misp-circl-feed/feeds/circl/misp/57c6ac4c-c60c-4f79-a38f-b666950d210f.json

539 lines
No EOL
16 KiB
JSON

{
"Event": {
"analysis": "0",
"date": "2016-08-31",
"extends_uuid": "",
"info": "Malspam 2016-08-31 (.wsf in .zip) - campaign: \"Image|Picture|Photos|Photo|Document\"",
"publish_timestamp": "1472638292",
"published": true,
"threat_level_id": "3",
"timestamp": "1472638251",
"uuid": "57c6ac4c-c60c-4f79-a38f-b666950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#3a7300",
"local": "0",
"name": "circl:incident-classification=\"malware\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638204",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acfc-da4c-44de-9f5a-b667950d210f",
"value": "gastrohurt.neostrada.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638205",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acfd-09ec-4d5d-8716-b667950d210f",
"value": "217.97.216.17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638205",
"to_ids": true,
"type": "domain",
"uuid": "57c6acfd-5198-494d-8159-b667950d210f",
"value": "alians-ekb.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638205",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acfd-7a2c-4b14-a586-b667950d210f",
"value": "85.12.197.61"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638205",
"to_ids": true,
"type": "domain",
"uuid": "57c6acfd-c484-422b-a86d-b667950d210f",
"value": "og-kaiserslautern-kft.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638205",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acfd-5910-4d48-9f0a-b667950d210f",
"value": "109.237.140.28"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638206",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acfe-2f68-49c7-b4b8-b667950d210f",
"value": "nihilismus.web.fc2.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638206",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acfe-f2f0-4ca5-a092-b667950d210f",
"value": "208.71.106.62"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638206",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acfe-0cec-42d8-9f68-b667950d210f",
"value": "chwiladlaciebie.cba.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638206",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acfe-9af4-4d0a-bdba-b667950d210f",
"value": "95.211.144.65"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638206",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acfe-1e60-47eb-9410-b667950d210f",
"value": "www.peritiassicurativi.org"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acff-06b8-46b9-b613-b667950d210f",
"value": "213.205.40.169"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "url",
"uuid": "57c6acff-2370-45f8-a45b-b667950d210f",
"value": "http://rmpst.republika.pl/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acff-4210-4f6b-b572-b667950d210f",
"value": "rmpst.republika.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6acff-ba08-485e-b062-b667950d210f",
"value": "213.180.150.17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acff-43b4-43f7-961b-b667950d210f",
"value": "arcziuuucity.y0.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638207",
"to_ids": true,
"type": "hostname",
"uuid": "57c6acff-1218-44a4-b7c9-b667950d210f",
"value": "www.dapaluda.it"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638208",
"to_ids": true,
"type": "url",
"uuid": "57c6ad00-10ac-4cb9-b427-b667950d210f",
"value": "http://www.lindenkapelle.de/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638208",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad00-ee98-4ef6-b61c-b667950d210f",
"value": "www.lindenkapelle.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638208",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad00-42dc-46b7-b802-b667950d210f",
"value": "81.169.145.224"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638208",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad00-c128-45ab-af25-b667950d210f",
"value": "www.artx.strefa.pl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638208",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad00-a2a8-43b6-a941-b667950d210f",
"value": "217.74.66.167"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638209",
"to_ids": true,
"type": "url",
"uuid": "57c6ad01-4c60-40c3-bc12-b667950d210f",
"value": "http://www.hiederer.de/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638209",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad01-ab70-4333-a2b9-b667950d210f",
"value": "www.hiederer.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638209",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad01-9be4-4bea-b194-b667950d210f",
"value": "81.169.145.74"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638209",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad01-4384-495e-8c51-b667950d210f",
"value": "wolffram.homepage.t-online.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638209",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad01-f1a8-4997-9234-b667950d210f",
"value": "80.150.6.138"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad02-1244-4e95-9ff3-b667950d210f",
"value": "www.shanty-chor-neuengoers.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "domain",
"uuid": "57c6ad02-9a1c-448a-9f3c-b667950d210f",
"value": "onlineportal-2012.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad02-5c30-4979-8643-b667950d210f",
"value": "178.254.51.20"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "url",
"uuid": "57c6ad02-e7a8-4556-9496-b667950d210f",
"value": "http://stanflorin10.go.ro/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad02-cefc-4e05-abb6-b667950d210f",
"value": "stanflorin10.go.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638210",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad02-2dc4-49ec-a938-b667950d210f",
"value": "81.196.20.134"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638211",
"to_ids": true,
"type": "url",
"uuid": "57c6ad03-c744-4f83-a46c-b667950d210f",
"value": "http://www.welt-weit.info/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638211",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad03-f4d0-4def-9328-b667950d210f",
"value": "www.welt-weit.info"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638211",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad03-f80c-463d-8bd8-b667950d210f",
"value": "81.169.145.226"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638211",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad03-b260-4570-be2a-b667950d210f",
"value": "www.facturi.go.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638211",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad03-6538-457a-be18-b667950d210f",
"value": "muellerfalk.homepage.t-online.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638212",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad04-3594-434b-b18a-b667950d210f",
"value": "www.vilastefania.go.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638212",
"to_ids": true,
"type": "url",
"uuid": "57c6ad04-d600-4d97-9c91-b667950d210f",
"value": "http://www.auret.at/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638212",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad04-a7d4-4b7f-a697-b667950d210f",
"value": "www.auret.at"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638212",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad04-391c-4faf-ab7a-b667950d210f",
"value": "62.116.84.99"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638212",
"to_ids": true,
"type": "url",
"uuid": "57c6ad04-0204-4aa3-a08f-b667950d210f",
"value": "http://www.roboticapc.com/987nkjh8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638213",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad05-3e14-4fdd-bb39-b667950d210f",
"value": "www.roboticapc.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638213",
"to_ids": true,
"type": "hostname",
"uuid": "57c6ad05-190c-46b6-a42e-b667950d210f",
"value": "lacomete52.perso.sfr.fr"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472638213",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c6ad05-26f0-4336-8ede-b667950d210f",
"value": "86.65.123.70"
}
]
}
}