231 lines
No EOL
6.7 KiB
JSON
231 lines
No EOL
6.7 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "0",
|
|
"date": "2016-07-05",
|
|
"extends_uuid": "",
|
|
"info": "Malspam 2016-07-05 (subject 'Scanned image'), .docm",
|
|
"publish_timestamp": "1467806822",
|
|
"published": true,
|
|
"threat_level_id": "3",
|
|
"timestamp": "1467806811",
|
|
"uuid": "577bcda2-5e64-43a9-9b1c-4609950d210f",
|
|
"Orgc": {
|
|
"name": "CIRCL",
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#ffffff",
|
|
"local": "0",
|
|
"name": "tlp:white",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#3b7500",
|
|
"local": "0",
|
|
"name": "circl:incident-classification=\"malware\"",
|
|
"relationship_type": ""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731436",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577bcdec-2620-452c-8ad1-4bbb950d210f",
|
|
"value": "http://lojaeberlin.com/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731437",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577bcded-5878-46c0-bf26-4eec950d210f",
|
|
"value": "http://brazilmart.com/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731437",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "577bcded-654c-4f39-9ad4-401f950d210f",
|
|
"value": "brazilmart.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731438",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "577bcdee-077c-4ec1-a0aa-4351950d210f",
|
|
"value": "lojaeberlin.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731438",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577bcdee-42e8-4912-a3a7-4e19950d210f",
|
|
"value": "108.175.149.16"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467731439",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577bcdef-13f4-48b1-a831-4e76950d210f",
|
|
"value": "209.222.76.36"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784344",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577c9c98-59ac-44b7-871a-4812950d210f",
|
|
"value": "http://topbag.com.au/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784345",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577c9c99-5f14-4679-8c75-482b950d210f",
|
|
"value": "http://mundoescolarrd.com/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784345",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577c9c99-4a08-44e5-b86d-400a950d210f",
|
|
"value": "http://sgi-shipping.com/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784345",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "577c9c99-0874-46df-830c-4ebd950d210f",
|
|
"value": "topbag.com.au"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784345",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "577c9c99-6804-4368-8de6-45e6950d210f",
|
|
"value": "mundoescolarrd.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784346",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "577c9c9a-d42c-4eb2-94a7-4059950d210f",
|
|
"value": "sgi-shipping.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784346",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577c9c9a-5cd4-46cc-95b7-4b17950d210f",
|
|
"value": "160.153.74.199"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784346",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577c9c9a-f930-4a71-b2c8-4413950d210f",
|
|
"value": "50.63.136.152"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467784347",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577c9c9b-37dc-4576-a4e0-4ba1950d210f",
|
|
"value": "103.9.170.53"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467805040",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "577ced70-c8dc-4d1f-b7c3-4458950d210f",
|
|
"value": "flyingcarts.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467804929",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "577ced01-0310-4c5a-b516-4712950d210f",
|
|
"value": "http://flyingcarts.com/98uhnvcx4x"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "download location",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1467806811",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "577cf45b-0778-4b0b-ab4e-4db5950d210f",
|
|
"value": "160.153.45.1"
|
|
}
|
|
]
|
|
}
|
|
} |