misp-circl-feed/feeds/circl/misp/55f5e10a-e830-4732-9b4f-30d0950d210b.json

381 lines
No EOL
11 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2015-09-11",
"extends_uuid": "",
"info": "OSINT A Peek Inside an Affiliate\u00e2\u20ac\u2122s Malspam Operation: Kovter and Miuref/Boaxxe Infections by PhishMe",
"publish_timestamp": "1442210880",
"published": true,
"threat_level_id": "3",
"timestamp": "1442177366",
"uuid": "55f5e10a-e830-4732-9b4f-30d0950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#004646",
"name": "type:OSINT"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177314",
"to_ids": false,
"type": "link",
"uuid": "55f5e122-7be8-4a1e-bbce-ded9950d210b",
"value": "http://phishme.com/a-peek-inside-an-affiliates-malspam-operation-kovter-and-miurefboaxxe-infections/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177355",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14b-eb50-48a8-8295-30cd950d210b",
"value": "109.235.50.205"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177355",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14b-af7c-4fa1-8194-30cd950d210b",
"value": "194.69.193.111"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177356",
"to_ids": true,
"type": "filename",
"uuid": "55f5e14c-d0bc-4e2f-b552-30cd950d210b",
"value": "(bsnews.it"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177356",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14c-8184-4fbd-b4ad-30cd950d210b",
"value": "77.111.207.70"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177356",
"to_ids": true,
"type": "filename",
"uuid": "55f5e14c-2ab0-45f6-83fb-30cd950d210b",
"value": "(Verygames.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177357",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14d-4288-4ca0-81b5-30cd950d210b",
"value": "154.41.66.31"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177357",
"to_ids": true,
"type": "domain",
"uuid": "55f5e14d-a0b4-4940-8fb1-30cd950d210b",
"value": "abama.org"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177357",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14d-0ad4-4ff1-8363-30cd950d210b",
"value": "209.200.253.29"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177358",
"to_ids": true,
"type": "domain",
"uuid": "55f5e14e-86c8-4e16-bea1-30cd950d210b",
"value": "avolonage.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177358",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14e-9114-46d8-a0ab-30cd950d210b",
"value": "67.195.61.46"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177358",
"to_ids": true,
"type": "domain",
"uuid": "55f5e14e-d4fc-423c-9902-30cd950d210b",
"value": "ayuso-arch.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177359",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14f-2660-4978-9fe3-30cd950d210b",
"value": "205.144.171.10"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177359",
"to_ids": true,
"type": "hostname",
"uuid": "55f5e14f-f98c-45c0-bff3-30cd950d210b",
"value": "brigand-001-site2.smarterasp.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177359",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e14f-cbe8-4d77-9693-30cd950d210b",
"value": "216.24.245.126"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177360",
"to_ids": true,
"type": "domain",
"uuid": "55f5e150-bbec-4d7f-bfb4-30cd950d210b",
"value": "ckindustry.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177360",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e150-c780-42b7-b0a2-30cd950d210b",
"value": "74.208.252.194"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177361",
"to_ids": true,
"type": "domain",
"uuid": "55f5e151-5b48-437b-819a-30cd950d210b",
"value": "etqy.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177361",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e151-fa9c-4d8d-be7a-30cd950d210b",
"value": "96.31.35.62"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177361",
"to_ids": true,
"type": "domain",
"uuid": "55f5e151-66a4-43f8-9027-30cd950d210b",
"value": "harmacrebar.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177362",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e152-f624-4306-bc64-30cd950d210b",
"value": "96.31.36.46"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177362",
"to_ids": true,
"type": "domain",
"uuid": "55f5e152-04b8-4340-8597-30cd950d210b",
"value": "idsecurednow.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177362",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e152-35ec-4758-9739-30cd950d210b",
"value": "50.116.104.205"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177363",
"to_ids": true,
"type": "domain",
"uuid": "55f5e153-97dc-4273-86ae-30cd950d210b",
"value": "ihaveavoice2.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177363",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e153-66b0-4259-bd21-30cd950d210b",
"value": "208.43.65.115"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177363",
"to_ids": true,
"type": "domain",
"uuid": "55f5e153-2eb8-4d84-a361-30cd950d210b",
"value": "laterrazzafiorita.it"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177364",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e154-eedc-4881-b3ef-30cd950d210b",
"value": "76.74.242.190"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177364",
"to_ids": true,
"type": "domain",
"uuid": "55f5e154-36bc-439e-ae58-30cd950d210b",
"value": "les-eglantiers.fr"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177364",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e154-2e0c-4d8a-9007-30cd950d210b",
"value": "205.144.171.28"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177365",
"to_ids": true,
"type": "domain",
"uuid": "55f5e155-37cc-4b9b-b907-30cd950d210b",
"value": "readysetgomatthew.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177365",
"to_ids": true,
"type": "ip-dst",
"uuid": "55f5e155-e438-4f82-85c4-30cd950d210b",
"value": "174.137.191.22"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1442177365",
"to_ids": true,
"type": "domain",
"uuid": "55f5e155-0cf4-4231-91fa-30cd950d210b",
"value": "selmaryachtmarket.com"
}
]
}
}