misp-circl-feed/feeds/circl/misp/5b276228-9270-42f9-9ecd-4a81950d210f.json

215 lines
No EOL
8.9 KiB
JSON

{
"type": "bundle",
"id": "bundle--5b276228-9270-42f9-9ecd-4a81950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-10-26T12:43:31.000Z",
"modified": "2018-10-26T12:43:31.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5b276228-9270-42f9-9ecd-4a81950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-10-26T12:43:31.000Z",
"modified": "2018-10-26T12:43:31.000Z",
"name": "Clipboard Hijacker Targeting Bitcoin & Ethereum Users Infects Over 300,0000 PCs",
"published": "2018-10-28T09:01:41Z",
"object_refs": [
"observed-data--5b27626a-0b5c-499f-b32c-49fa950d210f",
"url--5b27626a-0b5c-499f-b32c-49fa950d210f",
"x-misp-attribute--5b276289-7e74-4cd5-b56c-46f1950d210f",
"observed-data--5b2763ad-40a8-46e2-8bb1-41de950d210f",
"url--5b2763ad-40a8-46e2-8bb1-41de950d210f",
"x-misp-object--5b276411-7dc4-47d6-a36f-4f00950d210f",
"x-misp-object--5b276423-15a8-4e24-b174-438e950d210f",
"x-misp-object--5b276434-a5e4-4b4e-b566-439f950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\"",
"osint:source-type=\"blog-post\"",
"misp-galaxy:tool=\"ClipboardWalletHijacker\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5b27626a-0b5c-499f-b32c-49fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:48:13.000Z",
"modified": "2018-06-18T07:48:13.000Z",
"first_observed": "2018-06-18T07:48:13Z",
"last_observed": "2018-06-18T07:48:13Z",
"number_observed": 1,
"object_refs": [
"url--5b27626a-0b5c-499f-b32c-49fa950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5b27626a-0b5c-499f-b32c-49fa950d210f",
"value": "https://www.bleepingcomputer.com/news/security/clipboard-hijacker-targeting-bitcoin-and-ethereum-users-infects-over-300-0000-pcs/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5b276289-7e74-4cd5-b56c-46f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:47:49.000Z",
"modified": "2018-06-18T07:47:49.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "A malware campaign spreading a clipboard hijacker has infected over 300,000 computers, according to Chinese security firm Qihoo 360 Total Security.\r\n\r\nThe campaign has been raging for the past week and has spread a malware which Qihoo researchers have named ClipboardWalletHijacker."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5b2763ad-40a8-46e2-8bb1-41de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:48:05.000Z",
"modified": "2018-06-18T07:48:05.000Z",
"first_observed": "2018-06-18T07:48:05Z",
"last_observed": "2018-06-18T07:48:05Z",
"number_observed": 1,
"object_refs": [
"url--5b2763ad-40a8-46e2-8bb1-41de950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5b2763ad-40a8-46e2-8bb1-41de950d210f",
"value": "https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5b276411-7dc4-47d6-a36f-4f00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:49:37.000Z",
"modified": "2018-06-18T07:49:37.000Z",
"labels": [
"misp:name=\"coin-address\"",
"misp:meta-category=\"financial\""
],
"x_misp_attributes": [
{
"type": "btc",
"object_relation": "address",
"value": "1FoSfmjZJFqFSsD2cGXuccM9QMMa28Wrn1",
"category": "Financial fraud",
"to_ids": true,
"uuid": "5b276411-8e78-4250-9cf9-4eac950d210f"
},
{
"type": "text",
"object_relation": "symbol",
"value": "BTC",
"category": "Other",
"uuid": "5b276412-dc58-4d1f-9245-4b23950d210f"
}
],
"x_misp_meta_category": "financial",
"x_misp_name": "coin-address"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5b276423-15a8-4e24-b174-438e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:49:55.000Z",
"modified": "2018-06-18T07:49:55.000Z",
"labels": [
"misp:name=\"coin-address\"",
"misp:meta-category=\"financial\""
],
"x_misp_attributes": [
{
"type": "btc",
"object_relation": "address",
"value": "19gdjoWaE8i9XPbWoDbixev99MvvXUSNZL",
"category": "Financial fraud",
"to_ids": true,
"uuid": "5b276423-890c-4166-8773-44f7950d210f"
},
{
"type": "text",
"object_relation": "symbol",
"value": "BTC",
"category": "Other",
"uuid": "5b276424-4524-40c1-bf1e-4981950d210f"
}
],
"x_misp_meta_category": "financial",
"x_misp_name": "coin-address"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5b276434-a5e4-4b4e-b566-439f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-18T07:50:12.000Z",
"modified": "2018-06-18T07:50:12.000Z",
"labels": [
"misp:name=\"coin-address\"",
"misp:meta-category=\"financial\""
],
"x_misp_attributes": [
{
"type": "btc",
"object_relation": "address",
"value": "0x004D3416DA40338fAf9E772388A93fAF5059bFd5",
"category": "Financial fraud",
"to_ids": true,
"uuid": "5b276434-6aa4-48ba-a645-46ad950d210f"
},
{
"type": "text",
"object_relation": "symbol",
"value": "ETH",
"category": "Other",
"uuid": "5b276435-acbc-483c-bce3-4845950d210f"
}
],
"x_misp_meta_category": "financial",
"x_misp_name": "coin-address"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}