misp-circl-feed/feeds/circl/misp/578cca12-1490-4cee-85de-4c29950d210f.json

711 lines
No EOL
21 KiB
JSON

{
"Event": {
"analysis": "0",
"date": "2016-07-18",
"extends_uuid": "",
"info": "Malspam 2016-07-18 .wsf (campaign: \"bank account report\")",
"publish_timestamp": "1468844734",
"published": true,
"threat_level_id": "3",
"timestamp": "1468844704",
"uuid": "578cca12-1490-4cee-85de-4c29950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#3b7500",
"name": "circl:incident-classification=\"malware\""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844625",
"to_ids": true,
"type": "url",
"uuid": "578cca51-f1ac-4ef8-a054-4f95950d210f",
"value": "http://ecpi.ro/cqema"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844625",
"to_ids": true,
"type": "domain",
"uuid": "578cca51-150c-4d19-93e2-4988950d210f",
"value": "ecpi.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844626",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca52-6480-4bde-9607-4d43950d210f",
"value": "89.42.223.64"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844626",
"to_ids": true,
"type": "url",
"uuid": "578cca52-be58-4b9e-8ac5-4a74950d210f",
"value": "http://provincialpw.com/r0vaqf"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844627",
"to_ids": true,
"type": "domain",
"uuid": "578cca53-e39c-4eb9-a7ee-434d950d210f",
"value": "provincialpw.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844627",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca53-b100-4f68-948c-4776950d210f",
"value": "160.153.54.35"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844627",
"to_ids": true,
"type": "url",
"uuid": "578cca53-1334-4097-97be-4563950d210f",
"value": "http://matthewmccright.org/sl8wu"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844628",
"to_ids": true,
"type": "domain",
"uuid": "578cca54-e8d0-4690-8540-43de950d210f",
"value": "matthewmccright.org"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844628",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca54-3d38-4815-a76a-4722950d210f",
"value": "107.180.13.17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844629",
"to_ids": true,
"type": "url",
"uuid": "578cca55-4aa4-43ec-9836-4ecd950d210f",
"value": "http://kouzoncorporation.com/jikkhl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844629",
"to_ids": true,
"type": "domain",
"uuid": "578cca55-0174-4e64-b0b0-49e6950d210f",
"value": "kouzoncorporation.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844629",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca55-c288-4c80-a522-49d5950d210f",
"value": "192.185.85.237"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844630",
"to_ids": true,
"type": "url",
"uuid": "578cca56-e0ac-4d83-829d-4479950d210f",
"value": "http://ahatv.com.au/twh7xv"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844630",
"to_ids": true,
"type": "hostname",
"uuid": "578cca56-ab48-4e37-923b-49e9950d210f",
"value": "ahatv.com.au"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844631",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca57-479c-4495-950e-40a6950d210f",
"value": "103.226.221.161"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844631",
"to_ids": true,
"type": "url",
"uuid": "578cca57-1d70-4118-9708-4daa950d210f",
"value": "http://davisdoherty.co.nz/g0vi70"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844631",
"to_ids": true,
"type": "hostname",
"uuid": "578cca57-fa1c-45b0-ae8e-4668950d210f",
"value": "davisdoherty.co.nz"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844632",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca58-9e7c-41c7-9bbd-44e7950d210f",
"value": "60.234.42.102"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844632",
"to_ids": true,
"type": "url",
"uuid": "578cca58-6354-4c53-bfd3-4c0f950d210f",
"value": "http://my-result.ru/0j1nlpj8"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844633",
"to_ids": true,
"type": "domain",
"uuid": "578cca59-02ec-4ec3-bc2e-4cf1950d210f",
"value": "my-result.ru"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844633",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca59-8108-445f-829c-48ce950d210f",
"value": "95.163.18.88"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844633",
"to_ids": true,
"type": "url",
"uuid": "578cca59-09dc-4287-8922-4231950d210f",
"value": "http://blackdildo.net/h9kyu"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844634",
"to_ids": true,
"type": "domain",
"uuid": "578cca5a-4df4-466e-a74d-4a77950d210f",
"value": "blackdildo.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844634",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca5a-123c-450b-b601-4cba950d210f",
"value": "50.31.160.94"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844635",
"to_ids": true,
"type": "url",
"uuid": "578cca5b-3044-4e4d-846b-49df950d210f",
"value": "http://gruposoluciomatica.com.br/ryi81"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844635",
"to_ids": true,
"type": "hostname",
"uuid": "578cca5b-4a24-477f-908c-4ef1950d210f",
"value": "gruposoluciomatica.com.br"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844635",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca5b-04f0-4501-b319-4f16950d210f",
"value": "187.17.98.182"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844636",
"to_ids": true,
"type": "url",
"uuid": "578cca5c-7b90-4531-8939-4ce4950d210f",
"value": "http://benavidezhoy.com/8zrg48k"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844636",
"to_ids": true,
"type": "domain",
"uuid": "578cca5c-a1bc-476e-ab0f-4b61950d210f",
"value": "benavidezhoy.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844637",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca5d-9304-48b9-abfd-4959950d210f",
"value": "69.16.243.28"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844637",
"to_ids": true,
"type": "url",
"uuid": "578cca5d-8bbc-4f81-b8c7-4532950d210f",
"value": "http://rsxxx.com/3vp8s83"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844637",
"to_ids": true,
"type": "domain",
"uuid": "578cca5d-5e44-49a4-8a1b-490f950d210f",
"value": "rsxxx.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844638",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca5e-1684-426c-8944-4820950d210f",
"value": "69.50.139.6"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844638",
"to_ids": true,
"type": "url",
"uuid": "578cca5e-d7e0-4170-829a-4ab5950d210f",
"value": "http://findmobileauto.com/gh8ft"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844639",
"to_ids": true,
"type": "domain",
"uuid": "578cca5f-e8d0-4acd-870e-45de950d210f",
"value": "findmobileauto.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844639",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca5f-5438-4075-9f79-4710950d210f",
"value": "192.185.196.208"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844639",
"to_ids": true,
"type": "url",
"uuid": "578cca5f-3a24-47ff-baa0-4478950d210f",
"value": "http://christian-view.com/rwe24t"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844640",
"to_ids": true,
"type": "domain",
"uuid": "578cca60-e628-4e40-b77e-4bae950d210f",
"value": "christian-view.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844640",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca60-e1b8-43f8-8ee1-43d4950d210f",
"value": "69.90.163.170"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844641",
"to_ids": true,
"type": "url",
"uuid": "578cca61-9b84-42c2-b22a-4d66950d210f",
"value": "http://deanstum.com/z9opr"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844641",
"to_ids": true,
"type": "domain",
"uuid": "578cca61-2980-4693-8051-41e9950d210f",
"value": "deanstum.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844641",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca61-2a80-441a-82db-42e4950d210f",
"value": "192.186.229.69"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844642",
"to_ids": true,
"type": "url",
"uuid": "578cca62-b4bc-43cc-a918-41ad950d210f",
"value": "http://eurasian.fc2web.com/18nws9"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844642",
"to_ids": true,
"type": "hostname",
"uuid": "578cca62-22e4-4e13-8d6b-4800950d210f",
"value": "eurasian.fc2web.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844643",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca63-d4e8-4f89-b2ce-4b28950d210f",
"value": "208.71.106.216"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844643",
"to_ids": true,
"type": "url",
"uuid": "578cca63-86ec-44a2-be26-41b1950d210f",
"value": "http://bigislandhawaiihilorealestate.com/16h9p"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844643",
"to_ids": true,
"type": "domain",
"uuid": "578cca63-10b4-4b37-a268-4506950d210f",
"value": "bigislandhawaiihilorealestate.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844644",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca64-b7f0-4c8c-95e2-42f2950d210f",
"value": "192.185.24.133"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844644",
"to_ids": true,
"type": "url",
"uuid": "578cca64-ba44-43e4-a812-4510950d210f",
"value": "http://ilkhaberadana.com/rmegjezz"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844644",
"to_ids": true,
"type": "domain",
"uuid": "578cca64-60f4-4a1c-899c-47e1950d210f",
"value": "ilkhaberadana.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844645",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca65-0488-4b26-b2d2-4886950d210f",
"value": "159.253.46.194"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844645",
"to_ids": true,
"type": "url",
"uuid": "578cca65-81b4-4acd-a471-482e950d210f",
"value": "http://aquatixbottle.com/ygyngc"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844646",
"to_ids": true,
"type": "domain",
"uuid": "578cca66-3734-4f58-9248-45b1950d210f",
"value": "aquatixbottle.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844646",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca66-e268-4de1-bb44-4c5c950d210f",
"value": "192.186.212.231"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844646",
"to_ids": true,
"type": "url",
"uuid": "578cca66-f9cc-4ea7-b9ea-47ec950d210f",
"value": "http://fusofrance.fr/nengga"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844647",
"to_ids": true,
"type": "domain",
"uuid": "578cca67-9824-4a06-aa93-4462950d210f",
"value": "fusofrance.fr"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844647",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca67-1d44-4239-a8dc-4d9f950d210f",
"value": "213.186.33.40"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844648",
"to_ids": true,
"type": "url",
"uuid": "578cca68-62f8-403a-988f-45c0950d210f",
"value": "http://bizconsulting.ro/bm8s7"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844648",
"to_ids": true,
"type": "domain",
"uuid": "578cca68-9b84-4656-bcf7-4131950d210f",
"value": "bizconsulting.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844648",
"to_ids": true,
"type": "ip-dst",
"uuid": "578cca68-80f4-46e7-921c-4b95950d210f",
"value": "86.35.15.215"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844671",
"to_ids": false,
"type": "user-agent",
"uuid": "578cca7f-8d90-44e1-9e17-43a0950d210f",
"value": "User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468844704",
"to_ids": false,
"type": "email-subject",
"uuid": "578ccaa0-c950-47c4-b4f7-457d950d210f",
"value": "bank account report"
}
]
}
}