value": "b3bc4b5f17fd5f87ec3714c6587f6906"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485909",
"to_ids": true,
"type": "md5",
"uuid": "55dc1215-ebe4-4e89-9dd3-4c54950d210b",
"value": "bb3f0ad472aac26ae6dc8c0e7969cc30"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485909",
"to_ids": true,
"type": "md5",
"uuid": "55dc1215-82c0-4ed3-93d5-401c950d210b",
"value": "f07216c34689a9104b29bbdcba17325f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485909",
"to_ids": true,
"type": "md5",
"uuid": "55dc1215-51dc-4c23-bd6e-4cb7950d210b",
"value": "f46019f795bd721262dc69988d7e53bc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485909",
"to_ids": true,
"type": "md5",
"uuid": "55dc1215-1d90-4dec-b586-4093950d210b",
"value": "f60cdde57bd9ca9412c32a08ef068abc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "md5",
"uuid": "55dc1216-0044-43e7-84e4-4d1e950d210b",
"value": "f8d9af763e64c420ffa6e8930727f779"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "url",
"uuid": "55dc1216-f97c-481a-ac7a-41b1950d210b",
"value": "http://www.ishopsg.com/sites.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "url",
"uuid": "55dc1216-32a0-403b-88c9-4635950d210b",
"value": "http://www.motoavanti.com/shinyo/backup/look/index.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "url",
"uuid": "55dc1216-cad4-49e4-b6f0-4fe1950d210b",
"value": "http://www.n-fit-sub.com/ec/index.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "url",
"uuid": "55dc1216-bd24-4e15-b0d9-40c2950d210b",
"value": "http://www.nichiiko-golf.com/news/index.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485910",
"to_ids": true,
"type": "url",
"uuid": "55dc1216-b3e0-49c8-85dd-4a7d950d210b",
"value": "http://www.pikogrm.jp/index.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440485911",
"to_ids": true,
"type": "url",
"uuid": "55dc1217-4ed0-40c0-ac32-43db950d210b",
"value": "http://www.upgs.com/css/bin/index.php"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f60cdde57bd9ca9412c32a08ef068abc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487779",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1963-4b34-418d-810c-4593950d210b",
"value": "e03e6f7d98b214b5051b7484e4099ce5bd8c46e49faf44002c8ba146977127ef"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f60cdde57bd9ca9412c32a08ef068abc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487780",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1964-e2e0-40b6-ae55-4c42950d210b",
"value": "3573a9d03211e3935a48a947d1152d7611539f68"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487780",
"to_ids": false,
"type": "link",
"uuid": "55dc1964-98c0-4a77-a6f5-40ed950d210b",
"value": "https://www.virustotal.com/file/e03e6f7d98b214b5051b7484e4099ce5bd8c46e49faf44002c8ba146977127ef/analysis/1436519315/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f46019f795bd721262dc69988d7e53bc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487780",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1964-58c8-4161-99cb-4c74950d210b",
"value": "e9302fe774e22e2b34a395f8e56c6976fe354bb88b5dcfda4ee36984eebd9340"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f46019f795bd721262dc69988d7e53bc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487780",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1964-f858-4bf8-aad7-4667950d210b",
"value": "de51aa21847c1268a708351992a0f95b9a823ffb"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487780",
"to_ids": false,
"type": "link",
"uuid": "55dc1964-2ac0-4644-8fde-49ab950d210b",
"value": "https://www.virustotal.com/file/e9302fe774e22e2b34a395f8e56c6976fe354bb88b5dcfda4ee36984eebd9340/analysis/1439629438/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: bb3f0ad472aac26ae6dc8c0e7969cc30",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487781",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1965-5a00-4e1e-9400-41e7950d210b",
"value": "e919ae6a3bdc6abe6b695215a53b74072a39b86757e049f930866b3f69000957"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: bb3f0ad472aac26ae6dc8c0e7969cc30",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487781",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1965-9a94-4135-ad58-4e79950d210b",
"value": "7e8c4127902dbb0fd3f714d2e6b50acc57d4fcc1"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487781",
"to_ids": false,
"type": "link",
"uuid": "55dc1965-77a8-44c5-be6c-4b02950d210b",
"value": "https://www.virustotal.com/file/e919ae6a3bdc6abe6b695215a53b74072a39b86757e049f930866b3f69000957/analysis/1440461268/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: b3bc4b5f17fd5f87ec3714c6587f6906",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487781",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1965-e704-4cf0-89c1-40c4950d210b",
"value": "dc3c90084e8c47414ccb17fd70d3c2b051a293efcc29dc57a6d273293e0001ec"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: b3bc4b5f17fd5f87ec3714c6587f6906",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487781",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1965-1fb4-4bac-9e22-40c8950d210b",
"value": "07aba67978294a8757bb58fd99f8e1fa151fc348"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487782",
"to_ids": false,
"type": "link",
"uuid": "55dc1966-d0d0-4eb4-b38f-458c950d210b",
"value": "https://www.virustotal.com/file/dc3c90084e8c47414ccb17fd70d3c2b051a293efcc29dc57a6d273293e0001ec/analysis/1440387368/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: a421f5145eae2c68950cc3174e88870f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487782",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1966-ca20-40fc-9581-4052950d210b",
"value": "f4d9660502220c22e367e084c7f5647c21ad4821d8c41ce68e1ac89975175051"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: a421f5145eae2c68950cc3174e88870f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487782",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1966-f1e4-423c-9c3f-4e7b950d210b",
"value": "5c9b84f587cd1a79caae46d9b7cee30c4857f4a2"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487782",
"to_ids": false,
"type": "link",
"uuid": "55dc1966-3338-4325-8bb7-400e950d210b",
"value": "https://www.virustotal.com/file/f4d9660502220c22e367e084c7f5647c21ad4821d8c41ce68e1ac89975175051/analysis/1438873061/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 8cc0f235189efcf3fe1c4ccc7527fcfc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487782",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1966-b224-4fa7-b241-42dc950d210b",
"value": "6aed51b108d9f9f197842e17b0f58d4dec3709ca1eae4d42146d0bba0c145eaf"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 8cc0f235189efcf3fe1c4ccc7527fcfc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487783",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1967-b370-4622-b41b-4604950d210b",
"value": "cdbbcd70452fd84fe4612a7fe2208077fb8fa8ee"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487783",
"to_ids": false,
"type": "link",
"uuid": "55dc1967-deec-4044-b468-4e83950d210b",
"value": "https://www.virustotal.com/file/6aed51b108d9f9f197842e17b0f58d4dec3709ca1eae4d42146d0bba0c145eaf/analysis/1437032832/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 438a3b6783fb290197d3023ce441229c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487783",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1967-5cd0-4fb1-a672-4a35950d210b",
"value": "85a5b524a07d2a37e56876495c1a3a67a1217998a45283fe87f4ab1f97f6a973"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 438a3b6783fb290197d3023ce441229c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487783",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1967-acbc-482c-abeb-42b8950d210b",
"value": "dfd74765a126a0fff4122d9b101720e148c179cb"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487783",
"to_ids": false,
"type": "link",
"uuid": "55dc1967-fa48-4bc8-9350-494f950d210b",
"value": "https://www.virustotal.com/file/85a5b524a07d2a37e56876495c1a3a67a1217998a45283fe87f4ab1f97f6a973/analysis/1437031062/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 302fbe13736403921ad7f9d310d7beb2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487784",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1968-7b38-4679-b642-4b15950d210b",
"value": "008f4f14cf64dc9d323b6cb5942da4a99979c4c7d750ec1228d8c8285883771e"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 302fbe13736403921ad7f9d310d7beb2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487784",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1968-8f2c-47fd-8709-4a35950d210b",
"value": "d87315166be5e3aa2d0962563e0b2edaf371d959"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487784",
"to_ids": false,
"type": "link",
"uuid": "55dc1968-7d4c-4456-b885-446b950d210b",
"value": "https://www.virustotal.com/file/008f4f14cf64dc9d323b6cb5942da4a99979c4c7d750ec1228d8c8285883771e/analysis/1438870784/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 23f23e1345f6bc70af34604246d6300d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487784",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1968-500c-47f7-95e9-42d7950d210b",
"value": "a1fa7c5216737e96359452dcbf121afc251b225abd00f6a464392591caaf52e1"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 23f23e1345f6bc70af34604246d6300d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487785",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1969-fa74-4784-b76c-414e950d210b",
"value": "26fc5977b2d235e36b084e2f5b2c1cb23ea834be"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487785",
"to_ids": false,
"type": "link",
"uuid": "55dc1969-6bb8-4c62-bc9f-4c09950d210b",
"value": "https://www.virustotal.com/file/a1fa7c5216737e96359452dcbf121afc251b225abd00f6a464392591caaf52e1/analysis/1436513718/"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 07aa0340ec0bfbb2e59f1cc50382c055",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487785",
"to_ids": true,
"type": "sha256",
"uuid": "55dc1969-7d50-447a-81e9-4cab950d210b",
"value": "a94bf485cebeda8e4b74bbe2c0a0567903a13c36b9bf60fab484a9b55207fe0d"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: 07aa0340ec0bfbb2e59f1cc50382c055",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487785",
"to_ids": true,
"type": "sha1",
"uuid": "55dc1969-0dbc-425e-8520-4491950d210b",
"value": "f0a73f20bc6c986d5e09a11f5606cf0aff271b2f"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1440487785",
"to_ids": false,
"type": "link",
"uuid": "55dc1969-3994-4e37-8e05-47a1950d210b",
"value": "https://www.virustotal.com/file/a94bf485cebeda8e4b74bbe2c0a0567903a13c36b9bf60fab484a9b55207fe0d/analysis/1440402672/"
}
]
}
}