misp-circl-feed/feeds/circl/misp/56f8e284-5b54-46d4-814d-3f2f02de0b81.json

132 lines
No EOL
3.9 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2016-03-28",
"extends_uuid": "",
"info": "OSINT - McAfee Labs Threat Advisory Ransomware-Locky",
"publish_timestamp": "1459152772",
"published": true,
"threat_level_id": "3",
"timestamp": "1459152153",
"uuid": "56f8e284-5b54-46d4-814d-3f2f02de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#2c4f00",
"name": "malware_classification:malware-category=\"Ransomware\""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151544",
"to_ids": true,
"type": "ip-dst",
"uuid": "56f8e2b8-0c7c-4feb-8a9f-3f2b02de0b81",
"value": "95.181.171.58"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151545",
"to_ids": true,
"type": "ip-dst",
"uuid": "56f8e2b9-7d3c-4f53-87a9-3f2b02de0b81",
"value": "185.14.30.97"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151545",
"to_ids": true,
"type": "ip-dst",
"uuid": "56f8e2b9-ff70-4ebf-9e22-3f2b02de0b81",
"value": "195.22.28.196"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151545",
"to_ids": true,
"type": "ip-dst",
"uuid": "56f8e2b9-b300-47de-bb8c-3f2b02de0b81",
"value": "195.22.28.198"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151546",
"to_ids": true,
"type": "domain",
"uuid": "56f8e2ba-a25c-4c09-a712-3f2b02de0b81",
"value": "pvwinlrmwvccuo.eu"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151546",
"to_ids": true,
"type": "domain",
"uuid": "56f8e2ba-a890-4712-a06f-3f2b02de0b81",
"value": "cgavqeodnop.it"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151546",
"to_ids": true,
"type": "domain",
"uuid": "56f8e2ba-a53c-450e-bb42-3f2b02de0b81",
"value": "kqlxtqptsmys.in"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459151546",
"to_ids": true,
"type": "domain",
"uuid": "56f8e2ba-7bbc-4d5b-90a4-3f2b02de0b81",
"value": "wblejsfob.pw"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1459152153",
"to_ids": false,
"type": "link",
"uuid": "56f8e519-f5d0-4992-84da-3f5d02de0b81",
"value": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26383/en_US/McAfee_Labs_Threat_Advisory-Ransomware-Locky.pdf"
}
]
}
}