misp-circl-feed/feeds/circl/misp/5742a093-4190-414a-8a36-4c8d950d210f.json

106 lines
No EOL
3.3 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2016-05-23",
"extends_uuid": "",
"info": "Locky of the day (20160520)",
"publish_timestamp": "1463984552",
"published": true,
"threat_level_id": "3",
"timestamp": "1463984507",
"uuid": "5742a093-4190-414a-8a36-4c8d950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#006c6c",
"name": "ecsirt:malicious-code=\"ransomware\""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984312",
"to_ids": true,
"type": "hostname",
"uuid": "5742a0b8-25d0-4320-a7aa-4755950d210f",
"value": "staffsolut.nichost.ru"
},
{
"category": "Network activity",
"comment": "Enriched via the circl_passivedns module",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984336",
"to_ids": true,
"type": "ip-dst",
"uuid": "5742a0d0-b7fc-45f5-a82a-3309950d210f",
"value": "195.208.1.146"
},
{
"category": "Payload delivery",
"comment": "msg0008040339157.docm",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984415",
"to_ids": true,
"type": "md5",
"uuid": "5742a11f-2c44-46d1-983d-4260950d210f",
"value": "0b3323531a322c89aa4c9059a1b215a7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984433",
"to_ids": true,
"type": "ssdeep",
"uuid": "5742a131-8d48-4c73-91ff-4b80950d210f",
"value": "1536:3DnCkuBxIKKiuyYuAkbWPU74MimdaaGYIpTFRa:zCGKgyYuAEWPbM5aaGBpZI"
},
{
"category": "Payload delivery",
"comment": "msg0008040339157.docm - Xchecked via VT: 0b3323531a322c89aa4c9059a1b215a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984507",
"to_ids": true,
"type": "sha256",
"uuid": "5742a17b-d064-4742-9332-40da02de0b81",
"value": "ed44bde7c63f0d65b0f2fdc64aedb002e8e9c6ce90caef1835f558a036cf4b90"
},
{
"category": "Payload delivery",
"comment": "msg0008040339157.docm - Xchecked via VT: 0b3323531a322c89aa4c9059a1b215a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984507",
"to_ids": true,
"type": "sha1",
"uuid": "5742a17b-3cb8-42d5-a9f2-445102de0b81",
"value": "1575f0f495e566c768d67dd188ff84ce3eb7952c"
},
{
"category": "External analysis",
"comment": "msg0008040339157.docm - Xchecked via VT: 0b3323531a322c89aa4c9059a1b215a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1463984507",
"to_ids": false,
"type": "link",
"uuid": "5742a17b-e188-4e69-9705-4c1102de0b81",
"value": "https://www.virustotal.com/file/ed44bde7c63f0d65b0f2fdc64aedb002e8e9c6ce90caef1835f558a036cf4b90/analysis/1463766071/"
}
]
}
}