From 16ac261de940afd418142eeb371efcbc745fb09e Mon Sep 17 00:00:00 2001 From: Alex Resnick Date: Sat, 26 Mar 2022 18:40:08 +0000 Subject: [PATCH 1/2] [TI AbuseCH] Fix field mappings --- packages/ti_abusech/changelog.yml | 5 + .../_dev/test/pipeline/test-common-config.yml | 2 - .../test-malware-ndjson.log-expected.json | 25 - .../elasticsearch/ingest_pipeline/default.yml | 3 - .../_dev/test/pipeline/test-common-config.yml | 2 - ...est-malwarebazaar-ndjson.log-expected.json | 9 - .../elasticsearch/ingest_pipeline/default.yml | 3 - .../data_stream/malwarebazaar/fields/ecs.yml | 18 +- .../test-abusechurl-ndjson.log-expected.json | 670 ------------------ .../_dev/test/pipeline/test-common-config.yml | 2 - .../elasticsearch/ingest_pipeline/default.yml | 3 - packages/ti_abusech/docs/README.md | 6 +- packages/ti_abusech/manifest.yml | 2 +- 13 files changed, 15 insertions(+), 735 deletions(-) diff --git a/packages/ti_abusech/changelog.yml b/packages/ti_abusech/changelog.yml index 9f4b624a1cf..c8660c449d8 100644 --- a/packages/ti_abusech/changelog.yml +++ b/packages/ti_abusech/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Fix field mapping conflicts in `threat.indicator.file.x509.not_before/not_after` + type: bugfix + link: https://github.com/elastic/integrations/pull/ - version: "1.2.0" changes: - description: Update to ECS 8.0 diff --git a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-common-config.yml b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-common-config.yml index 5622947e4b8..4da22641654 100644 --- a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-common-config.yml +++ b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-common-config.yml @@ -1,5 +1,3 @@ -dynamic_fields: - event.ingested: ".*" fields: tags: - preserve_original_event diff --git a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json index 881fa5b4266..00a0ff95305 100644 --- a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json @@ -9,7 +9,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708546986Z", "kind": "enrichment", "original": "{\"md5_hash\":\"7871286a8f1f68a14b18ae475683f724\",\"sha256_hash\":\"48a6aee18bcfe9058b35b1018832aef1c9efd8f50ac822f49abb484a5e2a4b1f\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:14:05\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/48a6aee18bcfe9058b35b1018832aef1c9efd8f50ac822f49abb484a5e2a4b1f/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG5:X5DpBw/KViMTB1MnEWk0115JW\",\"tlsh\":\"1344D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -55,7 +54,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708549432Z", "kind": "enrichment", "original": "{\"md5_hash\":\"7b4c77dc293347b467fb860e34515163\",\"sha256_hash\":\"ec59538e8de8525b1674b3b8fe0c180ac822145350bcce054ad3fc6b95b1b5a4\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:11:41\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/ec59538e8de8525b1674b3b8fe0c180ac822145350bcce054ad3fc6b95b1b5a4/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGY:X5DpBw/KViMTB1MnEWk0115Jr\",\"tlsh\":\"4E44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -107,7 +105,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708550403Z", "kind": "enrichment", "original": "{\"md5_hash\":\"373d34874d7bc89fd4cefa6272ee80bf\",\"sha256_hash\":\"b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:11:22\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7/\",\"virustotal\":{\"result\":\"25 / 66\",\"percent\":\"37.88\",\"link\":\"https://www.virustotal.com/gui/file/b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7/detection/f-b0e914d\"},\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGG:X5DpBw/KViMTB1MnEWk0115Jd\",\"tlsh\":\"7544D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -153,7 +150,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708551315Z", "kind": "enrichment", "original": "{\"md5_hash\":\"e2e02aae857488dbdbe6631c29abf3f8\",\"sha256_hash\":\"7483e834a73fb6817769596fe4c0fa01d28639f52bbbdc2b8a56c36d466dd7f8\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":null,\"firstseen\":\"2021-01-14 06:11:21\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/7483e834a73fb6817769596fe4c0fa01d28639f52bbbdc2b8a56c36d466dd7f8/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ9:0h3eZgRQCcw+MN54dEq7kqRtoLZH\",\"tlsh\":\"5554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -199,7 +195,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708552180Z", "kind": "enrichment", "original": "{\"md5_hash\":\"3e988e32b0c3c230d534e286665b89a5\",\"sha256_hash\":\"760e729426fb115b967a41e5a6f2f42d7a52a5cee74ed99065a6dc39bf89f59b\",\"file_type\":\"unknown\",\"file_size\":\"352\",\"signature\":null,\"firstseen\":\"2021-01-14 06:08:02\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/760e729426fb115b967a41e5a6f2f42d7a52a5cee74ed99065a6dc39bf89f59b/\",\"virustotal\":null,\"imphash\":null,\"ssdeep\":\"6:TE6ll8uXi0jIAv6BHvPuA7RKTmOQamsQMGvMQgTYbtsWsQ72hCqPZG/:TTll8uTo5uA7RKtQamsS0QJfsQ7mCR\",\"tlsh\":\"3CE0C002AB26C036500D154C221655B3B871911503CA14E6A6824BEA765D4A3290D190\"}", "type": "indicator" @@ -248,7 +243,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708553022Z", "kind": "enrichment", "original": "{\"md5_hash\":\"dcc20d534cdf29eab03d8148bf728857\",\"sha256_hash\":\"86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:08:02\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac/\",\"virustotal\":{\"result\":\"27 / 69\",\"percent\":\"39.13\",\"link\":\"https://www.virustotal.com/gui/file/86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac/detection/f-86655c0\"},\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGI:X5DpBw/KViMTB1MnEWk0115JH\",\"tlsh\":\"0D44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -294,7 +288,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708553870Z", "kind": "enrichment", "original": "{\"md5_hash\":\"f6facbf7a90b9e67a6de9f6634eb40ba\",\"sha256_hash\":\"e91c9e11d3ce4f55fabd7196279367482d2fabfa32df81e614b15fc53b4e26be\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:53\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/e91c9e11d3ce4f55fabd7196279367482d2fabfa32df81e614b15fc53b4e26be/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ1:0h3eZgRQCcw+MN54dEq7kqRtoLZL\",\"tlsh\":\"2554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -340,7 +333,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708554707Z", "kind": "enrichment", "original": "{\"md5_hash\":\"44325fd5bdda2e2cdea07c3a39953bb1\",\"sha256_hash\":\"beedbbcacfc34b5edd8c68e3e4acf364992ebbcd989548e09e38fa03c5659bac\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:41\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/beedbbcacfc34b5edd8c68e3e4acf364992ebbcd989548e09e38fa03c5659bac/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Jg\",\"tlsh\":\"A044D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -388,7 +380,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708555567Z", "kind": "enrichment", "original": "{\"md5_hash\":\"4c549051950522a3f1b0814aa9b1f6d1\",\"sha256_hash\":\"7cba55da723c0e020267a02e6ffc83e03a83701757fc4ec65ea398618ad881cf\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":\"Heodo\",\"firstseen\":\"2021-01-14 06:07:31\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/7cba55da723c0e020267a02e6ffc83e03a83701757fc4ec65ea398618ad881cf/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG4:X5DpBw/KViMTB1MnEWk0115Jv\",\"tlsh\":\"4544D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -434,7 +425,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708556415Z", "kind": "enrichment", "original": "{\"md5_hash\":\"d7333113098d88b6a5dd5b8eb24f9b87\",\"sha256_hash\":\"426be5e085e6bbad8430223dc89d8d3ced497133f8d478fd00005bcbb73399d4\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:07\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/426be5e085e6bbad8430223dc89d8d3ced497133f8d478fd00005bcbb73399d4/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJw:0h3eZgRQCcw+MN54dEq7kqRtoLZW\",\"tlsh\":\"9454CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -480,7 +470,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708557261Z", "kind": "enrichment", "original": "{\"md5_hash\":\"c8dbb261c1f450534c3693da2f4b479f\",\"sha256_hash\":\"25093afdaeb3ea000743ab843360a6b64f58c0a1ab950072ba6528056735deb9\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:07\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/25093afdaeb3ea000743ab843360a6b64f58c0a1ab950072ba6528056735deb9/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGe:X5DpBw/KViMTB1MnEWk0115JR\",\"tlsh\":\"F344D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -526,7 +515,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708558235Z", "kind": "enrichment", "original": "{\"md5_hash\":\"714953f1d0031a4bb2f0c44afd015931\",\"sha256_hash\":\"b3327a96280365e441057f490df6261c9a2400fd63719eb9a7a0c9db95beecc5\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:06\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/b3327a96280365e441057f490df6261c9a2400fd63719eb9a7a0c9db95beecc5/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115J7\",\"tlsh\":\"F644D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -572,7 +560,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708559096Z", "kind": "enrichment", "original": "{\"md5_hash\":\"20fd22742500d4cec123398afc3d3672\",\"sha256_hash\":\"e92b54904391c171238863b584355197ba4508f73320a8e89afbb5425fc2dc4b\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:07:00\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/e92b54904391c171238863b584355197ba4508f73320a8e89afbb5425fc2dc4b/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115JP\",\"tlsh\":\"BE44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -618,7 +605,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708559959Z", "kind": "enrichment", "original": "{\"md5_hash\":\"aa81ceea053797a6f8c38a0f2f9b80b0\",\"sha256_hash\":\"dd15e74b3cd3a4fdb5f47adefd6f90e27d5a20e01316cc791711f6dce7c0f52e\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:06:36\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/dd15e74b3cd3a4fdb5f47adefd6f90e27d5a20e01316cc791711f6dce7c0f52e/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGf:X5DpBw/KViMTB1MnEWk0115Jo\",\"tlsh\":\"CC44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -666,7 +652,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708560803Z", "kind": "enrichment", "original": "{\"md5_hash\":\"a2ce6795664c0fa93b07fa54ba868991\",\"sha256_hash\":\"0fae1eeabc4f5e07bd16f7851aec5ab6032d407c7ff0270f2b6e85c2a3efebd1\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":\"Heodo\",\"firstseen\":\"2021-01-14 06:06:13\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/0fae1eeabc4f5e07bd16f7851aec5ab6032d407c7ff0270f2b6e85c2a3efebd1/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGD:X5DpBw/KViMTB1MnEWk0115JY\",\"tlsh\":\"8C44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -712,7 +697,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708561633Z", "kind": "enrichment", "original": "{\"md5_hash\":\"9b9bac158dacb9c2f5511e9c464a7de4\",\"sha256_hash\":\"07a9d84c0b2c8cf1fd90ab409b9399d06920ab4b6efb647b5a3b9bef1045ee7e\",\"file_type\":\"dll\",\"file_size\":\"280064\",\"signature\":null,\"firstseen\":\"2021-01-14 06:05:52\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/07a9d84c0b2c8cf1fd90ab409b9399d06920ab4b6efb647b5a3b9bef1045ee7e/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKk:W5MT4WNaHy9P1FjbrjlKk\",\"tlsh\":\"6B54CF217A53C826F5E800FCA6E9878914167F346F44A4C773D40F6AA8759E2EF2B317\"}", "type": "indicator" @@ -758,7 +742,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708562609Z", "kind": "enrichment", "original": "{\"md5_hash\":\"e48e3fa5e0f7b21c1ecf1efc81ff91e8\",\"sha256_hash\":\"708c0193aec6354af6877f314d4b0e3864552bac77258bee9ee5bf886a116df5\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:05:51\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/708c0193aec6354af6877f314d4b0e3864552bac77258bee9ee5bf886a116df5/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGo:X5DpBw/KViMTB1MnEWk0115Jj\",\"tlsh\":\"6644D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -806,7 +789,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708563502Z", "kind": "enrichment", "original": "{\"md5_hash\":\"8957f5347633ab4b10c2ae4fb92c8572\",\"sha256_hash\":\"f70a3c016fe791eb30959961f0bcaa08ba7b738491b9ae61cb4a667cd1de8b37\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":\"Heodo\",\"firstseen\":\"2021-01-14 06:05:50\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/f70a3c016fe791eb30959961f0bcaa08ba7b738491b9ae61cb4a667cd1de8b37/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJy:0h3eZgRQCcw+MN54dEq7kqRtoLZM\",\"tlsh\":\"0754CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -852,7 +834,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708564355Z", "kind": "enrichment", "original": "{\"md5_hash\":\"09cc76b7077b4d5704e46e864575ff03\",\"sha256_hash\":\"94ca186561b13fa9b1bf15f7e66118debc686b40d2a62a5cf4b3c6ca6ee1c7a1\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:05:36\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/94ca186561b13fa9b1bf15f7e66118debc686b40d2a62a5cf4b3c6ca6ee1c7a1/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Js\",\"tlsh\":\"BB44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -898,7 +879,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708565237Z", "kind": "enrichment", "original": "{\"md5_hash\":\"98a1cdf7de4232363f1d1e0f33dbfd99\",\"sha256_hash\":\"909f890dbc5748845cf06d0fb0b73a5c0cb17761f37e9cd4810eea0d0eb8627f\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":null,\"firstseen\":\"2021-01-14 06:05:16\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/909f890dbc5748845cf06d0fb0b73a5c0cb17761f37e9cd4810eea0d0eb8627f/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJQ:0h3eZgRQCcw+MN54dEq7kqRtoLZ+\",\"tlsh\":\"C554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -946,7 +926,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708566132Z", "kind": "enrichment", "original": "{\"md5_hash\":\"8a51830c1662513ba6bd44e2f7849547\",\"sha256_hash\":\"d1fa76346bef5bc8adaa615e109894a7c30f0bef07ab6272409c4056ea8d52aa\",\"file_type\":\"dll\",\"file_size\":\"284672\",\"signature\":\"Heodo\",\"firstseen\":\"2021-01-14 06:05:15\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/d1fa76346bef5bc8adaa615e109894a7c30f0bef07ab6272409c4056ea8d52aa/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJh:0h3eZgRQCcw+MN54dEq7kqRtoLZ/\",\"tlsh\":\"1654CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717\"}", "type": "indicator" @@ -992,7 +971,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708566974Z", "kind": "enrichment", "original": "{\"md5_hash\":\"ae21d742a8118d6b86674aa5370bd6a7\",\"sha256_hash\":\"3b9698b6c18bcba15ee33378440dd3f42509730e6b1d2d5832c71a74b1920e51\",\"file_type\":\"dll\",\"file_size\":\"280064\",\"signature\":null,\"firstseen\":\"2021-01-14 06:05:12\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/3b9698b6c18bcba15ee33378440dd3f42509730e6b1d2d5832c71a74b1920e51/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKS:W5MT4WNaHy9P1FjbrjlKS\",\"tlsh\":\"5454CF217A53C826F5E800FCA6E9878925167F346F44A4C373D40F6AA8759E2DF2B317\"}", "type": "indicator" @@ -1038,7 +1016,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708567865Z", "kind": "enrichment", "original": "{\"md5_hash\":\"78c9d88d24ed1d982a83216eed1590f6\",\"sha256_hash\":\"d11edc90f0e879a175abc6e2ce5c94a263aa2a01cd3b6e8b9fdf93a51235ae99\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:04:38\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/d11edc90f0e879a175abc6e2ce5c94a263aa2a01cd3b6e8b9fdf93a51235ae99/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG8:X5DpBw/KViMTB1MnEWk0115Jr\",\"tlsh\":\"6044D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" @@ -1084,7 +1061,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708568824Z", "kind": "enrichment", "original": "{\"md5_hash\":\"236577d5d83e2a8d08623a7a7f724188\",\"sha256_hash\":\"8cd28fed7ebdcd79ea2509dca84f0a727ca28d4eaaed5a92cd10b1279ff16afa\",\"file_type\":\"dll\",\"file_size\":\"241664\",\"signature\":null,\"firstseen\":\"2021-01-14 06:04:26\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/8cd28fed7ebdcd79ea2509dca84f0a727ca28d4eaaed5a92cd10b1279ff16afa/\",\"virustotal\":null,\"imphash\":\"ed2860c18f5483e3b5388bad75169dc1\",\"ssdeep\":\"6144:X1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:X1GmSafShjYdd96z/6cwdC\",\"tlsh\":\"8D34BE41B28B8B4BD163163C2976D1F8953CFC909761CE693B64B22F0F739D0892E7A5\"}", "type": "indicator" @@ -1130,7 +1106,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:24.708569677Z", "kind": "enrichment", "original": "{\"md5_hash\":\"ff60107d82dcda7e6726d214528758e7\",\"sha256_hash\":\"fb25d13188a5d0913bbcf5aeff6c7e3208ad92a7d10ab6bed2735f4d43310a27\",\"file_type\":\"dll\",\"file_size\":\"277504\",\"signature\":null,\"firstseen\":\"2021-01-14 06:04:20\",\"urlhaus_download\":\"https://urlhaus-api.abuse.ch/v1/download/fb25d13188a5d0913bbcf5aeff6c7e3208ad92a7d10ab6bed2735f4d43310a27/\",\"virustotal\":null,\"imphash\":\"68aea345b134d576ccdef7f06db86088\",\"ssdeep\":\"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGz:X5DpBw/KViMTB1MnEWk0115JU\",\"tlsh\":\"9244D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717\"}", "type": "indicator" diff --git a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index f7ee80b1499..8dcc275ab04 100644 --- a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -4,9 +4,6 @@ processors: #################### # Event ECS fields # #################### - - set: - field: event.ingested - value: "{{_ingest.timestamp}}" - set: field: ecs.version value: "8.0.0" diff --git a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-common-config.yml b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-common-config.yml index 5622947e4b8..4da22641654 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-common-config.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-common-config.yml @@ -1,5 +1,3 @@ -dynamic_fields: - event.ingested: ".*" fields: tags: - preserve_original_event diff --git a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json index 5a8784c695a..7611c9af8ec 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json @@ -19,7 +19,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644972581Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"5bce7d528c1363104a93fbb5a7fa9bdd991ce929cc09cc7fb29052a68d4fd24b\",\"sha3_384_hash\":\"3b454eb6421d17d093f19292b64d30bf918cb91e9322d0e2d2512857997f574ea2ca5b005133c16f6c33c7cee9c1bd0e\",\"sha1_hash\":\"a71fd0504821092e003f350080a6bcc5fa6a972e\",\"md5_hash\":\"0af07660056a692b7cb82fa329221ddd\",\"first_seen\":\"2021-04-06 20:34:58\",\"last_seen\":null,\"file_name\":\"SALM0BRU.exe\",\"file_size\":399872,\"file_type_mime\":\"application/x-dosexec\",\"file_type\":\"exe\",\"reporter\":\"James_inthe_box\",\"origin_country\":\"US\",\"anonymous\":0,\"signature\":null,\"imphash\":\"f34d5f2d4577ed6d9ceec516c1f5a744\",\"tlsh\":\"F9848B24AF932F9BC6CCC1FE50C2D165C9A9F85DD2B1251A73B6CB89FE00544ED2C686\",\"telfhash\":null,\"ssdeep\":\"3072:DsPPK3p+8r5igrL1Tq50cVBDmDJhE9yV4veedHrP6FXK7:D+PL8bronBDmDJ69JeedHriFG\",\"tags\":[\"exe\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"15\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -82,7 +81,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644975757Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"83d0429a2c5f1b611ebc30391eeeb75bebb51212ee1af51dbcf2624b48f9d27f\",\"sha3_384_hash\":\"0a1536add280715320040d5ac5340d3b205d90045ff5c90993b8e909edb9b3e9338b3ffbb3febcaf82584d00d516e8c7\",\"sha1_hash\":\"c454be4eb0892d61a4ad6bac16f97724e73cd795\",\"md5_hash\":\"296aad7075596d21516b30bfbc17fcac\",\"first_seen\":\"2021-04-06 20:32:25\",\"last_seen\":null,\"file_name\":\"PO_NO.ENQUIRY-210604.zip\",\"file_size\":476768,\"file_type_mime\":\"application/zip\",\"file_type\":\"zip\",\"reporter\":\"GovCERT_CH\",\"origin_country\":\"US\",\"anonymous\":0,\"signature\":null,\"imphash\":null,\"tlsh\":\"74A4233B9A6D5CA02B224AA69F37537D13A8406300944EAEFD375CA431583056B9F6FF\",\"telfhash\":null,\"ssdeep\":\"12288:j++y4mulTPaYJSaHwvJblQpLGwYeHU9vPpNGd+Zr:j3HPaMtQxblje01pNHZr\",\"tags\":null,\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"11\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -145,7 +143,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644976999Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"f4910ea08d14eeb634084de47cf590d4dc5e554552f111da20d22ae71d7b425b\",\"sha3_384_hash\":\"ee7586cb085fde3c14c9c1bea4635ccb30b1af2020f64e87a9983e61b05026ec9b35255670a3d9ecaab436c4ba302dcc\",\"sha1_hash\":\"bf103996196df8255881127dee103c22fc12bef3\",\"md5_hash\":\"a4838dd31c672122441bebcbf7e9d277\",\"first_seen\":\"2021-04-06 20:12:29\",\"last_seen\":null,\"file_name\":\"DropDll.dat\",\"file_size\":435926,\"file_type_mime\":\"application/x-dosexec\",\"file_type\":\"dll\",\"reporter\":\"DmitriyMelikov\",\"origin_country\":\"DE\",\"anonymous\":0,\"signature\":\"Hancitor\",\"imphash\":\"0b5a952a025c2783c3126cdb9bef2844\",\"tlsh\":\"0C947D11BA96C473E572163008399F6A17BE7A900B704BDBE3CC097E4E755C24B36BA7\",\"telfhash\":null,\"ssdeep\":\"12288:L2X/txpFDEVkUNglTovKfoLy+hqK/cEUMMlGOG:RzglgLm/9lGOG\",\"tags\":[\"Hancitor\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"30\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -214,7 +211,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644978112Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"e45ffc61a85c2f5c0cbe9376ff215cad324bf14f925bf52ec0d2949f7d235a00\",\"sha3_384_hash\":\"788f61cf45bbc8cad5775de18d0d5f42c4e028af0aaa34c570645efc96af8ebc3d7fe330aaf22ef34d35360bbd4a708c\",\"sha1_hash\":\"a68ca1b41cb93fe2879bb3baeb8e19990758f099\",\"md5_hash\":\"8d7c8b55ac49d241fb7f75a27a5ef8d5\",\"first_seen\":\"2021-04-06 20:07:59\",\"last_seen\":null,\"file_name\":\"vabsheche.py\",\"file_size\":11717,\"file_type_mime\":\"text/x-script.python\",\"file_type\":\"unknown\",\"reporter\":\"ArkbirdDevil\",\"origin_country\":\"FR\",\"anonymous\":0,\"signature\":null,\"imphash\":null,\"tlsh\":\"AE3222515C6A881A03B3C66F7992B844FB588303C7116607F6FC86782F79568CAF1BBD\",\"telfhash\":null,\"ssdeep\":\"192:z7X/yHo/yz/yBKiSOINLyhQMYd+LiTfq6LTf3ZoTta3Grj6rg2:z7CIKnNNLwufPfAPq7\",\"tags\":[\"backdoor\",\"python\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"27\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -277,7 +273,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644979152Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"42f5f5474431738f91f612d9765b3fc9b85a547274ea64aa034298ad97ad28f4\",\"sha3_384_hash\":\"752e5d56a166227d06f8cbd40cd3f693f543f9c3f798c673c1430957bb7e149a12d9158138fa449479105f472e70f68f\",\"sha1_hash\":\"e8378aede9f26f09b7d503d79a05d67612be15f6\",\"md5_hash\":\"fe185f106730583156f39233f77f8019\",\"first_seen\":\"2021-04-06 20:00:48\",\"last_seen\":null,\"file_name\":\"42f5f5474431738f91f612d9765b3fc9b85a547274ea64aa034298ad97ad28f4.bin\",\"file_size\":7929856,\"file_type_mime\":\"application/msword\",\"file_type\":\"docx\",\"reporter\":\"ArkbirdDevil\",\"origin_country\":\"FR\",\"anonymous\":0,\"signature\":null,\"imphash\":null,\"tlsh\":\"13863341B085EE2EE2CA41BA0DA9C2BD43B63D131E054F677269B72D3EB76E0E7D4144\",\"telfhash\":null,\"ssdeep\":\"196608:KQaeKLOiBEp+uc+iuYmbMdHmN1Rwyd2jecXeaH1pHE+2:oeIOTp+p+iNJC1ChjhXZ1pHz2\",\"tags\":[\"maldoc\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"21\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -341,7 +336,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644980242Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"2d705f0b76f24a18e08163db2f187140ee9f03e43697a9ea0d840c829692d43c\",\"sha3_384_hash\":\"c82132559381b7b3b184b4ce8c7a58c301a46001621f346b637139f5987dee968ae2ef009a17b2388852b2db15a45b58\",\"sha1_hash\":\"b2da45913353bfc66d189455f9ad80ef26968143\",\"md5_hash\":\"70da6872b6b2da9ddc94d14b02302917\",\"first_seen\":\"2021-04-06 19:58:50\",\"last_seen\":null,\"file_name\":\"winlog.wll\",\"file_size\":131584,\"file_type_mime\":\"application/x-dosexec\",\"file_type\":\"dll\",\"reporter\":\"ArkbirdDevil\",\"origin_country\":\"FR\",\"anonymous\":0,\"signature\":null,\"imphash\":\"6476b7c4dd55eafbdf922a7ba1e2d5f9\",\"tlsh\":\"A2D38C067790C071DAAF013908799E624B7F7D70DDB49D8B77841A8E69342D0AF3AB27\",\"telfhash\":null,\"ssdeep\":\"1536:2NVi7z0r0lJRn6I8+YDgr1fnWG5Ff0+adgBYlCtMiQMX1c0E4JsWjcdonPv870E1:YM7zh8+Cofnp5eRm6riQ6OZoPv870E\",\"tags\":[\"apt\",\"tonto\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"30\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -404,7 +398,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644981284Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"30787f32adc487311d764b19d4504fdeab08c0d385e2fa065bd8d5836c031606\",\"sha3_384_hash\":\"a3ec981ed158fe08cc2cd97303807cfbed147e59ccfd92fcaa9395c5718b4d9b892d6e9fa6337f5976dc1bd042562fe4\",\"sha1_hash\":\"3d613d5678e43faeea1c636185a0b4c3ec80e742\",\"md5_hash\":\"de80e1d7d9f5b1c64ec9f8d4f5063989\",\"first_seen\":\"2021-04-06 19:58:44\",\"last_seen\":null,\"file_name\":\"30787f32adc487311d764b19d4504fdeab08c0d385e2fa065bd8d5836c031606.bin.sample\",\"file_size\":1088000,\"file_type_mime\":\"application/msword\",\"file_type\":\"docx\",\"reporter\":\"DmitriyMelikov\",\"origin_country\":\"DE\",\"anonymous\":0,\"signature\":null,\"imphash\":null,\"tlsh\":\"8635D001BA82C573D5621A35083ADBAA177E7D604F704ADBB3C83B2E5D355C14B32BA7\",\"telfhash\":null,\"ssdeep\":\"24576:WKEiZxl3A4yJJG2dPQQCthXzglgLm/9lGO:WKEGByvGOQQC/XElga/9lGO\",\"tags\":null,\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"32\",\"uploads\":\"1\",\"mail\":null}}", "type": "indicator" @@ -471,7 +464,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644982321Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"84f983067868de50e5b1553782c056c1f5b5118bb2084473ca4b6908f221cd3b\",\"sha3_384_hash\":\"138dc28a74d15c1f9797ce732e99097c8c6db4549cb17cb7b20c1c6738a170328e45aea2d4c3b593912f14a97f521c1d\",\"sha1_hash\":\"00b52e8ca1785d5086703ad8cff1d28fc3354934\",\"md5_hash\":\"2759c73c986c6a757bf9d25621c5595a\",\"first_seen\":\"2021-04-06 19:52:32\",\"last_seen\":null,\"file_name\":\"Purchase Order.8000.scan.pdf...exe\",\"file_size\":752128,\"file_type_mime\":\"application/x-dosexec\",\"file_type\":\"exe\",\"reporter\":\"James_inthe_box\",\"origin_country\":\"FR\",\"anonymous\":0,\"signature\":\"SnakeKeylogger\",\"imphash\":\"f34d5f2d4577ed6d9ceec516c1f5a744\",\"tlsh\":\"23F4AE212684C9C0D93E67B4D43584F003BABD16D631F69F6E887C693EB32D2D63B646\",\"telfhash\":null,\"ssdeep\":\"12288:8t11ulRZRLZNh4YeX6f6XmwNShqE73YXy7moh:S11gZpZNmBX06WmAcy7m0\",\"tags\":[\"exe\",\"SnakeKeylogger\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"38\",\"uploads\":\"1\",\"mail\":{\"Generic\":\"low\"}}}", "type": "indicator" @@ -543,7 +535,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:30.644983396Z", "kind": "enrichment", "original": "{\"sha256_hash\":\"0661d87116f44cbd5b5c6bec7fb06c4e5cd5b6ecbc5455d959e65f1ee46c54c8\",\"sha3_384_hash\":\"ed5d03454121d81adf65a01ba90af81b1a7cea052709c22bb9170508069d17242861f85e5546b2cc3efb07c10926368c\",\"sha1_hash\":\"a34fd5e57d75d17bc2d84055ca4752e5ee2e92f5\",\"md5_hash\":\"596b3dbf07a287dcf76860b5e54762c3\",\"first_seen\":\"2021-04-06 19:47:13\",\"last_seen\":null,\"file_name\":\"New Order PO#121012020_____PDF_______.exe\",\"file_size\":836096,\"file_type_mime\":\"application/x-dosexec\",\"file_type\":\"exe\",\"reporter\":\"James_inthe_box\",\"origin_country\":\"FR\",\"anonymous\":0,\"signature\":\"AgentTesla\",\"imphash\":\"f34d5f2d4577ed6d9ceec516c1f5a744\",\"tlsh\":\"A505CF712694C9A4FABD53B80434403007F5FE42E232FA9A6FD17C993E72782DA3B655\",\"telfhash\":null,\"ssdeep\":\"12288:qRedcNeqimzAEmN03VgdZfBOMx+RVBM7pdWje9ppB5nAZGNY2:ZaNeqikqN0udZfBFUYp55nFN\",\"tags\":[\"AgentTesla\",\"exe\"],\"code_sign\":[],\"intelligence\":{\"clamav\":null,\"downloads\":\"40\",\"uploads\":\"1\",\"mail\":{\"Generic\":\"low\"}}}", "type": "indicator" diff --git a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml index f9added18ad..74ba72f1ed5 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml @@ -4,9 +4,6 @@ processors: #################### # Event ECS fields # #################### - - set: - field: event.ingested - value: "{{_ingest.timestamp}}" - set: field: ecs.version value: "8.0.0" diff --git a/packages/ti_abusech/data_stream/malwarebazaar/fields/ecs.yml b/packages/ti_abusech/data_stream/malwarebazaar/fields/ecs.yml index 5f00625d2a4..81e929b4829 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/fields/ecs.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/fields/ecs.yml @@ -55,23 +55,17 @@ - external: ecs name: threat.indicator.file.elf.telfhash - name: threat.indicator.file.x509.subject.common_name - type: keyword - description: "List of common names (CN) of subject." + external: ecs - name: threat.indicator.file.x509.issuer.common_name - type: keyword - description: "List of common name (CN) of issuing certificate authority." + external: ecs - name: threat.indicator.file.x509.public_key_algorithm - type: keyword - description: "Algorithm used to generate the public key." + external: ecs - name: threat.indicator.file.x509.not_before - type: keyword - description: "Time at which the certificate is first considered valid." + external: ecs - name: threat.indicator.file.x509.not_after - type: keyword - description: "Time at which the certificate is no longer considered valid." + external: ecs - name: threat.indicator.file.x509.serial_number - type: keyword - description: "Unique serial number issued by the certificate authority." + external: ecs - external: ecs name: threat.indicator.provider - external: ecs diff --git a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json index 1a6bb3357af..7c611429b29 100644 --- a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json @@ -22,7 +22,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133223437Z", "kind": "enrichment", "original": "{\"id\":\"961548\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961548/\",\"url\":\"http://89.160.20.156:34613/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:19:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -71,7 +70,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133225693Z", "kind": "enrichment", "original": "{\"id\":\"961546\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961546/\",\"url\":\"http://89.160.20.156:44941/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -120,7 +118,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133226798Z", "kind": "enrichment", "original": "{\"id\":\"961547\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961547/\",\"url\":\"http://89.160.20.156:37173/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -169,7 +166,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133227680Z", "kind": "enrichment", "original": "{\"id\":\"961545\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961545/\",\"url\":\"http://89.160.20.156:47545/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -218,7 +214,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133228532Z", "kind": "enrichment", "original": "{\"id\":\"961544\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961544/\",\"url\":\"http://89.160.20.156:44782/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -267,7 +262,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133229396Z", "kind": "enrichment", "original": "{\"id\":\"961543\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961543/\",\"url\":\"http://89.160.20.156:44359/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -316,7 +310,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133230248Z", "kind": "enrichment", "original": "{\"id\":\"961540\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961540/\",\"url\":\"http://89.160.20.156:56507/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -365,7 +358,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133231196Z", "kind": "enrichment", "original": "{\"id\":\"961541\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961541/\",\"url\":\"http://89.160.20.156:57562/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -414,7 +406,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133232083Z", "kind": "enrichment", "original": "{\"id\":\"961542\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961542/\",\"url\":\"http://89.160.20.156:48845/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -463,7 +454,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133235488Z", "kind": "enrichment", "original": "{\"id\":\"961539\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961539/\",\"url\":\"http://89.160.20.156:58245/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -512,7 +502,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133236509Z", "kind": "enrichment", "original": "{\"id\":\"961538\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961538/\",\"url\":\"http://89.160.20.156:37198/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -561,7 +550,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133237632Z", "kind": "enrichment", "original": "{\"id\":\"961537\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961537/\",\"url\":\"http://89.160.20.156:33524/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -610,7 +598,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133238541Z", "kind": "enrichment", "original": "{\"id\":\"961531\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961531/\",\"url\":\"http://89.160.20.156:48261/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -659,7 +646,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133239400Z", "kind": "enrichment", "original": "{\"id\":\"961532\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961532/\",\"url\":\"http://89.160.20.156:34478/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -708,7 +694,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133240254Z", "kind": "enrichment", "original": "{\"id\":\"961533\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961533/\",\"url\":\"http://89.160.20.156:35703/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -757,7 +742,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133241112Z", "kind": "enrichment", "original": "{\"id\":\"961534\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961534/\",\"url\":\"http://89.160.20.156:48666/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -806,7 +790,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133242085Z", "kind": "enrichment", "original": "{\"id\":\"961535\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961535/\",\"url\":\"http://89.160.20.156:53923/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -855,7 +838,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133242943Z", "kind": "enrichment", "original": "{\"id\":\"961536\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961536/\",\"url\":\"http://89.160.20.156:52794/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -904,7 +886,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133243786Z", "kind": "enrichment", "original": "{\"id\":\"961530\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961530/\",\"url\":\"http://89.160.20.156:49312/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:34 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -953,7 +934,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133244644Z", "kind": "enrichment", "original": "{\"id\":\"961525\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961525/\",\"url\":\"http://89.160.20.156:38961/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1002,7 +982,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133245545Z", "kind": "enrichment", "original": "{\"id\":\"961526\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961526/\",\"url\":\"http://89.160.20.156:50420/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1051,7 +1030,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133246474Z", "kind": "enrichment", "original": "{\"id\":\"961527\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961527/\",\"url\":\"http://89.160.20.156:55007/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1100,7 +1078,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133247323Z", "kind": "enrichment", "original": "{\"id\":\"961528\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961528/\",\"url\":\"http://89.160.20.156:51143/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1149,7 +1126,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133248273Z", "kind": "enrichment", "original": "{\"id\":\"961529\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961529/\",\"url\":\"http://89.160.20.156:41003/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1197,7 +1173,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133249113Z", "kind": "enrichment", "original": "{\"id\":\"961524\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961524/\",\"url\":\"http://89.160.20.156:35739/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:38 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1245,7 +1220,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133250070Z", "kind": "enrichment", "original": "{\"id\":\"961523\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961523/\",\"url\":\"http://89.160.20.156:45653/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:36 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1293,7 +1267,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133250945Z", "kind": "enrichment", "original": "{\"id\":\"961520\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961520/\",\"url\":\"http://89.160.20.156:41349/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1341,7 +1314,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133251781Z", "kind": "enrichment", "original": "{\"id\":\"961521\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961521/\",\"url\":\"http://89.160.20.156:48586/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1389,7 +1361,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133252622Z", "kind": "enrichment", "original": "{\"id\":\"961522\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961522/\",\"url\":\"http://89.160.20.156:38111/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1437,7 +1408,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133253511Z", "kind": "enrichment", "original": "{\"id\":\"961518\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961518/\",\"url\":\"http://89.160.20.156:34556/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1486,7 +1456,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133254419Z", "kind": "enrichment", "original": "{\"id\":\"961519\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961519/\",\"url\":\"http://89.160.20.156:59815/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1536,7 +1505,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133255259Z", "kind": "enrichment", "original": "{\"id\":\"961516\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961516/\",\"url\":\"http://89.160.20.156:50587/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -1585,7 +1553,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133256116Z", "kind": "enrichment", "original": "{\"id\":\"961517\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961517/\",\"url\":\"http://89.160.20.156:48322/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -1633,7 +1600,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133257285Z", "kind": "enrichment", "original": "{\"id\":\"961515\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961515/\",\"url\":\"http://89.160.20.156:33317/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1681,7 +1647,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133258400Z", "kind": "enrichment", "original": "{\"id\":\"961513\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961513/\",\"url\":\"http://89.160.20.156:41516/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1729,7 +1694,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133260703Z", "kind": "enrichment", "original": "{\"id\":\"961514\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961514/\",\"url\":\"http://89.160.20.156:57798/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1777,7 +1741,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133261674Z", "kind": "enrichment", "original": "{\"id\":\"961509\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961509/\",\"url\":\"http://89.160.20.156:47671/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1825,7 +1788,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133262831Z", "kind": "enrichment", "original": "{\"id\":\"961510\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961510/\",\"url\":\"http://89.160.20.156:57690/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1875,7 +1837,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133263729Z", "kind": "enrichment", "original": "{\"id\":\"961511\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961511/\",\"url\":\"http://89.160.20.156:50611/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -1922,7 +1883,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133264623Z", "kind": "enrichment", "original": "{\"id\":\"961512\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961512/\",\"url\":\"http://89.160.20.156:34141/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 21:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -1971,7 +1931,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133265463Z", "kind": "enrichment", "original": "{\"id\":\"961507\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961507/\",\"url\":\"http://89.160.20.156:44399/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2020,7 +1979,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133266297Z", "kind": "enrichment", "original": "{\"id\":\"961508\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961508/\",\"url\":\"http://89.160.20.156:49120/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2069,7 +2027,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133267120Z", "kind": "enrichment", "original": "{\"id\":\"961506\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961506/\",\"url\":\"http://89.160.20.156:51136/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2118,7 +2075,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133268025Z", "kind": "enrichment", "original": "{\"id\":\"961504\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961504/\",\"url\":\"http://89.160.20.156:45773/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2167,7 +2123,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133268879Z", "kind": "enrichment", "original": "{\"id\":\"961505\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961505/\",\"url\":\"http://89.160.20.156:56528/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2216,7 +2171,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133269737Z", "kind": "enrichment", "original": "{\"id\":\"961500\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961500/\",\"url\":\"http://89.160.20.156:44427/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2265,7 +2219,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133270598Z", "kind": "enrichment", "original": "{\"id\":\"961501\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961501/\",\"url\":\"http://89.160.20.156:36134/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2314,7 +2267,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133271463Z", "kind": "enrichment", "original": "{\"id\":\"961502\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961502/\",\"url\":\"http://89.160.20.156:43973/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2363,7 +2315,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133272362Z", "kind": "enrichment", "original": "{\"id\":\"961503\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961503/\",\"url\":\"http://89.160.20.156:41319/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2412,7 +2363,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133273208Z", "kind": "enrichment", "original": "{\"id\":\"961496\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961496/\",\"url\":\"http://89.160.20.156:51847/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2461,7 +2411,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133274179Z", "kind": "enrichment", "original": "{\"id\":\"961497\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961497/\",\"url\":\"http://89.160.20.156:54469/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2510,7 +2459,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133275015Z", "kind": "enrichment", "original": "{\"id\":\"961498\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961498/\",\"url\":\"http://89.160.20.156:34547/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2559,7 +2507,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133275952Z", "kind": "enrichment", "original": "{\"id\":\"961499\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961499/\",\"url\":\"http://89.160.20.156:33932/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -2607,7 +2554,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133276790Z", "kind": "enrichment", "original": "{\"id\":\"961494\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961494/\",\"url\":\"https://univirtek.com/viro/02478080035/blank.jpg\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:51:47 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2653,7 +2599,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133277644Z", "kind": "enrichment", "original": "{\"id\":\"961495\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961495/\",\"url\":\"https://univirtek.com/viro/FRRNDR77C25D325O/map.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:51:47 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2699,7 +2644,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133278500Z", "kind": "enrichment", "original": "{\"id\":\"961492\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961492/\",\"url\":\"https://ladiesincode.com/ladi/CNNSRG83H04F158R/blank.jpg\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:51:45 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2745,7 +2689,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133279392Z", "kind": "enrichment", "original": "{\"id\":\"961493\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961493/\",\"url\":\"https://letonguesc.com/leto/02328510512/logo.css\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:51:45 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2791,7 +2734,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133280232Z", "kind": "enrichment", "original": "{\"id\":\"961490\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961490/\",\"url\":\"https://cxminute.com/minu/MLILSN74B21E507L/uk.png\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:51:44 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2837,7 +2779,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133281079Z", "kind": "enrichment", "original": "{\"id\":\"961491\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961491/\",\"url\":\"https://cxminute.com/minu/12875710159/blank.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:51:44 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2883,7 +2824,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133282011Z", "kind": "enrichment", "original": "{\"id\":\"961489\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961489/\",\"url\":\"https://cxminute.com/minu/CPNLNZ65M20A200N/maps.gif\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:51:41 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2929,7 +2869,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133282908Z", "kind": "enrichment", "original": "{\"id\":\"961488\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961488/\",\"url\":\"https://belfetproduction.com/bella/DLPCMN64D02D789E/logo.png\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:51:40 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -2975,7 +2914,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133283810Z", "kind": "enrichment", "original": "{\"id\":\"961487\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961487/\",\"url\":\"https://belfetproduction.com/bella/01844510469/1x1.jpg\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:51:17 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3021,7 +2959,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133284667Z", "kind": "enrichment", "original": "{\"id\":\"961485\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961485/\",\"url\":\"https://ladiesincode.com/ladi/FRRDNI52M71E522D/logo.css\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:51:16 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3067,7 +3004,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133285514Z", "kind": "enrichment", "original": "{\"id\":\"961486\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961486/\",\"url\":\"https://letonguesc.com/leto/CPPMRC65E04H980Q/it.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:51:16 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3113,7 +3049,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133286362Z", "kind": "enrichment", "original": "{\"id\":\"961482\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961482/\",\"url\":\"https://univirtek.com/viro/06389650018/it.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:51:15 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3159,7 +3094,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133287363Z", "kind": "enrichment", "original": "{\"id\":\"961483\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961483/\",\"url\":\"https://belfetproduction.com/bella/CRSRRT61E15H501H/logo.png\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:51:15 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3205,7 +3139,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133288209Z", "kind": "enrichment", "original": "{\"id\":\"961484\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961484/\",\"url\":\"https://cxminute.com/minu/SMPMSM67P05F205U/it.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:51:15 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3251,7 +3184,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133289054Z", "kind": "enrichment", "original": "{\"id\":\"961480\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961480/\",\"url\":\"https://univirtek.com/viro/SBNPQL78A24A783E/uk.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:51:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3297,7 +3229,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133289939Z", "kind": "enrichment", "original": "{\"id\":\"961481\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961481/\",\"url\":\"https://cxminute.com/minu/15578761007/maps.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:51:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3343,7 +3274,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133290851Z", "kind": "enrichment", "original": "{\"id\":\"961478\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961478/\",\"url\":\"https://univirtek.com/viro/03079590133/1x1.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:51:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3389,7 +3319,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133291788Z", "kind": "enrichment", "original": "{\"id\":\"961479\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961479/\",\"url\":\"https://ladiesincode.com/ladi/BNCLNR77T56M082U/it.gif\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:51:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3435,7 +3364,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133292675Z", "kind": "enrichment", "original": "{\"id\":\"961476\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961476/\",\"url\":\"https://cxminute.com/minu/JNKMTJ64B29L424O/uk.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:45 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3481,7 +3409,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133293537Z", "kind": "enrichment", "original": "{\"id\":\"961477\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961477/\",\"url\":\"https://belfetproduction.com/bella/PGNMRA64S22I608Z/en.png\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:50:45 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3527,7 +3454,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133727741Z", "kind": "enrichment", "original": "{\"id\":\"961470\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961470/\",\"url\":\"https://cxminute.com/minu/RZKDRD77T23Z229T/logo.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3573,7 +3499,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133738184Z", "kind": "enrichment", "original": "{\"id\":\"961471\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961471/\",\"url\":\"https://fhivelifestyle.online/nhbrwvdffsgt/adf/maps.jpg\",\"url_status\":\"offline\",\"host\":\"fhivelifestyle.online\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3619,7 +3544,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133739363Z", "kind": "enrichment", "original": "{\"id\":\"961472\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961472/\",\"url\":\"https://belfetproduction.com/bella/05739900487/1x1.css\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3665,7 +3589,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133740220Z", "kind": "enrichment", "original": "{\"id\":\"961473\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961473/\",\"url\":\"https://belfetproduction.com/bella/01767180597/map.css\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3711,7 +3634,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133741063Z", "kind": "enrichment", "original": "{\"id\":\"961474\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961474/\",\"url\":\"https://belfetproduction.com/bella/BRNGRG55D21F394K/map.css\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3757,7 +3679,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133742004Z", "kind": "enrichment", "original": "{\"id\":\"961475\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961475/\",\"url\":\"https://cxminute.com/minu/DLLTZN67L20L157J/1x1.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:43 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3803,7 +3724,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133742818Z", "kind": "enrichment", "original": "{\"id\":\"961468\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961468/\",\"url\":\"https://cxminute.com/minu/08035410722/logo.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:38 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3849,7 +3769,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133743640Z", "kind": "enrichment", "original": "{\"id\":\"961469\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961469/\",\"url\":\"https://univirtek.com/viro/GRNZEI60M13G346L/en.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:50:38 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3895,7 +3814,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133744460Z", "kind": "enrichment", "original": "{\"id\":\"961467\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961467/\",\"url\":\"https://letonguesc.com/leto/03253350239/1x1.png\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:50:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3941,7 +3859,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133745341Z", "kind": "enrichment", "original": "{\"id\":\"961464\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961464/\",\"url\":\"https://ladiesincode.com/ladi/10582470158/uk.css\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:50:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -3987,7 +3904,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133746188Z", "kind": "enrichment", "original": "{\"id\":\"961465\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961465/\",\"url\":\"https://ladiesincode.com/ladi/BTTLNZ68A56D325C/map.css\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:50:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4033,7 +3949,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133746985Z", "kind": "enrichment", "original": "{\"id\":\"961466\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961466/\",\"url\":\"https://letonguesc.com/leto/NNTLRT68P28A717L/en.jpg\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:50:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4079,7 +3994,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133747794Z", "kind": "enrichment", "original": "{\"id\":\"961461\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961461/\",\"url\":\"https://univirtek.com/viro/CTTNDR89A19B149W/maps.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4125,7 +4039,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133748595Z", "kind": "enrichment", "original": "{\"id\":\"961462\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961462/\",\"url\":\"https://cxminute.com/minu/DRSNTN77B16I197U/logo.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4171,7 +4084,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133749474Z", "kind": "enrichment", "original": "{\"id\":\"961463\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961463/\",\"url\":\"https://univirtek.com/viro/02941830735/uk.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4217,7 +4129,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133750320Z", "kind": "enrichment", "original": "{\"id\":\"961458\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961458/\",\"url\":\"https://belfetproduction.com/bella/MNSGCM91A04G240K/it.css\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:50:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4263,7 +4174,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133751148Z", "kind": "enrichment", "original": "{\"id\":\"961459\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961459/\",\"url\":\"https://ladiesincode.com/ladi/03108100615/it.jpg\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:50:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4309,7 +4219,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133751944Z", "kind": "enrichment", "original": "{\"id\":\"961460\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961460/\",\"url\":\"https://cxminute.com/minu/PTACSM56A31F604X/en.png\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:50:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4355,7 +4264,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133752844Z", "kind": "enrichment", "original": "{\"id\":\"961455\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961455/\",\"url\":\"https://univirtek.com/viro/00183050368/en.gif\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:39 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4401,7 +4309,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133753746Z", "kind": "enrichment", "original": "{\"id\":\"961456\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961456/\",\"url\":\"https://cxminute.com/minu/TSNLSN58H30G912H/uk.gif\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:49:39 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4447,7 +4354,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133754560Z", "kind": "enrichment", "original": "{\"id\":\"961457\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961457/\",\"url\":\"https://letonguesc.com/leto/08658331007/blank.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:39 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4493,7 +4399,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133755362Z", "kind": "enrichment", "original": "{\"id\":\"961450\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961450/\",\"url\":\"https://cxminute.com/minu/01098910324/blank.png\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:49:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4539,7 +4444,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133756160Z", "kind": "enrichment", "original": "{\"id\":\"961451\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961451/\",\"url\":\"https://univirtek.com/viro/02794390233/uk.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4585,7 +4489,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133757068Z", "kind": "enrichment", "original": "{\"id\":\"961452\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961452/\",\"url\":\"https://univirtek.com/viro/CSTDNT69D63F754D/en.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4631,7 +4534,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133758189Z", "kind": "enrichment", "original": "{\"id\":\"961453\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961453/\",\"url\":\"https://univirtek.com/viro/GSTGNE91B06L219W/1x1.jpg\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4677,7 +4579,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133758994Z", "kind": "enrichment", "original": "{\"id\":\"961454\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961454/\",\"url\":\"https://univirtek.com/viro/03610140125/map.jpg\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4723,7 +4624,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133759802Z", "kind": "enrichment", "original": "{\"id\":\"961448\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961448/\",\"url\":\"https://belfetproduction.com/bella/CRRLRD74E09A462T/blank.png\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:49:36 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4769,7 +4669,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133760670Z", "kind": "enrichment", "original": "{\"id\":\"961449\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961449/\",\"url\":\"https://univirtek.com/viro/RSTFRZ57T05G337C/maps.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:36 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4815,7 +4714,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133761580Z", "kind": "enrichment", "original": "{\"id\":\"961447\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961447/\",\"url\":\"https://letonguesc.com/leto/LBRFNC56S10D952D/map.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4861,7 +4759,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133762397Z", "kind": "enrichment", "original": "{\"id\":\"961444\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961444/\",\"url\":\"https://univirtek.com/viro/01669890194/it.gif\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:49:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4907,7 +4804,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133763211Z", "kind": "enrichment", "original": "{\"id\":\"961445\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961445/\",\"url\":\"https://letonguesc.com/leto/GTNNTN60P12H632S/maps.css\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4953,7 +4849,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133764012Z", "kind": "enrichment", "original": "{\"id\":\"961446\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961446/\",\"url\":\"https://cxminute.com/minu/ZHOXBN72B06Z210N/en.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:49:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -4999,7 +4894,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133764955Z", "kind": "enrichment", "original": "{\"id\":\"961442\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961442/\",\"url\":\"https://letonguesc.com/leto/KHNGGR61S21Z112Y/uk.css\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5045,7 +4939,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133766007Z", "kind": "enrichment", "original": "{\"id\":\"961443\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961443/\",\"url\":\"https://ladiesincode.com/ladi/MNRMNL75A12I531F/uk.jpg\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:49:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5091,7 +4984,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133766834Z", "kind": "enrichment", "original": "{\"id\":\"961438\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961438/\",\"url\":\"https://ladiesincode.com/ladi/RBGMNL67A02L675L/uk.css\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5137,7 +5029,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133767645Z", "kind": "enrichment", "original": "{\"id\":\"961439\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961439/\",\"url\":\"https://letonguesc.com/leto/RSSPPL67P15G535L/map.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5183,7 +5074,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133768450Z", "kind": "enrichment", "original": "{\"id\":\"961440\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961440/\",\"url\":\"https://fhivelifestyle.online/nhbrwvdffsgt/adf/uk.css\",\"url_status\":\"offline\",\"host\":\"fhivelifestyle.online\",\"date_added\":\"2021-01-14 20:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5229,7 +5119,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133769487Z", "kind": "enrichment", "original": "{\"id\":\"961441\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961441/\",\"url\":\"https://letonguesc.com/leto/BNTLGU67R11L706R/blank.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5275,7 +5164,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133770348Z", "kind": "enrichment", "original": "{\"id\":\"961437\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961437/\",\"url\":\"https://cxminute.com/minu/03713610651/map.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:48:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5321,7 +5209,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133771171Z", "kind": "enrichment", "original": "{\"id\":\"961436\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961436/\",\"url\":\"https://univirtek.com/viro/01312580507/uk.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:36 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5367,7 +5254,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133772072Z", "kind": "enrichment", "original": "{\"id\":\"961431\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961431/\",\"url\":\"https://cxminute.com/minu/FRNRST34B11F843P/blank.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:48:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5413,7 +5299,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133772887Z", "kind": "enrichment", "original": "{\"id\":\"961432\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961432/\",\"url\":\"https://univirtek.com/viro/RCUNDA90D24Z100H/1x1.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5459,7 +5344,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133773703Z", "kind": "enrichment", "original": "{\"id\":\"961433\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961433/\",\"url\":\"https://univirtek.com/viro/GTTGRI72H19A952D/map.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5505,7 +5389,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133774512Z", "kind": "enrichment", "original": "{\"id\":\"961434\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961434/\",\"url\":\"https://univirtek.com/viro/00385010103/map.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5551,7 +5434,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133775332Z", "kind": "enrichment", "original": "{\"id\":\"961435\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961435/\",\"url\":\"https://ladiesincode.com/ladi/04263990162/map.css\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:48:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5597,7 +5479,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133776294Z", "kind": "enrichment", "original": "{\"id\":\"961428\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961428/\",\"url\":\"https://univirtek.com/viro/BNNSFN74A13G674O/logo.png\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:34 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5643,7 +5524,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133777103Z", "kind": "enrichment", "original": "{\"id\":\"961429\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961429/\",\"url\":\"https://univirtek.com/viro/RZZCRS93B15G224O/it.gif\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:34 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5689,7 +5569,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133777900Z", "kind": "enrichment", "original": "{\"id\":\"961430\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961430/\",\"url\":\"https://cxminute.com/minu/01495100032/maps.gif\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:48:34 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5735,7 +5614,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133778742Z", "kind": "enrichment", "original": "{\"id\":\"961427\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961427/\",\"url\":\"https://letonguesc.com/leto/CMPDVD69C11G693Z/map.gif\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:48:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5781,7 +5659,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133779642Z", "kind": "enrichment", "original": "{\"id\":\"961426\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961426/\",\"url\":\"https://cxminute.com/minu/LLLMRC84B29A944R/it.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:48:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5827,7 +5704,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133780446Z", "kind": "enrichment", "original": "{\"id\":\"961421\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961421/\",\"url\":\"https://cxminute.com/minu/PRSSFN72L18C573S/map.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:48:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5873,7 +5749,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133781256Z", "kind": "enrichment", "original": "{\"id\":\"961422\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961422/\",\"url\":\"https://ladiesincode.com/ladi/00814870150/1x1.png\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:48:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5919,7 +5794,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133782065Z", "kind": "enrichment", "original": "{\"id\":\"961423\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961423/\",\"url\":\"https://ladiesincode.com/ladi/03635540234/it.gif\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:48:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -5965,7 +5839,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133782873Z", "kind": "enrichment", "original": "{\"id\":\"961424\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961424/\",\"url\":\"https://univirtek.com/viro/PLCSFN62B11D548Q/map.gif\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6011,7 +5884,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133783841Z", "kind": "enrichment", "original": "{\"id\":\"961425\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961425/\",\"url\":\"https://univirtek.com/viro/03294650167/maps.jpg\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6057,7 +5929,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133784634Z", "kind": "enrichment", "original": "{\"id\":\"961418\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961418/\",\"url\":\"https://univirtek.com/viro/GGLSCR73D17C627Q/blank.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6103,7 +5974,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133785445Z", "kind": "enrichment", "original": "{\"id\":\"961419\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961419/\",\"url\":\"https://univirtek.com/viro/CRRLRA68A70H501X/maps.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:48:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6149,7 +6019,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133786251Z", "kind": "enrichment", "original": "{\"id\":\"961420\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961420/\",\"url\":\"https://ladiesincode.com/ladi/CRSNLD59R12L840V/blank.jpg\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:48:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6195,7 +6064,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133787166Z", "kind": "enrichment", "original": "{\"id\":\"961416\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961416/\",\"url\":\"https://belfetproduction.com/bella/RTTCRL58M29A794D/logo.css\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:47:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6241,7 +6109,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133788001Z", "kind": "enrichment", "original": "{\"id\":\"961417\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961417/\",\"url\":\"https://letonguesc.com/leto/04138120169/en.jpg\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:47:35 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6287,7 +6154,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133788836Z", "kind": "enrichment", "original": "{\"id\":\"961408\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961408/\",\"url\":\"https://letonguesc.com/leto/SPGMRC73H13A475I/it.jpg\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6333,7 +6199,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133789645Z", "kind": "enrichment", "original": "{\"id\":\"961409\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961409/\",\"url\":\"https://letonguesc.com/leto/80007070552/it.png\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6379,7 +6244,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133790449Z", "kind": "enrichment", "original": "{\"id\":\"961410\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961410/\",\"url\":\"https://letonguesc.com/leto/02482130271/logo.png\",\"url_status\":\"offline\",\"host\":\"letonguesc.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6425,7 +6289,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133791368Z", "kind": "enrichment", "original": "{\"id\":\"961411\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961411/\",\"url\":\"https://univirtek.com/viro/15730201009/uk.gif\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6471,7 +6334,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133792178Z", "kind": "enrichment", "original": "{\"id\":\"961412\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961412/\",\"url\":\"https://univirtek.com/viro/01074480250/maps.css\",\"url_status\":\"offline\",\"host\":\"univirtek.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6517,7 +6379,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133792979Z", "kind": "enrichment", "original": "{\"id\":\"961413\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961413/\",\"url\":\"https://cxminute.com/minu/SCHRKE77C47G224W/1x1.jpg\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6563,7 +6424,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133793796Z", "kind": "enrichment", "original": "{\"id\":\"961414\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961414/\",\"url\":\"https://cxminute.com/minu/04281560377/en.css\",\"url_status\":\"offline\",\"host\":\"cxminute.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6609,7 +6469,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133794714Z", "kind": "enrichment", "original": "{\"id\":\"961415\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961415/\",\"url\":\"https://ladiesincode.com/ladi/02613440060/maps.png\",\"url_status\":\"offline\",\"host\":\"ladiesincode.com\",\"date_added\":\"2021-01-14 20:47:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6655,7 +6514,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133795589Z", "kind": "enrichment", "original": "{\"id\":\"961406\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961406/\",\"url\":\"https://nowyouknowent.com/werdona/PLLRRT83A05H501O/it.gif\",\"url_status\":\"offline\",\"host\":\"nowyouknowent.com\",\"date_added\":\"2021-01-14 20:47:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6701,7 +6559,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133796423Z", "kind": "enrichment", "original": "{\"id\":\"961407\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961407/\",\"url\":\"https://hoagtechhydroponics.com/teco/LGTCDC74T45F205G/logo.png\",\"url_status\":\"offline\",\"host\":\"hoagtechhydroponics.com\",\"date_added\":\"2021-01-14 20:47:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6747,7 +6604,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133797223Z", "kind": "enrichment", "original": "{\"id\":\"961404\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961404/\",\"url\":\"https://belfetproduction.com/bella/00160060349/uk.jpg\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:42:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6793,7 +6649,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133798089Z", "kind": "enrichment", "original": "{\"id\":\"961405\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961405/\",\"url\":\"https://belfetproduction.com/bella/01288650243/1x1.jpg\",\"url_status\":\"offline\",\"host\":\"belfetproduction.com\",\"date_added\":\"2021-01-14 20:42:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Cryptolaemus1\",\"larted\":\"false\",\"tags\":[\"sLoad\"]}", "type": "indicator" @@ -6841,7 +6696,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133799065Z", "kind": "enrichment", "original": "{\"id\":\"961403\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961403/\",\"url\":\"http://89.160.20.156:50611/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:39:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -6890,7 +6744,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133799867Z", "kind": "enrichment", "original": "{\"id\":\"961402\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961402/\",\"url\":\"http://89.160.20.156:45371/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:14 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -6939,7 +6792,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133800677Z", "kind": "enrichment", "original": "{\"id\":\"961400\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961400/\",\"url\":\"http://89.160.20.156:50093/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -6988,7 +6840,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133801494Z", "kind": "enrichment", "original": "{\"id\":\"961401\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961401/\",\"url\":\"http://89.160.20.156:36652/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7037,7 +6888,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133802402Z", "kind": "enrichment", "original": "{\"id\":\"961397\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961397/\",\"url\":\"http://89.160.20.156:54182/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7086,7 +6936,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133803218Z", "kind": "enrichment", "original": "{\"id\":\"961398\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961398/\",\"url\":\"http://89.160.20.156:46048/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7135,7 +6984,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133804026Z", "kind": "enrichment", "original": "{\"id\":\"961399\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961399/\",\"url\":\"http://89.160.20.156:33953/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:36:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7184,7 +7032,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133804858Z", "kind": "enrichment", "original": "{\"id\":\"961393\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961393/\",\"url\":\"http://89.160.20.156:36447/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7233,7 +7080,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133805684Z", "kind": "enrichment", "original": "{\"id\":\"961394\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961394/\",\"url\":\"http://89.160.20.156:36828/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7282,7 +7128,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133806558Z", "kind": "enrichment", "original": "{\"id\":\"961395\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961395/\",\"url\":\"http://89.160.20.156:55281/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7331,7 +7176,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133807422Z", "kind": "enrichment", "original": "{\"id\":\"961396\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961396/\",\"url\":\"http://89.160.20.156:49772/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7380,7 +7224,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133808239Z", "kind": "enrichment", "original": "{\"id\":\"961391\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961391/\",\"url\":\"http://89.160.20.156:50229/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7429,7 +7272,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133809033Z", "kind": "enrichment", "original": "{\"id\":\"961392\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961392/\",\"url\":\"http://89.160.20.156:39996/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7478,7 +7320,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133809946Z", "kind": "enrichment", "original": "{\"id\":\"961387\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961387/\",\"url\":\"http://89.160.20.156:50195/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7527,7 +7368,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133810859Z", "kind": "enrichment", "original": "{\"id\":\"961388\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961388/\",\"url\":\"http://89.160.20.156:52447/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7576,7 +7416,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.133811654Z", "kind": "enrichment", "original": "{\"id\":\"961389\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961389/\",\"url\":\"http://89.160.20.156:56321/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7625,7 +7464,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134071145Z", "kind": "enrichment", "original": "{\"id\":\"961390\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961390/\",\"url\":\"http://89.160.20.156:54620/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7674,7 +7512,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134072941Z", "kind": "enrichment", "original": "{\"id\":\"961386\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961386/\",\"url\":\"http://89.160.20.156:52064/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:23:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7723,7 +7560,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134073944Z", "kind": "enrichment", "original": "{\"id\":\"961385\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961385/\",\"url\":\"http://89.160.20.156:47401/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7772,7 +7608,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134075135Z", "kind": "enrichment", "original": "{\"id\":\"961382\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961382/\",\"url\":\"http://89.160.20.156:46527/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7821,7 +7656,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134080158Z", "kind": "enrichment", "original": "{\"id\":\"961383\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961383/\",\"url\":\"http://89.160.20.156:38132/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7870,7 +7704,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134081214Z", "kind": "enrichment", "original": "{\"id\":\"961384\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961384/\",\"url\":\"http://89.160.20.156:59015/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7919,7 +7752,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134082157Z", "kind": "enrichment", "original": "{\"id\":\"961379\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961379/\",\"url\":\"http://89.160.20.156:59454/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -7968,7 +7800,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134082977Z", "kind": "enrichment", "original": "{\"id\":\"961380\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961380/\",\"url\":\"http://89.160.20.156:37883/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8017,7 +7848,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134083801Z", "kind": "enrichment", "original": "{\"id\":\"961381\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961381/\",\"url\":\"http://89.160.20.156:55209/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8066,7 +7896,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134084635Z", "kind": "enrichment", "original": "{\"id\":\"961378\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961378/\",\"url\":\"http://89.160.20.156:41062/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:21:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8116,7 +7945,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134085631Z", "kind": "enrichment", "original": "{\"id\":\"961377\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961377/\",\"url\":\"http://89.160.20.156:60380/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -8164,7 +7992,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134086457Z", "kind": "enrichment", "original": "{\"id\":\"961375\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961375/\",\"url\":\"http://89.160.20.156:54796/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8213,7 +8040,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134087302Z", "kind": "enrichment", "original": "{\"id\":\"961376\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961376/\",\"url\":\"http://89.160.20.156:35251/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8262,7 +8088,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134088123Z", "kind": "enrichment", "original": "{\"id\":\"961373\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961373/\",\"url\":\"http://89.160.20.156:50562/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8311,7 +8136,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134089137Z", "kind": "enrichment", "original": "{\"id\":\"961374\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961374/\",\"url\":\"http://89.160.20.156:33445/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8360,7 +8184,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134090090Z", "kind": "enrichment", "original": "{\"id\":\"961370\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961370/\",\"url\":\"http://89.160.20.156:60280/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8409,7 +8232,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134090941Z", "kind": "enrichment", "original": "{\"id\":\"961371\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961371/\",\"url\":\"http://89.160.20.156:46386/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8458,7 +8280,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134091760Z", "kind": "enrichment", "original": "{\"id\":\"961372\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961372/\",\"url\":\"http://89.160.20.156:60288/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8507,7 +8328,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134092608Z", "kind": "enrichment", "original": "{\"id\":\"961368\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961368/\",\"url\":\"http://89.160.20.156:49731/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8556,7 +8376,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134093604Z", "kind": "enrichment", "original": "{\"id\":\"961369\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961369/\",\"url\":\"http://89.160.20.156:38837/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8605,7 +8424,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134094423Z", "kind": "enrichment", "original": "{\"id\":\"961366\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961366/\",\"url\":\"http://89.160.20.156:37814/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8654,7 +8472,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134095236Z", "kind": "enrichment", "original": "{\"id\":\"961367\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961367/\",\"url\":\"http://89.160.20.156:47507/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8704,7 +8521,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134096052Z", "kind": "enrichment", "original": "{\"id\":\"961365\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961365/\",\"url\":\"http://89.160.20.156:47140/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:18:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -8752,7 +8568,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134096865Z", "kind": "enrichment", "original": "{\"id\":\"961363\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961363/\",\"url\":\"http://89.160.20.156:41514/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:11 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8801,7 +8616,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134097818Z", "kind": "enrichment", "original": "{\"id\":\"961364\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961364/\",\"url\":\"http://89.160.20.156:58748/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:11 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8850,7 +8664,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134098640Z", "kind": "enrichment", "original": "{\"id\":\"961362\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961362/\",\"url\":\"http://89.160.20.156:51183/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8899,7 +8712,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134099474Z", "kind": "enrichment", "original": "{\"id\":\"961361\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961361/\",\"url\":\"http://89.160.20.156:42104/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8948,7 +8760,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134100289Z", "kind": "enrichment", "original": "{\"id\":\"961354\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961354/\",\"url\":\"http://89.160.20.156:53130/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -8997,7 +8808,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134101164Z", "kind": "enrichment", "original": "{\"id\":\"961355\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961355/\",\"url\":\"http://89.160.20.156:57768/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9046,7 +8856,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134102160Z", "kind": "enrichment", "original": "{\"id\":\"961356\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961356/\",\"url\":\"http://89.160.20.156:34541/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9095,7 +8904,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134102975Z", "kind": "enrichment", "original": "{\"id\":\"961357\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961357/\",\"url\":\"http://89.160.20.156:51344/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9144,7 +8952,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134103810Z", "kind": "enrichment", "original": "{\"id\":\"961358\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961358/\",\"url\":\"http://89.160.20.156:40084/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9193,7 +9000,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134104641Z", "kind": "enrichment", "original": "{\"id\":\"961359\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961359/\",\"url\":\"http://89.160.20.156:60457/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9242,7 +9048,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134105569Z", "kind": "enrichment", "original": "{\"id\":\"961360\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961360/\",\"url\":\"http://89.160.20.156:34906/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9291,7 +9096,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134106385Z", "kind": "enrichment", "original": "{\"id\":\"961353\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961353/\",\"url\":\"http://89.160.20.156:59847/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:10:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9340,7 +9144,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134107211Z", "kind": "enrichment", "original": "{\"id\":\"961352\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961352/\",\"url\":\"http://89.160.20.156:47873/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:09:00 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9389,7 +9192,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134108042Z", "kind": "enrichment", "original": "{\"id\":\"961349\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961349/\",\"url\":\"http://89.160.20.156:48645/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9438,7 +9240,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134108921Z", "kind": "enrichment", "original": "{\"id\":\"961350\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961350/\",\"url\":\"http://89.160.20.156:36524/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9487,7 +9288,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134109996Z", "kind": "enrichment", "original": "{\"id\":\"961351\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961351/\",\"url\":\"http://89.160.20.156:38726/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9536,7 +9336,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134110910Z", "kind": "enrichment", "original": "{\"id\":\"961345\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961345/\",\"url\":\"http://89.160.20.156:41149/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9585,7 +9384,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134112638Z", "kind": "enrichment", "original": "{\"id\":\"961346\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961346/\",\"url\":\"http://89.160.20.156:46993/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9634,7 +9432,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134113525Z", "kind": "enrichment", "original": "{\"id\":\"961347\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961347/\",\"url\":\"http://89.160.20.156:39190/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9683,7 +9480,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134114482Z", "kind": "enrichment", "original": "{\"id\":\"961348\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961348/\",\"url\":\"http://89.160.20.156:48344/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:05:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9733,7 +9529,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134115363Z", "kind": "enrichment", "original": "{\"id\":\"961344\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961344/\",\"url\":\"http://89.160.20.156:58427/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:04:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -9783,7 +9578,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134116180Z", "kind": "enrichment", "original": "{\"id\":\"961343\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961343/\",\"url\":\"http://89.160.20.156:41921/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 20:02:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -9832,7 +9626,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134117006Z", "kind": "enrichment", "original": "{\"id\":\"961342\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961342/\",\"url\":\"http://89.160.20.156:47140/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:55:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -9881,7 +9674,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134117900Z", "kind": "enrichment", "original": "{\"id\":\"961341\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961341/\",\"url\":\"http://89.160.20.156:34789/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:52:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9930,7 +9722,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134118771Z", "kind": "enrichment", "original": "{\"id\":\"961340\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961340/\",\"url\":\"http://89.160.20.156:37634/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -9979,7 +9770,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134119645Z", "kind": "enrichment", "original": "{\"id\":\"961339\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961339/\",\"url\":\"http://89.160.20.156:41636/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10028,7 +9818,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134120487Z", "kind": "enrichment", "original": "{\"id\":\"961338\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961338/\",\"url\":\"http://89.160.20.156:32907/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10077,7 +9866,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134121318Z", "kind": "enrichment", "original": "{\"id\":\"961336\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961336/\",\"url\":\"http://89.160.20.156:57568/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10126,7 +9914,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134122247Z", "kind": "enrichment", "original": "{\"id\":\"961337\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961337/\",\"url\":\"http://89.160.20.156:40740/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10175,7 +9962,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134123066Z", "kind": "enrichment", "original": "{\"id\":\"961331\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961331/\",\"url\":\"http://89.160.20.156:35927/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10224,7 +10010,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134123885Z", "kind": "enrichment", "original": "{\"id\":\"961332\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961332/\",\"url\":\"http://89.160.20.156:55558/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10273,7 +10058,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134124747Z", "kind": "enrichment", "original": "{\"id\":\"961333\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961333/\",\"url\":\"http://89.160.20.156:60558/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10322,7 +10106,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134125569Z", "kind": "enrichment", "original": "{\"id\":\"961334\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961334/\",\"url\":\"http://89.160.20.156:59624/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10371,7 +10154,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134126591Z", "kind": "enrichment", "original": "{\"id\":\"961335\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961335/\",\"url\":\"http://89.160.20.156:39386/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10420,7 +10202,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134127418Z", "kind": "enrichment", "original": "{\"id\":\"961322\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961322/\",\"url\":\"http://89.160.20.156:46289/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10469,7 +10250,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134128234Z", "kind": "enrichment", "original": "{\"id\":\"961323\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961323/\",\"url\":\"http://89.160.20.156:34951/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10518,7 +10298,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134129071Z", "kind": "enrichment", "original": "{\"id\":\"961324\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961324/\",\"url\":\"http://89.160.20.156:47594/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10567,7 +10346,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134130Z", "kind": "enrichment", "original": "{\"id\":\"961325\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961325/\",\"url\":\"http://89.160.20.156:55792/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10616,7 +10394,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134130893Z", "kind": "enrichment", "original": "{\"id\":\"961326\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961326/\",\"url\":\"http://89.160.20.156:35271/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10665,7 +10442,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134131708Z", "kind": "enrichment", "original": "{\"id\":\"961327\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961327/\",\"url\":\"http://89.160.20.156:36300/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10714,7 +10490,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134132525Z", "kind": "enrichment", "original": "{\"id\":\"961328\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961328/\",\"url\":\"http://89.160.20.156:60680/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10763,7 +10538,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134133351Z", "kind": "enrichment", "original": "{\"id\":\"961329\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961329/\",\"url\":\"http://89.160.20.156:51132/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10812,7 +10586,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134134262Z", "kind": "enrichment", "original": "{\"id\":\"961330\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961330/\",\"url\":\"http://89.160.20.156:39049/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10861,7 +10634,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134135121Z", "kind": "enrichment", "original": "{\"id\":\"961321\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961321/\",\"url\":\"http://89.160.20.156:57455/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:49:12 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10910,7 +10682,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134135943Z", "kind": "enrichment", "original": "{\"id\":\"961320\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961320/\",\"url\":\"http://89.160.20.156:32823/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:49:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -10959,7 +10730,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134136766Z", "kind": "enrichment", "original": "{\"id\":\"961318\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961318/\",\"url\":\"http://89.160.20.156:44103/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11008,7 +10778,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134137649Z", "kind": "enrichment", "original": "{\"id\":\"961319\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961319/\",\"url\":\"http://89.160.20.156:36257/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11058,7 +10827,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134138531Z", "kind": "enrichment", "original": "{\"id\":\"961317\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961317/\",\"url\":\"http://89.160.20.156:41921/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:45:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -11108,7 +10876,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134139364Z", "kind": "enrichment", "original": "{\"id\":\"961316\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961316/\",\"url\":\"http://89.160.20.156:50971/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:44:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -11156,7 +10923,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134140206Z", "kind": "enrichment", "original": "{\"id\":\"961315\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961315/\",\"url\":\"http://89.160.20.156:56339/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11205,7 +10971,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134141026Z", "kind": "enrichment", "original": "{\"id\":\"961314\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961314/\",\"url\":\"http://89.160.20.156:52551/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11254,7 +11019,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134141953Z", "kind": "enrichment", "original": "{\"id\":\"961312\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961312/\",\"url\":\"http://89.160.20.156:35942/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11303,7 +11067,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134142823Z", "kind": "enrichment", "original": "{\"id\":\"961313\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961313/\",\"url\":\"http://89.160.20.156:39636/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11352,7 +11115,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134143643Z", "kind": "enrichment", "original": "{\"id\":\"961310\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961310/\",\"url\":\"http://89.160.20.156:53548/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11401,7 +11163,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134144478Z", "kind": "enrichment", "original": "{\"id\":\"961311\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961311/\",\"url\":\"http://89.160.20.156:40967/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11450,7 +11211,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134145367Z", "kind": "enrichment", "original": "{\"id\":\"961309\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961309/\",\"url\":\"http://89.160.20.156:49471/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11499,7 +11259,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134146242Z", "kind": "enrichment", "original": "{\"id\":\"961302\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961302/\",\"url\":\"http://89.160.20.156:43937/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11548,7 +11307,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134147060Z", "kind": "enrichment", "original": "{\"id\":\"961303\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961303/\",\"url\":\"http://89.160.20.156:57992/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11597,7 +11355,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134147880Z", "kind": "enrichment", "original": "{\"id\":\"961304\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961304/\",\"url\":\"http://89.160.20.156:43603/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11646,7 +11403,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134148720Z", "kind": "enrichment", "original": "{\"id\":\"961305\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961305/\",\"url\":\"http://89.160.20.156:37157/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11695,7 +11451,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134149717Z", "kind": "enrichment", "original": "{\"id\":\"961306\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961306/\",\"url\":\"http://89.160.20.156:37229/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11744,7 +11499,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134150783Z", "kind": "enrichment", "original": "{\"id\":\"961307\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961307/\",\"url\":\"http://89.160.20.156:49104/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11793,7 +11547,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134151612Z", "kind": "enrichment", "original": "{\"id\":\"961308\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961308/\",\"url\":\"http://89.160.20.156:49575/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11842,7 +11595,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134152547Z", "kind": "enrichment", "original": "{\"id\":\"961299\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961299/\",\"url\":\"http://89.160.20.156:50000/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11891,7 +11643,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134153385Z", "kind": "enrichment", "original": "{\"id\":\"961300\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961300/\",\"url\":\"http://89.160.20.156:36251/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11940,7 +11691,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134154202Z", "kind": "enrichment", "original": "{\"id\":\"961301\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961301/\",\"url\":\"http://89.160.20.156:51932/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -11989,7 +11739,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134155031Z", "kind": "enrichment", "original": "{\"id\":\"961297\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961297/\",\"url\":\"http://89.160.20.156:45660/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12038,7 +11787,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134155865Z", "kind": "enrichment", "original": "{\"id\":\"961298\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961298/\",\"url\":\"http://89.160.20.156:42478/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12087,7 +11835,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134156956Z", "kind": "enrichment", "original": "{\"id\":\"961296\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961296/\",\"url\":\"http://89.160.20.156:50726/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12137,7 +11884,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134157776Z", "kind": "enrichment", "original": "{\"id\":\"961295\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961295/\",\"url\":\"http://89.160.20.156:40256/i\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:33:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -12186,7 +11932,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134158598Z", "kind": "enrichment", "original": "{\"id\":\"961294\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961294/\",\"url\":\"http://89.160.20.156:50971/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:29:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -12235,7 +11980,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134159416Z", "kind": "enrichment", "original": "{\"id\":\"961293\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961293/\",\"url\":\"https://realestatederivatives.com.ng/zx/janomo_hfWUGQvSPn0.bin\",\"url_status\":\"online\",\"host\":\"realestatederivatives.com.ng\",\"date_added\":\"2021-01-14 19:24:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"encrypted\",\"GuLoader\"]}", "type": "indicator" @@ -12282,7 +12026,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134160412Z", "kind": "enrichment", "original": "{\"id\":\"961291\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961291/\",\"url\":\"http://89.160.20.156:33946/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12331,7 +12074,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134161237Z", "kind": "enrichment", "original": "{\"id\":\"961292\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961292/\",\"url\":\"http://89.160.20.156:39990/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12380,7 +12122,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134162060Z", "kind": "enrichment", "original": "{\"id\":\"961288\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961288/\",\"url\":\"http://89.160.20.156:60558/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12429,7 +12170,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134162878Z", "kind": "enrichment", "original": "{\"id\":\"961289\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961289/\",\"url\":\"http://89.160.20.156:32989/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12478,7 +12218,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134163693Z", "kind": "enrichment", "original": "{\"id\":\"961290\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961290/\",\"url\":\"http://89.160.20.156:52458/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12527,7 +12266,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134164933Z", "kind": "enrichment", "original": "{\"id\":\"961286\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961286/\",\"url\":\"http://89.160.20.156:60735/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12576,7 +12314,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134165748Z", "kind": "enrichment", "original": "{\"id\":\"961287\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961287/\",\"url\":\"http://89.160.20.156:34755/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12625,7 +12362,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134166562Z", "kind": "enrichment", "original": "{\"id\":\"961285\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961285/\",\"url\":\"http://89.160.20.156:39290/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12674,7 +12410,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134167383Z", "kind": "enrichment", "original": "{\"id\":\"961279\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961279/\",\"url\":\"http://89.160.20.156:56141/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12723,7 +12458,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134168320Z", "kind": "enrichment", "original": "{\"id\":\"961280\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961280/\",\"url\":\"http://89.160.20.156:40247/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12773,7 +12507,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134169193Z", "kind": "enrichment", "original": "{\"id\":\"961281\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961281/\",\"url\":\"http://89.160.20.156:36619/i\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -12821,7 +12554,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134170025Z", "kind": "enrichment", "original": "{\"id\":\"961282\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961282/\",\"url\":\"http://89.160.20.156:43673/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12870,7 +12602,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134170842Z", "kind": "enrichment", "original": "{\"id\":\"961283\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961283/\",\"url\":\"http://89.160.20.156:55726/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12919,7 +12650,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134171662Z", "kind": "enrichment", "original": "{\"id\":\"961284\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961284/\",\"url\":\"http://89.160.20.156:59668/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -12968,7 +12698,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134172589Z", "kind": "enrichment", "original": "{\"id\":\"961278\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961278/\",\"url\":\"http://89.160.20.156:34391/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13017,7 +12746,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134173467Z", "kind": "enrichment", "original": "{\"id\":\"961277\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961277/\",\"url\":\"http://89.160.20.156:49478/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13066,7 +12794,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134174303Z", "kind": "enrichment", "original": "{\"id\":\"961276\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961276/\",\"url\":\"http://89.160.20.156:54670/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13115,7 +12842,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134175121Z", "kind": "enrichment", "original": "{\"id\":\"961270\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961270/\",\"url\":\"http://89.160.20.156:59599/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13164,7 +12890,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134175997Z", "kind": "enrichment", "original": "{\"id\":\"961271\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961271/\",\"url\":\"http://89.160.20.156:45189/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13213,7 +12938,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134176921Z", "kind": "enrichment", "original": "{\"id\":\"961272\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961272/\",\"url\":\"http://89.160.20.156:60805/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13262,7 +12986,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134177751Z", "kind": "enrichment", "original": "{\"id\":\"961273\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961273/\",\"url\":\"http://89.160.20.156:38888/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13311,7 +13034,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134178572Z", "kind": "enrichment", "original": "{\"id\":\"961274\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961274/\",\"url\":\"http://89.160.20.156:47869/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13360,7 +13082,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134179397Z", "kind": "enrichment", "original": "{\"id\":\"961275\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961275/\",\"url\":\"http://89.160.20.156:57478/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13410,7 +13131,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134180331Z", "kind": "enrichment", "original": "{\"id\":\"961269\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961269/\",\"url\":\"http://89.160.20.156:40256/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:10:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -13459,7 +13179,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134181151Z", "kind": "enrichment", "original": "{\"id\":\"961268\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961268/\",\"url\":\"http://89.160.20.156:49035/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13508,7 +13227,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134181973Z", "kind": "enrichment", "original": "{\"id\":\"961266\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961266/\",\"url\":\"http://89.160.20.156:41531/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13557,7 +13275,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134182788Z", "kind": "enrichment", "original": "{\"id\":\"961267\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961267/\",\"url\":\"http://89.160.20.156:49596/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13606,7 +13323,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134183614Z", "kind": "enrichment", "original": "{\"id\":\"961265\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961265/\",\"url\":\"http://89.160.20.156:43584/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:07:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13655,7 +13371,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134184564Z", "kind": "enrichment", "original": "{\"id\":\"961264\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961264/\",\"url\":\"http://89.160.20.156:44976/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13704,7 +13419,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134185385Z", "kind": "enrichment", "original": "{\"id\":\"961259\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961259/\",\"url\":\"http://89.160.20.156:51107/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13753,7 +13467,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134186223Z", "kind": "enrichment", "original": "{\"id\":\"961260\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961260/\",\"url\":\"http://89.160.20.156:33790/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13802,7 +13515,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134187061Z", "kind": "enrichment", "original": "{\"id\":\"961261\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961261/\",\"url\":\"http://89.160.20.156:58919/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13851,7 +13563,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134187955Z", "kind": "enrichment", "original": "{\"id\":\"961262\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961262/\",\"url\":\"http://89.160.20.156:40395/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13900,7 +13611,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134188777Z", "kind": "enrichment", "original": "{\"id\":\"961263\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961263/\",\"url\":\"http://89.160.20.156:53510/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13949,7 +13659,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134189591Z", "kind": "enrichment", "original": "{\"id\":\"961258\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961258/\",\"url\":\"http://89.160.20.156:39115/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:12 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -13998,7 +13707,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134190410Z", "kind": "enrichment", "original": "{\"id\":\"961257\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961257/\",\"url\":\"http://89.160.20.156:40713/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:11 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14047,7 +13755,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134191240Z", "kind": "enrichment", "original": "{\"id\":\"961256\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961256/\",\"url\":\"http://89.160.20.156:54811/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14096,7 +13803,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134192478Z", "kind": "enrichment", "original": "{\"id\":\"961255\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961255/\",\"url\":\"http://89.160.20.156:58269/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14145,7 +13851,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134193344Z", "kind": "enrichment", "original": "{\"id\":\"961251\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961251/\",\"url\":\"http://89.160.20.156:47985/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14194,7 +13899,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134194167Z", "kind": "enrichment", "original": "{\"id\":\"961252\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961252/\",\"url\":\"http://89.160.20.156:38107/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14243,7 +13947,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134194990Z", "kind": "enrichment", "original": "{\"id\":\"961253\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961253/\",\"url\":\"http://89.160.20.156:50354/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14292,7 +13995,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134195900Z", "kind": "enrichment", "original": "{\"id\":\"961254\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961254/\",\"url\":\"http://89.160.20.156:44987/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14341,7 +14043,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134196807Z", "kind": "enrichment", "original": "{\"id\":\"961249\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961249/\",\"url\":\"http://89.160.20.156:44681/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14390,7 +14091,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134197627Z", "kind": "enrichment", "original": "{\"id\":\"961250\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961250/\",\"url\":\"http://89.160.20.156:58391/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14439,7 +14139,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134200155Z", "kind": "enrichment", "original": "{\"id\":\"961248\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961248/\",\"url\":\"http://89.160.20.156:48540/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14488,7 +14187,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134201037Z", "kind": "enrichment", "original": "{\"id\":\"961246\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961246/\",\"url\":\"http://89.160.20.156:42755/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14537,7 +14235,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134202012Z", "kind": "enrichment", "original": "{\"id\":\"961247\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961247/\",\"url\":\"http://89.160.20.156:52688/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14586,7 +14283,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134202894Z", "kind": "enrichment", "original": "{\"id\":\"961244\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961244/\",\"url\":\"http://89.160.20.156:33782/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14635,7 +14331,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134203726Z", "kind": "enrichment", "original": "{\"id\":\"961245\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961245/\",\"url\":\"http://89.160.20.156:50381/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14684,7 +14379,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134204545Z", "kind": "enrichment", "original": "{\"id\":\"961243\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961243/\",\"url\":\"http://89.160.20.156:44219/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14734,7 +14428,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134205479Z", "kind": "enrichment", "original": "{\"id\":\"961242\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961242/\",\"url\":\"http://89.160.20.156:36619/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 19:01:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -14784,7 +14477,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134206404Z", "kind": "enrichment", "original": "{\"id\":\"961241\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961241/\",\"url\":\"http://89.160.20.156:59976/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:56:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -14832,7 +14524,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134207218Z", "kind": "enrichment", "original": "{\"id\":\"961239\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961239/\",\"url\":\"http://89.160.20.156:48688/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14881,7 +14572,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134208053Z", "kind": "enrichment", "original": "{\"id\":\"961240\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961240/\",\"url\":\"http://89.160.20.156:45682/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14930,7 +14620,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134208876Z", "kind": "enrichment", "original": "{\"id\":\"961238\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961238/\",\"url\":\"http://89.160.20.156:34922/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -14979,7 +14668,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134209822Z", "kind": "enrichment", "original": "{\"id\":\"961233\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961233/\",\"url\":\"http://89.160.20.156:37489/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15028,7 +14716,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134210655Z", "kind": "enrichment", "original": "{\"id\":\"961234\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961234/\",\"url\":\"http://89.160.20.156:51940/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15077,7 +14764,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134211494Z", "kind": "enrichment", "original": "{\"id\":\"961235\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961235/\",\"url\":\"http://89.160.20.156:49599/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15126,7 +14812,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134212314Z", "kind": "enrichment", "original": "{\"id\":\"961236\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961236/\",\"url\":\"http://89.160.20.156:53436/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15175,7 +14860,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134213200Z", "kind": "enrichment", "original": "{\"id\":\"961237\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961237/\",\"url\":\"http://89.160.20.156:57237/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15224,7 +14908,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134214182Z", "kind": "enrichment", "original": "{\"id\":\"961232\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961232/\",\"url\":\"http://89.160.20.156:50907/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15273,7 +14956,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134215009Z", "kind": "enrichment", "original": "{\"id\":\"961231\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961231/\",\"url\":\"http://89.160.20.156:41910/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:14 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15322,7 +15004,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134215853Z", "kind": "enrichment", "original": "{\"id\":\"961229\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961229/\",\"url\":\"http://89.160.20.156:57217/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15371,7 +15052,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134216683Z", "kind": "enrichment", "original": "{\"id\":\"961230\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961230/\",\"url\":\"http://89.160.20.156:47632/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15420,7 +15100,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134217616Z", "kind": "enrichment", "original": "{\"id\":\"961227\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961227/\",\"url\":\"http://89.160.20.156:46654/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15469,7 +15148,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134218456Z", "kind": "enrichment", "original": "{\"id\":\"961228\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961228/\",\"url\":\"http://89.160.20.156:59073/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15518,7 +15196,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134219275Z", "kind": "enrichment", "original": "{\"id\":\"961221\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961221/\",\"url\":\"http://89.160.20.156:37958/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15567,7 +15244,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134220095Z", "kind": "enrichment", "original": "{\"id\":\"961222\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961222/\",\"url\":\"http://89.160.20.156:53943/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15616,7 +15292,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134220916Z", "kind": "enrichment", "original": "{\"id\":\"961223\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961223/\",\"url\":\"http://89.160.20.156:40404/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15665,7 +15340,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134221816Z", "kind": "enrichment", "original": "{\"id\":\"961224\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961224/\",\"url\":\"http://89.160.20.156:46738/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15714,7 +15388,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134222636Z", "kind": "enrichment", "original": "{\"id\":\"961225\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961225/\",\"url\":\"http://89.160.20.156:58234/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15763,7 +15436,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134223471Z", "kind": "enrichment", "original": "{\"id\":\"961226\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961226/\",\"url\":\"http://89.160.20.156:36911/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15812,7 +15484,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134224290Z", "kind": "enrichment", "original": "{\"id\":\"961220\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961220/\",\"url\":\"http://89.160.20.156:35028/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:49:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -15862,7 +15533,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134225540Z", "kind": "enrichment", "original": "{\"id\":\"961219\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961219/\",\"url\":\"http://allanabolicsteam.net/nedfr_.exe\",\"url_status\":\"offline\",\"host\":\"allanabolicsteam.net\",\"date_added\":\"2021-01-14 18:47:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"Myrtus0x0\",\"larted\":\"true\",\"tags\":[\"c2\",\"hancitor\",\"payload\"]}", "type": "indicator" @@ -15908,7 +15578,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134226443Z", "kind": "enrichment", "original": "{\"id\":\"961217\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961217/\",\"url\":\"https://intranetstc.micromart.com.br/fined.php\",\"url_status\":\"offline\",\"host\":\"intranetstc.micromart.com.br\",\"date_added\":\"2021-01-14 18:47:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"0x49736b\",\"larted\":\"false\",\"tags\":[\"Dridex\"]}", "type": "indicator" @@ -15956,7 +15625,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134227269Z", "kind": "enrichment", "original": "{\"id\":\"961218\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961218/\",\"url\":\"http://allanabolicsteam.net/1301s.bin\",\"url_status\":\"online\",\"host\":\"allanabolicsteam.net\",\"date_added\":\"2021-01-14 18:47:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"Myrtus0x0\",\"larted\":\"true\",\"tags\":[\"c2\",\"hancitor\",\"payload\"]}", "type": "indicator" @@ -16004,7 +15672,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134228093Z", "kind": "enrichment", "original": "{\"id\":\"961216\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961216/\",\"url\":\"http://89.160.20.156:43741/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:44:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -16053,7 +15720,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134228918Z", "kind": "enrichment", "original": "{\"id\":\"961215\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961215/\",\"url\":\"http://89.160.20.156:45803/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:41:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"false\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -16102,7 +15768,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134229802Z", "kind": "enrichment", "original": "{\"id\":\"961214\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961214/\",\"url\":\"http://89.160.20.156:38611/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"false\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16151,7 +15816,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134230637Z", "kind": "enrichment", "original": "{\"id\":\"961213\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961213/\",\"url\":\"http://89.160.20.156:35185/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:12 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16200,7 +15864,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134231462Z", "kind": "enrichment", "original": "{\"id\":\"961212\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961212/\",\"url\":\"http://89.160.20.156:35054/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16249,7 +15912,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134232297Z", "kind": "enrichment", "original": "{\"id\":\"961207\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961207/\",\"url\":\"http://89.160.20.156:60038/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16298,7 +15960,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134233250Z", "kind": "enrichment", "original": "{\"id\":\"961208\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961208/\",\"url\":\"http://89.160.20.156:52253/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16347,7 +16008,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134234124Z", "kind": "enrichment", "original": "{\"id\":\"961209\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961209/\",\"url\":\"http://89.160.20.156:43125/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16396,7 +16056,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134234969Z", "kind": "enrichment", "original": "{\"id\":\"961210\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961210/\",\"url\":\"http://89.160.20.156:52650/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16445,7 +16104,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134235789Z", "kind": "enrichment", "original": "{\"id\":\"961211\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961211/\",\"url\":\"http://89.160.20.156:59273/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16494,7 +16152,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134236607Z", "kind": "enrichment", "original": "{\"id\":\"961206\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961206/\",\"url\":\"http://89.160.20.156:40346/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16543,7 +16200,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134237552Z", "kind": "enrichment", "original": "{\"id\":\"961204\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961204/\",\"url\":\"http://89.160.20.156:44242/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16592,7 +16248,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134238375Z", "kind": "enrichment", "original": "{\"id\":\"961205\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961205/\",\"url\":\"http://89.160.20.156:40624/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16641,7 +16296,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134239195Z", "kind": "enrichment", "original": "{\"id\":\"961202\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961202/\",\"url\":\"http://89.160.20.156:41245/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16690,7 +16344,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134240020Z", "kind": "enrichment", "original": "{\"id\":\"961203\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961203/\",\"url\":\"http://89.160.20.156:48866/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16739,7 +16392,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134240903Z", "kind": "enrichment", "original": "{\"id\":\"961198\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961198/\",\"url\":\"http://89.160.20.156:58258/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16788,7 +16440,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134241831Z", "kind": "enrichment", "original": "{\"id\":\"961199\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961199/\",\"url\":\"http://89.160.20.156:34516/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16837,7 +16488,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134242652Z", "kind": "enrichment", "original": "{\"id\":\"961200\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961200/\",\"url\":\"http://89.160.20.156:47851/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16886,7 +16536,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134243488Z", "kind": "enrichment", "original": "{\"id\":\"961201\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961201/\",\"url\":\"http://89.160.20.156:49226/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -16936,7 +16585,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134244308Z", "kind": "enrichment", "original": "{\"id\":\"961197\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961197/\",\"url\":\"http://89.160.20.156:36957/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:34:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -16985,7 +16633,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134245252Z", "kind": "enrichment", "original": "{\"id\":\"961196\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961196/\",\"url\":\"http://89.160.20.156:53089/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:34:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17034,7 +16681,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134246126Z", "kind": "enrichment", "original": "{\"id\":\"961193\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961193/\",\"url\":\"http://89.160.20.156:57114/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17083,7 +16729,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134246946Z", "kind": "enrichment", "original": "{\"id\":\"961194\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961194/\",\"url\":\"http://89.160.20.156:33163/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17132,7 +16777,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134247774Z", "kind": "enrichment", "original": "{\"id\":\"961195\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961195/\",\"url\":\"http://89.160.20.156:48557/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17182,7 +16826,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134248663Z", "kind": "enrichment", "original": "{\"id\":\"961192\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961192/\",\"url\":\"http://89.160.20.156:59976/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:31:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -17232,7 +16875,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134249557Z", "kind": "enrichment", "original": "{\"id\":\"961191\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961191/\",\"url\":\"http://89.160.20.156:48291/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -17280,7 +16922,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134250375Z", "kind": "enrichment", "original": "{\"id\":\"961190\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961190/\",\"url\":\"http://89.160.20.156:45797/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:21:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17330,7 +16971,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134251197Z", "kind": "enrichment", "original": "{\"id\":\"961186\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961186/\",\"url\":\"http://89.160.20.156:43741/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -17379,7 +17019,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134252022Z", "kind": "enrichment", "original": "{\"id\":\"961187\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961187/\",\"url\":\"http://89.160.20.156:35446/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17428,7 +17067,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134252959Z", "kind": "enrichment", "original": "{\"id\":\"961188\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961188/\",\"url\":\"http://89.160.20.156:35720/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17477,7 +17115,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134253795Z", "kind": "enrichment", "original": "{\"id\":\"961189\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961189/\",\"url\":\"http://89.160.20.156:50501/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:21:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17526,7 +17163,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134254635Z", "kind": "enrichment", "original": "{\"id\":\"961185\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961185/\",\"url\":\"http://89.160.20.156:55796/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17575,7 +17211,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134255455Z", "kind": "enrichment", "original": "{\"id\":\"961183\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961183/\",\"url\":\"http://89.160.20.156:52308/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17624,7 +17259,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134256276Z", "kind": "enrichment", "original": "{\"id\":\"961184\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961184/\",\"url\":\"http://89.160.20.156:59154/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17673,7 +17307,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134257113Z", "kind": "enrichment", "original": "{\"id\":\"961177\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961177/\",\"url\":\"http://89.160.20.156:57950/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17722,7 +17355,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134258237Z", "kind": "enrichment", "original": "{\"id\":\"961178\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961178/\",\"url\":\"http://89.160.20.156:33520/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17771,7 +17403,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134259193Z", "kind": "enrichment", "original": "{\"id\":\"961179\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961179/\",\"url\":\"http://89.160.20.156:45525/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17820,7 +17451,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134260069Z", "kind": "enrichment", "original": "{\"id\":\"961180\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961180/\",\"url\":\"http://89.160.20.156:38430/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17869,7 +17499,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134260896Z", "kind": "enrichment", "original": "{\"id\":\"961181\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961181/\",\"url\":\"http://89.160.20.156:4096/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17918,7 +17547,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134261721Z", "kind": "enrichment", "original": "{\"id\":\"961182\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961182/\",\"url\":\"http://89.160.20.156:50631/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -17967,7 +17595,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134262606Z", "kind": "enrichment", "original": "{\"id\":\"961176\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961176/\",\"url\":\"http://89.160.20.156:37989/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18016,7 +17643,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134263538Z", "kind": "enrichment", "original": "{\"id\":\"961175\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961175/\",\"url\":\"http://89.160.20.156:54078/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:20:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18066,7 +17692,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134264373Z", "kind": "enrichment", "original": "{\"id\":\"961173\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961173/\",\"url\":\"http://89.160.20.156:34201/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -18114,7 +17739,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134265193Z", "kind": "enrichment", "original": "{\"id\":\"961174\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961174/\",\"url\":\"http://89.160.20.156:56573/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18164,7 +17788,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134266018Z", "kind": "enrichment", "original": "{\"id\":\"961172\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961172/\",\"url\":\"http://89.160.20.156:48291/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:08:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -18213,7 +17836,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134266971Z", "kind": "enrichment", "original": "{\"id\":\"961170\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961170/\",\"url\":\"http://89.160.20.156:60102/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18262,7 +17884,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134267843Z", "kind": "enrichment", "original": "{\"id\":\"961171\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961171/\",\"url\":\"http://89.160.20.156:52225/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18311,7 +17932,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134268723Z", "kind": "enrichment", "original": "{\"id\":\"961167\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961167/\",\"url\":\"http://89.160.20.156:56733/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18360,7 +17980,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134269551Z", "kind": "enrichment", "original": "{\"id\":\"961168\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961168/\",\"url\":\"http://89.160.20.156:57042/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18409,7 +18028,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134270398Z", "kind": "enrichment", "original": "{\"id\":\"961169\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961169/\",\"url\":\"http://89.160.20.156:38035/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18458,7 +18076,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134271215Z", "kind": "enrichment", "original": "{\"id\":\"961165\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961165/\",\"url\":\"http://89.160.20.156:33540/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18507,7 +18124,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134272031Z", "kind": "enrichment", "original": "{\"id\":\"961166\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961166/\",\"url\":\"http://89.160.20.156:51947/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18556,7 +18172,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134272864Z", "kind": "enrichment", "original": "{\"id\":\"961164\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961164/\",\"url\":\"http://89.160.20.156:36915/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18605,7 +18220,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134273684Z", "kind": "enrichment", "original": "{\"id\":\"961163\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961163/\",\"url\":\"http://89.160.20.156:38865/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:05:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18653,7 +18267,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134274668Z", "kind": "enrichment", "original": "{\"id\":\"961162\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961162/\",\"url\":\"http://89.160.20.156:55480/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:37 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18701,7 +18314,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134275485Z", "kind": "enrichment", "original": "{\"id\":\"961161\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961161/\",\"url\":\"http://89.160.20.156:51996/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:36 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18749,7 +18361,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134276301Z", "kind": "enrichment", "original": "{\"id\":\"961160\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961160/\",\"url\":\"http://89.160.20.156:36042/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:34 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18797,7 +18408,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134277138Z", "kind": "enrichment", "original": "{\"id\":\"961158\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961158/\",\"url\":\"http://89.160.20.156:34350/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18845,7 +18455,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134277961Z", "kind": "enrichment", "original": "{\"id\":\"961159\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961159/\",\"url\":\"http://89.160.20.156:53587/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:33 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18893,7 +18502,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134278902Z", "kind": "enrichment", "original": "{\"id\":\"961157\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961157/\",\"url\":\"http://89.160.20.156:53444/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -18942,7 +18550,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134279727Z", "kind": "enrichment", "original": "{\"id\":\"961155\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961155/\",\"url\":\"http://89.160.20.156:58653/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -18990,7 +18597,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134280548Z", "kind": "enrichment", "original": "{\"id\":\"961156\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961156/\",\"url\":\"http://89.160.20.156:50579/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19038,7 +18644,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134281368Z", "kind": "enrichment", "original": "{\"id\":\"961152\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961152/\",\"url\":\"http://89.160.20.156:3553/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19087,7 +18692,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134282308Z", "kind": "enrichment", "original": "{\"id\":\"961153\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961153/\",\"url\":\"http://89.160.20.156:35288/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19135,7 +18739,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134283185Z", "kind": "enrichment", "original": "{\"id\":\"961154\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961154/\",\"url\":\"http://89.160.20.156:46429/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19183,7 +18786,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134284005Z", "kind": "enrichment", "original": "{\"id\":\"961151\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961151/\",\"url\":\"http://89.160.20.156:44575/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19232,7 +18834,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134284829Z", "kind": "enrichment", "original": "{\"id\":\"961149\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961149/\",\"url\":\"http://89.160.20.156:43245/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19280,7 +18881,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134285669Z", "kind": "enrichment", "original": "{\"id\":\"961150\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961150/\",\"url\":\"http://89.160.20.156:50444/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19328,7 +18928,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134286594Z", "kind": "enrichment", "original": "{\"id\":\"961144\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961144/\",\"url\":\"http://89.160.20.156:51318/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"true\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19377,7 +18976,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134287425Z", "kind": "enrichment", "original": "{\"id\":\"961145\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961145/\",\"url\":\"http://89.160.20.156:46221/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19426,7 +19024,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134288242Z", "kind": "enrichment", "original": "{\"id\":\"961146\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961146/\",\"url\":\"http://89.160.20.156:51430/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19475,7 +19072,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134289061Z", "kind": "enrichment", "original": "{\"id\":\"961147\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961147/\",\"url\":\"http://89.160.20.156:52028/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19524,7 +19120,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134289942Z", "kind": "enrichment", "original": "{\"id\":\"961148\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961148/\",\"url\":\"http://89.160.20.156:48291/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19572,7 +19167,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134290813Z", "kind": "enrichment", "original": "{\"id\":\"961143\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961143/\",\"url\":\"http://89.160.20.156:39613/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 18:04:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"Gandylyan1\",\"larted\":\"false\",\"tags\":[\"Mozi\"]}", "type": "indicator" @@ -19622,7 +19216,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134291653Z", "kind": "enrichment", "original": "{\"id\":\"961142\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961142/\",\"url\":\"http://89.160.20.156:34201/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:56:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -19671,7 +19264,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134292470Z", "kind": "enrichment", "original": "{\"id\":\"961141\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961141/\",\"url\":\"http://89.160.20.156:47095/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19720,7 +19312,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134293287Z", "kind": "enrichment", "original": "{\"id\":\"961136\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961136/\",\"url\":\"http://89.160.20.156:42004/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19769,7 +19360,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134294168Z", "kind": "enrichment", "original": "{\"id\":\"961137\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961137/\",\"url\":\"http://89.160.20.156:52058/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19818,7 +19408,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134295036Z", "kind": "enrichment", "original": "{\"id\":\"961138\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961138/\",\"url\":\"http://89.160.20.156:45432/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19867,7 +19456,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134295872Z", "kind": "enrichment", "original": "{\"id\":\"961139\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961139/\",\"url\":\"http://89.160.20.156:49891/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19916,7 +19504,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134296690Z", "kind": "enrichment", "original": "{\"id\":\"961140\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961140/\",\"url\":\"http://89.160.20.156:34334/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:53:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -19965,7 +19552,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134297612Z", "kind": "enrichment", "original": "{\"id\":\"961135\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961135/\",\"url\":\"http://89.160.20.156:42886/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20014,7 +19600,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134298528Z", "kind": "enrichment", "original": "{\"id\":\"961134\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961134/\",\"url\":\"http://89.160.20.156:47096/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20063,7 +19648,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134299348Z", "kind": "enrichment", "original": "{\"id\":\"961132\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961132/\",\"url\":\"http://89.160.20.156:48214/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20112,7 +19696,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134300165Z", "kind": "enrichment", "original": "{\"id\":\"961133\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961133/\",\"url\":\"http://89.160.20.156:40478/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20161,7 +19744,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134300988Z", "kind": "enrichment", "original": "{\"id\":\"961130\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961130/\",\"url\":\"http://89.160.20.156:37771/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20210,7 +19792,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134301972Z", "kind": "enrichment", "original": "{\"id\":\"961131\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961131/\",\"url\":\"http://89.160.20.156:35513/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20259,7 +19840,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134302816Z", "kind": "enrichment", "original": "{\"id\":\"961129\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961129/\",\"url\":\"http://89.160.20.156:53382/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:51:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20308,7 +19888,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134303635Z", "kind": "enrichment", "original": "{\"id\":\"961128\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961128/\",\"url\":\"http://89.160.20.156:50336/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:17 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20357,7 +19936,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134304739Z", "kind": "enrichment", "original": "{\"id\":\"961124\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961124/\",\"url\":\"http://89.160.20.156:34233/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20406,7 +19984,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134306907Z", "kind": "enrichment", "original": "{\"id\":\"961125\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961125/\",\"url\":\"http://89.160.20.156:38392/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20455,7 +20032,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134307939Z", "kind": "enrichment", "original": "{\"id\":\"961126\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961126/\",\"url\":\"http://89.160.20.156:52654/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20504,7 +20080,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134308775Z", "kind": "enrichment", "original": "{\"id\":\"961127\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961127/\",\"url\":\"http://89.160.20.156:60203/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20553,7 +20128,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134309603Z", "kind": "enrichment", "original": "{\"id\":\"961123\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961123/\",\"url\":\"http://89.160.20.156:48091/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20602,7 +20176,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134310427Z", "kind": "enrichment", "original": "{\"id\":\"961122\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961122/\",\"url\":\"http://89.160.20.156:40783/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:49:41 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20651,7 +20224,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134311364Z", "kind": "enrichment", "original": "{\"id\":\"961121\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961121/\",\"url\":\"http://89.160.20.156:52015/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:49:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20700,7 +20272,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134312278Z", "kind": "enrichment", "original": "{\"id\":\"961118\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961118/\",\"url\":\"http://89.160.20.156:42987/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20749,7 +20320,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134313095Z", "kind": "enrichment", "original": "{\"id\":\"961119\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961119/\",\"url\":\"http://89.160.20.156:53388/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20798,7 +20368,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134313929Z", "kind": "enrichment", "original": "{\"id\":\"961120\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961120/\",\"url\":\"http://89.160.20.156:44124/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20847,7 +20416,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134314751Z", "kind": "enrichment", "original": "{\"id\":\"961115\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961115/\",\"url\":\"http://89.160.20.156:33802/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20896,7 +20464,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134315688Z", "kind": "enrichment", "original": "{\"id\":\"961116\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961116/\",\"url\":\"http://89.160.20.156:43806/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20945,7 +20512,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134316505Z", "kind": "enrichment", "original": "{\"id\":\"961117\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961117/\",\"url\":\"http://89.160.20.156:52278/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -20994,7 +20560,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134317337Z", "kind": "enrichment", "original": "{\"id\":\"961114\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961114/\",\"url\":\"http://89.160.20.156:41202/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21043,7 +20608,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134318153Z", "kind": "enrichment", "original": "{\"id\":\"961113\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961113/\",\"url\":\"http://89.160.20.156:35756/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:36:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21092,7 +20656,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134319030Z", "kind": "enrichment", "original": "{\"id\":\"961112\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961112/\",\"url\":\"http://89.160.20.156:40569/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21141,7 +20704,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134319905Z", "kind": "enrichment", "original": "{\"id\":\"961111\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961111/\",\"url\":\"http://89.160.20.156:47645/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:36:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21190,7 +20752,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134320743Z", "kind": "enrichment", "original": "{\"id\":\"961110\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961110/\",\"url\":\"http://89.160.20.156:40023/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21239,7 +20800,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134321560Z", "kind": "enrichment", "original": "{\"id\":\"961109\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961109/\",\"url\":\"http://89.160.20.156:53402/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:34:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21289,7 +20849,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134322376Z", "kind": "enrichment", "original": "{\"id\":\"961108\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961108/\",\"url\":\"http://89.160.20.156:36316/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:29:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -21339,7 +20898,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134323251Z", "kind": "enrichment", "original": "{\"id\":\"961107\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961107/\",\"url\":\"http://89.160.20.156:48105/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:28:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -21388,7 +20946,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134324063Z", "kind": "enrichment", "original": "{\"id\":\"961103\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961103/\",\"url\":\"http://89.160.20.156:40017/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21437,7 +20994,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134324879Z", "kind": "enrichment", "original": "{\"id\":\"961104\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961104/\",\"url\":\"http://89.160.20.156:41906/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21486,7 +21042,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134325714Z", "kind": "enrichment", "original": "{\"id\":\"961105\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961105/\",\"url\":\"http://89.160.20.156:38607/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21535,7 +21090,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134326600Z", "kind": "enrichment", "original": "{\"id\":\"961106\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961106/\",\"url\":\"http://89.160.20.156:59331/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21584,7 +21138,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134327492Z", "kind": "enrichment", "original": "{\"id\":\"961102\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961102/\",\"url\":\"http://89.160.20.156:53932/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:24 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21633,7 +21186,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134328310Z", "kind": "enrichment", "original": "{\"id\":\"961101\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961101/\",\"url\":\"http://89.160.20.156:58385/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21682,7 +21234,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134329128Z", "kind": "enrichment", "original": "{\"id\":\"961099\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961099/\",\"url\":\"http://89.160.20.156:57010/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21731,7 +21282,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134329966Z", "kind": "enrichment", "original": "{\"id\":\"961100\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961100/\",\"url\":\"http://89.160.20.156:59715/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21780,7 +21330,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134330856Z", "kind": "enrichment", "original": "{\"id\":\"961094\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961094/\",\"url\":\"http://89.160.20.156:57052/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21829,7 +21378,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134331676Z", "kind": "enrichment", "original": "{\"id\":\"961095\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961095/\",\"url\":\"http://89.160.20.156:60550/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21878,7 +21426,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134332505Z", "kind": "enrichment", "original": "{\"id\":\"961096\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961096/\",\"url\":\"http://89.160.20.156:39684/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21927,7 +21474,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134333327Z", "kind": "enrichment", "original": "{\"id\":\"961097\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961097/\",\"url\":\"http://89.160.20.156:43593/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -21976,7 +21522,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134334148Z", "kind": "enrichment", "original": "{\"id\":\"961098\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961098/\",\"url\":\"http://89.160.20.156:36066/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:20:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22025,7 +21570,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134335118Z", "kind": "enrichment", "original": "{\"id\":\"961093\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961093/\",\"url\":\"http://89.160.20.156:35006/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22074,7 +21618,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134335937Z", "kind": "enrichment", "original": "{\"id\":\"961091\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961091/\",\"url\":\"http://89.160.20.156:38184/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22123,7 +21666,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134337048Z", "kind": "enrichment", "original": "{\"id\":\"961092\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961092/\",\"url\":\"http://89.160.20.156:59027/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22172,7 +21714,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134337881Z", "kind": "enrichment", "original": "{\"id\":\"961090\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961090/\",\"url\":\"http://89.160.20.156:50639/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22221,7 +21762,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134338816Z", "kind": "enrichment", "original": "{\"id\":\"961086\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961086/\",\"url\":\"http://89.160.20.156:33534/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22270,7 +21810,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134339719Z", "kind": "enrichment", "original": "{\"id\":\"961087\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961087/\",\"url\":\"http://89.160.20.156:36316/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22319,7 +21858,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134340539Z", "kind": "enrichment", "original": "{\"id\":\"961088\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961088/\",\"url\":\"http://89.160.20.156:47120/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22368,7 +21906,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134341368Z", "kind": "enrichment", "original": "{\"id\":\"961089\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961089/\",\"url\":\"http://89.160.20.156:46287/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:19:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22418,7 +21955,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134342187Z", "kind": "enrichment", "original": "{\"id\":\"961085\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961085/\",\"url\":\"http://89.160.20.156:39536/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:14:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -22467,7 +22003,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134343131Z", "kind": "enrichment", "original": "{\"id\":\"961083\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961083/\",\"url\":\"http://89.160.20.156:40689/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22516,7 +22051,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134343956Z", "kind": "enrichment", "original": "{\"id\":\"961084\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961084/\",\"url\":\"http://89.160.20.156:51123/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22565,7 +22099,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134344781Z", "kind": "enrichment", "original": "{\"id\":\"961082\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961082/\",\"url\":\"http://89.160.20.156:52540/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22614,7 +22147,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134345620Z", "kind": "enrichment", "original": "{\"id\":\"961081\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961081/\",\"url\":\"http://89.160.20.156:56964/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22663,7 +22195,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134346510Z", "kind": "enrichment", "original": "{\"id\":\"961078\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961078/\",\"url\":\"http://89.160.20.156:57120/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22712,7 +22243,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134347398Z", "kind": "enrichment", "original": "{\"id\":\"961079\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961079/\",\"url\":\"http://89.160.20.156:44518/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22761,7 +22291,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134348222Z", "kind": "enrichment", "original": "{\"id\":\"961080\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961080/\",\"url\":\"http://89.160.20.156:50389/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22810,7 +22339,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134349048Z", "kind": "enrichment", "original": "{\"id\":\"961077\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961077/\",\"url\":\"http://89.160.20.156:34335/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22859,7 +22387,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134349867Z", "kind": "enrichment", "original": "{\"id\":\"961069\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961069/\",\"url\":\"http://89.160.20.156:54865/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22908,7 +22435,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134350823Z", "kind": "enrichment", "original": "{\"id\":\"961070\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961070/\",\"url\":\"http://89.160.20.156:50773/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -22957,7 +22483,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134351639Z", "kind": "enrichment", "original": "{\"id\":\"961071\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961071/\",\"url\":\"http://89.160.20.156:52005/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23006,7 +22531,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134352455Z", "kind": "enrichment", "original": "{\"id\":\"961072\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961072/\",\"url\":\"http://89.160.20.156:56066/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23055,7 +22579,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134353274Z", "kind": "enrichment", "original": "{\"id\":\"961073\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961073/\",\"url\":\"http://89.160.20.156:32915/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23104,7 +22627,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134354153Z", "kind": "enrichment", "original": "{\"id\":\"961074\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961074/\",\"url\":\"http://89.160.20.156:43462/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23153,7 +22675,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134355085Z", "kind": "enrichment", "original": "{\"id\":\"961075\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961075/\",\"url\":\"http://89.160.20.156:33291/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23202,7 +22723,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134355914Z", "kind": "enrichment", "original": "{\"id\":\"961076\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961076/\",\"url\":\"http://89.160.20.156:1440/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23251,7 +22771,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134356729Z", "kind": "enrichment", "original": "{\"id\":\"961068\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961068/\",\"url\":\"http://89.160.20.156:55907/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23300,7 +22819,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134357549Z", "kind": "enrichment", "original": "{\"id\":\"961066\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961066/\",\"url\":\"http://89.160.20.156:33181/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23349,7 +22867,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134358516Z", "kind": "enrichment", "original": "{\"id\":\"961067\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961067/\",\"url\":\"http://89.160.20.156:44691/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23398,7 +22915,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134359335Z", "kind": "enrichment", "original": "{\"id\":\"961059\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961059/\",\"url\":\"http://89.160.20.156:55254/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23447,7 +22963,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134360146Z", "kind": "enrichment", "original": "{\"id\":\"961060\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961060/\",\"url\":\"http://89.160.20.156:43010/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23496,7 +23011,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134360959Z", "kind": "enrichment", "original": "{\"id\":\"961061\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961061/\",\"url\":\"http://89.160.20.156:37886/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23545,7 +23059,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134361782Z", "kind": "enrichment", "original": "{\"id\":\"961062\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961062/\",\"url\":\"http://89.160.20.156:40153/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23594,7 +23107,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134362764Z", "kind": "enrichment", "original": "{\"id\":\"961063\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961063/\",\"url\":\"http://89.160.20.156:34305/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23643,7 +23155,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134363603Z", "kind": "enrichment", "original": "{\"id\":\"961064\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961064/\",\"url\":\"http://89.160.20.156:35653/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23692,7 +23203,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134364421Z", "kind": "enrichment", "original": "{\"id\":\"961065\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961065/\",\"url\":\"http://89.160.20.156:48908/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23741,7 +23251,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134365239Z", "kind": "enrichment", "original": "{\"id\":\"961058\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961058/\",\"url\":\"http://89.160.20.156:40035/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:04:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23790,7 +23299,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134366225Z", "kind": "enrichment", "original": "{\"id\":\"961055\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961055/\",\"url\":\"http://89.160.20.156:54461/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23839,7 +23347,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134367100Z", "kind": "enrichment", "original": "{\"id\":\"961056\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961056/\",\"url\":\"http://89.160.20.156:51991/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -23889,7 +23396,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134367930Z", "kind": "enrichment", "original": "{\"id\":\"961057\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961057/\",\"url\":\"http://89.160.20.156:41143/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -23938,7 +23444,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134368746Z", "kind": "enrichment", "original": "{\"id\":\"961054\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961054/\",\"url\":\"http://89.160.20.156:51095/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 17:02:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -23986,7 +23491,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134369567Z", "kind": "enrichment", "original": "{\"id\":\"961053\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961053/\",\"url\":\"http://89.160.20.156:36558/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24035,7 +23539,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134370477Z", "kind": "enrichment", "original": "{\"id\":\"961050\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961050/\",\"url\":\"http://89.160.20.156:47548/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24084,7 +23587,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134371294Z", "kind": "enrichment", "original": "{\"id\":\"961051\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961051/\",\"url\":\"http://89.160.20.156:35796/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24133,7 +23635,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134372126Z", "kind": "enrichment", "original": "{\"id\":\"961052\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961052/\",\"url\":\"http://89.160.20.156:42765/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24182,7 +23683,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134372946Z", "kind": "enrichment", "original": "{\"id\":\"961048\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961048/\",\"url\":\"http://89.160.20.156:37388/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:51:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24231,7 +23731,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134373825Z", "kind": "enrichment", "original": "{\"id\":\"961049\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961049/\",\"url\":\"http://89.160.20.156:56849/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:51:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24280,7 +23779,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134374652Z", "kind": "enrichment", "original": "{\"id\":\"961047\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961047/\",\"url\":\"http://89.160.20.156:35574/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24329,7 +23827,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134375470Z", "kind": "enrichment", "original": "{\"id\":\"961046\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961046/\",\"url\":\"http://89.160.20.156:46947/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24378,7 +23875,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134376302Z", "kind": "enrichment", "original": "{\"id\":\"961043\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961043/\",\"url\":\"http://89.160.20.156:34452/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24427,7 +23923,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134377128Z", "kind": "enrichment", "original": "{\"id\":\"961044\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961044/\",\"url\":\"http://89.160.20.156:33017/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24476,7 +23971,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134378082Z", "kind": "enrichment", "original": "{\"id\":\"961045\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961045/\",\"url\":\"http://89.160.20.156:55061/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24525,7 +24019,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134378900Z", "kind": "enrichment", "original": "{\"id\":\"961040\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961040/\",\"url\":\"http://89.160.20.156:50046/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24574,7 +24067,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134379720Z", "kind": "enrichment", "original": "{\"id\":\"961041\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961041/\",\"url\":\"http://89.160.20.156:51960/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24623,7 +24115,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134380538Z", "kind": "enrichment", "original": "{\"id\":\"961042\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961042/\",\"url\":\"http://89.160.20.156:42372/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24672,7 +24163,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134381425Z", "kind": "enrichment", "original": "{\"id\":\"961039\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961039/\",\"url\":\"http://89.160.20.156:51592/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:49:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24721,7 +24211,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134382338Z", "kind": "enrichment", "original": "{\"id\":\"961038\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961038/\",\"url\":\"http://89.160.20.156:35585/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:49:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24770,7 +24259,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134383153Z", "kind": "enrichment", "original": "{\"id\":\"961035\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961035/\",\"url\":\"http://89.160.20.156:38398/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:49:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24819,7 +24307,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134383968Z", "kind": "enrichment", "original": "{\"id\":\"961036\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961036/\",\"url\":\"http://89.160.20.156:59880/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:49:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24868,7 +24355,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134384793Z", "kind": "enrichment", "original": "{\"id\":\"961037\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961037/\",\"url\":\"http://89.160.20.156:39138/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:49:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -24918,7 +24404,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134385800Z", "kind": "enrichment", "original": "{\"id\":\"961033\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961033/\",\"url\":\"http://89.160.20.156:51095/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:40:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -24968,7 +24453,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134386617Z", "kind": "enrichment", "original": "{\"id\":\"961034\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961034/\",\"url\":\"http://89.160.20.156:45117/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:40:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -25016,7 +24500,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134387435Z", "kind": "enrichment", "original": "{\"id\":\"961032\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961032/\",\"url\":\"http://89.160.20.156:50204/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25065,7 +24548,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134388250Z", "kind": "enrichment", "original": "{\"id\":\"961029\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961029/\",\"url\":\"http://89.160.20.156:45079/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25114,7 +24596,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134389073Z", "kind": "enrichment", "original": "{\"id\":\"961030\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961030/\",\"url\":\"http://89.160.20.156:52238/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25163,7 +24644,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134390054Z", "kind": "enrichment", "original": "{\"id\":\"961031\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961031/\",\"url\":\"http://89.160.20.156:40312/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25212,7 +24692,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134390933Z", "kind": "enrichment", "original": "{\"id\":\"961026\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961026/\",\"url\":\"http://89.160.20.156:39002/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25261,7 +24740,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134393131Z", "kind": "enrichment", "original": "{\"id\":\"961027\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961027/\",\"url\":\"http://89.160.20.156:50773/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25310,7 +24788,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134394040Z", "kind": "enrichment", "original": "{\"id\":\"961028\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961028/\",\"url\":\"http://89.160.20.156:50050/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25359,7 +24836,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134395005Z", "kind": "enrichment", "original": "{\"id\":\"961024\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961024/\",\"url\":\"http://89.160.20.156:60081/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25408,7 +24884,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134395877Z", "kind": "enrichment", "original": "{\"id\":\"961025\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961025/\",\"url\":\"http://89.160.20.156:58177/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25457,7 +24932,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134396688Z", "kind": "enrichment", "original": "{\"id\":\"961023\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961023/\",\"url\":\"http://89.160.20.156:38589/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:36:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25506,7 +24980,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134397508Z", "kind": "enrichment", "original": "{\"id\":\"961022\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961022/\",\"url\":\"http://89.160.20.156:39229/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:35:25 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25555,7 +25028,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134398325Z", "kind": "enrichment", "original": "{\"id\":\"961021\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961021/\",\"url\":\"http://89.160.20.156:53595/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25604,7 +25076,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134399276Z", "kind": "enrichment", "original": "{\"id\":\"961018\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961018/\",\"url\":\"http://89.160.20.156:57279/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25653,7 +25124,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134400142Z", "kind": "enrichment", "original": "{\"id\":\"961019\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961019/\",\"url\":\"http://89.160.20.156:49019/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25702,7 +25172,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134400977Z", "kind": "enrichment", "original": "{\"id\":\"961020\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961020/\",\"url\":\"http://89.160.20.156:48558/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25751,7 +25220,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134401790Z", "kind": "enrichment", "original": "{\"id\":\"961017\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961017/\",\"url\":\"http://89.160.20.156:58913/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:25 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25800,7 +25268,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134402614Z", "kind": "enrichment", "original": "{\"id\":\"961016\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961016/\",\"url\":\"http://89.160.20.156:49608/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25850,7 +25317,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134403484Z", "kind": "enrichment", "original": "{\"id\":\"961013\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961013/\",\"url\":\"http://89.160.20.156:41143/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -25899,7 +25365,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134404353Z", "kind": "enrichment", "original": "{\"id\":\"961014\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961014/\",\"url\":\"http://89.160.20.156:42129/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25948,7 +25413,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134405224Z", "kind": "enrichment", "original": "{\"id\":\"961015\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961015/\",\"url\":\"http://89.160.20.156:47403/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -25997,7 +25461,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134406110Z", "kind": "enrichment", "original": "{\"id\":\"961011\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961011/\",\"url\":\"http://89.160.20.156:60187/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26046,7 +25509,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134407036Z", "kind": "enrichment", "original": "{\"id\":\"961012\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961012/\",\"url\":\"http://89.160.20.156:46097/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:34:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26096,7 +25558,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134407904Z", "kind": "enrichment", "original": "{\"id\":\"961010\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961010/\",\"url\":\"http://89.160.20.156:50771/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:31:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -26144,7 +25605,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134408779Z", "kind": "enrichment", "original": "{\"id\":\"961009\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961009/\",\"url\":\"https://pastebin.com/raw/00aUJCLx\",\"url_status\":\"offline\",\"host\":\"pastebin.com\",\"date_added\":\"2021-01-14 16:29:03 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"pmelson\",\"larted\":\"false\",\"tags\":[\"ASPXShell\",\"webshell\"]}", "type": "indicator" @@ -26191,7 +25651,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134409599Z", "kind": "enrichment", "original": "{\"id\":\"961008\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961008/\",\"url\":\"http://89.160.20.156:45117/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:25:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -26240,7 +25699,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134410489Z", "kind": "enrichment", "original": "{\"id\":\"961007\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961007/\",\"url\":\"http://89.160.20.156:41485/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:16 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26289,7 +25747,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134411380Z", "kind": "enrichment", "original": "{\"id\":\"961006\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961006/\",\"url\":\"http://89.160.20.156:43851/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:15 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26338,7 +25795,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134412197Z", "kind": "enrichment", "original": "{\"id\":\"961005\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961005/\",\"url\":\"http://89.160.20.156:37095/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26387,7 +25843,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134413018Z", "kind": "enrichment", "original": "{\"id\":\"961004\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961004/\",\"url\":\"http://89.160.20.156:59275/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26436,7 +25891,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134413834Z", "kind": "enrichment", "original": "{\"id\":\"961002\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961002/\",\"url\":\"http://89.160.20.156:46131/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26485,7 +25939,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134414755Z", "kind": "enrichment", "original": "{\"id\":\"961003\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961003/\",\"url\":\"http://89.160.20.156:40129/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26534,7 +25987,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134415583Z", "kind": "enrichment", "original": "{\"id\":\"961000\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961000/\",\"url\":\"http://89.160.20.156:43924/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26584,7 +26036,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134416400Z", "kind": "enrichment", "original": "{\"id\":\"961001\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/961001/\",\"url\":\"http://89.160.20.156:38851/i\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -26632,7 +26083,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134417568Z", "kind": "enrichment", "original": "{\"id\":\"960996\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960996/\",\"url\":\"http://89.160.20.156:33008/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26681,7 +26131,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134418811Z", "kind": "enrichment", "original": "{\"id\":\"960997\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960997/\",\"url\":\"http://89.160.20.156:60201/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26730,7 +26179,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134419707Z", "kind": "enrichment", "original": "{\"id\":\"960998\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960998/\",\"url\":\"http://89.160.20.156:41479/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26779,7 +26227,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134420753Z", "kind": "enrichment", "original": "{\"id\":\"960999\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960999/\",\"url\":\"http://89.160.20.156:52003/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:21:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26828,7 +26275,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134421591Z", "kind": "enrichment", "original": "{\"id\":\"960995\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960995/\",\"url\":\"http://89.160.20.156:39500/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:16 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26877,7 +26323,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134422403Z", "kind": "enrichment", "original": "{\"id\":\"960994\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960994/\",\"url\":\"http://89.160.20.156:36966/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26926,7 +26371,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134423224Z", "kind": "enrichment", "original": "{\"id\":\"960991\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960991/\",\"url\":\"http://89.160.20.156:59875/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -26975,7 +26419,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134424202Z", "kind": "enrichment", "original": "{\"id\":\"960992\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960992/\",\"url\":\"http://89.160.20.156:44123/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27024,7 +26467,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134425015Z", "kind": "enrichment", "original": "{\"id\":\"960993\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960993/\",\"url\":\"http://89.160.20.156:45224/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27073,7 +26515,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134425842Z", "kind": "enrichment", "original": "{\"id\":\"960990\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960990/\",\"url\":\"http://89.160.20.156:43105/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27122,7 +26563,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134426648Z", "kind": "enrichment", "original": "{\"id\":\"960984\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960984/\",\"url\":\"http://89.160.20.156:46011/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27171,7 +26611,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134427467Z", "kind": "enrichment", "original": "{\"id\":\"960985\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960985/\",\"url\":\"http://89.160.20.156:51170/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27220,7 +26659,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134428342Z", "kind": "enrichment", "original": "{\"id\":\"960986\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960986/\",\"url\":\"http://89.160.20.156:38025/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27269,7 +26707,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134429160Z", "kind": "enrichment", "original": "{\"id\":\"960987\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960987/\",\"url\":\"http://89.160.20.156:54132/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27318,7 +26755,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134429972Z", "kind": "enrichment", "original": "{\"id\":\"960988\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960988/\",\"url\":\"http://89.160.20.156:57705/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27367,7 +26803,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134430785Z", "kind": "enrichment", "original": "{\"id\":\"960989\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960989/\",\"url\":\"http://89.160.20.156:32983/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:20:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27416,7 +26851,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134431711Z", "kind": "enrichment", "original": "{\"id\":\"960983\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960983/\",\"url\":\"http://89.160.20.156:47908/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27465,7 +26899,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134432578Z", "kind": "enrichment", "original": "{\"id\":\"960982\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960982/\",\"url\":\"http://89.160.20.156:35116/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27514,7 +26947,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134433412Z", "kind": "enrichment", "original": "{\"id\":\"960978\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960978/\",\"url\":\"http://89.160.20.156:38070/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27563,7 +26995,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134434227Z", "kind": "enrichment", "original": "{\"id\":\"960979\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960979/\",\"url\":\"http://89.160.20.156:53399/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27612,7 +27043,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134435047Z", "kind": "enrichment", "original": "{\"id\":\"960980\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960980/\",\"url\":\"http://89.160.20.156:39529/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27661,7 +27091,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134435974Z", "kind": "enrichment", "original": "{\"id\":\"960981\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960981/\",\"url\":\"http://89.160.20.156:33465/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:19:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27710,7 +27139,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134436812Z", "kind": "enrichment", "original": "{\"id\":\"960977\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960977/\",\"url\":\"http://89.160.20.156:59085/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:16:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"07ac0n\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27760,7 +27188,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134437650Z", "kind": "enrichment", "original": "{\"id\":\"960976\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960976/\",\"url\":\"http://89.160.20.156:33799/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:09:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -27808,7 +27235,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134438464Z", "kind": "enrichment", "original": "{\"id\":\"960972\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960972/\",\"url\":\"http://89.160.20.156:40430/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27857,7 +27283,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134439355Z", "kind": "enrichment", "original": "{\"id\":\"960973\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960973/\",\"url\":\"http://89.160.20.156:43006/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27906,7 +27331,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134440228Z", "kind": "enrichment", "original": "{\"id\":\"960974\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960974/\",\"url\":\"http://89.160.20.156:33385/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -27955,7 +27379,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134441051Z", "kind": "enrichment", "original": "{\"id\":\"960975\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960975/\",\"url\":\"http://89.160.20.156:56649/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28004,7 +27427,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134441879Z", "kind": "enrichment", "original": "{\"id\":\"960971\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960971/\",\"url\":\"http://89.160.20.156:55457/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28053,7 +27475,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134442698Z", "kind": "enrichment", "original": "{\"id\":\"960968\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960968/\",\"url\":\"http://89.160.20.156:52314/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28102,7 +27523,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134443521Z", "kind": "enrichment", "original": "{\"id\":\"960969\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960969/\",\"url\":\"http://89.160.20.156:41985/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28152,7 +27572,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134444351Z", "kind": "enrichment", "original": "{\"id\":\"960970\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960970/\",\"url\":\"http://89.160.20.156:53197/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:07:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -28200,7 +27619,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134445165Z", "kind": "enrichment", "original": "{\"id\":\"960967\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960967/\",\"url\":\"http://89.160.20.156:54472/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28249,7 +27667,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134445984Z", "kind": "enrichment", "original": "{\"id\":\"960966\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960966/\",\"url\":\"http://89.160.20.156:38100/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28298,7 +27715,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134446806Z", "kind": "enrichment", "original": "{\"id\":\"960964\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960964/\",\"url\":\"http://89.160.20.156:33121/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28347,7 +27763,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134447675Z", "kind": "enrichment", "original": "{\"id\":\"960965\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960965/\",\"url\":\"http://89.160.20.156:39363/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28396,7 +27811,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134448712Z", "kind": "enrichment", "original": "{\"id\":\"960961\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960961/\",\"url\":\"http://89.160.20.156:42844/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28445,7 +27859,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134449573Z", "kind": "enrichment", "original": "{\"id\":\"960962\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960962/\",\"url\":\"http://89.160.20.156:45789/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28494,7 +27907,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134450396Z", "kind": "enrichment", "original": "{\"id\":\"960963\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960963/\",\"url\":\"http://89.160.20.156:34080/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:06:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28543,7 +27955,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134451245Z", "kind": "enrichment", "original": "{\"id\":\"960960\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960960/\",\"url\":\"http://89.160.20.156:56067/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:11 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28592,7 +28003,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134452059Z", "kind": "enrichment", "original": "{\"id\":\"960959\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960959/\",\"url\":\"http://89.160.20.156:34205/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28641,7 +28051,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134452873Z", "kind": "enrichment", "original": "{\"id\":\"960957\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960957/\",\"url\":\"http://89.160.20.156:53239/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28690,7 +28099,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134453688Z", "kind": "enrichment", "original": "{\"id\":\"960958\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960958/\",\"url\":\"http://89.160.20.156:53868/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28739,7 +28147,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134454512Z", "kind": "enrichment", "original": "{\"id\":\"960955\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960955/\",\"url\":\"http://89.160.20.156:39724/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28788,7 +28195,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134455432Z", "kind": "enrichment", "original": "{\"id\":\"960956\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960956/\",\"url\":\"http://89.160.20.156:60804/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28837,7 +28243,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134456246Z", "kind": "enrichment", "original": "{\"id\":\"960953\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960953/\",\"url\":\"http://89.160.20.156:51949/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28886,7 +28291,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134457061Z", "kind": "enrichment", "original": "{\"id\":\"960954\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960954/\",\"url\":\"http://89.160.20.156:48224/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:05:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28935,7 +28339,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134457875Z", "kind": "enrichment", "original": "{\"id\":\"960952\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960952/\",\"url\":\"http://89.160.20.156:37716/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:10 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -28984,7 +28387,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134458812Z", "kind": "enrichment", "original": "{\"id\":\"960951\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960951/\",\"url\":\"http://89.160.20.156:60524/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29034,7 +28436,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134459805Z", "kind": "enrichment", "original": "{\"id\":\"960946\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960946/\",\"url\":\"http://urlfrance.fr/code/dd.txt\",\"url_status\":\"offline\",\"host\":\"urlfrance.fr\",\"date_added\":\"2021-01-14 16:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"Encoded\",\"njRAT\",\"rat\"]}", "type": "indicator" @@ -29082,7 +28483,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134462013Z", "kind": "enrichment", "original": "{\"id\":\"960947\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960947/\",\"url\":\"http://89.160.20.156:49988/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -29131,7 +28531,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134462955Z", "kind": "enrichment", "original": "{\"id\":\"960948\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960948/\",\"url\":\"http://89.160.20.156:42857/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29181,7 +28580,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134463774Z", "kind": "enrichment", "original": "{\"id\":\"960949\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960949/\",\"url\":\"http://89.160.20.156:44751/bin.sh\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -29230,7 +28628,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134464757Z", "kind": "enrichment", "original": "{\"id\":\"960950\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960950/\",\"url\":\"http://89.160.20.156:47719/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 16:04:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29279,7 +28676,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134465570Z", "kind": "enrichment", "original": "{\"id\":\"960945\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960945/\",\"url\":\"http://89.160.20.156:38133/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:59:12 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"07ac0n\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29328,7 +28724,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134466433Z", "kind": "enrichment", "original": "{\"id\":\"960944\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960944/\",\"url\":\"http://www.sowetoson.com/new/Host_yjwloaz52.bin\",\"url_status\":\"online\",\"host\":\"www.sowetoson.com\",\"date_added\":\"2021-01-14 15:57:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"encrypted\",\"GuLoader\"]}", "type": "indicator" @@ -29375,7 +28770,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134467252Z", "kind": "enrichment", "original": "{\"id\":\"960942\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960942/\",\"url\":\"https://www.agamagroup.com.ng/zxc/janomo_uGdNtpvRY170.bin\",\"url_status\":\"online\",\"host\":\"www.agamagroup.com.ng\",\"date_added\":\"2021-01-14 15:57:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"abused_legit_malware\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"encrypted\",\"GuLoader\"]}", "type": "indicator" @@ -29422,7 +28816,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134468185Z", "kind": "enrichment", "original": "{\"id\":\"960943\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960943/\",\"url\":\"https://onedrive.live.com/download?cid=8FE9EB3F9398B325\u0026resid=8FE9EB3F9398B325%21126\u0026authkey=AOzL9FiDhEYRkm8\",\"url_status\":\"online\",\"host\":\"onedrive.live.com\",\"date_added\":\"2021-01-14 15:57:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"encrypted\",\"GuLoader\"]}", "type": "indicator" @@ -29469,7 +28862,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134469030Z", "kind": "enrichment", "original": "{\"id\":\"960941\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960941/\",\"url\":\"http://89.160.20.156:46462/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29518,7 +28910,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134469857Z", "kind": "enrichment", "original": "{\"id\":\"960940\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960940/\",\"url\":\"http://89.160.20.156:39046/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29567,7 +28958,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134470670Z", "kind": "enrichment", "original": "{\"id\":\"960934\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960934/\",\"url\":\"http://89.160.20.156:47418/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29616,7 +29006,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134471480Z", "kind": "enrichment", "original": "{\"id\":\"960935\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960935/\",\"url\":\"http://89.160.20.156:42287/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29665,7 +29054,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134472395Z", "kind": "enrichment", "original": "{\"id\":\"960936\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960936/\",\"url\":\"http://89.160.20.156:49596/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29714,7 +29102,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134473231Z", "kind": "enrichment", "original": "{\"id\":\"960937\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960937/\",\"url\":\"http://89.160.20.156:39815/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29763,7 +29150,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134474044Z", "kind": "enrichment", "original": "{\"id\":\"960938\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960938/\",\"url\":\"http://89.160.20.156:36568/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29812,7 +29198,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134474859Z", "kind": "enrichment", "original": "{\"id\":\"960939\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960939/\",\"url\":\"http://89.160.20.156:32954/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:52:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29861,7 +29246,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134475783Z", "kind": "enrichment", "original": "{\"id\":\"960933\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960933/\",\"url\":\"http://89.160.20.156:57752/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:51:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29910,7 +29294,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134476759Z", "kind": "enrichment", "original": "{\"id\":\"960932\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960932/\",\"url\":\"http://89.160.20.156:52221/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:51:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -29959,7 +29342,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134477601Z", "kind": "enrichment", "original": "{\"id\":\"960931\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960931/\",\"url\":\"http://89.160.20.156:58493/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:40 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30008,7 +29390,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134478419Z", "kind": "enrichment", "original": "{\"id\":\"960930\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960930/\",\"url\":\"http://89.160.20.156:57603/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:14 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30057,7 +29438,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134479235Z", "kind": "enrichment", "original": "{\"id\":\"960929\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960929/\",\"url\":\"http://89.160.20.156:45439/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:13 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30106,7 +29486,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134480054Z", "kind": "enrichment", "original": "{\"id\":\"960928\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960928/\",\"url\":\"http://89.160.20.156:58291/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:08 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30155,7 +29534,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134480870Z", "kind": "enrichment", "original": "{\"id\":\"960927\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960927/\",\"url\":\"http://89.160.20.156:52785/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30204,7 +29582,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134481703Z", "kind": "enrichment", "original": "{\"id\":\"960924\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960924/\",\"url\":\"http://89.160.20.156:38582/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30253,7 +29630,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134482518Z", "kind": "enrichment", "original": "{\"id\":\"960925\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960925/\",\"url\":\"http://89.160.20.156:39503/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30302,7 +29678,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134483399Z", "kind": "enrichment", "original": "{\"id\":\"960926\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960926/\",\"url\":\"http://89.160.20.156:53018/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30351,7 +29726,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134484305Z", "kind": "enrichment", "original": "{\"id\":\"960923\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960923/\",\"url\":\"http://89.160.20.156:40698/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:50:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30400,7 +29774,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134485119Z", "kind": "enrichment", "original": "{\"id\":\"960922\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960922/\",\"url\":\"http://89.160.20.156:50060/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:49:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30449,7 +29822,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134485957Z", "kind": "enrichment", "original": "{\"id\":\"960921\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960921/\",\"url\":\"http://89.160.20.156:47874/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:49:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30499,7 +29871,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134486780Z", "kind": "enrichment", "original": "{\"id\":\"960919\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960919/\",\"url\":\"http://perezluzwsdycafeyzmn.dns.navy/perdoc/regasm.exe\",\"url_status\":\"online\",\"host\":\"perezluzwsdycafeyzmn.dns.navy\",\"date_added\":\"2021-01-14 15:46:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"exe\",\"Loki\",\"opendir\"]}", "type": "indicator" @@ -30547,7 +29918,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134487668Z", "kind": "enrichment", "original": "{\"id\":\"960920\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960920/\",\"url\":\"http://89.160.20.156:33799/bin.sh\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:46:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"arm\",\"elf\"]}", "type": "indicator" @@ -30596,7 +29966,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134488483Z", "kind": "enrichment", "original": "{\"id\":\"960918\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960918/\",\"url\":\"http://kalamikwsdyonlinedws.dns.navy/kaladoc/vbc.exe\",\"url_status\":\"online\",\"host\":\"kalamikwsdyonlinedws.dns.navy\",\"date_added\":\"2021-01-14 15:45:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"AgentTesla\",\"exe\"]}", "type": "indicator" @@ -30643,7 +30012,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134489298Z", "kind": "enrichment", "original": "{\"id\":\"960917\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960917/\",\"url\":\"http://89.160.20.156/js/js/lokkk.jpg\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:45:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"abuse_ch\",\"larted\":\"true\",\"tags\":[\"exe\",\"Loki\"]}", "type": "indicator" @@ -30691,7 +30059,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134490117Z", "kind": "enrichment", "original": "{\"id\":\"960916\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960916/\",\"url\":\"http://89.160.20.156:33201/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30740,7 +30107,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134490940Z", "kind": "enrichment", "original": "{\"id\":\"960914\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960914/\",\"url\":\"http://89.160.20.156:53926/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30789,7 +30155,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134491813Z", "kind": "enrichment", "original": "{\"id\":\"960915\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960915/\",\"url\":\"http://89.160.20.156:43917/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30838,7 +30203,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134492634Z", "kind": "enrichment", "original": "{\"id\":\"960911\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960911/\",\"url\":\"http://89.160.20.156:42053/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30887,7 +30251,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134493460Z", "kind": "enrichment", "original": "{\"id\":\"960912\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960912/\",\"url\":\"http://89.160.20.156:57875/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30936,7 +30299,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134494284Z", "kind": "enrichment", "original": "{\"id\":\"960913\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960913/\",\"url\":\"http://89.160.20.156:35523/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -30986,7 +30348,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134495208Z", "kind": "enrichment", "original": "{\"id\":\"960910\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960910/\",\"url\":\"http://89.160.20.156:47418/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:38:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -31034,7 +30395,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134496024Z", "kind": "enrichment", "original": "{\"id\":\"960908\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960908/\",\"url\":\"http://89.160.20.156:53007/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31083,7 +30443,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134496845Z", "kind": "enrichment", "original": "{\"id\":\"960909\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960909/\",\"url\":\"http://89.160.20.156:38089/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31132,7 +30491,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134497672Z", "kind": "enrichment", "original": "{\"id\":\"960904\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960904/\",\"url\":\"http://89.160.20.156:35243/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31181,7 +30539,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134498493Z", "kind": "enrichment", "original": "{\"id\":\"960905\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960905/\",\"url\":\"http://89.160.20.156:50589/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31230,7 +30587,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134499428Z", "kind": "enrichment", "original": "{\"id\":\"960906\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960906/\",\"url\":\"http://89.160.20.156:42479/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31279,7 +30635,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134500249Z", "kind": "enrichment", "original": "{\"id\":\"960907\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960907/\",\"url\":\"http://89.160.20.156:43425/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:37:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31328,7 +30683,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134501084Z", "kind": "enrichment", "original": "{\"id\":\"960903\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960903/\",\"url\":\"http://89.160.20.156:35013/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:36:28 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31377,7 +30731,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134501904Z", "kind": "enrichment", "original": "{\"id\":\"960902\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960902/\",\"url\":\"http://89.160.20.156:35298/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:11 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31426,7 +30779,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134502790Z", "kind": "enrichment", "original": "{\"id\":\"960900\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960900/\",\"url\":\"http://89.160.20.156:54174/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31475,7 +30827,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134503662Z", "kind": "enrichment", "original": "{\"id\":\"960901\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960901/\",\"url\":\"http://89.160.20.156:42768/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:09 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31524,7 +30875,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134504481Z", "kind": "enrichment", "original": "{\"id\":\"960898\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960898/\",\"url\":\"http://89.160.20.156:59110/Mozi.a\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31573,7 +30923,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134505325Z", "kind": "enrichment", "original": "{\"id\":\"960899\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960899/\",\"url\":\"http://89.160.20.156:51476/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31622,7 +30971,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134506146Z", "kind": "enrichment", "original": "{\"id\":\"960897\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960897/\",\"url\":\"http://89.160.20.156:58839/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31671,7 +31019,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134507091Z", "kind": "enrichment", "original": "{\"id\":\"960894\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960894/\",\"url\":\"http://89.160.20.156:50249/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31720,7 +31067,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134507915Z", "kind": "enrichment", "original": "{\"id\":\"960895\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960895/\",\"url\":\"http://89.160.20.156:46173/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31769,7 +31115,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134508737Z", "kind": "enrichment", "original": "{\"id\":\"960896\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960896/\",\"url\":\"http://89.160.20.156:43785/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:35:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31818,7 +31163,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134509579Z", "kind": "enrichment", "original": "{\"id\":\"960893\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960893/\",\"url\":\"http://89.160.20.156:46924/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:34:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31867,7 +31211,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134510475Z", "kind": "enrichment", "original": "{\"id\":\"960892\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960892/\",\"url\":\"http://89.160.20.156:59734/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:34:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31916,7 +31259,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134511347Z", "kind": "enrichment", "original": "{\"id\":\"960889\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960889/\",\"url\":\"http://89.160.20.156:51620/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -31965,7 +31307,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134512228Z", "kind": "enrichment", "original": "{\"id\":\"960890\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960890/\",\"url\":\"http://89.160.20.156:42585/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32014,7 +31355,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134513051Z", "kind": "enrichment", "original": "{\"id\":\"960891\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960891/\",\"url\":\"http://89.160.20.156:57941/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:34:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32064,7 +31404,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134513883Z", "kind": "enrichment", "original": "{\"id\":\"960888\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960888/\",\"url\":\"http://89.160.20.156:38308/i\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:32:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"geenensp\",\"larted\":\"true\",\"tags\":[\"32-bit\",\"elf\",\"mips\"]}", "type": "indicator" @@ -32112,7 +31451,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134514817Z", "kind": "enrichment", "original": "{\"id\":\"960887\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960887/\",\"url\":\"http://89.160.20.156:55281/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:44 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32161,7 +31499,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134516986Z", "kind": "enrichment", "original": "{\"id\":\"960886\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960886/\",\"url\":\"http://89.160.20.156:57662/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:07 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32210,7 +31547,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134517860Z", "kind": "enrichment", "original": "{\"id\":\"960885\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960885/\",\"url\":\"http://89.160.20.156:40738/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:06 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32259,7 +31595,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134518681Z", "kind": "enrichment", "original": "{\"id\":\"960884\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960884/\",\"url\":\"http://89.160.20.156:59018/Mozi.m\",\"url_status\":\"offline\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:05 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32308,7 +31643,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134519550Z", "kind": "enrichment", "original": "{\"id\":\"960880\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960880/\",\"url\":\"http://89.160.20.156:60279/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32357,7 +31691,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134520407Z", "kind": "enrichment", "original": "{\"id\":\"960881\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960881/\",\"url\":\"http://89.160.20.156:52738/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32406,7 +31739,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134521258Z", "kind": "enrichment", "original": "{\"id\":\"960882\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960882/\",\"url\":\"http://89.160.20.156:37394/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32455,7 +31787,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134522070Z", "kind": "enrichment", "original": "{\"id\":\"960883\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960883/\",\"url\":\"http://89.160.20.156:56491/Mozi.m\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:22:04 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" @@ -32504,7 +31835,6 @@ }, "event": { "category": "threat", - "ingested": "2022-01-24T02:54:34.134522888Z", "kind": "enrichment", "original": "{\"id\":\"960879\",\"urlhaus_reference\":\"https://urlhaus.abuse.ch/url/960879/\",\"url\":\"http://89.160.20.156:46067/Mozi.a\",\"url_status\":\"online\",\"host\":\"89.160.20.156\",\"date_added\":\"2021-01-14 15:20:19 UTC\",\"threat\":\"malware_download\",\"blacklists\":{\"spamhaus_dbl\":\"not listed\",\"surbl\":\"not listed\"},\"reporter\":\"lrz_urlhaus\",\"larted\":\"true\",\"tags\":[\"elf\",\"Mozi\"]}", "type": "indicator" diff --git a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-common-config.yml b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-common-config.yml index 5622947e4b8..4da22641654 100644 --- a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-common-config.yml +++ b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-common-config.yml @@ -1,5 +1,3 @@ -dynamic_fields: - event.ingested: ".*" fields: tags: - preserve_original_event diff --git a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml index 1fca5c4235e..1765d7608ae 100644 --- a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -4,9 +4,6 @@ processors: #################### # Event ECS fields # #################### - - set: - field: event.ingested - value: "{{_ingest.timestamp}}" - set: field: ecs.version value: "8.0.0" diff --git a/packages/ti_abusech/docs/README.md b/packages/ti_abusech/docs/README.md index 4318306c95a..39dabc8071e 100644 --- a/packages/ti_abusech/docs/README.md +++ b/packages/ti_abusech/docs/README.md @@ -241,10 +241,10 @@ The AbuseCH malwarebazaar data_stream retrieves threat intelligence indicators f | threat.indicator.file.size | File size in bytes. Only relevant when `file.type` is "file". | long | | threat.indicator.file.type | File type (file, dir, or symlink). | keyword | | threat.indicator.file.x509.issuer.common_name | List of common name (CN) of issuing certificate authority. | keyword | -| threat.indicator.file.x509.not_after | Time at which the certificate is no longer considered valid. | keyword | -| threat.indicator.file.x509.not_before | Time at which the certificate is first considered valid. | keyword | +| threat.indicator.file.x509.not_after | Time at which the certificate is no longer considered valid. | date | +| threat.indicator.file.x509.not_before | Time at which the certificate is first considered valid. | date | | threat.indicator.file.x509.public_key_algorithm | Algorithm used to generate the public key. | keyword | -| threat.indicator.file.x509.serial_number | Unique serial number issued by the certificate authority. | keyword | +| threat.indicator.file.x509.serial_number | Unique serial number issued by the certificate authority. For consistency, if this value is alphanumeric, it should be formatted without colons and uppercase characters. | keyword | | threat.indicator.file.x509.subject.common_name | List of common names (CN) of subject. | keyword | | threat.indicator.first_seen | The date and time when intelligence source first reported sighting this indicator. | date | | threat.indicator.geo.country_iso_code | Country ISO code. | keyword | diff --git a/packages/ti_abusech/manifest.yml b/packages/ti_abusech/manifest.yml index cb7c2509237..9497613c1e9 100644 --- a/packages/ti_abusech/manifest.yml +++ b/packages/ti_abusech/manifest.yml @@ -1,6 +1,6 @@ name: ti_abusech title: AbuseCH -version: 1.2.0 +version: 1.2.1 release: ga description: Collect threat intelligence from AbuseCH API with Elastic Agent. type: integration From 4c662b0cdb4e67f7e58cfb2ff2c7da11e2e47e26 Mon Sep 17 00:00:00 2001 From: Alex Resnick Date: Sat, 26 Mar 2022 18:47:37 +0000 Subject: [PATCH 2/2] update changelog --- packages/ti_abusech/changelog.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/ti_abusech/changelog.yml b/packages/ti_abusech/changelog.yml index c8660c449d8..def68d2a0ca 100644 --- a/packages/ti_abusech/changelog.yml +++ b/packages/ti_abusech/changelog.yml @@ -3,7 +3,7 @@ changes: - description: Fix field mapping conflicts in `threat.indicator.file.x509.not_before/not_after` type: bugfix - link: https://github.com/elastic/integrations/pull/ + link: https://github.com/elastic/integrations/pull/2893 - version: "1.2.0" changes: - description: Update to ECS 8.0