{ "type": "Domain", "indicator": "linux-tech-world.net", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/linux-tech-world.net", "alexa": "http://www.alexa.com/siteinfo/linux-tech-world.net", "indicator": "linux-tech-world.net", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3485132200, "indicator": "linux-tech-world.net", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 9, "pulses": [ { "id": "648347434c397b4817e63bf9", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "The Core Werewolf group is one of the newest representatives of the part of cybercrime that is actively engaged in espionage in today's environment. Since at least 2021, it has launched attacks on Russian organizations associated with the military-industrial complex (DIC) and critical information infrastructure (CII)", "modified": "2023-06-09T15:43:05.330000", "created": "2023-06-09T15:37:39.012000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": null, "export_count": 351, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 386493, "modified_text": "1086 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "648a29b4bc30a10d700caf05", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "", "modified": "2023-06-14T20:57:24.562000", "created": "2023-06-14T20:57:24.562000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": "648a298059f7037674989b40", "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 276, "modified_text": "1081 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "648a298059f7037674989b40", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "", "modified": "2023-06-14T20:56:32.989000", "created": "2023-06-14T20:56:32.989000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": "648347434c397b4817e63bf9", "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "tr2222200", "id": "207905", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 187, "modified_text": "1081 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6486c3566faa252089dc8820", "name": "Core Werewolf \u043f\u0440\u043e\u0442\u0438\u0432 \u041e\u041f\u041a \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b", "description": "", "modified": "2023-06-12T07:03:50.278000", "created": "2023-06-12T07:03:50.278000", "tags": [ "soaring eagle", "ultravnc", "core werewolf", "windows", "virustotal", "computername", "random", "business impact", "f im", "homedrive", "homepath", "core", "werewolf", "wolf", "cookie" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Soaring Eagle", "display_name": "Soaring Eagle", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": "6486c3307450be8d1099a549", "export_count": 27, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 276, "modified_text": "1083 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6486c3307450be8d1099a549", "name": "Core Werewolf \u043f\u0440\u043e\u0442\u0438\u0432 \u041e\u041f\u041a \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b", "description": "The full text of the Core Werewolf event, which will take place on 22 October 2017, can be viewed on web browser or mobile app at 21:00 BST. \u00c2\u00a31.", "modified": "2023-06-12T07:03:12.092000", "created": "2023-06-12T07:03:12.092000", "tags": [ "soaring eagle", "ultravnc", "core werewolf", "windows", "virustotal", "computername", "random", "business impact", "f im", "homedrive", "homepath", "core", "werewolf", "wolf", "cookie" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Soaring Eagle", "display_name": "Soaring Eagle", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 26, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "tr2222200", "id": "207905", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 186, "modified_text": "1083 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb0f8ab654b1c8ebb621", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:23.587000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb0ff1ead7d85fad5e43", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:23.273000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb128e18ef22262d95d0", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:26.026000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62b4346d6d574aa258745c6e", "name": "gamaredon IOCs", "description": "The following is a full list of highlights from this year's Technology, Media and Entertainment (Tech, Entertainment and Design) conference, held at London's O2 Arena on Friday, 1 July.", "modified": "2022-06-23T09:37:49.100000", "created": "2022-06-23T09:37:49.100000", "tags": [], "references": [ "https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/", "https://github.com/pan-unit42/iocs/blob/master/Gamaredon/2202_06_Gamaredon_IoC_UPDATE.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "brazen.fox.thirteen", "id": "155136", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 144, "hostname": 2 }, "indicator_count": 146, "is_author": false, "is_subscribing": null, "subscriber_count": 128, "modified_text": "1437 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/", "https://github.com/pan-unit42/iocs/blob/master/Gamaredon/2202_06_Gamaredon_IoC_UPDATE.txt", "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "related": { "alienvault": { "adversary": [ "Core Werewolf" ], "malware_families": [], "industries": [ "Energy", "Government", "Defense" ] }, "other": { "adversary": [ "Core Werewolf" ], "malware_families": [ "Soaring eagle" ], "industries": [ "Energy", "Government", "Defense" ] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 9, "pulses": [ { "id": "648347434c397b4817e63bf9", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "The Core Werewolf group is one of the newest representatives of the part of cybercrime that is actively engaged in espionage in today's environment. Since at least 2021, it has launched attacks on Russian organizations associated with the military-industrial complex (DIC) and critical information infrastructure (CII)", "modified": "2023-06-09T15:43:05.330000", "created": "2023-06-09T15:37:39.012000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": null, "export_count": 351, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 386493, "modified_text": "1086 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "648a29b4bc30a10d700caf05", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "", "modified": "2023-06-14T20:57:24.562000", "created": "2023-06-14T20:57:24.562000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": "648a298059f7037674989b40", "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 276, "modified_text": "1081 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "648a298059f7037674989b40", "name": "Core Werewolf against the defense industry and critical infrastructure", "description": "", "modified": "2023-06-14T20:56:32.989000", "created": "2023-06-14T20:56:32.989000", "tags": [ "soaring eagle", "core werewolf", "geopolitical conflict", "ultravnc" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "Core Werewolf", "targeted_countries": [ "Russian Federation" ], "malware_families": [], "attack_ids": [ { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1053", "name": "Scheduled Task/Job", "display_name": "T1053 - Scheduled Task/Job" }, { "id": "T1193", "name": "Spearphishing Attachment", "display_name": "T1193 - Spearphishing Attachment" } ], "industries": [ "Government", "Defense", "Energy" ], "TLP": "white", "cloned_from": "648347434c397b4817e63bf9", "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "tr2222200", "id": "207905", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 43 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 187, "modified_text": "1081 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6486c3566faa252089dc8820", "name": "Core Werewolf \u043f\u0440\u043e\u0442\u0438\u0432 \u041e\u041f\u041a \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b", "description": "", "modified": "2023-06-12T07:03:50.278000", "created": "2023-06-12T07:03:50.278000", "tags": [ "soaring eagle", "ultravnc", "core werewolf", "windows", "virustotal", "computername", "random", "business impact", "f im", "homedrive", "homepath", "core", "werewolf", "wolf", "cookie" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Soaring Eagle", "display_name": "Soaring Eagle", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": "6486c3307450be8d1099a549", "export_count": 27, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 276, "modified_text": "1083 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6486c3307450be8d1099a549", "name": "Core Werewolf \u043f\u0440\u043e\u0442\u0438\u0432 \u041e\u041f\u041a \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b", "description": "The full text of the Core Werewolf event, which will take place on 22 October 2017, can be viewed on web browser or mobile app at 21:00 BST. \u00c2\u00a31.", "modified": "2023-06-12T07:03:12.092000", "created": "2023-06-12T07:03:12.092000", "tags": [ "soaring eagle", "ultravnc", "core werewolf", "windows", "virustotal", "computername", "random", "business impact", "f im", "homedrive", "homepath", "core", "werewolf", "wolf", "cookie" ], "references": [ "https://bi.zone/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Soaring Eagle", "display_name": "Soaring Eagle", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 26, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "tr2222200", "id": "207905", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 186, "modified_text": "1083 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb0f8ab654b1c8ebb621", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:23.587000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb0ff1ead7d85fad5e43", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:23.273000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62c7fb128e18ef22262d95d0", "name": "jintingtingtesttest", "description": "A look back at some of the most eye-catching stories of recent weeks, as compiled by the BBC News website, with the help of a handful of key characters:..com.-", "modified": "2022-08-07T00:05:43.824000", "created": "2022-07-08T09:38:26.026000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "jtt12345", "id": "194112", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4268, "URL": 101, "FileHash-MD5": 13, "FileHash-SHA256": 1, "domain": 283 }, "indicator_count": 4666, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1393 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62b4346d6d574aa258745c6e", "name": "gamaredon IOCs", "description": "The following is a full list of highlights from this year's Technology, Media and Entertainment (Tech, Entertainment and Design) conference, held at London's O2 Arena on Friday, 1 July.", "modified": "2022-06-23T09:37:49.100000", "created": "2022-06-23T09:37:49.100000", "tags": [], "references": [ "https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/", "https://github.com/pan-unit42/iocs/blob/master/Gamaredon/2202_06_Gamaredon_IoC_UPDATE.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "brazen.fox.thirteen", "id": "155136", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 144, "hostname": 2 }, "indicator_count": 146, "is_author": false, "is_subscribing": null, "subscriber_count": 128, "modified_text": "1437 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "linux-tech-world.net", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "linux-tech-world.net", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780210900.9602232 }