misp-circl-feed/feeds/circl/misp/58cbbdc9-9974-4da4-b10d-2e9c950d210f.json

147 lines
No EOL
4.2 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2017-03-16",
"extends_uuid": "",
"info": "Star Trek Themed Kirk Ransomware Brings us Monero and a Spock Decryptor!",
"publish_timestamp": "1489759744",
"published": true,
"threat_level_id": "3",
"timestamp": "1489759737",
"uuid": "58cbbdc9-9974-4da4-b10d-2e9c950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#2c4f00",
"local": false,
"name": "malware_classification:malware-category=\"Ransomware\"",
"relationship_type": ""
},
{
"colour": "#420053",
"local": false,
"name": "ms-caro-malware:malware-type=\"Ransom\"",
"relationship_type": ""
},
{
"colour": "#39b300",
"local": false,
"name": "enisa:nefarious-activity-abuse=\"ransomware\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489759686",
"to_ids": false,
"type": "link",
"uuid": "58cbbddd-ee44-487b-b368-091f950d210f",
"value": "https://www.bleepingcomputer.com/news/security/star-trek-themed-kirk-ransomware-brings-us-monero-and-a-spock-decryptor/",
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489747532",
"to_ids": true,
"type": "filename",
"uuid": "58cbbe4c-0dac-4f45-9516-82a7950d210f",
"value": "loic_win32.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489747533",
"to_ids": true,
"type": "filename",
"uuid": "58cbbe4d-b304-4de7-8105-82a7950d210f",
"value": "RANSOM_NOTE.txt"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489747552",
"to_ids": false,
"type": "filename",
"uuid": "58cbbe60-2c10-4833-a4d7-82ab950d210f",
"value": "pwd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489747697",
"to_ids": true,
"type": "sha256",
"uuid": "58cbbef1-eb20-412a-bc04-82ae950d210f",
"value": "39a2201a88f10d81b220c973737f0becedab2e73426ab9923880fb0fb990c5cc"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489747714",
"to_ids": false,
"type": "link",
"uuid": "58cbbf02-6910-4fd5-a825-0921950d210f",
"value": "https://www.virustotal.com/en/file/39a2201a88f10d81b220c973737f0becedab2e73426ab9923880fb0fb990c5cc/analysis/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489759614",
"to_ids": true,
"type": "md5",
"uuid": "58cbed7e-7658-44ba-b7a9-08c5950d210f",
"value": "78117f7acc8b385e9b29fe711436d16d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1489759616",
"to_ids": true,
"type": "sha1",
"uuid": "58cbed80-23f4-4ac6-8007-08c5950d210f",
"value": "0d4dfe880f8ec4b394f49f1a2608200dd06ba8a6"
}
]
}
}