1 line
No EOL
5.4 KiB
JSON
1 line
No EOL
5.4 KiB
JSON
{"Event": {"info": "OSINT - XZZX Cryptomix Ransomware Variant Released", "Tag": [{"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#2c4f00", "exportable": true, "name": "malware_classification:malware-category=\"Ransomware\""}, {"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:ransomware=\"CryptoMix\""}], "publish_timestamp": "0", "timestamp": "1513180871", "Object": [{"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "f0f42618-cbfc-4b7d-9b88-733ced04339e", "sharing_group_id": "0", "timestamp": "1513180799", "description": "File object describing a file with meta-information", "template_version": "7", "ObjectReference": [{"comment": "", "object_uuid": "f0f42618-cbfc-4b7d-9b88-733ced04339e", "uuid": "5a314e7c-6a50-4a27-9202-dc5702de0b81", "timestamp": "1513180796", "referenced_uuid": "cbcadc64-1074-42a1-996b-af737067edf0", "relationship_type": "analysed-with"}], "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a314e7c-3f14-4136-ac34-dc5702de0b81", "timestamp": "1513180796", "to_ids": true, "value": "17f54288695fc46d11078ea493eb6626", "disable_correlation": false, "object_relation": "md5", "type": "md5"}, {"comment": "", "category": "Payload delivery", "uuid": "5a314e7c-b1f4-48bc-9b79-dc5702de0b81", "timestamp": "1513180796", "to_ids": true, "value": "33a60a16e50b8df2a731023951475ff0f973fc66334d2cfa6ce30aa36bb36414", "disable_correlation": false, "object_relation": "sha256", "type": "sha256"}, {"comment": "", "category": "Payload delivery", "uuid": "5a314e7c-6228-4390-b837-dc5702de0b81", "timestamp": "1513180796", "to_ids": true, "value": "548058b2233b75cdfd964c1d7be5d2b80818131a", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "uuid": "cbcadc64-1074-42a1-996b-af737067edf0", "sharing_group_id": "0", "timestamp": "1513180796", "description": "VirusTotal report", "template_version": "1", "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5a314e7c-9758-45a9-a180-dc5702de0b81", "timestamp": "1513180796", "to_ids": false, "value": "https://www.virustotal.com/file/33a60a16e50b8df2a731023951475ff0f973fc66334d2cfa6ce30aa36bb36414/analysis/1511330808/", "disable_correlation": false, "object_relation": "permalink", "type": "link"}, {"comment": "", "category": "Other", "uuid": "5a314e7c-c8b4-4a3c-ae28-dc5702de0b81", "timestamp": "1513180796", "to_ids": false, "value": "49/68", "disable_correlation": true, "object_relation": "detection-ratio", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5a314e7c-a638-4c4d-8167-dc5702de0b81", "timestamp": "1513180796", "to_ids": false, "value": "2017-11-22 06:06:48", "disable_correlation": false, "object_relation": "last-submission", "type": "datetime"}], "distribution": "5", "meta-category": "misc", "name": "virustotal-report"}], "analysis": "2", "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5a157ca9-50f8-4d26-bbcf-4f99950d210f", "timestamp": "1513180795", "to_ids": false, "value": "https://www.bleepingcomputer.com/news/security/xzzx-cryptomix-ransomware-variant-released/", "Tag": [{"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}], "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd0-c22c-4012-be87-44a8950d210f", "timestamp": "1511357648", "to_ids": true, "value": "33a60a16e50b8df2a731023951475ff0f973fc66334d2cfa6ce30aa36bb36414", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-1c08-45aa-8a84-461a950d210f", "timestamp": "1513180795", "to_ids": true, "value": "_HELP_INSTRUCTION.TXT", "disable_correlation": false, "object_relation": null, "type": "filename"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-4454-4efe-9856-43a3950d210f", "timestamp": "1513180795", "to_ids": true, "value": "%ALLUSERSPROFILE%\\[random].exe", "disable_correlation": false, "object_relation": null, "type": "filename"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-ae00-4162-bf0f-4591950d210f", "timestamp": "1513180796", "to_ids": true, "value": "xzzx@tuta.io", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-ab30-4b60-81e1-405c950d210f", "timestamp": "1513180796", "to_ids": true, "value": "xzzx1@protonmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-9aac-4d5a-a7de-4fb3950d210f", "timestamp": "1513180796", "to_ids": true, "value": "xzzx10@yandex.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "", "category": "Payload delivery", "uuid": "5a157cd1-a430-4385-9cb8-498d950d210f", "timestamp": "1513180796", "to_ids": true, "value": "xzzx101@yandex.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}], "extends_uuid": "", "published": false, "date": "2017-11-13", "Orgc": {"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f", "name": "CIRCL"}, "threat_level_id": "3", "uuid": "5a157c74-9c98-4160-930d-4c15950d210f"}} |