adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/59f87123-2624-486b-92c9-4f14950d210f.json

837 lines
No EOL
25 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "1",
"date": "2017-10-31",
"extends_uuid": "",
"info": "M2M - Locky Affid=3, \".asasin\"/Trickbot \"mac1\" 2017-10-31 : \"Invoice INV0000123\" - \"INV0000123.doc\"",
"publish_timestamp": "1510241681",
"published": true,
"threat_level_id": "3",
"timestamp": "1510241637",
"uuid": "59f87123-2624-486b-92c9-4f14950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#006c6c",
"local": false,
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:ransomware=\"Locky\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:tool=\"Trick Bot\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": true,
"type": "md5",
"uuid": "59f87124-b2cc-44c7-bbb2-4092950d210f",
"value": "1916150b3356fe6e6da7ec2e2a78e189"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": true,
"type": "md5",
"uuid": "59f87124-f2d0-4ffb-b750-411d950d210f",
"value": "e67b2f58896059cce8c6ff83c5737687"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": true,
"type": "md5",
"uuid": "59f87124-e0c0-4263-8f2b-4200950d210f",
"value": "e1ac6820b8b94ee937d8fe301437609d"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": true,
"type": "url",
"uuid": "59f87125-021c-4494-b94e-4f3e950d210f",
"value": "http://christakranzl.at/eiuhf384"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": true,
"type": "hostname",
"uuid": "59f87125-b548-4ff1-88e2-47ac950d210f",
"value": "christakranzl.at"
},
{
"category": "Network activity",
"comment": "christakranzl.at",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562427",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87125-3ff8-4a35-b794-4bc3950d210f",
"value": "88.198.9.176"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87125-d35c-467c-83b0-4039950d210f",
"value": "http://cornertape.net/eiuhf384"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87125-79b8-4447-9337-4caa950d210f",
"value": "cornertape.net"
},
{
"category": "Network activity",
"comment": "cornertape.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87126-d768-4de0-b5d2-4c15950d210f",
"value": "62.50.188.17"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87126-821c-4f45-b217-4499950d210f",
"value": "http://claridge-holdings.com/eiuhf384"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87126-4e68-482c-938a-4654950d210f",
"value": "claridge-holdings.com"
},
{
"category": "Network activity",
"comment": "claridge-holdings.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87126-b338-43b5-8597-4bbd950d210f",
"value": "202.160.120.194"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87127-b2c8-444e-803e-47f6950d210f",
"value": "http://dvprojekt.hr/eiuhf384"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87127-eb3c-483a-9321-47cd950d210f",
"value": "dvprojekt.hr"
},
{
"category": "Network activity",
"comment": "dvprojekt.hr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87127-856c-4091-bfe4-431e950d210f",
"value": "213.202.100.90"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87127-4b38-41a9-b74c-4581950d210f",
"value": "http://projex-dz.com/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87128-4560-41b4-8996-4657950d210f",
"value": "projex-dz.com"
},
{
"category": "Network activity",
"comment": "projex-dz.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87128-2080-42bb-b8cd-41ec950d210f",
"value": "5.196.81.12"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87128-f1d0-4877-a57b-4afd950d210f",
"value": "http://celebrityonline.cz/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87128-6630-488d-8671-40e2950d210f",
"value": "celebrityonline.cz"
},
{
"category": "Network activity",
"comment": "celebrityonline.cz",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87129-5114-40c2-9be1-4282950d210f",
"value": "78.24.8.144"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f87129-54e0-4bc2-9d7a-4059950d210f",
"value": "http://sigmanet.gr/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f87129-e024-4779-883c-4510950d210f",
"value": "sigmanet.gr"
},
{
"category": "Network activity",
"comment": "sigmanet.gr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8712a-1134-4ab7-acd7-429f950d210f",
"value": "185.25.20.13"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8712a-7ef8-46ea-8a42-4404950d210f",
"value": "http://apply.pam-innovation.com/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8712a-3700-4375-93ea-4039950d210f",
"value": "apply.pam-innovation.com"
},
{
"category": "Network activity",
"comment": "apply.pam-innovation.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8712b-ef4c-481c-9630-4972950d210f",
"value": "202.129.207.71"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8712b-c1b8-4210-a57e-4c5a950d210f",
"value": "http://bwos.be/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8712c-c984-41a0-94e5-4409950d210f",
"value": "bwos.be"
},
{
"category": "Network activity",
"comment": "bwos.be",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8712c-50b4-49d5-b63b-4925950d210f",
"value": "91.121.34.121"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8712c-3040-49eb-8bc3-41de950d210f",
"value": "http://zahntechnik-imlau.de/i8745fydd"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8712c-8910-4767-a196-4d97950d210f",
"value": "zahntechnik-imlau.de"
},
{
"category": "Network activity",
"comment": "zahntechnik-imlau.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8712d-8d10-48a8-ac9d-4330950d210f",
"value": "185.138.24.185"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8712d-5c84-49fa-8d9e-4a01950d210f",
"value": "http://fetchstats.net/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8712d-d5f4-4a82-86b7-4894950d210f",
"value": "fetchstats.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8714b-c2f8-40ec-98f7-4de9950d210f",
"value": "http://kengray.com/iudsfy7834"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8714c-1ae4-4fb1-bb33-4039950d210f",
"value": "kengray.com"
},
{
"category": "Network activity",
"comment": "kengray.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714c-24bc-4e7b-b3ad-49ef950d210f",
"value": "209.239.114.217"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "url",
"uuid": "59f8714c-07b0-4118-98c0-4e41950d210f",
"value": "http://hobbystube.net/dkjshfg643"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "hostname",
"uuid": "59f8714d-9288-4422-b1c9-468e950d210f",
"value": "hobbystube.net"
},
{
"category": "Network activity",
"comment": "hobbystube.net",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714d-b6dc-49ed-b0c3-4657950d210f",
"value": "83.220.128.111"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714d-2c10-4d3d-938e-47a1950d210f",
"value": "176.120.126.21"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714d-208c-4673-849e-40af950d210f",
"value": "156.17.92.161"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714e-6aec-4a17-915e-435d950d210f",
"value": "187.191.0.42"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714e-933c-46d7-8a8d-4d16950d210f",
"value": "181.211.34.154"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714e-d304-4a22-87f3-4a58950d210f",
"value": "200.117.251.52"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714f-3c7c-4762-a078-49c9950d210f",
"value": "78.24.217.88"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f8714f-ec74-4d31-839c-4c1e950d210f",
"value": "62.109.1.68"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87150-7be4-4e16-9d48-45c4950d210f",
"value": "195.133.147.74"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87150-97e8-4679-959a-4650950d210f",
"value": "195.133.146.117"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87150-65fc-405f-8a78-4122950d210f",
"value": "195.133.146.122"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87150-d200-4460-89a9-4bdb950d210f",
"value": "78.24.222.226"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87151-a3d4-4ead-9b2e-48b2950d210f",
"value": "95.213.252.23"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87152-1cac-4e3a-9fbb-4372950d210f",
"value": "95.213.251.95"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87152-22dc-4901-8785-4c5c950d210f",
"value": "194.87.93.55"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87152-5764-4606-b6ef-4039950d210f",
"value": "62.109.8.186"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87152-9b78-451b-bfa3-4821950d210f",
"value": "188.120.246.189"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87153-ba3c-483c-9839-4098950d210f",
"value": "194.87.98.249"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87153-2e0c-4202-9a61-4657950d210f",
"value": "95.213.195.174"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87153-7ffc-489f-a123-4378950d210f",
"value": "185.143.173.244"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87153-2e7c-4189-95c3-4fa6950d210f",
"value": "194.87.110.113"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87154-5ec0-4445-ae49-4198950d210f",
"value": "179.43.147.241"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87154-e794-4893-b78e-4c58950d210f",
"value": "82.146.43.178"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87154-1554-459a-98c7-4429950d210f",
"value": "185.158.114.114"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87155-58b4-43c8-932f-4248950d210f",
"value": "62.109.10.93"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "ip-dst",
"uuid": "59f87155-6cac-48a9-8dca-4e5b950d210f",
"value": "185.34.52.236"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: e67b2f58896059cce8c6ff83c5737687",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "sha256",
"uuid": "59fa183c-8a6c-4218-8271-1ad302de0b81",
"value": "9d2ce15fd9112d52fa09c543527ef0b5bf07eb4c07794931c5768e403c167d49"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: e67b2f58896059cce8c6ff83c5737687",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": true,
"type": "sha1",
"uuid": "59fa183c-a688-48ed-9d1b-1ad302de0b81",
"value": "b39d9320806573fdb49f5f9dc0307c4fbcd9c327"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: e67b2f58896059cce8c6ff83c5737687",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562428",
"to_ids": false,
"type": "link",
"uuid": "59fa183d-ac44-48bb-84fc-1ad302de0b81",
"value": "https://www.virustotal.com/file/9d2ce15fd9112d52fa09c543527ef0b5bf07eb4c07794931c5768e403c167d49/analysis/1509513298/"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 1916150b3356fe6e6da7ec2e2a78e189",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562429",
"to_ids": true,
"type": "sha256",
"uuid": "59fa183d-8f68-422e-9cc5-1ad302de0b81",
"value": "d97be402740f6a0fc70c90751f499943bf26f7c00791d46432889f1bedf9dbd2"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 1916150b3356fe6e6da7ec2e2a78e189",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562429",
"to_ids": true,
"type": "sha1",
"uuid": "59fa183d-fbb4-45e8-b2e4-1ad302de0b81",
"value": "7e8bf6cc4bb2540dce895244347a017565fddbc5"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 1916150b3356fe6e6da7ec2e2a78e189",
"deleted": false,
"disable_correlation": false,
"timestamp": "1509562429",
"to_ids": false,
"type": "link",
"uuid": "59fa183d-8348-4ca4-bbec-1ad302de0b81",
"value": "https://www.virustotal.com/file/d97be402740f6a0fc70c90751f499943bf26f7c00791d46432889f1bedf9dbd2/analysis/1509502196/"
}
]
}
}
Reference in a new issue View git blame Copy permalink