misp-circl-feed/feeds/circl/misp/5b06a89d-64d4-4643-a41e-c25d0acd0835.json

648 lines
No EOL
26 KiB
JSON

{
"type": "bundle",
"id": "bundle--5b06a89d-64d4-4643-a41e-c25d0acd0835",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2021-09-07T20:08:26.000Z",
"modified": "2021-09-07T20:08:26.000Z",
"name": "Synovus Financial",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5b06a89d-64d4-4643-a41e-c25d0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2021-09-07T20:08:26.000Z",
"modified": "2021-09-07T20:08:26.000Z",
"name": "Emotet - 5/17/2018",
"published": "2020-06-29T12:48:29Z",
"object_refs": [
"observed-data--a3ee94ef-45dd-4021-9849-6e184f711f65",
"url--a3ee94ef-45dd-4021-9849-6e184f711f65",
"indicator--51cd1cd4-d58a-4286-b82f-c3d13dbabd18",
"indicator--6a6cf69a-cb94-4830-ac00-cb11c14eb9ae",
"indicator--eda81c14-c468-47d2-8c39-f13a128cf56e",
"indicator--f742f7a5-2694-4792-b32e-467b9470cb10",
"indicator--997ce30f-b837-4c81-8a33-df3a07f618b5",
"indicator--b6167eec-15a9-454a-93ee-727eca6ce939",
"indicator--d7cde6b5-84e6-42b1-9cf3-e90bf9872808",
"indicator--8a0152ea-c5bf-4ee5-ad92-8a9bc0458a88",
"indicator--04c0f1b6-e6ce-468c-b9db-bc6b3ed95d00",
"indicator--1ff3037b-72d9-4b2f-91b8-41d293f97c9a",
"indicator--b508a0b5-4343-4c8d-b19b-4c602e571aae",
"indicator--c421a999-6f8d-4c1e-9f52-9eaacab64705",
"indicator--6a8909b9-4fb4-4cc4-b7ef-77db1c439db0",
"indicator--cabab3f8-7af3-4deb-a43f-56dab6fbdd7d",
"indicator--966d319d-fa42-4402-af74-ef24b772cff4",
"indicator--83acd0a0-d86f-42ca-9783-3a94da9623b4",
"indicator--b89709fc-08e8-498e-8eec-9476f5aedd05",
"indicator--c9b49e56-1c70-41d0-a4d8-68096d77578b",
"indicator--dc4a577f-bab7-47a4-bbdc-dd3a4198ec61",
"indicator--fb4fada3-d010-4cd6-b0cf-fd0057611274",
"indicator--0889008a-886f-44f4-bac8-ac03a687ab50",
"indicator--7a60ebc3-2d5e-4648-8336-30f08eac9963",
"indicator--a5ea34a5-bd49-4127-bd0c-ffab558aaa61",
"indicator--91eb3247-baee-4c7f-8972-c6ef46f68efc"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"Emotet\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--a3ee94ef-45dd-4021-9849-6e184f711f65",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-23T14:53:29.000Z",
"modified": "2018-08-23T14:53:29.000Z",
"first_observed": "2018-08-23T14:53:29Z",
"last_observed": "2018-08-23T14:53:29Z",
"number_observed": 1,
"object_refs": [
"url--a3ee94ef-45dd-4021-9849-6e184f711f65"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--a3ee94ef-45dd-4021-9849-6e184f711f65",
"value": "https://protonmail.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51cd1cd4-d58a-4286-b82f-c3d13dbabd18",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:57:35.000Z",
"modified": "2018-05-24T11:57:35.000Z",
"pattern": "[url:value = 'http://die-tauchbar.de/0sqozcr7t/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:57:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a6cf69a-cb94-4830-ac00-cb11c14eb9ae",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:57:41.000Z",
"modified": "2018-05-24T11:57:41.000Z",
"pattern": "[url:value = 'http://angelabphotography.com/odTXjg2LUj/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:57:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eda81c14-c468-47d2-8c39-f13a128cf56e",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:57:48.000Z",
"modified": "2018-05-24T11:57:48.000Z",
"pattern": "[url:value = 'http://davehale.co.uk/PEi9fva6/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:57:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f742f7a5-2694-4792-b32e-467b9470cb10",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:57:54.000Z",
"modified": "2018-05-24T11:57:54.000Z",
"pattern": "[url:value = 'https://computerspendehamburg.de/AZ0d3f2/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:57:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--997ce30f-b837-4c81-8a33-df3a07f618b5",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:00.000Z",
"modified": "2018-05-24T11:58:00.000Z",
"pattern": "[url:value = 'http://cedric-2000.de/2ZKr9GWOTYfA/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6167eec-15a9-454a-93ee-727eca6ce939",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:06.000Z",
"modified": "2018-05-24T11:58:06.000Z",
"pattern": "[url:value = 'http://amicidisantorfeto.com/xqib2HviBaMVX/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7cde6b5-84e6-42b1-9cf3-e90bf9872808",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:12.000Z",
"modified": "2018-05-24T11:58:12.000Z",
"pattern": "[url:value = 'http://jackhonky.com/jHCmUpcpWY/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8a0152ea-c5bf-4ee5-ad92-8a9bc0458a88",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:18.000Z",
"modified": "2018-05-24T11:58:18.000Z",
"pattern": "[url:value = 'http://lewistonsports.com/Tc9KflZQff/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--04c0f1b6-e6ce-468c-b9db-bc6b3ed95d00",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:24.000Z",
"modified": "2018-05-24T11:58:24.000Z",
"pattern": "[url:value = 'http://brownaudio.com/HIKvfaK4i00N/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ff3037b-72d9-4b2f-91b8-41d293f97c9a",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:30.000Z",
"modified": "2018-05-24T11:58:30.000Z",
"pattern": "[url:value = 'http://iceraven.com/wiqK7wrood/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b508a0b5-4343-4c8d-b19b-4c602e571aae",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:36.000Z",
"modified": "2018-05-24T11:58:36.000Z",
"pattern": "[url:value = 'http://eliaswessel.com/xwlNVbDXquiHb/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c421a999-6f8d-4c1e-9f52-9eaacab64705",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:42.000Z",
"modified": "2018-05-24T11:58:42.000Z",
"pattern": "[url:value = 'http://eiskugel.org/0x62gdvG/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a8909b9-4fb4-4cc4-b7ef-77db1c439db0",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:48.000Z",
"modified": "2018-05-24T11:58:48.000Z",
"pattern": "[url:value = 'http://fam-koenig.de/WI08F7EB5xfSb/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cabab3f8-7af3-4deb-a43f-56dab6fbdd7d",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:58:54.000Z",
"modified": "2018-05-24T11:58:54.000Z",
"pattern": "[url:value = 'http://bernardesdias.com.br/Tp3pGZcNeFgf/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:58:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--966d319d-fa42-4402-af74-ef24b772cff4",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:00.000Z",
"modified": "2018-05-24T11:59:00.000Z",
"pattern": "[url:value = 'http://prokeyboardist.com/0qLVjK7JgMX/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83acd0a0-d86f-42ca-9783-3a94da9623b4",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:07.000Z",
"modified": "2018-05-24T11:59:07.000Z",
"pattern": "[url:value = 'http://jorgensenco.dk/DY4MWPI/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b89709fc-08e8-498e-8eec-9476f5aedd05",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:13.000Z",
"modified": "2018-05-24T11:59:13.000Z",
"pattern": "[url:value = 'http://fischereiverein-dotternhausen.de/o6q0hhj9s/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9b49e56-1c70-41d0-a4d8-68096d77578b",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:19.000Z",
"modified": "2018-05-24T11:59:19.000Z",
"pattern": "[url:value = 'http://imagemarketingwest.com/Rv72B/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dc4a577f-bab7-47a4-bbdc-dd3a4198ec61",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:25.000Z",
"modified": "2018-05-24T11:59:25.000Z",
"pattern": "[url:value = 'https://jaseminedenise.com/ycxPnqQ/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb4fada3-d010-4cd6-b0cf-fd0057611274",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:31.000Z",
"modified": "2018-05-24T11:59:31.000Z",
"pattern": "[url:value = 'http://leavemeinstitches.com/ZLYU/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0889008a-886f-44f4-bac8-ac03a687ab50",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:37.000Z",
"modified": "2018-05-24T11:59:37.000Z",
"pattern": "[url:value = 'http://jsaphotoarts.com/0s4G/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7a60ebc3-2d5e-4648-8336-30f08eac9963",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T11:59:44.000Z",
"modified": "2018-05-24T11:59:44.000Z",
"pattern": "[url:value = 'http://downinthecountry.com/pW3xNW/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T11:59:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5ea34a5-bd49-4127-bd0c-ffab558aaa61",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T12:02:06.000Z",
"modified": "2018-05-24T12:02:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.21.67.85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T12:02:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91eb3247-baee-4c7f-8972-c6ef46f68efc",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-05-24T12:02:09.000Z",
"modified": "2018-05-24T12:02:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.120.170.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-05-24T12:02:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}