{ "type": "Domain", "indicator": "eobyst7.ml", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/eobyst7.ml", "alexa": "http://www.alexa.com/siteinfo/eobyst7.ml", "indicator": "eobyst7.ml", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3579130407, "indicator": "eobyst7.ml", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 7, "pulses": [ { "id": "657098299733921e6e910501", "name": "#StopRansomware: Zeppelin Ransomware | CISA", "description": "", "modified": "2023-12-06T15:50:01.501000", "created": "2023-12-06T15:50:01.501000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 112, "FileHash-SHA1": 116, "FileHash-SHA256": 118, "domain": 50, "CVE": 28, "URL": 9, "email": 12, "hostname": 1 }, "indicator_count": 446, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "657093809f5fd3071afbee3c", "name": "Inquest labs iocs", "description": "", "modified": "2023-12-06T15:30:08.637000", "created": "2023-12-06T15:30:08.637000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 15, "FileHash-SHA256": 17, "domain": 262, "URL": 325, "email": 1, "hostname": 69 }, "indicator_count": 703, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6570937511f044ba6f739585", "name": "IOC's for iron tiger, Magniber, dormant colors, live tech scam , malcious hashes", "description": "", "modified": "2023-12-06T15:29:57.540000", "created": "2023-12-06T15:29:57.540000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 40, "FileHash-MD5": 35, "FileHash-SHA1": 40, "CVE": 26, "URL": 2, "domain": 39 }, "indicator_count": 182, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6406e44ac5ec5b7658391d99", "name": "#StopRansomware: Zeppelin Ransomware | CISA", "description": "Ransomware, also known as Zeppelin, is a growing threat to networks around the world and is threatening to disrupt systems across the globe. \u00c2\u00a31bn of infrastructure and services is at risk from the threat.", "modified": "2023-04-06T08:03:56.456000", "created": "2023-03-07T07:14:18.713000", "tags": [ "url http", "filehashsha256", "type indicator", "role title", "added active", "related pulses", "zeppelin", "vega", "strong", "cisa", "stopransomware", "iocs", "download", "june", "technique title", "id use", "disable", "tools", "august", "service", "local", "enterprise", "ransomware", "bitcoin", "prior", "install", "monitoring" ], "references": [ "https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-223a" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Vega", "display_name": "Vega", "target": null }, { "id": "Zeppelin", "display_name": "Zeppelin", "target": null } ], "attack_ids": [ { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1021", "name": "Remote Services", "display_name": "T1021 - Remote Services" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" }, { "id": "T1133", "name": "External Remote Services", "display_name": "T1133 - External Remote Services" }, { "id": "T1190", "name": "Exploit Public-Facing Application", "display_name": "T1190 - Exploit Public-Facing Application" }, { "id": "T1204", "name": "User Execution", "display_name": "T1204 - User Execution" }, { "id": "T1218", "name": "Signed Binary Proxy Execution", "display_name": "T1218 - Signed Binary Proxy Execution" }, { "id": "T1486", "name": "Data Encrypted for Impact", "display_name": "T1486 - Data Encrypted for Impact" }, { "id": "T1530", "name": "Data from Cloud Storage Object", "display_name": "T1530 - Data from Cloud Storage Object" }, { "id": "T1531", "name": "Account Access Removal", "display_name": "T1531 - Account Access Removal" }, { "id": "T1543", "name": "Create or Modify System Process", "display_name": "T1543 - Create or Modify System Process" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" } ], "industries": [ "Medical", "Healthcare", "Technology", "Defense", "Critical Infrastructure" ], "TLP": "white", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "SecureSphere", "id": "44578", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 50, "URL": 9, "FileHash-MD5": 160, "FileHash-SHA1": 164, "FileHash-SHA256": 166, "CVE": 28, "email": 12, "hostname": 1 }, "indicator_count": 590, "is_author": false, "is_subscribing": null, "subscriber_count": 6, "modified_text": "1151 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635f0dc7c7152ce5d07a07b0", "name": "Twitter Feed - 500mk500 - 30-10-2022", "description": "", "modified": "2022-11-29T23:00:19.709000", "created": "2022-10-30T23:50:31.863000", "tags": [], "references": [ "https://twitter.com/500mk500/status/1586702915766558726", "https://twitter.com/500mk500/status/1586715805156347907", "https://twitter.com/500mk500/status/1586767172185067520", "https://twitter.com/500mk500/status/1586767255089692679", "https://twitter.com/500mk500/status/1586769580277596162" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 28 }, "indicator_count": 28, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1279 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635ecc15d6f5a2ac09e7cc3c", "name": "Inquest labs iocs", "description": "A look at some of the key findings from the 2015 Google search engine re-examining, as well as the findings of its own tests, which have been published on the Google website.", "modified": "2022-11-29T19:01:42.018000", "created": "2022-10-30T19:10:13.779000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kidfire123", "id": "211524", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 325, "FileHash-MD5": 14, "FileHash-SHA1": 15, "FileHash-SHA256": 17, "domain": 262, "email": 1, "hostname": 69 }, "indicator_count": 703, "is_author": false, "is_subscribing": null, "subscriber_count": 42, "modified_text": "1279 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635d6c34cc100b7949472ddf", "name": "IOC's for iron tiger, Magniber, dormant colors, live tech scam , malcious hashes", "description": "A summary of the key findings from the cyber-attack on the Russian government, as reported by the BBC, from 1 January 2016.. and the full list of names and names:.", "modified": "2022-11-28T18:03:50.534000", "created": "2022-10-29T18:08:52.919000", "tags": [ "trojanspy", "zeppelin", "warzone", "mirai", "sha1 hash", "hash", "vmware", "fortiguard labs", "continue", "fortiedr", "outbreak alert", "cve202222954", "autodesk", "dormant colors", "magniber", "live", "april", "august", "ransomware", "vegalocker", "storm", "buran" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Mirai", "display_name": "Mirai", "target": null }, { "id": "Warzone", "display_name": "Warzone", "target": null }, { "id": "Zeppelin", "display_name": "Zeppelin", "target": null }, { "id": "TrojanSpy", "display_name": "TrojanSpy", "target": null } ], "attack_ids": [ { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 16, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kidfire123", "id": "211524", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 35, "FileHash-SHA1": 40, "FileHash-SHA256": 40, "CVE": 26, "URL": 2, "domain": 39 }, "indicator_count": 182, "is_author": false, "is_subscribing": null, "subscriber_count": 43, "modified_text": "1280 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://twitter.com/500mk500/status/1586767255089692679", "https://twitter.com/500mk500/status/1586702915766558726", "https://twitter.com/500mk500/status/1586715805156347907", "https://twitter.com/500mk500/status/1586767172185067520", "https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-223a", "https://twitter.com/500mk500/status/1586769580277596162" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [ "Mirai", "Warzone", "Vega", "Zeppelin", "Trojanspy" ], "industries": [ "Medical", "Critical infrastructure", "Healthcare", "Defense", "Technology" ] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 7, "pulses": [ { "id": "657098299733921e6e910501", "name": "#StopRansomware: Zeppelin Ransomware | CISA", "description": "", "modified": "2023-12-06T15:50:01.501000", "created": "2023-12-06T15:50:01.501000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 112, "FileHash-SHA1": 116, "FileHash-SHA256": 118, "domain": 50, "CVE": 28, "URL": 9, "email": 12, "hostname": 1 }, "indicator_count": 446, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "657093809f5fd3071afbee3c", "name": "Inquest labs iocs", "description": "", "modified": "2023-12-06T15:30:08.637000", "created": "2023-12-06T15:30:08.637000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 15, "FileHash-SHA256": 17, "domain": 262, "URL": 325, "email": 1, "hostname": 69 }, "indicator_count": 703, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6570937511f044ba6f739585", "name": "IOC's for iron tiger, Magniber, dormant colors, live tech scam , malcious hashes", "description": "", "modified": "2023-12-06T15:29:57.540000", "created": "2023-12-06T15:29:57.540000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 40, "FileHash-MD5": 35, "FileHash-SHA1": 40, "CVE": 26, "URL": 2, "domain": 39 }, "indicator_count": 182, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6406e44ac5ec5b7658391d99", "name": "#StopRansomware: Zeppelin Ransomware | CISA", "description": "Ransomware, also known as Zeppelin, is a growing threat to networks around the world and is threatening to disrupt systems across the globe. \u00c2\u00a31bn of infrastructure and services is at risk from the threat.", "modified": "2023-04-06T08:03:56.456000", "created": "2023-03-07T07:14:18.713000", "tags": [ "url http", "filehashsha256", "type indicator", "role title", "added active", "related pulses", "zeppelin", "vega", "strong", "cisa", "stopransomware", "iocs", "download", "june", "technique title", "id use", "disable", "tools", "august", "service", "local", "enterprise", "ransomware", "bitcoin", "prior", "install", "monitoring" ], "references": [ "https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-223a" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Vega", "display_name": "Vega", "target": null }, { "id": "Zeppelin", "display_name": "Zeppelin", "target": null } ], "attack_ids": [ { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1021", "name": "Remote Services", "display_name": "T1021 - Remote Services" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" }, { "id": "T1133", "name": "External Remote Services", "display_name": "T1133 - External Remote Services" }, { "id": "T1190", "name": "Exploit Public-Facing Application", "display_name": "T1190 - Exploit Public-Facing Application" }, { "id": "T1204", "name": "User Execution", "display_name": "T1204 - User Execution" }, { "id": "T1218", "name": "Signed Binary Proxy Execution", "display_name": "T1218 - Signed Binary Proxy Execution" }, { "id": "T1486", "name": "Data Encrypted for Impact", "display_name": "T1486 - Data Encrypted for Impact" }, { "id": "T1530", "name": "Data from Cloud Storage Object", "display_name": "T1530 - Data from Cloud Storage Object" }, { "id": "T1531", "name": "Account Access Removal", "display_name": "T1531 - Account Access Removal" }, { "id": "T1543", "name": "Create or Modify System Process", "display_name": "T1543 - Create or Modify System Process" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" } ], "industries": [ "Medical", "Healthcare", "Technology", "Defense", "Critical Infrastructure" ], "TLP": "white", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "SecureSphere", "id": "44578", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 50, "URL": 9, "FileHash-MD5": 160, "FileHash-SHA1": 164, "FileHash-SHA256": 166, "CVE": 28, "email": 12, "hostname": 1 }, "indicator_count": 590, "is_author": false, "is_subscribing": null, "subscriber_count": 6, "modified_text": "1151 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635f0dc7c7152ce5d07a07b0", "name": "Twitter Feed - 500mk500 - 30-10-2022", "description": "", "modified": "2022-11-29T23:00:19.709000", "created": "2022-10-30T23:50:31.863000", "tags": [], "references": [ "https://twitter.com/500mk500/status/1586702915766558726", "https://twitter.com/500mk500/status/1586715805156347907", "https://twitter.com/500mk500/status/1586767172185067520", "https://twitter.com/500mk500/status/1586767255089692679", "https://twitter.com/500mk500/status/1586769580277596162" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 28 }, "indicator_count": 28, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1279 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635ecc15d6f5a2ac09e7cc3c", "name": "Inquest labs iocs", "description": "A look at some of the key findings from the 2015 Google search engine re-examining, as well as the findings of its own tests, which have been published on the Google website.", "modified": "2022-11-29T19:01:42.018000", "created": "2022-10-30T19:10:13.779000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kidfire123", "id": "211524", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 325, "FileHash-MD5": 14, "FileHash-SHA1": 15, "FileHash-SHA256": 17, "domain": 262, "email": 1, "hostname": 69 }, "indicator_count": 703, "is_author": false, "is_subscribing": null, "subscriber_count": 42, "modified_text": "1279 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "635d6c34cc100b7949472ddf", "name": "IOC's for iron tiger, Magniber, dormant colors, live tech scam , malcious hashes", "description": "A summary of the key findings from the cyber-attack on the Russian government, as reported by the BBC, from 1 January 2016.. and the full list of names and names:.", "modified": "2022-11-28T18:03:50.534000", "created": "2022-10-29T18:08:52.919000", "tags": [ "trojanspy", "zeppelin", "warzone", "mirai", "sha1 hash", "hash", "vmware", "fortiguard labs", "continue", "fortiedr", "outbreak alert", "cve202222954", "autodesk", "dormant colors", "magniber", "live", "april", "august", "ransomware", "vegalocker", "storm", "buran" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Mirai", "display_name": "Mirai", "target": null }, { "id": "Warzone", "display_name": "Warzone", "target": null }, { "id": "Zeppelin", "display_name": "Zeppelin", "target": null }, { "id": "TrojanSpy", "display_name": "TrojanSpy", "target": null } ], "attack_ids": [ { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 16, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kidfire123", "id": "211524", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 35, "FileHash-SHA1": 40, "FileHash-SHA256": 40, "CVE": 26, "URL": 2, "domain": 39 }, "indicator_count": 182, "is_author": false, "is_subscribing": null, "subscriber_count": 43, "modified_text": "1280 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "eobyst7.ml", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "eobyst7.ml", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780269483.9221067 }