forked from jaegeral/PySight2MISP
-
Notifications
You must be signed in to change notification settings - Fork 0
/
example_indicator.json
52 lines (52 loc) · 1.62 KB
/
example_indicator.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
"success" : true,
"message" : {
"reportId" : "16-00011458",
"title" : "TEST TEST TEST Elirks Campaign Likely Associated with Japan Tourist Bureau Breach",
"ThreatScape" : "Cyber Espionage",
"audience" : "Operational",
"intelligenceType" : "threat",
"publishDate" : 1469544180,
"reportLink" : "https://api.isightpartners.com/report/16-00011458",
"webLink" : "https://mysight.isightpartners.com/report/full/16-00011458",
"emailIdentifier" : null,
"senderAddress" : null,
"senderName" : null,
"sourceDomain" : null,
"sourceIp" : null,
"subject" : null,
"recipient" : null,
"emailLanguage" : null,
"fileName" : "TW2BBFF500.doc",
"fileSize" : 14860,
"fuzzyHash" : "384:AmHWrWG6qqrx7F7ByIvjgS+S0SBS1n9dwnHJWNy/4yAOksmSfsF17BtX7K4:qrWG6qqV7F7ByIvjgS+S0SBSd9dwnHJw",
"fileIdentifier" : "Related",
"md5" : "d27eb3f18ba7f3ae6fa793630882652f",
"sha1" : "4559ba637772b681dee07127c7c17c776455138e",
"sha256" : "e9c60a120db8a4366734dcecbc15ddd4510ef7929cc7a5d21529180494a35cdc",
"description" : null,
"fileType" : "Rich Text Format data, version 1, ANSI",
"packer" : null,
"userAgent" : null,
"registry" : null,
"fileCompilationDateTime" : null,
"filePath" : null,
"asn" : null,
"cidr" : null,
"domain" : null,
"domainTimeOfLookup" : null,
"networkIdentifier" : null,
"ip" : null,
"port" : null,
"protocol" : null,
"registrantEmail" : null,
"registrantName" : null,
"networkType" : null,
"url" : null,
"malwareFamily" : null,
"malwareFamilyId" : null,
"actor" : null,
"actorId" : null,
"observationTime" : 1469544180
}
}