misp-circl-feed/feeds/circl/misp/57c98935-5fdc-4632-8d61-4af1950d210f.json

656 lines
No EOL
20 KiB
JSON

{
"Event": {
"analysis": "0",
"date": "2016-09-02",
"extends_uuid": "",
"info": "Malspam 2016-09-02 (.wsf in .zip) - campaign: \"icloud.com\"",
"publish_timestamp": "1472826472",
"published": true,
"threat_level_id": "3",
"timestamp": "1472825949",
"uuid": "57c98935-5fdc-4632-8d61-4af1950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#3b7500",
"name": "circl:incident-classification=\"malware\""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825698",
"to_ids": true,
"type": "url",
"uuid": "57c98962-0d54-459c-b73e-498d950d210f",
"value": "http://danzig.vtrbandaancha.net/djaokpj"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825698",
"to_ids": true,
"type": "hostname",
"uuid": "57c98962-9c7c-4888-8247-4419950d210f",
"value": "danzig.vtrbandaancha.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825698",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98962-89f0-4326-9b06-423d950d210f",
"value": "200.83.4.62"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825698",
"to_ids": true,
"type": "url",
"uuid": "57c98962-0c8c-4911-9da8-49b7950d210f",
"value": "http://www.rioual.com/dfduyax"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825698",
"to_ids": true,
"type": "hostname",
"uuid": "57c98962-a3e4-4864-a9fd-4b8d950d210f",
"value": "www.rioual.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98963-1f34-4863-a731-451a950d210f",
"value": "213.186.33.19"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "url",
"uuid": "57c98963-636c-4380-a1e5-4a1f950d210f",
"value": "http://www.bavaria-wein.de/kyisute"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "hostname",
"uuid": "57c98963-0254-422a-a43c-4371950d210f",
"value": "www.bavaria-wein.de"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98963-c8dc-4613-af7f-4834950d210f",
"value": "217.199.0.35"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "url",
"uuid": "57c98963-6e60-4fe9-990c-4b5b950d210f",
"value": "http://www.malicioso.net/ulndads"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825699",
"to_ids": true,
"type": "hostname",
"uuid": "57c98963-3194-4def-b08d-47bb950d210f",
"value": "www.malicioso.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825700",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98964-dc18-4325-bf2a-42bb950d210f",
"value": "62.42.230.17"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825700",
"to_ids": true,
"type": "url",
"uuid": "57c98964-6764-4cf9-87cb-4af9950d210f",
"value": "http://imex.atspace.com/sxqtddp"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825700",
"to_ids": true,
"type": "hostname",
"uuid": "57c98964-93a4-4203-9e74-4d3d950d210f",
"value": "imex.atspace.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825700",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98964-bba8-4929-a25a-4fd3950d210f",
"value": "82.197.131.109"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825700",
"to_ids": true,
"type": "url",
"uuid": "57c98964-d658-4f68-a144-44e3950d210f",
"value": "http://www.meallservice.it/mulccfi"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "hostname",
"uuid": "57c98965-e9b0-4109-88d5-44e4950d210f",
"value": "www.meallservice.it"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98965-0bb4-427d-aeef-48c9950d210f",
"value": "213.205.40.169"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "url",
"uuid": "57c98965-471c-4160-af0f-4faa950d210f",
"value": "http://www.empolio.com/bgfxwqs"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "hostname",
"uuid": "57c98965-0e20-4e46-a417-420b950d210f",
"value": "www.empolio.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98965-6528-41e1-b562-459b950d210f",
"value": "213.204.1.56"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825701",
"to_ids": true,
"type": "url",
"uuid": "57c98965-b430-446f-a749-4b37950d210f",
"value": "http://www.association-julescatoire.fr/vdrnlnt"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "hostname",
"uuid": "57c98966-50c4-488c-a117-4e9e950d210f",
"value": "www.association-julescatoire.fr"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98966-6534-4374-8db5-4700950d210f",
"value": "93.184.47.165"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "url",
"uuid": "57c98966-b028-4dd8-ac22-4c21950d210f",
"value": "http://e-gmp.home.ro/ierssce"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "hostname",
"uuid": "57c98966-0b74-4a47-8e53-418a950d210f",
"value": "e-gmp.home.ro"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98966-ea60-4262-964b-478a950d210f",
"value": "81.196.20.133"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825702",
"to_ids": true,
"type": "url",
"uuid": "57c98966-3774-4844-87e7-4a8a950d210f",
"value": "http://www.fenit.net/elckuqa"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825703",
"to_ids": true,
"type": "hostname",
"uuid": "57c98967-b614-443f-9ad6-4271950d210f",
"value": "www.fenit.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825703",
"to_ids": true,
"type": "url",
"uuid": "57c98967-517c-497c-9079-4196950d210f",
"value": "http://www.caminettilcd.it/ikpjqqt"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825703",
"to_ids": true,
"type": "hostname",
"uuid": "57c98967-3638-4989-a360-49d4950d210f",
"value": "www.caminettilcd.it"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825703",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98967-f2d0-4a6f-92ec-4501950d210f",
"value": "195.78.215.76"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825703",
"to_ids": true,
"type": "url",
"uuid": "57c98967-b054-41d1-97fe-4df8950d210f",
"value": "http://www.coseincredibili.it/gugpcpb"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "hostname",
"uuid": "57c98968-ce9c-4cff-b3ed-40fd950d210f",
"value": "www.coseincredibili.it"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "url",
"uuid": "57c98968-b7fc-4e47-ab6d-45e0950d210f",
"value": "http://www.mussystems.net/rhygtpe"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "hostname",
"uuid": "57c98968-1364-4f77-95d2-4d1a950d210f",
"value": "www.mussystems.net"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98968-3aec-48e3-bd68-41b3950d210f",
"value": "195.238.0.64"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "url",
"uuid": "57c98968-9348-483d-8530-4441950d210f",
"value": "http://158.195.68.10/porirue"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825704",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98969-8b48-47a4-a000-41ec950d210f",
"value": "158.195.68.10"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825705",
"to_ids": true,
"type": "url",
"uuid": "57c98969-d9e4-44cb-ba1e-4a32950d210f",
"value": "http://dcqoutlet.es/vcxyssl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825705",
"to_ids": true,
"type": "domain",
"uuid": "57c98969-182c-410c-82c6-4520950d210f",
"value": "dcqoutlet.es"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825705",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c98969-9b28-4bb1-92c3-4595950d210f",
"value": "134.0.11.123"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825705",
"to_ids": true,
"type": "url",
"uuid": "57c98969-c6b8-47f5-9c95-4537950d210f",
"value": "http://www.dallaglio-nordin.com/cjkgjtl"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825705",
"to_ids": true,
"type": "hostname",
"uuid": "57c98969-1528-4420-9409-45df950d210f",
"value": "www.dallaglio-nordin.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "url",
"uuid": "57c9896a-966c-4791-b0e9-4b0b950d210f",
"value": "http://www.alanmorgan.plus.com/yqjytxx"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "hostname",
"uuid": "57c9896a-6784-4018-b994-4d84950d210f",
"value": "www.alanmorgan.plus.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c9896a-3530-44d8-b839-4f51950d210f",
"value": "212.159.9.91"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "url",
"uuid": "57c9896a-eb38-45a3-9c25-414d950d210f",
"value": "http://tpllaw.com/ctuphuv"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "domain",
"uuid": "57c9896a-7118-40b0-8862-4832950d210f",
"value": "tpllaw.com"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825706",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c9896a-63c4-4fe7-b6fc-44b1950d210f",
"value": "216.87.186.90"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "url",
"uuid": "57c9896b-c4a0-493d-b281-4db9950d210f",
"value": "http://www.archiviestoria.it/waotorf"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "hostname",
"uuid": "57c9896b-6988-4222-8159-45cb950d210f",
"value": "www.archiviestoria.it"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "url",
"uuid": "57c9896b-f710-4d07-8ffe-4952950d210f",
"value": "http://maxshoppppsr.biz/js/vf3gt4b4"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "domain",
"uuid": "57c9896b-a7cc-4fa6-879e-423d950d210f",
"value": "maxshoppppsr.biz"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "ip-dst",
"uuid": "57c9896b-2c10-47c2-a32c-4e11950d210f",
"value": "167.114.138.3"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825707",
"to_ids": true,
"type": "url",
"uuid": "57c9896c-3f1c-46bf-aafb-4b78950d210f",
"value": "http://maxshoppppsr.biz/js/y54g3tr"
},
{
"category": "Payload delivery",
"comment": "email address",
"deleted": false,
"disable_correlation": false,
"timestamp": "1472825949",
"to_ids": false,
"type": "text",
"uuid": "57c98a5d-0edc-416c-b424-4da5950d210f",
"value": "[NAME]_[NUMBER]@icloud.com"
}
]
}
}