misp-circl-feed/feeds/circl/misp/5790e667-46bc-453e-bb78-44d0950d210f.json

660 lines
No EOL
20 KiB
JSON

{
"Event": {
"analysis": "0",
"date": "2016-07-21",
"extends_uuid": "",
"info": "Malspam 2016-07-21 .wsf (campaign: \"fixed invoice\")",
"publish_timestamp": "1469115045",
"published": true,
"threat_level_id": "3",
"timestamp": "1469114614",
"uuid": "5790e667-46bc-453e-bb78-44d0950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#3a7300",
"local": "0",
"name": "circl:incident-classification=\"malware\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113993",
"to_ids": true,
"type": "url",
"uuid": "5790e689-6100-46a1-bbea-4cd8950d210f",
"value": "http://forum-droid.16mb.com/e3zirnzl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113993",
"to_ids": true,
"type": "hostname",
"uuid": "5790e689-9768-4ab7-88aa-4ea6950d210f",
"value": "forum-droid.16mb.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113993",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e689-030c-4e3c-a7e4-4cc5950d210f",
"value": "31.220.16.180"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113994",
"to_ids": true,
"type": "url",
"uuid": "5790e68a-3ee8-479f-a140-4ed6950d210f",
"value": "http://vkt-rus.com/ylnsp9"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113994",
"to_ids": true,
"type": "domain",
"uuid": "5790e68a-3200-4d65-9932-4996950d210f",
"value": "vkt-rus.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113994",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68a-0b5c-4f9a-a167-423f950d210f",
"value": "195.208.0.15"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113994",
"to_ids": true,
"type": "url",
"uuid": "5790e68a-6a48-447b-b483-42be950d210f",
"value": "http://kveldeil.no/yzky84"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113995",
"to_ids": true,
"type": "domain",
"uuid": "5790e68b-1c98-473c-88df-4599950d210f",
"value": "kveldeil.no"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113995",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68b-e264-44c8-bdb0-4a25950d210f",
"value": "85.252.49.19"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113995",
"to_ids": true,
"type": "url",
"uuid": "5790e68b-fa34-41ab-8df2-455e950d210f",
"value": "http://wusromania.home.ro/usjhlho"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113995",
"to_ids": true,
"type": "hostname",
"uuid": "5790e68b-0458-44d3-9135-49aa950d210f",
"value": "wusromania.home.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113995",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68b-3150-4b8a-ae20-4fa3950d210f",
"value": "81.196.20.133"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "url",
"uuid": "5790e68c-70c0-4014-8c5b-44c1950d210f",
"value": "http://premiuminformation.org/39qoqv"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "domain",
"uuid": "5790e68c-9ed0-4828-a330-45a2950d210f",
"value": "premiuminformation.org"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68c-74c4-4d6a-9681-47a8950d210f",
"value": "192.254.188.66"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "url",
"uuid": "5790e68c-51e4-4b5a-be71-455f950d210f",
"value": "http://www.chipo.republika.pl/ndpoxv"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "hostname",
"uuid": "5790e68c-25f4-4b04-ad02-425a950d210f",
"value": "www.chipo.republika.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113996",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68c-93a4-4462-9a04-46e9950d210f",
"value": "213.180.150.17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113997",
"to_ids": true,
"type": "url",
"uuid": "5790e68d-6014-4d34-8ff4-44e2950d210f",
"value": "http://krisnela.50webs.com/w8vxr3"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113997",
"to_ids": true,
"type": "hostname",
"uuid": "5790e68d-fd24-44a4-a018-49be950d210f",
"value": "krisnela.50webs.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113997",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68d-45c4-47af-a977-4727950d210f",
"value": "162.210.101.97"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113997",
"to_ids": true,
"type": "url",
"uuid": "5790e68d-f41c-487d-b54b-4ddd950d210f",
"value": "http://dou104.rybadm.ru/s0uc8cp"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113997",
"to_ids": true,
"type": "hostname",
"uuid": "5790e68d-9f34-4da0-b2c5-4dab950d210f",
"value": "dou104.rybadm.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113998",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68e-5eec-4f2c-a629-4cd1950d210f",
"value": "91.201.210.24"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113998",
"to_ids": true,
"type": "url",
"uuid": "5790e68e-8954-4183-a33c-4ca8950d210f",
"value": "http://bizforward.ru/d6hsbm"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113998",
"to_ids": true,
"type": "domain",
"uuid": "5790e68e-2200-4754-9b6b-4077950d210f",
"value": "bizforward.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113998",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68e-96e8-4815-a117-4eea950d210f",
"value": "193.232.240.10"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113998",
"to_ids": true,
"type": "url",
"uuid": "5790e68e-0a98-45cf-8c7f-4e5c950d210f",
"value": "http://choogo.net/ym104zez"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113999",
"to_ids": true,
"type": "domain",
"uuid": "5790e68f-f650-4bef-82c3-48e9950d210f",
"value": "choogo.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113999",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68f-27bc-403d-bb5b-4edf950d210f",
"value": "112.171.173.157"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113999",
"to_ids": true,
"type": "url",
"uuid": "5790e68f-d998-4f56-afc3-4dfc950d210f",
"value": "http://strojdom33.ru/f31cfm2"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113999",
"to_ids": true,
"type": "domain",
"uuid": "5790e68f-439c-4c14-a039-4b86950d210f",
"value": "strojdom33.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469113999",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e68f-b38c-4a89-ae90-49e9950d210f",
"value": "141.8.194.9"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114000",
"to_ids": true,
"type": "url",
"uuid": "5790e690-800c-48be-89d8-4adc950d210f",
"value": "http://oldim.lviv.ua/1djr1"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114000",
"to_ids": true,
"type": "hostname",
"uuid": "5790e690-92b0-4135-9c04-4256950d210f",
"value": "oldim.lviv.ua"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114000",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e690-cfa4-430b-a660-46ce950d210f",
"value": "91.194.41.32"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114000",
"to_ids": true,
"type": "url",
"uuid": "5790e690-3984-4515-8ddd-4c26950d210f",
"value": "http://sealionnn.web.fc2.com/yf6kq5l"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114000",
"to_ids": true,
"type": "hostname",
"uuid": "5790e690-0ad0-421f-bfe4-46e3950d210f",
"value": "sealionnn.web.fc2.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114001",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e691-2908-467d-94e4-4aab950d210f",
"value": "208.71.106.49"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114001",
"to_ids": true,
"type": "url",
"uuid": "5790e691-5c04-46c5-8a5d-41bb950d210f",
"value": "http://klausschuster.at/jxchtnpd"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114001",
"to_ids": true,
"type": "domain",
"uuid": "5790e691-06e8-470a-b875-4ee0950d210f",
"value": "klausschuster.at"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114001",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e691-970c-4cb7-8592-494c950d210f",
"value": "86.59.107.231"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114001",
"to_ids": true,
"type": "url",
"uuid": "5790e691-d774-47b2-aebc-4eb1950d210f",
"value": "http://pixel.sportsontheweb.net/2yhk9qxf"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114002",
"to_ids": true,
"type": "hostname",
"uuid": "5790e692-134c-469c-86c7-4e00950d210f",
"value": "pixel.sportsontheweb.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114002",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e692-dbe4-4cd7-8400-4788950d210f",
"value": "83.125.22.208"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114002",
"to_ids": true,
"type": "url",
"uuid": "5790e692-68d0-401c-878c-48a9950d210f",
"value": "http://voisin-sa.com/~trumpf/kuul6u13"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114002",
"to_ids": true,
"type": "domain",
"uuid": "5790e692-9a5c-4690-8bce-4b93950d210f",
"value": "voisin-sa.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114002",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e692-db00-4ec5-bc2a-4155950d210f",
"value": "84.246.225.155"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114003",
"to_ids": true,
"type": "url",
"uuid": "5790e693-13a4-4dab-bc0e-4927950d210f",
"value": "http://mebel-bogatyr.ru/fg92gx"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114003",
"to_ids": true,
"type": "domain",
"uuid": "5790e693-04cc-4547-abd8-4c38950d210f",
"value": "mebel-bogatyr.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114003",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e693-6084-47a0-97fb-4b0b950d210f",
"value": "141.8.192.63"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114003",
"to_ids": true,
"type": "url",
"uuid": "5790e693-9534-40d8-8481-481c950d210f",
"value": "http://www.redimec.com/qsr3hnqk"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114003",
"to_ids": true,
"type": "hostname",
"uuid": "5790e693-092c-4bf3-b431-4da2950d210f",
"value": "www.redimec.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114004",
"to_ids": true,
"type": "ip-dst",
"uuid": "5790e694-47e4-44c4-99a6-4aa6950d210f",
"value": "213.205.40.169"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114004",
"to_ids": true,
"type": "url",
"uuid": "5790e694-e28c-4642-8e33-45bf950d210f",
"value": "http://vkt-rus.com/v9puv4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114049",
"to_ids": false,
"type": "user-agent",
"uuid": "5790e6c1-c240-4ac7-8ce9-401d950d210f",
"value": "User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1469114109",
"to_ids": false,
"type": "email-subject",
"uuid": "5790e6fd-4c7c-4a96-825b-4617950d210f",
"value": "fixed invoice"
}
]
}
}