mirror of https://github.com/MISP/PyMISP
1 line
154 KiB
JSON
1 line
154 KiB
JSON
|
{"Event": {"info": "OSINT - HIDDEN COBRA \u2013 North Korean Remote Administration Tool: FALLCHILL", "publish_timestamp": "0", "timestamp": "1511183733", "Object": [{"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a0d68b2-c4d0-4721-936b-77bb950d210f", "sharing_group_id": "0", "timestamp": "1510828210", "description": "File object describing a file with meta-information", "template_version": "4", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a0d68b3-9de8-4b28-ab58-77bb950d210f", "timestamp": "1510828211", "to_ids": true, "value": "e48fe20eb1f5a5887f2ac631fed9ed63", "object_relation": "md5", "type": "md5"}, {"comment": "", "category": "Other", "uuid": "5a0d68b3-f5ec-470e-8e6f-77bb950d210f", "timestamp": "1510828211", "to_ids": false, "value": "5.49321665686", "object_relation": "entropy", "type": "float"}, {"comment": "", "category": "Payload delivery", "uuid": "5a0d68b3-6da0-4ced-8233-77bb950d210f", "timestamp": "1510828211", "to_ids": true, "value": "E48FE20EB1F5A5887F2AC631FED9ED63", "object_relation": "filename", "type": "filename"}, {"comment": "", "category": "Payload delivery", "uuid": "5a0d68b3-2600-4859-a347-77bb950d210f", "timestamp": "1510828211", "to_ids": true, "value": "f83f30bd284074d1daaf2e262a280ca780791f2c", "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "5a0d68b3-6138-4c7f-987c-77bb950d210f", "timestamp": "1510828211", "to_ids": true, "value": "1536:qJhDLw1yDhhzoN/e/C/O/C/a/D/I26251K06Zk/XrqqitM4NvL:qvfw1ahEVOS+Sq7IN251ikzq5tM4NvL", "object_relation": "ssdeep", "type": "ssdeep"}, {"comment": "", "category": "Other", "uuid": "5a0d68b3-c3f0-4fe1-9479-77bb950d210f", "timestamp": "1510828211", "to_ids": false, "value": "94208", "object_relation": "size-in-bytes", "type": "size-in-bytes"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0d6aa6-a230-4f7b-8ab3-469a950d210f", "sharing_group_id": "0", "timestamp": "1510828710", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0d6aa6-4254-40d9-8d15-407e950d210f", "timestamp": "1510828710", "to_ids": false, "value": "443", "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0d6aa6-ab7c-45af-a562-45d4950d210f", "timestamp": "1510828710", "to_ids": true, "value": "125.212.132.222", "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0d6abb-4910-4c4c-9004-7753950d210f", "sharing_group_id": "0", "timestamp": "1510828731", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0d6abb-6300-44e7-82fb-7753950d210f", "timestamp": "1510828731", "to_ids": false, "value": "443", "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0d6abb-d8d0-414c-89bb-7753950d210f", "timestamp": "1510828731", "to_ids": true, "value": "175.100.189.174", "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0d6ada-a910-4186-90fc-21c1950d210f", "sharing_group_id": "0", "timestamp": "1510828762", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0d6ada-2b3c-48bd-8624-21c1950d210f", "timestamp": "1510828762", "to_ids": false, "value": "1992", "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0d6ada-0ee0
|