misp-circl-feed/feeds/circl/misp/5b310846-157c-46d7-8141-89f00acd0835.json

151 lines
No EOL
4.3 KiB
JSON

{
"Event": {
"analysis": "1",
"date": "2018-06-25",
"extends_uuid": "",
"info": "Registrant Tracking for \"earthalgerrity@armyspy.com\"",
"publish_timestamp": "1589183999",
"published": true,
"threat_level_id": "3",
"timestamp": "1621849790",
"uuid": "5b310846-157c-46d7-8141-89f00acd0835",
"Orgc": {
"name": "Synovus Financial",
"uuid": "5a68c02d-959c-4c8a-a571-0dcac0a8060a"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#002b6b",
"local": false,
"name": "ms-caro-malware-full:malware-family=\"Redirector\"",
"relationship_type": ""
},
{
"colour": "#f02988",
"local": false,
"name": "Bokbot",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:tool=\"Emotet\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529940130",
"to_ids": true,
"type": "domain",
"uuid": "5b3108a2-f534-4632-930a-aca80acd0835",
"value": "calorida.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529940130",
"to_ids": true,
"type": "domain",
"uuid": "5b3108a2-67fc-405b-baa6-aca80acd0835",
"value": "fuselect.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529940130",
"to_ids": true,
"type": "domain",
"uuid": "5b3108a2-7efc-4629-bdd2-aca80acd0835",
"value": "maneers.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529940130",
"to_ids": true,
"type": "domain",
"uuid": "5b3108a2-dd0c-4ae2-991a-aca80acd0835",
"value": "stradical.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529940130",
"to_ids": true,
"type": "domain",
"uuid": "5b3108a2-c2b4-4f31-94bd-aca80acd0835",
"value": "veryonid.com"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Whois records information for a domain name or an IP address.",
"meta-category": "network",
"name": "whois",
"template_uuid": "429faea1-34ff-47af-8a00-7c62d3be5a6a",
"template_version": "10",
"timestamp": "1529940229",
"uuid": "5b310905-f854-4665-a18b-ad0a0acd0835",
"Attribute": [
{
"category": "Attribution",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "registrant-email",
"timestamp": "1529940229",
"to_ids": false,
"type": "whois-registrant-email",
"uuid": "5b310905-34a4-4399-96bf-ad0a0acd0835",
"value": "earthalgerrity@armyspy.com"
},
{
"category": "Attribution",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "registrant-name",
"timestamp": "1529940229",
"to_ids": false,
"type": "whois-registrant-name",
"uuid": "5b310905-cf48-4511-beee-ad0a0acd0835",
"value": "Eartha L. Gerrity"
},
{
"category": "Attribution",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "registrant-phone",
"timestamp": "1529940229",
"to_ids": false,
"type": "whois-registrant-phone",
"uuid": "5b310905-e174-419e-88db-ad0a0acd0835",
"value": "12143212804"
}
]
}
]
}
}