Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "ip": "168.197.8.233",
- "update_time": "2019-02-28T06:07:00.395Z",
- "classifications": [
- {
- "name": "Generic Botnet",
- "classified_time": "2019-02-27T09:39:20Z"
- }
- ],
- "source1type": 2,
- "source1": {
- "update_time": "2019-02-27T09:18:05.565Z",
- "@timestamp": "2019-02-27T02:22:56.058Z",
- "data": [
- {
- "attacks": [
- {
- "@timestamp": "2019-02-27T02:23:03.953Z",
- "AttackLog": "login attempt succeed: username:root / password:GLzaoX4uMYFCCcmr0",
- "eventid": "login.success"
- }
- ],
- "protocol": "SSH",
- "session": "dff46222142b"
- },
- {
- "attacks": [
- {
- "@timestamp": "2019-02-27T02:22:53.754Z",
- "AttackLog": "login attempt succeed: username:root / password:root",
- "eventid": "login.success"
- },
- {
- "@timestamp": "2019-02-27T02:22:54.606Z",
- "AttackLog": "/ip cloud print",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:22:56.058Z",
- "AttackLog": "ifconfig",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:22:57.103Z",
- "AttackLog": "uname -a",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:22:58.049Z",
- "AttackLog": "cat /proc/cpuinfo",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:22:59.127Z",
- "AttackLog": "ps | grep '[Mm]iner'",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:23:00.129Z",
- "AttackLog": "ps -ef | grep '[Mm]iner'",
- "eventid": "command.input"
- },
- {
- "@timestamp": "2019-02-27T02:23:01.19Z",
- "AttackLog": "echo Hi | cat -n",
- "eventid": "command.input"
- }
- ],
- "protocol": "SSH",
- "session": "5a28b1500f37"
- }
- ]
- },
- "source2type": 0,
- "source2": {
- "update_time": "0001-01-01T00:00:00Z",
- "@timestamp": "0001-01-01T00:00:00Z",
- "data": null
- },
- "source3type": 0,
- "source3": {
- "update_time": "0001-01-01T00:00:00Z",
- "@timestamp": "0001-01-01T00:00:00Z",
- "data": []
- }
- }
Add Comment
Please, Sign In to add comment