adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a607314-de88-4309-ba06-c4a9950d210f.json

424 lines
No EOL
13 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "1",
"date": "2018-01-18",
"extends_uuid": "",
"info": "M2M - GlobeImposter \"..doc\" 2018-01-12 : \"Unpaid invoice \" - \"1234567.7z\"",
"publish_timestamp": "1518771555",
"published": true,
"threat_level_id": "3",
"timestamp": "1518231724",
"uuid": "5a607314-de88-4309-ba06-c4a9950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:ransomware=\"Fake Globe Ransomware\"",
"relationship_type": ""
},
{
"colour": "#3b0020",
"local": "0",
"name": "workflow:todo=\"expansion\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1516270357",
"to_ids": true,
"type": "md5",
"uuid": "5a607315-1518-4750-93c5-c1d6950d210f",
"value": "b0ee9dae7de7781ea809278c48c310a5"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185158",
"to_ids": true,
"type": "url",
"uuid": "5a607317-d5b4-41bb-b89e-4bf7950d210f",
"value": "http://icilarache.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185159",
"to_ids": true,
"type": "hostname",
"uuid": "5a607318-0c48-44a7-91ba-4340950d210f",
"value": "icilarache.com"
},
{
"category": "Network activity",
"comment": "icilarache.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185159",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a60731a-e12c-4a7f-8e1f-4bf5950d210f",
"value": "199.188.200.144"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185159",
"to_ids": true,
"type": "url",
"uuid": "5a60731c-d628-42ac-80d6-c707950d210f",
"value": "http://jcvitalis.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185160",
"to_ids": true,
"type": "hostname",
"uuid": "5a60731d-54d4-4649-94e7-c378950d210f",
"value": "jcvitalis.com"
},
{
"category": "Network activity",
"comment": "jcvitalis.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185160",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a60731f-5f48-4064-838c-4a0a950d210f",
"value": "199.188.200.146"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185160",
"to_ids": true,
"type": "url",
"uuid": "5a607321-b908-4031-9883-4b64950d210f",
"value": "http://lasercutlawncare.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185161",
"to_ids": true,
"type": "hostname",
"uuid": "5a607322-6f08-4e18-9206-4cc1950d210f",
"value": "lasercutlawncare.com"
},
{
"category": "Network activity",
"comment": "lasercutlawncare.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185161",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a607324-92ac-4876-921c-c458950d210f",
"value": "198.54.116.65"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185162",
"to_ids": true,
"type": "url",
"uuid": "5a607325-5a28-4f1e-97a8-c378950d210f",
"value": "http://loquiereslotienesya.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185162",
"to_ids": true,
"type": "hostname",
"uuid": "5a607328-9b30-44a7-bd51-4831950d210f",
"value": "loquiereslotienesya.com"
},
{
"category": "Network activity",
"comment": "loquiereslotienesya.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185162",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a607329-7b04-4a45-9577-423f950d210f",
"value": "198.54.114.136"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185163",
"to_ids": true,
"type": "url",
"uuid": "5a60732b-0880-4864-b32f-23ef950d210f",
"value": "http://mikeylinehan.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185163",
"to_ids": true,
"type": "hostname",
"uuid": "5a60732c-4708-4227-afea-c458950d210f",
"value": "mikeylinehan.com"
},
{
"category": "Network activity",
"comment": "mikeylinehan.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185164",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a60732e-631c-4b77-b1de-c19a950d210f",
"value": "199.188.200.96"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185164",
"to_ids": true,
"type": "url",
"uuid": "5a60732f-db14-4989-9751-2374950d210f",
"value": "http://nwfpakistan.com/kjdfhg874"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185164",
"to_ids": true,
"type": "hostname",
"uuid": "5a607332-97f8-4dba-83a1-40b6950d210f",
"value": "nwfpakistan.com"
},
{
"category": "Network activity",
"comment": "nwfpakistan.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185165",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a607333-8a2c-4f06-8fac-2374950d210f",
"value": "199.188.200.149"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185165",
"to_ids": true,
"type": "url",
"uuid": "5a607335-fed4-49e2-9ba2-4bab950d210f",
"value": "https://topyzscsu5poprxy.onion.link/shfgealjh.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185166",
"to_ids": true,
"type": "hostname",
"uuid": "5a607337-cd64-4559-ac36-c19a950d210f",
"value": "topyzscsu5poprxy.onion.link"
},
{
"category": "Network activity",
"comment": "topyzscsu5poprxy.onion.link",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185166",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a60733a-86fc-40bc-bdb3-4a47950d210f",
"value": "103.198.0.2"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185166",
"to_ids": true,
"type": "url",
"uuid": "5a60733e-6e5c-4412-a178-23ef950d210f",
"value": "http://psoeiras.net/js/count.php?nu=105&fb=110"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185167",
"to_ids": true,
"type": "hostname",
"uuid": "5a607341-4fe0-4787-91c9-2374950d210f",
"value": "psoeiras.net"
},
{
"category": "Network activity",
"comment": "psoeiras.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1518185167",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a607344-2af4-489e-acc7-c458950d210f",
"value": "74.220.219.67"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1518185170",
"uuid": "bdc7129f-87b1-4e53-bbd4-1d6a7e5925ca",
"ObjectReference": [
{
"comment": "",
"object_uuid": "bdc7129f-87b1-4e53-bbd4-1d6a7e5925ca",
"referenced_uuid": "fc74519e-6797-4d09-93bb-7a68e74f5bd6",
"relationship_type": "analysed-with",
"timestamp": "1518771555",
"uuid": "5a7daad3-84fc-48f0-b391-575d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1518185168",
"to_ids": true,
"type": "sha1",
"uuid": "5a7daad0-a26c-462c-b64d-575d02de0b81",
"value": "28be65219441d78399027aa42c9cc7456ee67130"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1518185168",
"to_ids": true,
"type": "sha256",
"uuid": "5a7daad0-8098-4265-bc0e-575d02de0b81",
"value": "c45ef4a35047e14d8eaf54cab44a432be18e93915ac26a2f1294d260f220aea8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1518185169",
"to_ids": true,
"type": "md5",
"uuid": "5a7daad1-e3d8-446b-9b9a-575d02de0b81",
"value": "b0ee9dae7de7781ea809278c48c310a5"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1518185169",
"uuid": "fc74519e-6797-4d09-93bb-7a68e74f5bd6",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1518185169",
"to_ids": false,
"type": "link",
"uuid": "5a7daad1-ef50-4bbd-a1be-575d02de0b81",
"value": "https://www.virustotal.com/file/c45ef4a35047e14d8eaf54cab44a432be18e93915ac26a2f1294d260f220aea8/analysis/1517873959/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1518185170",
"to_ids": false,
"type": "text",
"uuid": "5a7daad2-1dec-40ce-9e49-575d02de0b81",
"value": "53/67"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1518185170",
"to_ids": false,
"type": "datetime",
"uuid": "5a7daad2-a578-4c03-a376-575d02de0b81",
"value": "2018-02-05T23:39:19"
}
]
}
]
}
}
Reference in a new issue View git blame Copy permalink