misp-circl-feed/feeds/circl/misp/57b5a6a6-334c-4a50-9e23-45b0950d210f.json

715 lines
No EOL
24 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2016-08-18",
"extends_uuid": "",
"info": "OSINT Shark Ransomware: Ransomware as a service",
"publish_timestamp": "1473432735",
"published": true,
"threat_level_id": "3",
"timestamp": "1471522796",
"uuid": "57b5a6a6-334c-4a50-9e23-45b0950d210f",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "OSINT",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522497",
"to_ids": false,
"type": "link",
"uuid": "57b5a6c1-f550-487b-b784-47c0950d210f",
"value": "https://www.hybrid-analysis.com/sample/08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623?environmentId=100"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522546",
"to_ids": false,
"type": "link",
"uuid": "57b5a6f2-8328-47c9-8b24-4bcb950d210f",
"value": "https://otx.alienvault.com/pulse/57b2f34f89ca9f013545f722/"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522788",
"to_ids": false,
"type": "domain",
"uuid": "57b5a789-27b8-41dd-82f0-4068950d210f",
"value": "system.io"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522697",
"to_ids": true,
"type": "domain",
"uuid": "57b5a789-bde4-4bdf-8b42-4072950d210f",
"value": "1729studios.com"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522697",
"to_ids": true,
"type": "filename",
"uuid": "57b5a789-c50c-41eb-a4d0-4705950d210f",
"value": "shark.properties"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522718",
"to_ids": false,
"type": "filename",
"uuid": "57b5a78a-87ec-4202-940f-45bc950d210f",
"value": "myapplication.app"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522796",
"to_ids": false,
"type": "domain",
"uuid": "57b5a78a-16d4-4125-ba00-49b1950d210f",
"value": "system.net"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522698",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78a-8b2c-49bc-b0fa-4f23950d210f",
"value": "72269ea7cc6281139e4d155e7c57dc67"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522698",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78a-71b0-4aef-8247-4860950d210f",
"value": "f34d5f2d4577ed6d9ceec516c1f5a744"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522698",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78a-1520-4f41-9dd4-4f64950d210f",
"value": "dec07b3163dfca1d155ae21254c663f6"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522699",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78b-1df4-45a0-8ef7-4159950d210f",
"value": "cf12f2c0e54cd8ba93511fba008380a6"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522699",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78b-9cb4-4318-87f3-4a4c950d210f",
"value": "74d992a686d753eebecd22de7b5c0dea"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522699",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78b-97c8-4379-ba61-40c4950d210f",
"value": "72de10b7f7cd75217e4c4ec7a79ca44f"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522699",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78b-3758-4df2-a8ea-41ff950d210f",
"value": "0a7670cfd2c824366ad67400c5e74636"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522699",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78b-39e0-4d08-b4d9-415a950d210f",
"value": "49edace716a872ec654af76a7c46fbff"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522700",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78c-f514-40f1-8f5f-4506950d210f",
"value": "51e2934144ba15628ba5a31be2dae7dc"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522700",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78c-321c-463c-b40f-4461950d210f",
"value": "347bb967065efeccdc0c16311b88f379"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522700",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78c-8d80-4c3e-bd43-4cd3950d210f",
"value": "e40da7a49f8c3f0108e7c835b342f382"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522700",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78c-1504-4b91-bd3f-4307950d210f",
"value": "b9f7adbc90a2bcbe8eb9e6e8d2bb975b"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522700",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78c-7468-458f-9034-4be3950d210f",
"value": "39262c4acb361ecd06d812d2e8bea628"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-fcd0-4305-bec8-4119950d210f",
"value": "9c354f5c9f53fbf2a57c8dc695f89ffe"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-c078-4681-b27d-45e4950d210f",
"value": "070399bfc77f0ff0da23c2d8699c0095"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-f1a4-46f6-8ca0-49ad950d210f",
"value": "4309269ad51911d65b6ad62ba61218a9"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-d8a0-4f2d-ba3e-455e950d210f",
"value": "625557075843d93b867802c222d63da2"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-0138-405e-a28a-491d950d210f",
"value": "4dbe1d1edf767ef5dd3069508f2d1a91"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522701",
"to_ids": true,
"type": "md5",
"uuid": "57b5a78d-25f8-4f7d-a717-4af7950d210f",
"value": "22ae167d586450ad3a9b9a9ee43ebc86"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-572c-408c-afe0-400e950d210f",
"value": "f9ac686ff83b3df8eeeefb9caf7745ccc37bdbd0"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-3d74-4e43-be6f-4526950d210f",
"value": "7d7f4414ccef168adf6bf40753b5becd78375931"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-562c-41b6-89e4-41f6950d210f",
"value": "b347ae931ad8370c71af18484c55216e99d4bf94"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-a34c-47e1-b74e-453a950d210f",
"value": "64869ac67f01de6c8fa86928f293ae17e5f939bf"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-0498-49f3-b6d2-4d60950d210f",
"value": "637162cc59a3a1e25956fa5fa8f60d2e1c52eac6"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522702",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78e-30a8-4186-a2fe-4f82950d210f",
"value": "8ad5c9987e6f190bd6f5416e2de44ccd641d8cda"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522703",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78f-6918-4b45-97bf-4337950d210f",
"value": "0b0a9534cef684c93c2fc591e55ceaf831e2275d"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522703",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78f-0098-4e0a-9a0f-4e66950d210f",
"value": "dd5783bcf1e9002bc00ad5b83a95ed6e4ebb4ad5"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522703",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78f-5390-4494-b598-461a950d210f",
"value": "109f1caed645bb78b3ea2b94c0697c740733031c"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522703",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78f-4530-4b3f-ae2a-4e0b950d210f",
"value": "a377d1b1c0538833035211f4083d00fecc414dab"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522703",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a78f-006c-4e5c-a737-4435950d210f",
"value": "706b3f9d9e678fd4846cae1fd4c0ea037b560e30"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522704",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a790-5248-4acc-9191-4dce950d210f",
"value": "fee449ee0e3965a5246f000e87fde2a065fd89d4"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522704",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a790-0070-41e3-96da-452d950d210f",
"value": "35104f21cc385fd8f07e162d05bad1aa1d940d1fb08b796993e811639d65b69a"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522704",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a790-19a0-4370-be4f-4fc1950d210f",
"value": "b3e5ec26cf605a36756438776508c3a076e90dc3f8d7ebc3c83d33c62c7c153b"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522704",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a790-6488-404c-a264-4648950d210f",
"value": "7a3d78d44c4c43d9d839da67f101390be3c4cb675dfc633b9ca85b647883cf88"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522704",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a790-1650-4f11-bb68-4b5e950d210f",
"value": "cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522705",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a791-b72c-4477-9484-4ee4950d210f",
"value": "c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522705",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a791-9260-4275-9427-45fc950d210f",
"value": "7410386118f1dd7aed244dcd392664e7f2b00ea4bca8aa3052474970fe6c8395"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522705",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a791-4318-4009-aa18-4358950d210f",
"value": "5568728ca42a1d8462f60daf7108a55d81b46b58277656425a81a6663644e11e"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522705",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a791-d94c-4adf-8f3c-42f9950d210f",
"value": "8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522705",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a791-f6c0-4141-9381-4bce950d210f",
"value": "08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522706",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a792-0e30-44f8-8e2e-4029950d210f",
"value": "a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522706",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a792-9ec8-4d93-a9ed-41c4950d210f",
"value": "5a77195969ded56df2c9a62c8c0345a4de336a58c517059f2edfd939d8ca34c4"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522706",
"to_ids": true,
"type": "sha256",
"uuid": "57b5a792-27a8-4ca7-8b1d-4d1b950d210f",
"value": "dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522706",
"to_ids": false,
"type": "hostname",
"uuid": "57b5a792-e858-44d7-906f-4363950d210f",
"value": "www.ip-api.com"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522706",
"to_ids": false,
"type": "hostname",
"uuid": "57b5a792-b3f8-4b79-945f-40a9950d210f",
"value": "outgoing.ip-api.com"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522948",
"to_ids": true,
"type": "md5",
"uuid": "57b5a884-7fd0-451b-8255-4d5f950d210f",
"value": "3376a873bb4d0e8394eb02467069d170"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522951",
"to_ids": true,
"type": "md5",
"uuid": "57b5a887-a9a8-4409-aea6-440d950d210f",
"value": "6534f7c9e450bd7c700e8eea2b8fdc80"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522955",
"to_ids": true,
"type": "md5",
"uuid": "57b5a88b-59a8-4ce9-bf1a-4959950d210f",
"value": "e9b5cf97da4147122eda58acfd364dc4"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522958",
"to_ids": true,
"type": "md5",
"uuid": "57b5a88e-cb28-479a-bf30-48a4950d210f",
"value": "ec43971547c0c3fee00fe095008a053c"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522961",
"to_ids": true,
"type": "md5",
"uuid": "57b5a891-aa00-4c0f-bc91-41cf950d210f",
"value": "ff76d48375d9f9b21579826a13d9c9b6"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522949",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a885-55a4-48fd-bd72-42d4950d210f",
"value": "5466c1dfc0a4f738aecfc45a3465f9219736368d"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522952",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a888-bde8-49a5-856c-4ff5950d210f",
"value": "14eaf11792bec41b9268531010ff252a5534eb5e"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522956",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a88c-6198-4fc0-b518-4707950d210f",
"value": "6e0a051f8ce858839d3d190c5f5d2ab462a5c73f"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522959",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a88f-9c2c-445e-8f74-4ba7950d210f",
"value": "fdf05f8fadefdad3b83fcc735f4eeb3b5d178d7b"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471522962",
"to_ids": true,
"type": "sha1",
"uuid": "57b5a892-4998-43fa-a7c9-4952950d210f",
"value": "0446223b9d678f7576a4a4d17992d4e6509251dc"
}
]
}
}