/malware-indicators

Permalink
Switch branches/tags
Nothing to show
Find file
malware-indicators/201707_InsiderInfo/misp.json
6891050 Jul 5, 2017
Raw Blame History
1412 lines (1317 sloc) 47.5 KB
{"response":[{
"Event": {
"id": "108",
"orgc_id": "2",
"org_id": "2",
"date": "2017-07-04",
"threat_level_id": "1",
"info": "Insider Information: An intrusion campaign targeting Chinese language news sites",
"published": true,
"uuid": "595baf14-d8e8-4e33-be25-06e38e96ca05",
"attribute_count": "47",
"analysis": "0",
"timestamp": "1499181858",
"distribution": "1",
"proposal_email_lock": false,
"locked": false,
"publish_timestamp": "1499181953",
"sharing_group_id": "0",
"Org": {
"id": "2",
"name": "citizenlab",
"uuid": "581b5fea-818c-441a-bd1d-49798e96ca05"
},
"Orgc": {
"id": "2",
"name": "citizenlab",
"uuid": "581b5fea-818c-441a-bd1d-49798e96ca05"
},
"Attribute": [
{
"id": "16407",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-2550-44cc-8747-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "19c5f8829444956ba30e023aaaec6408",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "19c5f8829444956ba30e023aaaec6408"
}
}
]
},
{
"id": "16408",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-12c0-4c0c-8d64-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "ac5763000ae435875f3b709a5f23ecc0",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "ac5763000ae435875f3b709a5f23ecc0"
}
}
]
},
{
"id": "16409",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-0d44-4380-9208-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "d80fc6a4f175e3ab417b9f96c3b37c73",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "d80fc6a4f175e3ab417b9f96c3b37c73"
}
}
]
},
{
"id": "16410",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-fa5c-4ee1-b354-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "945de4d3a046a698aec222fc90a148ba",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "945de4d3a046a698aec222fc90a148ba"
}
}
]
},
{
"id": "16411",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-7e84-47a6-a022-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "95efa51b52f121cec239980127b7f96b",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "95efa51b52f121cec239980127b7f96b"
}
}
]
},
{
"id": "16412",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-f1a0-4a70-a9ad-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "13b148aead5e844f7262da768873cec0",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "13b148aead5e844f7262da768873cec0"
}
}
]
},
{
"id": "16413",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-dfec-480b-9ec1-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "029ba5f0f6997bc36a094e86848a5b82",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "029ba5f0f6997bc36a094e86848a5b82"
}
}
]
},
{
"id": "16414",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-59ac-4310-aa50-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "e841ecaa44b3589120b72e60b53f39c6",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "e841ecaa44b3589120b72e60b53f39c6"
}
}
]
},
{
"id": "16415",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-4794-4b32-8ad7-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "88e027b1ef7b2da1766e6b6819bba0f0",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "88e027b1ef7b2da1766e6b6819bba0f0"
}
}
]
},
{
"id": "16416",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-34b4-4c04-a93c-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "bb080489dbc98a59cac130475e019fb2",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "bb080489dbc98a59cac130475e019fb2"
}
}
]
},
{
"id": "16417",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-a12c-4e3f-b0ee-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "88f43fe753e64d9c536fca16979984ef",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "88f43fe753e64d9c536fca16979984ef"
}
}
]
},
{
"id": "16418",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-90a4-47f8-9056-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "f282fd20d7eaebe848b5111ecdae82a6",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "f282fd20d7eaebe848b5111ecdae82a6"
}
}
]
},
{
"id": "16419",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-0618-43dc-bd26-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "e0338b1f010fdc4751de5f58e4acf2ad",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "e0338b1f010fdc4751de5f58e4acf2ad"
}
}
]
},
{
"id": "16420",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-0b70-4d94-873f-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "c1dabd54a672cbc2747c53a8041d5602",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "c1dabd54a672cbc2747c53a8041d5602"
}
}
]
},
{
"id": "16421",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-897c-4d64-99b1-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "2332aa40d15399179c068ab205a5303d",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "2332aa40d15399179c068ab205a5303d"
}
}
]
},
{
"id": "16422",
"type": "md5",
"category": "Artifacts dropped",
"to_ids": false,
"uuid": "595bb322-88f8-4934-93ca-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181858",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "4ddf012d8a42ad2666e06ad2f0a8410e",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "4ddf012d8a42ad2666e06ad2f0a8410e"
}
}
]
},
{
"id": "16353",
"type": "whois-registrant-email",
"category": "Attribution",
"to_ids": false,
"uuid": "595bb024-550c-4f0e-89b0-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181092",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "aobama_5@yahoo.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "aobama_5@yahoo.com"
}
}
]
},
{
"id": "16374",
"type": "domain",
"category": "Network activity",
"to_ids": true,
"uuid": "595bb19a-2bec-4af4-bd28-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181466",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "email23.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "email23.secuerserver.com"
}
}
]
},
{
"id": "16375",
"type": "domain",
"category": "Network activity",
"to_ids": true,
"uuid": "595bb19a-3be4-4267-9c73-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181466",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "hk.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "hk.secuerserver.com"
}
}
]
},
{
"id": "16376",
"type": "domain",
"category": "Network activity",
"to_ids": true,
"uuid": "595bb19a-53fc-4c93-87b1-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181466",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "dns.bowenpress.org",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "dns.bowenpress.org"
}
}
]
},
{
"id": "16354",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-226c-4930-9b42-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "secuerserver.com"
}
}
]
},
{
"id": "16355",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-d1e8-4cde-9c68-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "bowenpres.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "bowenpres.com"
}
}
]
},
{
"id": "16356",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-3318-40b2-945f-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "bowenpress.net",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "bowenpress.net"
}
}
]
},
{
"id": "16357",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-3d20-4589-9055-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "bowenpress.org",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "bowenpress.org"
}
}
]
},
{
"id": "16358",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-c44c-45ce-b8b4-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "bowenpross.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "bowenpross.com"
}
}
]
},
{
"id": "16359",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-b9e0-4f44-a56e-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "datalink.one",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "datalink.one"
}
}
]
},
{
"id": "16360",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb071-dcec-4872-ad35-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181169",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "epochatimes.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "epochatimes.com"
}
}
]
},
{
"id": "16361",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-5a40-459c-a05d-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "get.adobe.com.bowenpress.org",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "get.adobe.com.bowenpress.org"
}
}
]
},
{
"id": "16362",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-9bd4-4f6e-b2fa-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "hk.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "hk.secuerserver.com"
}
}
]
},
{
"id": "16363",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-c4b8-4124-a2b5-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "pop.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "pop.secuerserver.com"
}
}
]
},
{
"id": "16364",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-3930-4285-9fdd-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "smtpout.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "smtpout.secuerserver.com"
}
}
]
},
{
"id": "16365",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-e108-4480-aa27-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "www.bowenpress.org",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16366",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-9c98-4021-9af7-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "www.mail.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "www.mail.secuerserver.com"
}
}
]
},
{
"id": "16367",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-a424-469a-9a7f-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "www.secuerserver.com",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16368",
"type": "domain",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0af-4794-4d7f-ba4c-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181231",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "www.vnews.hk",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "www.vnews.hk"
}
}
]
},
{
"id": "16348",
"type": "email-src",
"category": "Payload delivery",
"to_ids": false,
"uuid": "595baf52-7340-4840-bda0-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499180882",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "hellomice@mail.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "hellomice@mail.com"
}
}
]
},
{
"id": "16349",
"type": "email-src",
"category": "Payload delivery",
"to_ids": false,
"uuid": "595baf52-2a08-4576-9f76-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499180882",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "aisia.anminda8@mail.com",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "aisia.anminda8@mail.com"
}
}
]
},
{
"id": "16405",
"type": "ip-src",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb286-ee4c-4c91-91b9-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181702",
"comment": "Cloudie IP used for scanning",
"sharing_group_id": "0",
"deleted": false,
"value": "45.124.24.39",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "45.124.24.39"
}
}
]
},
{
"id": "16406",
"type": "ip-src",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb2d6-70e0-4d6d-bdc7-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181782",
"comment": "Gorilla servers malware and phishing server",
"sharing_group_id": "0",
"deleted": false,
"value": "23.239.106.119",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "23.239.106.119"
}
}
]
},
{
"id": "16352",
"type": "ip-src",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bafe1-e518-4bfb-9701-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181044",
"comment": "hosted phishing page",
"sharing_group_id": "0",
"deleted": false,
"value": "43.240.14.37",
"SharingGroup": [
],
"ShadowAttribute": [
],
"RelatedAttribute": [
{
"Attribute": {
"id": "94",
"org_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"value": "43.240.14.37"
}
}
]
},
{
"id": "16350",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595baf7a-6598-4ecc-ba74-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499180922",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/43.240.14.37\/asdasdasadqddd12222111.php\/article.asp",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16351",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bafa7-2d34-43d7-87a1-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499180988",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/chinadagitaltimes.net\/2016\/07\/chinese-hackers-blamed-multiple-breaches-fdic",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16369",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb0cc-f258-491f-afcd-06e28e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181260",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/get.adobe.com.bowenpress.org\/Adobe\/update\/20161201\/AdobeUpdate.html",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16370",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb15f-dc68-4468-9572-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181407",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/get.adobe.com.bowenpress.org\/Adobe\/update\/20160703\/AdobeUpdate20160703.exe",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16371",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb15f-d000-400a-b7a9-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181407",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/get.adobe.com.bowenpress.org\/Adobe\/update\/20160812\/AdobeUpdate20160812.exe",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16372",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb15f-4a08-4a4a-9ff5-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181407",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/get.adobe.com.bowenpress.org\/Adobe\/update\/20161201\/AdobeUpdate20161201.exe",
"SharingGroup": [
],
"ShadowAttribute": [
]
},
{
"id": "16373",
"type": "url",
"category": "Payload delivery",
"to_ids": true,
"uuid": "595bb15f-8488-4a3b-abea-06e38e96ca05",
"event_id": "108",
"distribution": "5",
"timestamp": "1499181407",
"comment": "",
"sharing_group_id": "0",
"deleted": false,
"value": "http:\/\/get.adobe.com.bowenpress.org\/Adobe\/update\/20170312\/AdobeUpdate20170312.exe",
"SharingGroup": [
],
"ShadowAttribute": [
]
}
],
"ShadowAttribute": [
],
"RelatedEvent": [
{
"Event": {
"id": "94",
"date": "2017-02-24",
"threat_level_id": "2",
"info": "FAKENEWS - phishing campaign against China critical digital media site.",
"published": false,
"uuid": "58b05226-2fd4-4638-ba7d-53938e96ca05",
"analysis": "0",
"timestamp": "1499181637",
"distribution": "1",
"org_id": "2",
"orgc_id": "2"
},
"Org": {
"id": "2",
"name": "citizenlab",
"uuid": "581b5fea-818c-441a-bd1d-49798e96ca05"
},
"Orgc": {
"id": "2",
"name": "citizenlab",
"uuid": "581b5fea-818c-441a-bd1d-49798e96ca05"
}
}
],
"Tag": [
{
"id": "14",
"name": "TARGET:HONGKONG",
"colour": "#f00000",
"exportable": true,
"org_id": false
},
{
"id": "7",
"name": "DETECT",
"colour": "#cccccc",
"exportable": true,
"org_id": false
},
{
"id": "5",
"name": "SOURCE:CITIZENLAB",
"colour": "#ffad0d",
"exportable": true,
"org_id": false
},
{
"id": "3",
"name": "TLP:GREEN",
"colour": "#04cc18",
"exportable": true,
"org_id": false
}
]
}
}]}