misp-circl-feed/feeds/circl/misp/5b646415-7b48-40d5-86b4-c0070acd0835.json

88 lines
No EOL
2.4 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2018-08-01",
"extends_uuid": "",
"info": "Ursnif, MALWAREMESSIAGH",
"publish_timestamp": "1533306986",
"published": true,
"threat_level_id": "3",
"timestamp": "1533306089",
"uuid": "5b646415-7b48-40d5-86b4-c0070acd0835",
"Orgc": {
"name": "Synovus Financial",
"uuid": "5a68c02d-959c-4c8a-a571-0dcac0a8060a"
},
"Tag": [
{
"colour": "#ab34e3",
"local": "0",
"name": "PasteBin: MALWAREMESSIAGH",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:banker=\"Gozi\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "Ursnif",
"deleted": false,
"disable_correlation": false,
"timestamp": "1533306058",
"to_ids": true,
"type": "domain",
"uuid": "5b6464ca-e73c-4707-9b8a-d0350acd0835",
"value": "ooiasjdnqjwbeasdasd.com"
},
{
"category": "Network activity",
"comment": "Ursnif",
"deleted": false,
"disable_correlation": false,
"timestamp": "1533306058",
"to_ids": true,
"type": "domain",
"uuid": "5b6464ca-45f8-43d0-8b78-d0350acd0835",
"value": "eqowiesajenqweasd.com"
},
{
"category": "Network activity",
"comment": "Ursnif",
"deleted": false,
"disable_correlation": false,
"timestamp": "1533306058",
"to_ids": true,
"type": "domain",
"uuid": "5b6464ca-8c84-4c2d-95d9-d0350acd0835",
"value": "dquohwdihaewqdcas.com"
},
{
"category": "Network activity",
"comment": "Ursnif",
"deleted": false,
"disable_correlation": false,
"timestamp": "1533306058",
"to_ids": true,
"type": "domain",
"uuid": "5b6464ca-e0a0-40e0-8e21-d0350acd0835",
"value": "diqjwhebseqhbasdh.com"
},
{
"category": "Payload delivery",
"comment": "Ursnif dropped file",
"deleted": false,
"disable_correlation": false,
"timestamp": "1533306089",
"to_ids": true,
"type": "url",
"uuid": "5b6464e9-e73c-484d-a0b3-c0070acd0835",
"value": "http://sistemait.it/softaculous/backup/client.rar"
}
]
}
}