adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/591d566d-3ec0-4195-adb2-9f28950d210f.json

897 lines
No EOL
26 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "1",
"date": "2017-05-18",
"extends_uuid": "",
"info": "Invoice ###### 05/17/2017 from dontreply@random",
"publish_timestamp": "1495107139",
"published": true,
"threat_level_id": "3",
"timestamp": "1495107040",
"uuid": "591d566d-3ec0-4195-adb2-9f28950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#006c6c",
"local": false,
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Jaff\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094894",
"to_ids": true,
"type": "md5",
"uuid": "591d566e-62ec-4abd-afc7-99a0950d210f",
"value": "716165fb5e07ecc95d45e8761b10ab30"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094895",
"to_ids": true,
"type": "md5",
"uuid": "591d566f-19f4-4248-8fcb-c522950d210f",
"value": "f3d9b2cb51e81d12ff3d5faaca231041"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094895",
"to_ids": true,
"type": "md5",
"uuid": "591d566f-652c-4398-8074-c520950d210f",
"value": "3f6c1a2735a8595cb1b03260bec9cb1b"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094896",
"to_ids": true,
"type": "md5",
"uuid": "591d5670-d1d8-4260-8674-c51c950d210f",
"value": "14d05276125e70d43e710ef186261c95"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094897",
"to_ids": true,
"type": "sha256",
"uuid": "591d5671-0dec-43e6-9433-a001950d210f",
"value": "86061f2ae8ba5250c38f20070ba446513918c23dfe35f0670ae555910a94c181"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094898",
"to_ids": true,
"type": "url",
"uuid": "591d5672-5a04-495b-94ef-99a4950d210f",
"value": "http://bbz-regeling.nl/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094899",
"to_ids": true,
"type": "hostname",
"uuid": "591d5673-d418-4ebc-bd4d-99a3950d210f",
"value": "bbz-regeling.nl"
},
{
"category": "Network activity",
"comment": "bbz-regeling.nl",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094899",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5673-5ff8-47f0-80d3-c51f950d210f",
"value": "185.87.184.212"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094900",
"to_ids": true,
"type": "url",
"uuid": "591d5674-c140-4f6e-bb6a-c525950d210f",
"value": "http://blackempire.it/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094901",
"to_ids": true,
"type": "hostname",
"uuid": "591d5675-f1b4-4ea5-8309-c518950d210f",
"value": "blackempire.it"
},
{
"category": "Network activity",
"comment": "blackempire.it",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094902",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5676-3edc-4315-b274-c520950d210f",
"value": "212.18.226.16"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094903",
"to_ids": true,
"type": "url",
"uuid": "591d5677-5d30-464f-9cae-99a4950d210f",
"value": "http://diytp.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094904",
"to_ids": true,
"type": "hostname",
"uuid": "591d5678-a17c-4409-839d-c516950d210f",
"value": "diytp.com"
},
{
"category": "Network activity",
"comment": "diytp.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094906",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d567a-f30c-4d86-98a5-c525950d210f",
"value": "211.115.89.71"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094907",
"to_ids": true,
"type": "url",
"uuid": "591d567b-8ef4-432c-9d56-c524950d210f",
"value": "http://doppellutz.de/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094908",
"to_ids": true,
"type": "hostname",
"uuid": "591d567c-df8c-4725-9176-c520950d210f",
"value": "doppellutz.de"
},
{
"category": "Network activity",
"comment": "doppellutz.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094908",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d567c-9e1c-48a2-a284-a005950d210f",
"value": "81.169.145.95"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094909",
"to_ids": true,
"type": "url",
"uuid": "591d567d-9648-4540-9fda-c51f950d210f",
"value": "http://easternmas.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094910",
"to_ids": true,
"type": "hostname",
"uuid": "591d567e-c210-4045-899b-c50f950d210f",
"value": "easternmas.com"
},
{
"category": "Network activity",
"comment": "easternmas.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094911",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d567f-5a6c-4ab4-b74f-9f28950d210f",
"value": "129.121.5.206"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094911",
"to_ids": true,
"type": "url",
"uuid": "591d567f-0bf4-4c9b-bd65-c522950d210f",
"value": "http://edazhu.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094912",
"to_ids": true,
"type": "hostname",
"uuid": "591d5680-b5c0-4717-93d9-c525950d210f",
"value": "edazhu.com"
},
{
"category": "Network activity",
"comment": "edazhu.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094913",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5681-c820-4a67-9e6e-c51c950d210f",
"value": "211.149.239.112"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094914",
"to_ids": true,
"type": "url",
"uuid": "591d5682-65ec-49eb-828e-99a3950d210f",
"value": "http://estimatingservicesinc.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094915",
"to_ids": true,
"type": "hostname",
"uuid": "591d5683-2460-40df-9bc5-a005950d210f",
"value": "estimatingservicesinc.com"
},
{
"category": "Network activity",
"comment": "estimatingservicesinc.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094916",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5684-da58-47dc-b71c-9f28950d210f",
"value": "199.166.6.15"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094916",
"to_ids": true,
"type": "url",
"uuid": "591d5684-3590-4187-b67a-c516950d210f",
"value": "http://evasalome.nl/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094917",
"to_ids": true,
"type": "hostname",
"uuid": "591d5685-2d9c-425a-8675-c51a950d210f",
"value": "evasalome.nl"
},
{
"category": "Network activity",
"comment": "evasalome.nl",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094918",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5686-cba4-4688-a059-c524950d210f",
"value": "46.30.213.164"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094919",
"to_ids": true,
"type": "url",
"uuid": "591d5687-8ec4-4fdf-bf9c-c51c950d210f",
"value": "http://herrossoidffr6644qa.top/af/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094919",
"to_ids": true,
"type": "hostname",
"uuid": "591d5687-c398-4836-9aba-9f05950d210f",
"value": "herrossoidffr6644qa.top"
},
{
"category": "Network activity",
"comment": "herrossoidffr6644qa.top",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094921",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5689-fb50-41a1-9c4e-c522950d210f",
"value": "34.209.214.237"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094921",
"to_ids": true,
"type": "url",
"uuid": "591d5689-f07c-460a-a550-c51a950d210f",
"value": "http://kezakotheatre.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094922",
"to_ids": true,
"type": "hostname",
"uuid": "591d568a-efe8-466d-9d75-a001950d210f",
"value": "kezakotheatre.com"
},
{
"category": "Network activity",
"comment": "kezakotheatre.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094923",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d568b-8fc0-4477-b23f-99a4950d210f",
"value": "81.88.57.68"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094924",
"to_ids": true,
"type": "url",
"uuid": "591d568c-5480-445f-a906-99a3950d210f",
"value": "http://monowheels.ru/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094924",
"to_ids": true,
"type": "hostname",
"uuid": "591d568c-be8c-4963-8ff3-a005950d210f",
"value": "monowheels.ru"
},
{
"category": "Network activity",
"comment": "monowheels.ru",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094925",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d568d-0eac-4d4c-bd6e-a004950d210f",
"value": "192.162.100.191"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094926",
"to_ids": true,
"type": "url",
"uuid": "591d568e-7604-4e46-b09a-c522950d210f",
"value": "http://oylumsut.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094927",
"to_ids": true,
"type": "hostname",
"uuid": "591d568f-e164-46d5-b8e8-c525950d210f",
"value": "oylumsut.com"
},
{
"category": "Network activity",
"comment": "oylumsut.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094928",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5690-1d74-450c-a151-c524950d210f",
"value": "37.230.111.113"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094928",
"to_ids": true,
"type": "url",
"uuid": "591d5690-f610-4604-9929-c523950d210f",
"value": "http://peryskop.biz/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094929",
"to_ids": true,
"type": "hostname",
"uuid": "591d5691-80c8-4e0d-90af-99a4950d210f",
"value": "peryskop.biz"
},
{
"category": "Network activity",
"comment": "peryskop.biz",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094930",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5692-4e4c-4071-890e-c51c950d210f",
"value": "92.43.113.68"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094931",
"to_ids": true,
"type": "url",
"uuid": "591d5693-4c1c-40a4-83b6-9f05950d210f",
"value": "http://pta-babel.net/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094931",
"to_ids": true,
"type": "hostname",
"uuid": "591d5693-d028-44a4-94a9-9f28950d210f",
"value": "pta-babel.net"
},
{
"category": "Network activity",
"comment": "pta-babel.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094933",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d5695-5f28-40b5-9d2b-c525950d210f",
"value": "103.247.9.134"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094933",
"to_ids": true,
"type": "url",
"uuid": "591d5695-ed38-41e4-a25d-c523950d210f",
"value": "http://sjffonrvcik45bd.info/af/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094935",
"to_ids": true,
"type": "hostname",
"uuid": "591d5697-ae14-41fc-99e4-99a4950d210f",
"value": "sjffonrvcik45bd.info"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094936",
"to_ids": true,
"type": "url",
"uuid": "591d5698-6bc8-48cc-8a2f-c50f950d210f",
"value": "http://taure.cz/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094937",
"to_ids": true,
"type": "hostname",
"uuid": "591d5699-23c4-43df-9757-9f05950d210f",
"value": "taure.cz"
},
{
"category": "Network activity",
"comment": "taure.cz",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094938",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d569a-04d0-4f56-ae42-c522950d210f",
"value": "93.185.104.24"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094939",
"to_ids": true,
"type": "url",
"uuid": "591d569b-e098-4072-ae21-c523950d210f",
"value": "http://tenda.it/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094939",
"to_ids": true,
"type": "hostname",
"uuid": "591d569b-f564-482b-90ab-c51f950d210f",
"value": "tenda.it"
},
{
"category": "Network activity",
"comment": "tenda.it",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094940",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d569c-1cb8-4be4-9169-99a6950d210f",
"value": "51.254.159.78"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094941",
"to_ids": true,
"type": "url",
"uuid": "591d569d-2cc0-4494-8c0f-9f28950d210f",
"value": "http://texaslandandlifestyle.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094942",
"to_ids": true,
"type": "hostname",
"uuid": "591d569e-bcec-42ff-9653-c522950d210f",
"value": "texaslandandlifestyle.com"
},
{
"category": "Network activity",
"comment": "texaslandandlifestyle.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094943",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d569f-7540-44c6-a46a-99a4950d210f",
"value": "107.154.161.187"
},
{
"category": "Network activity",
"comment": "texaslandandlifestyle.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094944",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56a0-3c60-4b15-82d4-a005950d210f",
"value": "107.154.168.187"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094945",
"to_ids": true,
"type": "url",
"uuid": "591d56a1-71c0-499d-a32d-9f28950d210f",
"value": "http://tvapps.ir/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094947",
"to_ids": true,
"type": "hostname",
"uuid": "591d56a3-f300-45b3-97b8-c522950d210f",
"value": "tvapps.ir"
},
{
"category": "Network activity",
"comment": "tvapps.ir",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094950",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56a6-1ef4-4f60-ad3f-99a4950d210f",
"value": "5.61.25.106"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094950",
"to_ids": true,
"type": "url",
"uuid": "591d56a6-fb98-44c0-8ff2-a004950d210f",
"value": "http://unykmodels.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094951",
"to_ids": true,
"type": "hostname",
"uuid": "591d56a7-b498-4f2c-94a2-9f05950d210f",
"value": "unykmodels.com"
},
{
"category": "Network activity",
"comment": "unykmodels.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094952",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56a8-3b6c-47d0-8804-c525950d210f",
"value": "143.95.74.249"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094953",
"to_ids": true,
"type": "url",
"uuid": "591d56a9-bd50-4f1f-861d-99a6950d210f",
"value": "http://westprod.fr/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094954",
"to_ids": true,
"type": "hostname",
"uuid": "591d56aa-74dc-4c8e-a999-c516950d210f",
"value": "westprod.fr"
},
{
"category": "Network activity",
"comment": "westprod.fr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094955",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56ab-0ad0-4d34-8554-99a0950d210f",
"value": "213.246.39.74"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094955",
"to_ids": true,
"type": "url",
"uuid": "591d56ab-d324-40da-aa6c-c522950d210f",
"value": "http://ws500.net/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094956",
"to_ids": true,
"type": "hostname",
"uuid": "591d56ac-2120-4a85-ba45-c520950d210f",
"value": "ws500.net"
},
{
"category": "Network activity",
"comment": "ws500.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094957",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56ad-fd60-4967-9f00-c50f950d210f",
"value": "65.19.169.34"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094958",
"to_ids": true,
"type": "url",
"uuid": "591d56ae-67a0-4b6d-b09b-c516950d210f",
"value": "http://wxklfy.com/hjt67t"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094959",
"to_ids": true,
"type": "hostname",
"uuid": "591d56af-ddb0-46ff-a49c-a005950d210f",
"value": "wxklfy.com"
},
{
"category": "Network activity",
"comment": "wxklfy.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094960",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56b0-2ee0-44b9-bb32-99a6950d210f",
"value": "103.224.248.183"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094961",
"to_ids": true,
"type": "url",
"uuid": "591d56b1-b190-4be1-a470-c51a950d210f",
"value": "http://eesiiuroffde445.com/a5/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094962",
"to_ids": true,
"type": "hostname",
"uuid": "591d56b2-e3d8-457f-aee1-c516950d210f",
"value": "eesiiuroffde445.com"
},
{
"category": "Network activity",
"comment": "eesiiuroffde445.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094965",
"to_ids": true,
"type": "ip-dst",
"uuid": "591d56b5-37f0-4960-9a3d-c50f950d210f",
"value": "47.91.107.213"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1495094965",
"to_ids": false,
"type": "link",
"uuid": "591d56b5-9bdc-4bc7-85ef-c51f950d210f",
"value": "https://www.virustotal.com/en/url/86061f2ae8ba5250c38f20070ba446513918c23dfe35f0670ae555910a94c181/analysis/1495024235/"
}
]
}
}
Reference in a new issue View git blame Copy permalink