adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/57b5b7eb-208c-4c32-ae59-4ec2950d210f.json

314 lines
No EOL
11 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2016-08-12",
"extends_uuid": "",
"info": "OSINT Bad News Bears - Panda Banker Starts Looking More Like a Grizzly by ProofPoint",
"publish_timestamp": "1474835902",
"published": true,
"threat_level_id": "3",
"timestamp": "1471529176",
"uuid": "57b5b7eb-208c-4c32-ae59-4ec2950d210f",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "OSINT",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#6edb00",
"local": "0",
"name": "circl:topic=\"finance\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526902",
"to_ids": false,
"type": "link",
"uuid": "57b5b7f6-59c0-43f4-baf2-4fc2950d210f",
"value": "https://www.proofpoint.com/us/threat-insight/post/panda-banker-starts-looking-more-like-a-grizzly"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526961",
"to_ids": true,
"type": "domain",
"uuid": "57b5b831-e9b4-4d0f-8320-4fe5950d210f",
"value": "nederlandstest.com"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526961",
"to_ids": true,
"type": "domain",
"uuid": "57b5b831-1e74-4c89-8e27-4e0e950d210f",
"value": "test2222test.info"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526961",
"to_ids": true,
"type": "sha256",
"uuid": "57b5b831-a3ac-4eef-961d-43a1950d210f",
"value": "3a56be53c1493e1bcfae1c22750a1511460a42984c0388fd7bf2b75e9ed041b4"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526962",
"to_ids": true,
"type": "sha256",
"uuid": "57b5b832-e9d0-4aea-9913-44d3950d210f",
"value": "b78afdedb28db1f5d7d9364f2a78e84a3d140dbc90dddd9cba461b41ba864578"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526962",
"to_ids": true,
"type": "url",
"uuid": "57b5b832-3940-457e-b45d-42b8950d210f",
"value": "http://www.monparfum.it/payments/info.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526962",
"to_ids": true,
"type": "url",
"uuid": "57b5b832-ec4c-45cb-85d3-4deb950d210f",
"value": "http://www.monparfum.it/payments/history.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526962",
"to_ids": true,
"type": "url",
"uuid": "57b5b832-2438-4826-953c-4d20950d210f",
"value": "http://vividlightingandliving.com.au/bank-info/report.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526962",
"to_ids": true,
"type": "url",
"uuid": "57b5b832-fa74-4d9b-92d1-4950950d210f",
"value": "http://www.1800cloud.com/infos/payment.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526963",
"to_ids": true,
"type": "url",
"uuid": "57b5b833-37d8-46e0-998a-4a57950d210f",
"value": "http://88.119.179.160/1biycuhoqetzowaawneab.exe"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526963",
"to_ids": true,
"type": "url",
"uuid": "57b5b833-1af8-4f5f-b10d-49ca950d210f",
"value": "http://www.1800cloud.com/infos/report.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526963",
"to_ids": true,
"type": "url",
"uuid": "57b5b833-1a6c-480e-928f-4e91950d210f",
"value": "http://freebase.pw/vnc64.bin"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526963",
"to_ids": true,
"type": "url",
"uuid": "57b5b833-42ac-45da-b0ed-4243950d210f",
"value": "http://guestlistalamode.com/bank/report.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526963",
"to_ids": true,
"type": "url",
"uuid": "57b5b833-10c4-49cb-a6dd-42ed950d210f",
"value": "http://guestlistalamode.com/bank/payment.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526964",
"to_ids": true,
"type": "url",
"uuid": "57b5b834-6a80-4bb1-98a3-42c9950d210f",
"value": "http://freebase.pw/backsocks.bin"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526964",
"to_ids": true,
"type": "url",
"uuid": "57b5b834-8b0c-4d92-8cb2-4f93950d210f",
"value": "http://vividlightingandliving.com.au/bank-info/payment.doc"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526964",
"to_ids": true,
"type": "url",
"uuid": "57b5b834-6b28-4531-ab4c-4026950d210f",
"value": "http://freebase.pw/vnc32.bin"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526964",
"to_ids": true,
"type": "url",
"uuid": "57b5b834-0a20-4511-b35b-4610950d210f",
"value": "http://freebase.pw/1biycuhoqetzowaawneab.exe"
},
{
"category": "Network activity",
"comment": "Imported via the Freetext Import Tool",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471526964",
"to_ids": true,
"type": "url",
"uuid": "57b5b834-9c8c-4bfb-970e-4abf950d210f",
"value": "http://freebase.pw/grabber.bin"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: b78afdedb28db1f5d7d9364f2a78e84a3d140dbc90dddd9cba461b41ba864578",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529176",
"to_ids": true,
"type": "sha1",
"uuid": "57b5c0d8-50f4-4a3f-9f65-42f902de0b81",
"value": "7039bee1b6918ce4ab9d999c3a6df023674b43f3"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: b78afdedb28db1f5d7d9364f2a78e84a3d140dbc90dddd9cba461b41ba864578",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529176",
"to_ids": true,
"type": "md5",
"uuid": "57b5c0d8-4a98-440c-a46e-4a8602de0b81",
"value": "81a50b5d0005b50a59d4779132703932"
},
{
"category": "External analysis",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: b78afdedb28db1f5d7d9364f2a78e84a3d140dbc90dddd9cba461b41ba864578",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529177",
"to_ids": false,
"type": "link",
"uuid": "57b5c0d9-78e4-4d17-8b5a-424202de0b81",
"value": "https://www.virustotal.com/file/b78afdedb28db1f5d7d9364f2a78e84a3d140dbc90dddd9cba461b41ba864578/analysis/1471270815/"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3a56be53c1493e1bcfae1c22750a1511460a42984c0388fd7bf2b75e9ed041b4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529177",
"to_ids": true,
"type": "sha1",
"uuid": "57b5c0d9-3e14-417b-bc45-499202de0b81",
"value": "575f0f7f672a66eba44455eb5efaefa6443e760c"
},
{
"category": "Payload delivery",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3a56be53c1493e1bcfae1c22750a1511460a42984c0388fd7bf2b75e9ed041b4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529177",
"to_ids": true,
"type": "md5",
"uuid": "57b5c0d9-564c-4a05-b4b0-41da02de0b81",
"value": "8783e267751086a09130de0b16de5dec"
},
{
"category": "External analysis",
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3a56be53c1493e1bcfae1c22750a1511460a42984c0388fd7bf2b75e9ed041b4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1471529177",
"to_ids": false,
"type": "link",
"uuid": "57b5c0d9-3778-47fb-9819-47f302de0b81",
"value": "https://www.virustotal.com/file/3a56be53c1493e1bcfae1c22750a1511460a42984c0388fd7bf2b75e9ed041b4/analysis/1471418928/"
}
]
}
}
Reference in a new issue View git blame Copy permalink