Open ct12388 opened 3 years ago
Here's the engine logs
node._process_item ERROR: MISP-TESTING - Unhandled indicator type: {u'category': u'Artifacts dropped', u'comment': u'', u'first_seen': None, u'uuid': u'2d93f1e4-e6a2-462f-9d98-1b580e925a53', u'event_id': u'1404', u'timestamp': u'1609870999', u'to_ids': True, u'deleted': False, u'object_id': u'0', u'sharing_group_id': u'0', u'ShadowAttribute': [], u'value': u'rule BabukSabelt {\r\n\tmeta:\r\n\t \tdescription = "YARA rule for Babuk Ransomware"\r\n\t\treference = "http://chuongdong.com/reverse%20engineering/2021/01/03/BabukRansomware/"\r\n\t\tauthor = "@cPeterr"\r\n\t\tdate = "2021-01-03"\r\n\t\trule_version = "v1"\r\n\t\tmalware_type = "ransomware"\r\n\t\ttlp = "white"\r\n\tstrings:\r\n\t\t$lanstr1 = "-lanfirst"\r\n\t\t$lanstr2 = "-lansecond"\r\n\t\t$lanstr3 = "-nolan"\r\n\t\t$str1 = "BABUK LOCKER"\r\n\t\t$str2 = ".__NIST_K571__" wide\r\n\t\t$str3 = "How To Restore Your Files.txt" wide\r\n\t\t$str4 = "ecdh_pub_k.bin" wide\r\n\tcondition:\r\n\t\tall of ($str) and all of ($lanstr)\r\n}', u'disable_correlation': False, u'distribution': u'5', u'object_relation': None, u'type': u'yara', u'id': u'265544', u'Galaxy': [], u'last_seen': None}
/opt/minemeld/engine/current/lib/python2.7/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)
Here's the engine logs
node._process_item ERROR: MISP-TESTING - Unhandled indicator type: {u'category': u'Artifacts dropped', u'comment': u'', u'first_seen': None, u'uuid': u'2d93f1e4-e6a2-462f-9d98-1b580e925a53', u'event_id': u'1404', u'timestamp': u'1609870999', u'to_ids': True, u'deleted': False, u'object_id': u'0', u'sharing_group_id': u'0', u'ShadowAttribute': [], u'value': u'rule BabukSabelt {\r\n\tmeta:\r\n\t \tdescription = "YARA rule for Babuk Ransomware"\r\n\t\treference = "http://chuongdong.com/reverse%20engineering/2021/01/03/BabukRansomware/"\r\n\t\tauthor = "@cPeterr"\r\n\t\tdate = "2021-01-03"\r\n\t\trule_version = "v1"\r\n\t\tmalware_type = "ransomware"\r\n\t\ttlp = "white"\r\n\tstrings:\r\n\t\t$lanstr1 = "-lanfirst"\r\n\t\t$lanstr2 = "-lansecond"\r\n\t\t$lanstr3 = "-nolan"\r\n\t\t$str1 = "BABUK LOCKER"\r\n\t\t$str2 = ".__NIST_K571__" wide\r\n\t\t$str3 = "How To Restore Your Files.txt" wide\r\n\t\t$str4 = "ecdh_pub_k.bin" wide\r\n\tcondition:\r\n\t\tall of ($str) and all of ($lanstr)\r\n}', u'disable_correlation': False, u'distribution': u'5', u'object_relation': None, u'type': u'yara', u'id': u'265544', u'Galaxy': [], u'last_seen': None}
/opt/minemeld/engine/current/lib/python2.7/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)