{ "Event": { "id": "1", "orgc_id": "1", "org_id": "1", "date": "2019-02-18", "threat_level_id": "2", "info": "This is the description", "published": false, "uuid": "5c6ab833-676c-42f3-95d2-034f0a00020f", "attribute_count": "2", "analysis": "1", "timestamp": "1551253649", "distribution": "1", "proposal_email_lock": false, "locked": false, "publish_timestamp": "0", "sharing_group_id": "0", "disable_correlation": false, "extends_uuid": "", "event_creator_email": "admin@admin.test", "Org": { "id": "1", "name": "ORGNAME", "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c" }, "Orgc": { "id": "1", "name": "ORGNAME", "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c" }, "Attribute": [ { "id": "1", "type": "comment", "category": "Antivirus detection", "to_ids": false, "uuid": "5c6ab897-0f68-44ca-8d62-0c150a00020f", "event_id": "1", "distribution": "0", "timestamp": "1550497961", "comment": "Contextual commentary", "sharing_group_id": "0", "deleted": false, "disable_correlation": false, "object_id": "0", "object_relation": null, "value": "Value to test", "Galaxy": [ { "id": "15", "uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087", "name": "Botnet", "type": "botnet", "description": "Botnet galaxy.", "version": "2", "icon": "sitemap", "namespace": "misp", "GalaxyCluster": [ { "id": "2511", "collection_uuid": "0d58f329-1356-468c-88ab-e21fbb64c02b", "type": "botnet", "value": "Asprox", "tag_name": "misp-galaxy:botnet=\"Asprox\"", "description": "The Asprox botnet (discovered around 2008), also known by its aliases Badsrc and Aseljo, is a botnet mostly involved in phishing scams and performing SQL injections into websites in order to spread malware.", "galaxy_id": "15", "source": "MISP Project", "authors": [ "Various" ], "version": "18", "uuid": "", "tag_id": "1", "meta": { "date": [ "2008" ], "refs": [ "https:\/\/en.wikipedia.org\/wiki\/Asprox_botnet" ], "synonyms": [ "Badsrc", "Aseljo", "Danmec", "Hydraflux" ] } } ] } ], "ShadowAttribute": [], "Tag": [ { "id": "1", "name": "misp-galaxy:botnet=\"Asprox\"", "colour": "#0088cc", "exportable": true, "user_id": "0", "hide_tag": false, "numerical_value": null } ], "Sighting": [ { "id": "5", "attribute_id": "1", "event_id": "1", "org_id": "1", "date_sighting": "1551253653", "uuid": "5c764095-129c-4e81-956d-0e1a0a00020f", "source": "", "type": "1", "Organisation": { "id": "1", "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c", "name": "ORGNAME" }, "attribute_uuid": "5c6ab897-0f68-44ca-8d62-0c150a00020f" } ] }, { "id": "242460", "type": "target-external", "category": "Targeting data", "to_ids": true, "uuid": "5c764091-273c-4821-92ad-0e1a0a00020f", "event_id": "1", "distribution": "2", "timestamp": "1551253649", "comment": "This is a contextual comment", "sharing_group_id": "0", "deleted": false, "disable_correlation": false, "object_id": "0", "object_relation": null, "value": "testvalue", "Galaxy": [], "ShadowAttribute": [], "Sighting": [ { "id": "6", "attribute_id": "242460", "event_id": "1", "org_id": "1", "date_sighting": "1551253653", "uuid": "5c764095-26ec-4de1-99f2-0e1a0a00020f", "source": "", "type": "0", "Organisation": { "id": "1", "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c", "name": "ORGNAME" }, "attribute_uuid": "5c764091-273c-4821-92ad-0e1a0a00020f" } ] } ], "ShadowAttribute": [], "RelatedEvent": [], "Galaxy": [ { "id": "15", "uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087", "name": "Botnet", "type": "botnet", "description": "Botnet galaxy.", "version": "2", "icon": "sitemap", "namespace": "misp", "GalaxyCluster": [ { "id": "2511", "collection_uuid": "0d58f329-1356-468c-88ab-e21fbb64c02b", "type": "botnet", "value": "Asprox", "tag_name": "misp-galaxy:botnet=\"Asprox\"", "description": "The Asprox botnet (discovered around 2008), also known by its aliases Badsrc and Aseljo, is a botnet mostly involved in phishing scams and performing SQL injections into websites in order to spread malware.", "galaxy_id": "15", "source": "MISP Project", "authors": [ "Various" ], "version": "18", "uuid": "", "tag_id": "1", "meta": { "date": [ "2008" ], "refs": [ "https:\/\/en.wikipedia.org\/wiki\/Asprox_botnet" ], "synonyms": [ "Badsrc", "Aseljo", "Danmec", "Hydraflux" ] } } ] } ], "Object": [], "Tag": [ { "id": "1", "name": "misp-galaxy:botnet=\"Asprox\"", "colour": "#0088cc", "exportable": true, "user_id": "0", "hide_tag": false, "numerical_value": null } ] } }