2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
|
"analysis": "2",
|
|
|
|
|
"date": "2022-05-31",
|
|
|
|
|
"extends_uuid": "",
|
|
|
|
|
"info": "OSINT - Space Pirates: analyzing the tools and connections of a new hacker group",
|
|
|
|
|
"publish_timestamp": "1654069646",
|
|
|
|
|
"published": true,
|
|
|
|
|
"threat_level_id": "1",
|
|
|
|
|
"timestamp": "1654069642",
|
|
|
|
|
"uuid": "053f26a4-8fac-4733-a114-a6c0bdfd1e1c",
|
|
|
|
|
"Orgc": {
|
|
|
|
|
"name": "CIRCL",
|
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
|
},
|
|
|
|
|
"Tag": [
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:malpedia=\"PlugX\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:mitre-enterprise-attack-malware=\"PlugX - S0013\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:mitre-malware=\"PlugX - S0013\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:rat=\"PlugX\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#043400",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:tool=\"PlugX\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:malpedia=\"ShadowPad\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:mitre-malware=\"ShadowPad - S0596\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:tool=\"ShadowPad\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:malpedia=\"Poison Ivy\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#043600",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:tool=\"Poison Ivy\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0088cc",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:country=\"china\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#004646",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "type:OSINT",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0071c3",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "osint:lifetime=\"perpetual\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "62bcf059-96b2-453a-a209-b3cc852f16c5",
|
|
|
|
|
"value": "microft.dynssl.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "75a8b09d-4b2b-4ce7-a3ef-dfe9d3c26480",
|
|
|
|
|
"value": "micro.dns04.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "6bda536c-2312-4f9c-a6ff-3e0cc59a02e3",
|
|
|
|
|
"value": "207.148.121.88"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "f6ccec1c-4851-41ea-9f6c-ace51a7fb606",
|
|
|
|
|
"value": "47.108.89.169"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "864466e8-2bf3-4bea-9e5a-cfeeb3fe9d76",
|
|
|
|
|
"value": "120.78.127.189"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987091",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "1223e02b-71e8-43ad-bfad-3ec791d494d9",
|
|
|
|
|
"value": "121.89.210.144"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "cba66a34-aa23-4dac-ab96-2d88ba58f18a",
|
|
|
|
|
"value": "ns2.gamepoer7.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "03e6e26e-a8b1-4cab-ba9f-b0af93945e52",
|
|
|
|
|
"value": "mail.playdr2.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "e49bfc08-1a1c-44ee-ba5c-5411ae8c9236",
|
|
|
|
|
"value": "pop.playdr2.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "ec0b166e-7f5b-4400-b39d-d691dae67b14",
|
|
|
|
|
"value": "news.flashplayeractivex.info"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "de32de32-b70f-42e6-b77b-613af17dbb5e",
|
|
|
|
|
"value": "update.flashplayeractivex.info"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "20a0e7e3-cc17-4032-8d2e-93c027242717",
|
|
|
|
|
"value": "ns9.mcafee-update.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "0df0f008-2510-4394-9455-5c42767a72a0",
|
|
|
|
|
"value": "154.211.161.161"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987121",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "3fdddde2-4542-4d40-9662-586cfef2274f",
|
|
|
|
|
"value": "192.225.226.218"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987252",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "2009c9ef-b64a-4ab3-a1e0-0106825aeb16",
|
|
|
|
|
"value": "bamo.ocry.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987252",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "00442e89-21c1-462a-841d-e8a0de5cb59d",
|
|
|
|
|
"value": "202.182.98.74"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987279",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "dbab091f-639e-4916-8bdd-3a89307dd74a",
|
|
|
|
|
"value": "ruclient.dns04.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987279",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "ff8982ca-cbbd-4a0b-8ca5-5a65270f7f4e",
|
|
|
|
|
"value": "loge.otzo.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987315",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "170020c1-3ecb-40e3-8d48-af18a77ccfe9",
|
|
|
|
|
"value": "asd.powergame.0077.x24hr.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987315",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "c96c9178-ab81-49bb-afa7-2c0d7529171e",
|
|
|
|
|
"value": "w.asd3.as.amazon-corp.wikaba.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987315",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "0cc12b24-ad45-44e4-8346-bb6b8d9c85d3",
|
|
|
|
|
"value": "45.76.145.22"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987315",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "f2800e0c-3ef9-48b7-9766-334d1ad53d97",
|
|
|
|
|
"value": "141.164.35.87"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "e1f8af8f-1915-46a6-bcff-c52fb929c55f",
|
|
|
|
|
"value": "api.microft.dynssl.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "69b280d5-d3bc-41f8-9134-2f8ab2d587de",
|
|
|
|
|
"value": "www.0077.x24hr.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "0dc858dd-add6-4a3f-956e-41281d837caa",
|
|
|
|
|
"value": "js.journal.itsaol.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "d7760b7a-e57c-460f-aba0-a50ef1b110c6",
|
|
|
|
|
"value": "fgjhkergvlimdfg2.wikaba.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "e8aca24c-7c0d-4b74-a9c5-d6aec1f3cebf",
|
|
|
|
|
"value": "goon.oldvideo.longmusic.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "74949f6c-cc97-479d-8975-c114d2f9904d",
|
|
|
|
|
"value": "as.amazon-corp.wikaba.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "9f453869-0877-4b13-89c4-8bfa39a6d792",
|
|
|
|
|
"value": "freewula.strangled.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "f19f00d6-534d-4cd9-a958-e31712a174fe",
|
|
|
|
|
"value": "szuunet.strangled.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "9c163897-195d-4c61-ba2e-d25f1c00f6b9",
|
|
|
|
|
"value": "lib.hostareas.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "772244b6-5821-4e1e-a5c5-dc3593cff260",
|
|
|
|
|
"value": "web.miscrosaft.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "8f28e022-914c-47ea-a566-2bbb97661406",
|
|
|
|
|
"value": "eset.zzux.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "0b087939-553e-454f-b113-d6f2a21d5da9",
|
|
|
|
|
"value": "elienceso.kozow.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "8bcdf22d-c894-4527-b6e9-fe9a2816e162",
|
|
|
|
|
"value": "lck.gigabitdate.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "8b720095-c849-43e6-9904-ed865b072c3f",
|
|
|
|
|
"value": "miche.justdied.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "dbcb3cba-c092-4ca7-84d3-a80c1f183be8",
|
|
|
|
|
"value": "45.77.16.91"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "5d3e6b49-6857-4b19-b639-6c95120ea0f9",
|
|
|
|
|
"value": "103.101.178.152"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "84b4caf2-f862-48f0-b00b-f0e6b5d1ce2a",
|
|
|
|
|
"value": "123.1.151.64"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "3a1bfc45-b529-446b-92e4-6ccc7122f099",
|
|
|
|
|
"value": "154.85.48.108"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "7572cc14-cbd4-476c-9d80-bb67c540592e",
|
|
|
|
|
"value": "154.213.21.207"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "2b75ac24-8b91-458f-928e-b60d2d11cb24",
|
|
|
|
|
"value": "192.225.226.123"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987351",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "6c1920e2-4f6f-4229-80c1-92b4b3561f84",
|
|
|
|
|
"value": "192.225.226.217"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987381",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "905879a0-660b-4acb-8007-2d7ce4332bcc",
|
|
|
|
|
"value": "comein.journal.itsaol.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987381",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "2f4c68b2-0c6e-4f8a-a719-1a30040f33e1",
|
|
|
|
|
"value": "www.omgod.org"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987381",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "cc6c36d6-590e-4692-ab0a-32da7bf4958e",
|
|
|
|
|
"value": "findanswer123.tk"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987381",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "a0d78d22-43bd-4584-b864-ce03984a3895",
|
|
|
|
|
"value": "103.27.109.234"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987381",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "9f8e7366-91a8-4632-9b77-0ac65975b99d",
|
|
|
|
|
"value": "108.160.134.113"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Deed RAT",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987399",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "f1b3900f-e6fe-49ca-8785-636da521bf80",
|
|
|
|
|
"value": "ftp.microft.dynssl.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987421",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "b2f12c27-6869-4bdd-a816-e9169528d2e4",
|
|
|
|
|
"value": "toogasd.www.oldvideo.longmusic.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987421",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "8f5f94fd-ddb5-4219-b4f5-8a5b99203c50",
|
|
|
|
|
"value": "wwa1we.wbew.amazon-corp.wikaba.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Poison Ivy",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987438",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "f0d4d8ca-7754-49f9-a454-15e2e4008950",
|
|
|
|
|
"value": "shareddocs.microft.dynssl.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "a2cb79cc-198a-4f73-b480-e0d9d41decb2",
|
|
|
|
|
"value": "reportsearch.dynamic-dns.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "08ff0149-67c3-47d1-8f2f-2e29d170df8c",
|
|
|
|
|
"value": "werwesf.dynamic-dns.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "fea883ae-05b6-48c5-9825-babd87acf648",
|
|
|
|
|
"value": "fssprus.dns04.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "00146922-6ec2-4909-9c49-53246d23b121",
|
|
|
|
|
"value": "alex.dnset.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "52b044bc-4a4f-49ba-bd09-116f239e668f",
|
|
|
|
|
"value": "tombstone.kozow.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "3f886047-ff57-4942-80ee-d35a7276c033",
|
|
|
|
|
"value": "toon.mrbasic.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "63134076-a266-493d-9fe1-96bdeadc59b6",
|
|
|
|
|
"value": "rt.ftp1.biz"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "6f44b831-b29b-49e4-8068-e72f15c72e1b",
|
|
|
|
|
"value": "apple-corp.changeip.org"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "fde7c1c8-d8bb-4be5-b418-8cc58eb8cbb6",
|
|
|
|
|
"value": "amazon-corp.wikaba.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "383e9cff-d0a1-4a3c-b832-9121ea699649",
|
|
|
|
|
"value": "0077.x24hr.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "a1e56eae-3c37-4730-acb8-658c90482f24",
|
|
|
|
|
"value": "staticd.dynamic-dns.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "f06011f7-2cc0-4064-a396-9f82e2dab32a",
|
|
|
|
|
"value": "srv.xxxy.biz"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "ae589c12-d3e3-4992-857c-a17ede9a6388",
|
|
|
|
|
"value": "serviechelp.changeip.us"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "e4ad05e8-51b8-4296-ad61-62193c62ec3d",
|
|
|
|
|
"value": "mktoon.ftp1.biz"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "5877c0e5-aeea-4460-9073-ce415503f871",
|
|
|
|
|
"value": "noon.dns04.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "d8c9ba23-c063-41f9-9fb5-3f8f3496568d",
|
|
|
|
|
"value": "ybcps4.freeddns.org"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "a4712508-4e0e-4793-9bff-eea0f41b9563",
|
|
|
|
|
"value": "oldvideo.longmusic.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "aee705fe-5f03-44ab-bc40-1d84c1c0ea08",
|
|
|
|
|
"value": "chdsjjkrazomg.dhcp.biz"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "7ac8ce83-24f0-47aa-880d-09c5978d0493",
|
|
|
|
|
"value": "q34ewrd.youdontcare.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Third-level DDNS domains",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987477",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "b764b752-8559-4b1c-b1cd-88d637dd3947",
|
|
|
|
|
"value": "journal.itsaol.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Poison Ivy",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987531",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e66ce31e-755d-4644-98a5-143d24b353c1",
|
|
|
|
|
"value": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Poison Ivy",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987531",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "7e27d40f-956f-46f8-b379-a26c8c550183",
|
|
|
|
|
"value": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987903",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "9480fa54-fbaa-43b6-8b91-fb777629b2f3",
|
|
|
|
|
"value": "9324d7a72c436d8eb77f3df72b6f41aa4e1b85f08ef7583e26de75e17cad490c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987903",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3ffcbc80-3e64-4e84-9a40-b3ed9bc9beb9",
|
|
|
|
|
"value": "06ce5271836a6a1ee40513b1de6991ccd87bc7ff640948f194e7c12bdf779fd9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987903",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3b51b1bd-57b1-45ad-9ab9-b23ce1d23597",
|
|
|
|
|
"value": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987903",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2d1c6f7f-feef-4e9a-88d8-c990fcb91b97",
|
|
|
|
|
"value": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "ShadowPad",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653987903",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "419bb539-ee0d-4a59-b55b-cbaba5d25c4f",
|
|
|
|
|
"value": "459f386be186c0e23234f299f2607d0eb2745eb743e1422a95ec2dca645b0e21"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Deed RAT",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988006",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "39669d7d-b82f-4832-a777-ac6fe364bbfe",
|
|
|
|
|
"value": "ff87ec66b89db551d6f4ce33ad150fae7286f58d465179acf2b8001d9ca9bcea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Deed RAT",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988006",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1237e5e8-6ce8-466e-9430-352d7f695878",
|
|
|
|
|
"value": "761557ecc63ec5fbc2e3573f61a860bd8967f04818be25893361c63409ab5af0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4c315bb1-de36-4ee0-8210-a4c616bf67ef",
|
|
|
|
|
"value": "c0292c55fca5f68f4f4831fb5d2a77a78c1f1a45"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a5e43bac-d62f-4f9f-bfae-84c0d4bdce20",
|
|
|
|
|
"value": "36a8ce6f27c251a81d9deada291b2a2c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "218c4a70-77ee-4b56-9378-46b3b8e28d4e",
|
|
|
|
|
"value": "e76567a61f905a2825262d5f653416ef88728371a0a2fe75ddc53aad100e6f46"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "023cc47f-39b5-4fa1-af8d-f3e861fd01e5",
|
|
|
|
|
"value": "e45a5d9b03cfbe7eb2e90181756fdf0dd690c00c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "56cb9786-2ff0-46e2-ac06-8c93d59cc8c3",
|
|
|
|
|
"value": "06af27c0f47837fb54490a8fe8332e04"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0635b388-873b-474e-afae-91ff823a240d",
|
|
|
|
|
"value": "f2ab7d78377fe1898eb6406d66668c9dbbe0836e9c97af08bc57da56a78272a1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "09cc0130-e20f-4fb8-888f-a6a2a8b004f9",
|
|
|
|
|
"value": "87ae868159d572acbb376faf7fda6593058f8518"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f8dd30c3-78e7-44fa-ae97-662439af7d88",
|
|
|
|
|
"value": "c241e8486a0674f7af1b0928b59b94df"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "811204ad-c0c8-403e-b4e0-4267bb720619",
|
|
|
|
|
"value": "1a4cc1c66082f4bb10b917bc434ecc9e7e4f92877fd42e3fbe5e8a96154318f5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "80424eba-d545-496a-9521-944a14717ddf",
|
|
|
|
|
"value": "927f428e0de0391a6392943b3c79fda8363828d0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "3810a8dd-fed6-490c-8dcc-2da49b064263",
|
|
|
|
|
"value": "758eabd1b7b644b01a21011d6e1159e6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "09e78c40-0404-4b2c-a924-429ef7ea2482",
|
|
|
|
|
"value": "1b0e8f31b513ad53db7ca6d8db35c37eb24eaddf859521b6913209af934808ce"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "5abfcbd5-2e48-4509-a613-7928ba23af18",
|
|
|
|
|
"value": "9df3431e26b958f671b28d1c4d34dfa5c0c653bf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "dab47fe9-bd96-4f4e-a5ed-4e9209122b2d",
|
|
|
|
|
"value": "94759ce1618ffa9e38cfa7c3ad43061a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "c2c9a846-0975-4d00-863d-4e1943bc1cdd",
|
|
|
|
|
"value": "f42f8896183d298a6ecd2c3fa78393bf7e58bc33ab7994e35346a57cbe2e2521"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a32d5258-cf83-469a-8fb1-d9429c8c0466",
|
|
|
|
|
"value": "f214cbda1dcdc75b3d355affef74354a104d5b29"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "24ff3a9f-ddeb-4c5d-9b49-d6f58f5e2eca",
|
|
|
|
|
"value": "5ea6d25bb95d8643dfe2deb4afd92843"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2ff26717-0f33-40f1-9ed3-f8b38107b324",
|
|
|
|
|
"value": "bd366f22fd0f1b5b5a041621f70b357287c45883e847bb8f31809d16ca46052f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "00b08a95-a9bf-4c09-aba5-381c10349451",
|
|
|
|
|
"value": "c213d8d98359c32e1b320b8ab0cf168e3f369441"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "7b990f33-3221-4b5e-99e8-4d3fb2bc6b80",
|
|
|
|
|
"value": "8f088b92a9f68681dd17f0fb89b1058d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f461530e-6503-4ed6-8fd9-c8e48e369be4",
|
|
|
|
|
"value": "77052236a7061f91ba6442568f6db1200169fe4afdf9c3c81750e0929dd4fb96"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "7bc4b528-9822-48fb-b40d-4f2f2a38adb9",
|
|
|
|
|
"value": "aa9b71858b893a131908b3236bb724226af6b1dc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a605e5ed-cff1-49d5-a0f1-b31c5c1c841c",
|
|
|
|
|
"value": "02a7272416fefc68ff214b24214fc370"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b8091606-31d9-4378-bfe1-68c1b04a4c22",
|
|
|
|
|
"value": "2bd9b56ddcccc0a9d33debd1c56b493bb60f8b4229f728b0c6c3bac0e556d080"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "56d6a777-34af-43ed-9684-ed5e1b338cf8",
|
|
|
|
|
"value": "0e2c294692cebcaecb5e2f3677d07f96a09ab610"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9b07e3e0-aee5-482f-b851-e03dd43c8e8c",
|
|
|
|
|
"value": "c7f0ec11b70be64695d826587d8fb9f2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988073",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "9020b277-e4a0-49ff-a27a-4f195edf28e1",
|
|
|
|
|
"value": "59fe1b5b641c140225ed12a8122da47716b9d841754f4604a2bdbb2a0dc765ad"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "c38af120-1a53-4671-93e3-93b730fba90f",
|
|
|
|
|
"value": "7324dd736142db51c4d3887c30df810a45b46b08"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "7aa60e34-b1f9-40a1-accc-b3fe4dca1e81",
|
|
|
|
|
"value": "32cb37c984fe0d00009e7566f18463eb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "d7a55280-940d-4d21-b5b3-27314a83deec",
|
|
|
|
|
"value": "cb35899e21269b564ffdd4785961195af1779daf5ff3e64746e2d6368744ba2a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4232bffc-a4d9-4f46-9ee0-8c8fdeb273a3",
|
|
|
|
|
"value": "5ad5183ce68975a59d85d650e72b13a845be82e4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "e1332646-50ba-404f-b62d-eac2eaa934b4",
|
|
|
|
|
"value": "7950cf56e58e2be3fc401885e815e9b6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "9c22acd0-940c-4082-aae6-f473a5687ccc",
|
|
|
|
|
"value": "f97d1f7e3ed963654fb68803f2ac6cd79580abb8f86ab477c49aec76157bb184"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "eae2e330-49c4-4daa-be40-999517123d64",
|
|
|
|
|
"value": "cf1a335ffe672f19fa0160151c50eb9209b5e99b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "e400c815-e22a-4a48-a68a-4341ae0ffe39",
|
|
|
|
|
"value": "b66203f634e48430af63a3c1503b2a4d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2ef7de1c-1cc0-43ac-8dc7-bea92f140c50",
|
|
|
|
|
"value": "74af7c238935e2fc11f97e122bbcf0b813c27f5a4a3b8aa47a574c24003df533"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "c5580450-bd3e-471f-97a4-a6a7651f5d6d",
|
|
|
|
|
"value": "ffb8da41d8a92b4cbeaf4d85a4c2732b90d178c3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f0f2eecb-5bf3-47f4-8b63-9cde45e30ccd",
|
|
|
|
|
"value": "7428f82ed54e0d75c37afc0dde45ea57"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "25261acc-4dd8-4dba-8f8a-7bad849b25cd",
|
|
|
|
|
"value": "9cd487bcec62fb5192fbe654ca5c02750b846070b85016fc3d2071add8e04f39"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d2b2c891-8950-4043-964e-d1d14448dddb",
|
|
|
|
|
"value": "b20c993e963a5540593120cfc1b596ba42aff649"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "8930a608-e40b-42a3-bc83-a913a1a86797",
|
|
|
|
|
"value": "46c4fd5ae4f5907d5ba3faa2978ffbe5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fdd9e592-ba89-4c8b-b73f-e369763376b1",
|
|
|
|
|
"value": "b0a58c6c859833eb6fb1c7d8cb0c5875ab42be727996bcc20b17dd8ad0058ffa"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f915a3e9-f768-4edd-88bd-89d53e7fe455",
|
|
|
|
|
"value": "fcc66ea2198a03def308c53adda78d4a64ed22f7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "0d862f0f-fe5f-4fbc-b6a4-32e9aa506898",
|
|
|
|
|
"value": "823e689e34be362faeddb2bd8d32a05e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3b91243e-c86c-42ad-8b3d-1e0ff40c3fd6",
|
|
|
|
|
"value": "9843ceaca2b9173d3a1f9b24ba85180a40884dbf78dd7298b0c57008fa36e33d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "2c2c23ab-a6ea-4ff8-a328-754c7d8d4428",
|
|
|
|
|
"value": "6c8ab56853218f28ac11c16b050ad589ea14bafe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a3f757fc-bafd-4785-8c36-1dbf5aebf67f",
|
|
|
|
|
"value": "964be19e477b57d85aceb7648e2c105d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1c198748-64ff-4132-b247-2ab06a91d037",
|
|
|
|
|
"value": "9969fc3043ed2917b76b6dbae36bd2e0846b90e9d93df4fc4f490fdf153da435"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f88e8246-197d-4136-81b1-c7c055952927",
|
|
|
|
|
"value": "e102a2ff536d2df93ec9c507e52c04bba773b550"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "df54cb28-fae8-4761-88ac-43c3a6ace821",
|
|
|
|
|
"value": "fff3c03e6c455eaba70ec816a4439b95"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ab0d324d-5b91-46ac-91bc-b312c857a16e",
|
|
|
|
|
"value": "690f5bd392269d80061e8e90a9aedac4f9bb2e898db4211b76a6e27a1ed95462"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "6e0f331d-49d2-4765-a860-4a03da843a8c",
|
|
|
|
|
"value": "5c1d4af865b4d514340d6a2dbb42523a142ab5d8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "d1ab6e60-62d9-4e95-b3a1-06ee25f75c4a",
|
|
|
|
|
"value": "18ea3d4c9639a696b96e49f53af2b161"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0d7e360c-12a9-4f95-ac2e-0c5f3bbe2d97",
|
|
|
|
|
"value": "7bd1016b5f3a5004166de5cf7f1846024684979de413417d83321c931c1b5929"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a175ece7-f872-4c07-bc6b-a65e1f0e1953",
|
|
|
|
|
"value": "cebabb80844c823df4539f4db29d7bca27e1f50a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "3d8faf7f-a9b1-49b6-aeb0-98e805a6646e",
|
|
|
|
|
"value": "89de9c0ce214d2e437e2ce6d266ab100"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "9ece1dd5-20d8-46a0-b130-c6c97f761d62",
|
|
|
|
|
"value": "1687af091d38108eeed634c0539b9639c6128aed9588a370f51a957bee534f39"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "69617707-cf80-4fd3-875b-698e7238c49e",
|
|
|
|
|
"value": "53ab54c2c3ea3d6921fa2bf5fde69255dc41fbed"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c80dd27c-3e32-4127-8c44-c91776592764",
|
|
|
|
|
"value": "ae755e20cd3a6f2721096736c5c3aed5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f5a69ed1-988e-4bd0-828a-a3fa71fb74fc",
|
|
|
|
|
"value": "16d2b4bb67147c0086c5716639e226fe1656da26f40bac86f7df970fa92a8460"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "b80328b5-2b14-4b0f-92dc-0d27b5f18386",
|
|
|
|
|
"value": "1f89b71204ef85c00a6675f65acf4b834c0a58ce"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "BH_A006",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988074",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9c1c265b-564f-4f58-9ee9-63bac1f57344",
|
|
|
|
|
"value": "68f52f72f9f3becd0f51da342dd6bd31"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "946ad922-3d8a-4f9c-b350-c291a9b37ab0",
|
|
|
|
|
"value": "50f1092795c493c5275637b81fbcacfc4ca7951dfda06782a792988bbde2f5a1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "3f38cfbf-278c-44ba-aa03-be6ef203b1fc",
|
|
|
|
|
"value": "8e0ee1ceb7ce14994a481c266eef1f67087b59b1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "90c451fa-2879-46a2-bf8a-caca9b61f3b2",
|
|
|
|
|
"value": "6dfabe77bf18f1424cf47e2e0794f6d5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "579fff57-9024-4abc-99e6-aaad69dac773",
|
|
|
|
|
"value": "82894e2534feb0d9edbb3dd5339c3ff0f6eb73b07e40f0f8b15e759e8a55d052"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "72dff381-acf0-448f-8566-4e3c5b156134",
|
|
|
|
|
"value": "0b8c9bbea5614d2fec852cf2f74fd20b591edbb2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5541ca09-bf1d-4f0f-ab70-397224ede358",
|
|
|
|
|
"value": "814e3cfdbf77e8b400dda78ab0a80e24"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "addd3972-2782-4b8c-8662-478f3fa2061d",
|
|
|
|
|
"value": "e5f471dcd4f5a47f0a53fc389e58c70b9ef81805c503ed6b100950d02ee7f777"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "c91b0f2b-2109-4f12-b955-ae75129cf911",
|
|
|
|
|
"value": "9eb2ed9db419cda517fbea69a9204644e946913c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "cafd595c-9454-409a-8069-5ae38e974c85",
|
|
|
|
|
"value": "a70db29d6a7ba154eeb029be19136cb6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "43997591-7f3d-44dc-9b27-dc0b7c3a0eb3",
|
|
|
|
|
"value": "aeee80588212bc941e179ca95931a91bf446cbc1446111d4e520243d708f1d5b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "fec06490-93a5-478f-acff-fd62f599ca12",
|
|
|
|
|
"value": "dbb93c7b7e36b5eb0dd408e836f7bf305ee076bf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "762b9c2d-544d-46a0-9abf-bb60a418512d",
|
|
|
|
|
"value": "661635e774fef37e56928333d6040cac"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "30360986-55d5-4298-b232-6c3f2ff4e9c1",
|
|
|
|
|
"value": "c66dda5131c0aaa118e7cbb5de16fbc984f1f0c9194717b8981bca0fb024f170"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0e8f6876-49ec-40fd-852f-2fd63962396a",
|
|
|
|
|
"value": "58ec65e2d39e3dff7df3c85d3896ab37a04cd475"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "0d424d9c-658a-4aa9-9fba-274606713280",
|
|
|
|
|
"value": "a96e3b2fd7c8bb7c903240e0b9b1e980"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "19c059f8-96ea-4630-b477-d85c9552a771",
|
|
|
|
|
"value": "051b08ef35a6122bd9ff75609ccd50d84793e5502a9e428a57f2bf688d21d1e9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "05aef884-0de4-43e3-a759-4e209143566d",
|
|
|
|
|
"value": "1b43bb893767f48bc134c1894f3390fd20dbb22d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "95b2cae6-7d51-45be-b9dc-c02b98c230e8",
|
|
|
|
|
"value": "d2b60af1360508ca2728f06f45a3f931"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fa4e075a-c5d6-4b24-a4f2-20e457ca0306",
|
|
|
|
|
"value": "f96adc9e046ecc6f22d3ba9cfea47a4af75bcba369f454b7a9c8d7ca3d423ac4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0bcbff9a-af7c-42af-a059-86142b1df663",
|
|
|
|
|
"value": "cb85578a26dd90f536b9c97cf88ff93baba22107"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX demo dropper",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988299",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "2b3706ec-2b58-486f-b14c-dab7dccab970",
|
|
|
|
|
"value": "4412dcf06cb428d710297a3efcf24a91"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e503949d-f0dd-49d6-ad1e-d8ccbaf9ca5b",
|
|
|
|
|
"value": "0f7556c6490c4a45a95f5b74ced21185fe48a788bcbe847017084ec1bf75d20a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "88a95f4e-f334-4d8c-a0dc-a4d33edbcfe2",
|
|
|
|
|
"value": "53a17133173ee8f32261d4ac8afb956e1540f7be"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "af5e7c18-444e-49f1-8f17-bfcaeee08dee",
|
|
|
|
|
"value": "4b6e1f5375552e09975f23fd8661e0f3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "8844d4fe-3281-4200-927a-dc2082f86402",
|
|
|
|
|
"value": "429b6c5d380589f2d654a79ea378db118db4c1fd1d399456af08e807d552e428"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a6090c7f-27f3-473f-b5d8-0c8bfae4b689",
|
|
|
|
|
"value": "97ecc5aba4ce94a5012dcf609f2d325f293d4bea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "1030e771-1b00-4033-9823-283235894a09",
|
|
|
|
|
"value": "3f8de0e26ee2f1f030e7d61215a227fe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "07f3cab9-e213-4ab2-866c-c139606f481c",
|
|
|
|
|
"value": "0956ab263c7c112e0a8466406e68765350db654dbe6d6905e7c38e4f912a244e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9bdd73e3-06bc-4de2-85d8-e486666079f5",
|
|
|
|
|
"value": "457a592ece5e309cc8844623f29fc6be62c5be60"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "20c94910-a796-471c-8ab9-727a19f518db",
|
|
|
|
|
"value": "bdc734d2c049d77285fdb503aac86cd8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0ef9900e-1901-42c2-91da-82a7600cd5c7",
|
|
|
|
|
"value": "1c0cf69bce6fb6ec59be3044d35d3a130acddbbf9288d7bc58b7bb87c0a4fb97"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "10ae13ee-1763-43e1-9a17-c203e2cd81ff",
|
|
|
|
|
"value": "ef3e558ecb313a74eeafca3f99b7d4e038e11516"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "bf3bf28e-a0a5-4e1f-8c96-35ad692a721b",
|
|
|
|
|
"value": "b4f12a7be68d71f9645b789ccdc20561"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "030d5423-e78e-4b4e-bc11-7feb1fbd0365",
|
|
|
|
|
"value": "a072133a68891a37076cd1eaf1abb1b0bf9443488d4c6b9530e490f246008dba"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "e07be9b5-ac7d-4074-a4b4-ff6534c58fce",
|
|
|
|
|
"value": "e9e8c2e720f5179ff1c0ac30ce017224ac0b2f1b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "8129d17d-39bf-41ad-ba71-4f334cc0d7f5",
|
|
|
|
|
"value": "d5f5bb6368735f34440621b80fb8e003"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ac1dc2e7-c1fd-4e94-96cb-33eb3479d6b6",
|
|
|
|
|
"value": "1bad7e53cb4924576b221a62d2cddb4d18bd387734328b7d48e32046700e2df9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988369",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "3c0ffee8-e707-41af-8066-a5ca1b18aac5",
|
|
|
|
|
"value": "7539e5f25b3e66ea849ebee6bf6104d504573035"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "d1bc4ca8-bd65-4449-b4e4-1a077ba552fa",
|
|
|
|
|
"value": "25db7152f66588dd8ce035f4bbd811d6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fc958499-41d4-4109-ba52-1141b23c652c",
|
|
|
|
|
"value": "39083375012d2a854e6310411e7ce4c4e3440bd5784ae158599be25deaeabcb5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "fcd53eb4-4189-4139-8495-affa846897d6",
|
|
|
|
|
"value": "7ad24d1873325a02ca4644ebbebe5c5f95bb927c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f6a03684-7a91-4f2e-9967-94dffa1c50e0",
|
|
|
|
|
"value": "e7a9d56297f8d0c16eca077b5f0a86bf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "384a58a2-573c-4ed9-aa66-cbcd683a6f7a",
|
|
|
|
|
"value": "3c4483e1185d00b282b19910ad5e7970462122b8b7d8895860ffc132a05b3b9d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a9a453e8-9498-4a79-b844-8ac42c53e747",
|
|
|
|
|
"value": "62d33015859f49e2ad178239891dbed78a0e2de6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "44fbd3a3-83fe-4b3f-83b6-309e56360918",
|
|
|
|
|
"value": "a83b0a6b5c590aaf7528dc23ce1856f2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "5d9330e7-0748-4b58-9b7d-8ac621e1cc94",
|
|
|
|
|
"value": "f8885d5caeec2627d808dc20bd1fbcd42732700686d34f1bb29d83d5d5115ee0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "091cd082-8b29-4041-b692-d41d23778f00",
|
|
|
|
|
"value": "8a44433cfc2e4f116ebd59aac5f596f83c468d44"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "84d28cee-420d-4ede-8631-ffa4f1b88439",
|
|
|
|
|
"value": "633eaedd4944db79d0ac68e71418c34c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6ac5e026-94b8-46ae-927b-d350bb89b3c5",
|
|
|
|
|
"value": "07ef63b7c9554065e3a6047404d2526e8c8e450c5fe977247336626be403d790"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "285b3234-0dfb-44bb-8ff0-06e87d3422b0",
|
|
|
|
|
"value": "a397d9d7d242bc748dc2bf5307d0f16c5144d98d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "fc18b391-40a3-4107-b070-88d547be5096",
|
|
|
|
|
"value": "cfd0a7ab2c2c99dd341d844a5486599b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fa967727-02a3-428f-ac07-7563c3e492b9",
|
|
|
|
|
"value": "8d2ff35a5c941cb2f0438969be1a16116efacb51bb9820e6facc285640855682"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "2697a5ec-a9a8-47ac-8bb0-6c88928e4666",
|
|
|
|
|
"value": "702cf75a6b23a18001a909d6743a739837cc2053"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "694b642b-e850-4a78-881f-cae5b5012ddd",
|
|
|
|
|
"value": "0fe86427810229e4927b3a7091bea583"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ee940515-9e58-40e0-a033-ab07d7ecdb03",
|
|
|
|
|
"value": "31af406fababf825eb15969970f5de1d2de9fa29a3ca609aed3174c48806492f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f02cc983-842d-4358-8b88-a6c7b4dbb125",
|
|
|
|
|
"value": "12e4407d5341836635ce54727ad4dae7712c2a4c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "7f907d27-a700-46ef-94d1-cb1f4354db1b",
|
|
|
|
|
"value": "f4c9dd900488d6ad172f16a812b5e0fc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "106fc338-a3ab-4849-9125-c1ee38b747b2",
|
|
|
|
|
"value": "c150172ae47f9708bf4a87cf67eb19b09e6d4f5a565043f309c1da5ffc9bd656"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "ca4d37a6-2c19-413c-8fbf-a1f7ff4df201",
|
|
|
|
|
"value": "eb6b2ddf1da767848ffe51f14b177298173227f5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "817d98e5-452b-40bd-a7ef-db87d7a0f80b",
|
|
|
|
|
"value": "7a4a791eeb0a195057a65ecceeafc8ff"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "add33867-477f-4bc3-af3b-9bac0ab185d9",
|
|
|
|
|
"value": "5f8e8eada8ad8fcb007a1da7d2dedfdc55473cd5d65a287224c345edf9c1e964"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a5e9d517-6c65-4fc7-a134-054bece5e013",
|
|
|
|
|
"value": "a7837c8e3f789a112fbc2eea623c4e03664280ce"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5c5475a7-ed9f-44de-bd3b-da11053c382c",
|
|
|
|
|
"value": "11fba00953cbd550be12a5691f79547a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "8bb746f6-37f5-49ad-b39f-eda7f65402ca",
|
|
|
|
|
"value": "fda4712cfb3007e7eb5f61b37c746640ff5428108c74106352b69a11193d79a1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "8cedd9f4-d7b0-422f-be5e-29ff339a0f5b",
|
|
|
|
|
"value": "628dc1642de5e74bf230e9b933f264196b9678bb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9cc2e668-78b0-45b1-abe7-620a50f444d2",
|
|
|
|
|
"value": "be4625cb6e797b05a5ce3f2f5d0618c2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6264f83f-1a23-4fbc-8ac3-d7c4be164b51",
|
|
|
|
|
"value": "17c4a6adca907b7cd0fc75d6008a307a3813ac3b75bfebb4f173360b5d2e7964"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "6ada6b8b-9dcd-46c1-b225-b140474c3006",
|
|
|
|
|
"value": "d5959009d3a2bdadd0db5385706920da21e5c8d4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "baa313bf-017b-43e8-9675-9c8a52f2d29e",
|
|
|
|
|
"value": "ff7b237c3049fce0559876239e5c0ae8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1e128d04-a418-4710-837c-5f255b536128",
|
|
|
|
|
"value": "b153195807d9b58168bba751517498268e396a79965c5d323fad5c16bbc9520d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "e6a61945-7965-4149-9bd4-fae59b1357de",
|
|
|
|
|
"value": "c14b4468a33b12250b560a0c7e884e01dd986c95"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c0b58339-ea8f-4642-aa19-b876a5427667",
|
|
|
|
|
"value": "9f4150eee0d18c7ebe6fe2881e40f1a2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "8ccabd75-cf47-456e-b272-b9c02f7f41a8",
|
|
|
|
|
"value": "7112f1033f1fafd9cef1862f6ea0a77994858bb54270deede1ed24b0f18fa7b1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "532799de-ebd8-41b3-863e-dee0e6951025",
|
|
|
|
|
"value": "bc0a54644b5ba7eff9ca10d8b42d73f0c69e4c53"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "d4fcb851-379b-4eea-bdd5-638eabcba460",
|
|
|
|
|
"value": "824e76688a5b5bad414bc170721a29da"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "7d72d88c-9e9b-4302-a7b8-7c10ed24e962",
|
|
|
|
|
"value": "5ece318d3df972291896e858b76224c5ec34637d5409db44c89ec67ee0a6089d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "5785a607-977c-41df-918a-ba42245ed4c7",
|
|
|
|
|
"value": "b253c8ff5fc2cb1ea8933721c3a4002a42eec2f9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "216c6f4c-f217-4eec-9b4e-3ba4091a072f",
|
|
|
|
|
"value": "b0b6d1d000f031c2883df9f67360a338"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "15a6daf6-1922-49f2-a9bf-dda65f1ff81a",
|
|
|
|
|
"value": "e452ea28a9d3e37a2ac0cb8f4bca8ce41bea1a362d4c1680ab3ccaec6e5123d9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "142cb30a-d898-44a7-b187-0a5f6b317a05",
|
|
|
|
|
"value": "7f81103b574a3c26b478e9ab41abc422f979f299"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f38dd78b-be26-4564-a238-6cb8565c6db9",
|
|
|
|
|
"value": "49a5af86baf3d7bee422b841781d1bfe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "41005e26-95a7-416e-91e0-13c29b2887fb",
|
|
|
|
|
"value": "195b39d40cd9d50e0b4b6b41f8b45140bb0f6e201e75b4398bd07b1e5959970b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "ce8883b8-f31d-4e3e-89c0-eeca59280948",
|
|
|
|
|
"value": "5d449cad4b2a8d8a6b7489d82b110c370142acdd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a28021cd-0370-4c12-9329-7a0142491bf8",
|
|
|
|
|
"value": "ff58ce5d9d76502785ed1900056a4501"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ae537dbc-cfb9-4d66-adf5-74f2d3f93c70",
|
|
|
|
|
"value": "675abcf2bc7b1792b50fa296315f39ce5ac8e7e3f754a9be867eb0dd6bbf1799"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "59ba602a-0e83-4739-bfec-fc00188c3335",
|
|
|
|
|
"value": "103cf5647a8dc33d9d611b5b1eafc3e498d02dab"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6af6c6f9-f1b2-4525-ae07-33918e2cd6b4",
|
|
|
|
|
"value": "cb9b8cf286b84678784e7456b7d8fa85"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2b29bd6e-013c-4c5e-bd17-c1da06ee559b",
|
|
|
|
|
"value": "e60757a893881559104513d75cf521c8f72e10653442b9f2510402453e48cdcb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "81bd77b3-0cda-413b-81eb-1becbf6dc61b",
|
|
|
|
|
"value": "b2e4179f7a2d1942fdb8e0fff632a3b65e9dce37"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "e264032b-b941-4614-8c66-3fcf235ad0d0",
|
|
|
|
|
"value": "3a0536d8cd93119389d06575adc64079"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "8f300eea-3286-46ca-ad3b-655975a81701",
|
|
|
|
|
"value": "a9acf75a658cb6e8aed6f638b08931fbe74f7b69a26e6b45486caff9d8e455a4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "98172e81-5ebf-4a00-87d9-c4ca2a58700f",
|
|
|
|
|
"value": "187541ef47985e11324be53309808e23b33c12a1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "752a8507-d561-45ee-9d21-172840efcce3",
|
|
|
|
|
"value": "ef479d7cd2e77a764ffb0a4b291a70fc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6adb5419-b9fd-4274-b9d5-32e8045669d7",
|
|
|
|
|
"value": "ad48650c6ab73e2f94b706e28a1b17b2ff1af1864380edc79642df3a47e579bb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d17249a7-e6ab-4278-b30a-1335e3ce6325",
|
|
|
|
|
"value": "f1a8c309806c90c100e680299a037ec71cf4397c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "87209073-2ca3-4b72-9622-72ea7837aa30",
|
|
|
|
|
"value": "1cba2ec3fc5f1451aaf3a75c9823825e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "7a9ce085-b6c2-445b-a65a-7c5f60b889ef",
|
|
|
|
|
"value": "0b1ed5214dd31a241920de4b5c7cdf3f02ad5f76260bcd260328732c9bedbcec"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4519014a-cd87-4ce7-b726-740e3d303021",
|
|
|
|
|
"value": "9be46478e3cbeb51267b8fb88952860790051c07"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "434f0912-2835-4d21-a3ca-35ac89d6359e",
|
|
|
|
|
"value": "b404e426c53c066620d440f92331a113"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "294aa829-03d8-4014-96f7-d7c14d591a19",
|
|
|
|
|
"value": "555fd0d7c1584f7b504ac65f34017f7070ee12ce0f4070cd0555361b3adea54c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d2b37fd8-3b39-46a2-ae09-1af9005af48d",
|
|
|
|
|
"value": "1f10627b46b51a97b059395bf062117fdfae4cf0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "fd857226-7c7c-44b2-81e5-bebe58812c49",
|
|
|
|
|
"value": "895644020eba9ec62d47ca85ccf94012"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0bf29ee4-5e63-4756-be23-ba3a3a17b9c8",
|
|
|
|
|
"value": "fe885d1a2bef4e99dcbcacd9393c59ed52a718ff2cbbc6a15e443e150edaa662"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "7eca7cf4-b98d-4982-a2ce-e59d7598bf4c",
|
|
|
|
|
"value": "9d490725443c9f426cdc0bfa75b3d900404153c0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6c8df83a-cc18-4087-b163-768488e4891f",
|
|
|
|
|
"value": "13febb9240f37a69f251fd6055b8e1eb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f0bebd1c-8fa0-439b-ba4c-41f24ebd2b0b",
|
|
|
|
|
"value": "354c3c2a7602475b72727158ebae8261f0ac9f2ce6c2ab86ee9ec38169b40f62"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0ac57f35-366c-45f9-a4cf-c15d3c156c17",
|
|
|
|
|
"value": "68a651026a3bae94776a9e1a45c6cca58b9609b7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "e6b8ed73-74f2-4f0e-b70f-5a7c27939c8b",
|
|
|
|
|
"value": "1d866ed934518061839588565ff71edd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "483dd923-9e30-4de9-b57a-0db4c449da88",
|
|
|
|
|
"value": "ab1282afced126da7d330d7be338dfe1f3623970a696710e55a67fb549118f1d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "796a24d7-2565-457d-9288-ee70a0f16afc",
|
|
|
|
|
"value": "3ebe6bd2d44a4d54d8ba314b92c9c379398bf095"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "e81e07f9-97c4-4f38-b32b-d29d60fce1d9",
|
|
|
|
|
"value": "c063adbb4a8a41a8678c594258065fb7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ff369bda-17f8-4ddf-8029-4139668a6d9b",
|
|
|
|
|
"value": "e3d32b0758f98b55483a18631ae42e944c387b5a73b1fbc39f62b2c13a6ec198"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "47bcef9d-9599-4a5a-ba58-31ea91fd0de0",
|
|
|
|
|
"value": "5fe3b83b3ccdf78303b59e5f3e628a2cf80e9d13"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6313de41-8cb2-413a-94e8-c3df9253033a",
|
|
|
|
|
"value": "923165c972c38678f6d9ab4cef36a007"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fdf294aa-71a1-47dc-a477-32abc0870ac9",
|
|
|
|
|
"value": "a4576ca47764284bc3aa8e5dacad84163ca56258dc8af4aa4916bb3bacbd58e0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "1ea61068-647b-4763-86b8-a411a3849968",
|
|
|
|
|
"value": "1166b3daa8ad2496a8b71f37656be7ac41821e03"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "25fb61c2-d843-40ac-b51c-69a0a51838c4",
|
|
|
|
|
"value": "a1503cec20057e367cff4db5e4a8b93c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "879e2c43-be5d-4e62-b3fa-ce97bf8b04f1",
|
|
|
|
|
"value": "8871bd39918868d4f4390e430e82730819182a8ae9fb3ef7096c2ce5dbafbe26"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4439a989-bb98-4df1-b09d-6e3aea66ee0a",
|
|
|
|
|
"value": "f1d74087627879e224303ee56e74d53f6dc67204"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "4638f414-8a9f-4092-8474-6568c00f7177",
|
|
|
|
|
"value": "ec0a9cecb7e1b4b40ffdba19407332ea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0cd26efe-d7dd-49ae-9158-a3203259c3fb",
|
|
|
|
|
"value": "f5e780d10780f45adb0ddc540978d7e170e8c143a251003651e12c18142cee16"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9a467d03-0b97-4284-a198-6d8fa90be134",
|
|
|
|
|
"value": "8e5ef3c08eb584d041a7aa93473aa2e31787d111"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6c3a1567-9939-4397-af69-e320713af79a",
|
|
|
|
|
"value": "f16790e4e2029367cf3ae07037169424"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "a41f06f2-6f7c-4906-a789-41df511ac5c2",
|
|
|
|
|
"value": "37b3fb9aa12277f355bbb334c82b41e4155836cf3a1b83e543ce53da9d429e2f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "74e28db8-7140-4bd5-a292-7763e340dad8",
|
|
|
|
|
"value": "ea7595bff1cfd1d72fe72417bf263d9adc9bc59e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a9e31216-2664-4041-a999-121b62414022",
|
|
|
|
|
"value": "9ae8a7837c60f3f587701934ff41bd96"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "d745cace-363e-4f51-8f9c-0812bbccd6df",
|
|
|
|
|
"value": "6cd5079a69d9a68029e37f2680f44b7ba71c2b1eecf4894c2a8b293d5f768f10"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "eb151a3f-c3f1-4d4f-a91f-b7a67c56f29a",
|
|
|
|
|
"value": "50064d66c9b55b6f7d22051b81914d8366fe36c8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988370",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "d9d1cfc9-1870-4bf6-bd97-5d69c45d7f16",
|
|
|
|
|
"value": "d5915394a6916a00c426aa2827d97c0e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "7fb913ac-cca5-49cf-b87e-b51a70d3ad12",
|
|
|
|
|
"value": "c21a3a44b46e7242c0762c8ec5e8a394ddc74b747244c5b83678620ae141e59c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "cea2f686-8f26-4f91-bfe7-cf1c8df95fae",
|
|
|
|
|
"value": "31d67b5a5588b2d28365534c36a7b754f28e1df9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "b88afa59-21f9-4bfc-9d67-323f9276839d",
|
|
|
|
|
"value": "ecab63b6de18073453310a9c4551074b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2130bf20-2672-4aaa-9fc2-b1da06add328",
|
|
|
|
|
"value": "fe18adaec076ffce63da6a2a024ce99b8a55bc40a1f06ed556e0997ba6b6d716"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0108cb8b-cff9-4662-86ec-62e458b23ea0",
|
|
|
|
|
"value": "1e8dee59355e064790d05e44199443d94ab1aa02"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "PlugX",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653988371",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "046f4ce3-253d-4a7b-9d80-5be2a3ecc929",
|
|
|
|
|
"value": "219983c1a7c6c08707f4907b17a72eb9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "2b8a4cf7-0994-4767-a45e-f458d6f5c876",
|
|
|
|
|
"value": "8903e04d7ffae2081867337801ca2fa5f93220bd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "ff6905ba-b1cc-4783-b1fc-a78f44ef284e",
|
|
|
|
|
"value": "9d116d94151682934dfd753485c91b88"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f89d92ec-fb63-48c9-bd7e-8315a9bbf551",
|
|
|
|
|
"value": "8ac2165dc395d1e76c3d2fbd4bec429a98e3b2ec131e7951d28a10e9ca8bbc46"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "57f14153-4a5a-4817-b159-7564755224bf",
|
|
|
|
|
"value": "c0988a4ade711993632a03a2f82eea412616ef2a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "19cc86e4-cea6-47db-b446-8c4d4e882eab",
|
|
|
|
|
"value": "ab01a4642e76df9e20a6d936d1f287fc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "031c6dd7-c9c0-4c1d-83bf-ccb2f4d2f36d",
|
|
|
|
|
"value": "3f6102bd9add588b4df9b1523e40bb124af36a729037b8c3f2261563e4fa4be9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "90c2998c-083d-4647-b68e-104e09725c4d",
|
|
|
|
|
"value": "c865ef013018db3ed00f946b96a7a98ef2660e65"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "79b6fb5a-8469-4c1c-89e6-103a3be786a8",
|
|
|
|
|
"value": "e8e966455a60c6f5dbfce3e82564d2c7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e4c3d99f-1ce0-47c6-9bb1-ab7c80f7e804",
|
|
|
|
|
"value": "785ac72b10fd9cf98b5e2a40dc607e1ff735fcd8192bf71747755c963c764e2d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "86fb364b-9cd5-406b-84ea-3c37c968680f",
|
|
|
|
|
"value": "a429d9c8c67c8c8036ef05f7b4a27530ee6ae98a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "RtlShare",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653990171",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "945cc5cd-1f3c-48e9-82c1-c09211e6642f",
|
|
|
|
|
"value": "f15c15e2b26f47b436b2a91d332ad59f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "319155c5-e777-4cba-9b5f-4d2a863fda46",
|
|
|
|
|
"value": "7d9e1a193402b87dbbb81c2ab95632686154cff9c991324e46b275850a4b2db6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0ab6e78f-b45c-4e03-bf04-53f0a655ad53",
|
|
|
|
|
"value": "36a6eb414c9b8a7c2cdf12eb46e490d288e7a47a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "93a3b378-84ec-4846-913d-0ffd71c8a66d",
|
|
|
|
|
"value": "98416b41f386bb45ed36c2b6bd0f55ca"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "59a9e638-cac4-4294-a2ef-d6c22dda6072",
|
|
|
|
|
"value": "dd82a7b9b5dc0ee1f9e9f19d46212f3e2a1d09a816f5c0ece96275ee221fca13"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "7cf55788-877b-4f01-80f1-835f70e6426b",
|
|
|
|
|
"value": "cf0fb4950130abddead04c21316912418562bf8a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "2e416b4e-b1c7-4852-b641-62448c523507",
|
|
|
|
|
"value": "a74341091f88d5980a2394be28ed0239"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b7ce3e36-79c8-4887-90e3-4838923dd777",
|
|
|
|
|
"value": "9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "024d7ce9-7fb5-45c2-a2d7-0faae239848a",
|
|
|
|
|
"value": "bbbca10a8545b0421fbfcbd0b3b7a42527fea641"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c1bb89ae-2b20-4510-b44e-c0b2d4fdf814",
|
|
|
|
|
"value": "1bdaa370b064f90abbc2c7cecc6d3316"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3dbea17f-1f6b-404f-8dc3-d07ef3442e82",
|
|
|
|
|
"value": "5872abe12a8e4c7182e4c6a894d6c27961b00d333657736bcbfd7cb1b38af2ed"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "17426cc8-6e71-43ff-9d24-835214a0bd16",
|
|
|
|
|
"value": "133eca56512d8d5f8c730e102bf9042915e9bf41"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991386",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9c4d4247-72aa-465e-b84f-f477e9d203bc",
|
|
|
|
|
"value": "c60df47562dba1c75e9932aa088c24bf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "083ca25f-62b6-4e65-a953-5d86899bdc7b",
|
|
|
|
|
"value": "8dcb99e56c888800e0712faddc07d991b6dcb7a6fd4cceffe9e27fe3da83d206"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "50323276-5502-453e-a563-de2cbe699bec",
|
|
|
|
|
"value": "2e76fa63adc870ca1de19fc7ea5afd6860f36e32"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a97ae723-03a1-46c6-bf29-6be7ee0904cc",
|
|
|
|
|
"value": "1a22342f883ad150c5a6f7e85e9ba2ae"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b6d02461-0f3a-4d3a-867c-538ae277c1dd",
|
|
|
|
|
"value": "7079d8c92cc668f903f3a60ec04dbb2508f23840ef3c57efffb9f906d3bc05ff"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "130aa646-7203-4b78-9493-5dfe3a703b2b",
|
|
|
|
|
"value": "8993d0d5ec2f898eb8d1b8785cc5bb3275b43571"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "cda0c391-8793-403f-b2ef-7e2ae6079158",
|
|
|
|
|
"value": "1690766e844034b3c2ab4f853bd59df7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fafb4bc7-ea99-40eb-9f6b-4fc09f184a64",
|
|
|
|
|
"value": "5e8df46c9bc75450e2660d77897fa3dfa4d6c21eea10a962f7a9cf950ca9ca76"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0f03ff08-9bd7-4a5d-9555-10581458e72c",
|
|
|
|
|
"value": "b0506335e332d64d6568f7830a8fab6a8a6ce1f8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.B",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991387",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "aedaf623-f579-4a37-abe6-1b586e6a1ac6",
|
|
|
|
|
"value": "923d60f3e63c95021f9e99f943fcfbbc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "979be04a-36d2-417b-a74c-f340464175fb",
|
|
|
|
|
"value": "fa2305975aded0fd0601fdab3013f8877969cb873fb9620b4d65ac6ff3b25522"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "bacb163c-390e-4fd5-8dc3-80a6fb7a87e2",
|
|
|
|
|
"value": "003f46f74bbfc44ffd7f3ebfec67c80cf0a07bbf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "3521e466-847c-4024-b031-38c3c7cfc359",
|
|
|
|
|
"value": "24b90157056913bef8c90b6319164afe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2b812212-ceff-4c18-8242-257c14d19a31",
|
|
|
|
|
"value": "0a0ce7fb610e3c037beb2c331e147c8750ba9f7ea2ece2f91f27f1a83c6839e4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "3cd6632d-4de8-4d24-855f-37ed824a020e",
|
|
|
|
|
"value": "1e0a63331814aab39ffb7806289a8ef3433553c3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "98649715-16d5-48df-8b63-2416f632991b",
|
|
|
|
|
"value": "68875f4b80fd1350af7dbea4d05a811b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "308aeb36-0972-4936-8b3f-c6a6be6287d6",
|
|
|
|
|
"value": "898741e11fbbe6b5534fb12a489add1aaa379ee6757c0bd8d6c631473d5c66f7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9487ee79-8177-4724-9510-08a31b60fec6",
|
|
|
|
|
"value": "3fa2f11e142f5f07f2dd63d89b58d01e9397ded0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "75c16458-7e7a-452f-b3da-f9964dd6631f",
|
|
|
|
|
"value": "1fe521f0ad24145704e6085b4a4859a9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "d9ce0e4c-c5ac-41ca-b0e1-c1557a12d377",
|
|
|
|
|
"value": "59e4b8d2b65f1690139c094ee27182285febda115304c44e8d9e7329e09dc794"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "e135b7cf-58bf-4f60-9f92-da78afe492b5",
|
|
|
|
|
"value": "18cd249add7cfae87615ca5b32aca8503337a2d6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "050f61b1-85da-49cd-a509-8d6aacdecff9",
|
|
|
|
|
"value": "9bf855e5e8480fdb93fd12068699446d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "020de331-d4cd-422a-ba37-fad96114b350",
|
|
|
|
|
"value": "0c64cc96a52ff9bdf6593e948fed1bc743bdf714ec1f7b392490423d927c3bb4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4f107e0f-a72a-4500-8de2-f52769cefd20",
|
|
|
|
|
"value": "bb1c27db5f8d7e43592fa81cbfa319f1ce7c828f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "1fdb3f11-bacc-4ad0-a074-12c24b9a94b6",
|
|
|
|
|
"value": "0830581452de0c91090f8de7dbd123fb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "46686409-fd3f-4c9b-954b-017ac621e57e",
|
|
|
|
|
"value": "1ca423fe0159e75718eb66524cd24002071a06b2fa68ce2cbb39d10682a154a6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4bbe93a6-866b-4757-9172-856ec0c60dab",
|
|
|
|
|
"value": "78c8298b8357eee1a2d5d9da86f290bad798ce39"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "34a5a18b-7100-4d05-acaa-333a9c89bd41",
|
|
|
|
|
"value": "ff5896c0749b1e8c403203ebb679ab09"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ae0c78e8-7ff9-4ec3-abf2-a130680de0d3",
|
|
|
|
|
"value": "e9c94ed7265c04eac25bbcdb520e65fcfa31a3290b908c2c2273c29120d0617b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "4887a45d-481e-476b-819a-68278cfd9efb",
|
|
|
|
|
"value": "47edf57c5724ef9ff232dbb76f749977c767106a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5a7e58c9-831c-4054-a390-6abb26d192b6",
|
|
|
|
|
"value": "ef8bcb5865669bc1d1776aeecd1c29de"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "13599059-4536-4a8c-b9db-cc9be1866394",
|
|
|
|
|
"value": "d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0c896420-8c3b-45de-a2cd-f2791c2cfd79",
|
|
|
|
|
"value": "d9e12317a43f233a739972723abc00f1b88f53b0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6a147bca-6147-42ec-9898-c66f9e59b076",
|
|
|
|
|
"value": "5faa973967fee2f35229685ceacf20b3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b2682e4d-ccda-46cb-83a1-7c3d7cc573d0",
|
|
|
|
|
"value": "4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "132f3c18-4277-4108-982d-43b695f27cc7",
|
|
|
|
|
"value": "cc402936b3d6fa5db14b54f0065404d975f2aeb5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Downloader.Climax.A",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "85c0536f-4452-4a9d-965c-38acafdd11a4",
|
|
|
|
|
"value": "f0f2731cabf1c1a6381d0cd265c937bd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6cbdc5e4-918c-4665-a5ae-426b4831412b",
|
|
|
|
|
"value": "f2ce101698952e1c4309f8696fd43d694a79d35bb090e6a7fd4651c8f41794a3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9203b1ca-9119-48a9-aed3-2d23a7c6f9ec",
|
|
|
|
|
"value": "9ec2f21641bd3f482b4c85cd6050432dc05e7680"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "dbb402f4-7053-4a27-9f5c-00ee59118e24",
|
|
|
|
|
"value": "d0cb15e5fd961e4f5b3b120fc60dbdf8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1d7caba3-7aba-4c94-a7b2-2115ba46584e",
|
|
|
|
|
"value": "84b8bfe8161da581a88c0ac362318827d4c28edb057e23402523d3c93a5b3429"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f81eb9ed-ea9e-439f-8e43-01b177e2c6c7",
|
|
|
|
|
"value": "6f1b4ccd2ad5f4787ed78a7b0a304e927e7d9a3c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5c636053-eb43-443f-bb35-4e76a145814f",
|
|
|
|
|
"value": "6e9ff09f5a7daa46cfbfb1cf5707179f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "31571c86-d4b8-44ee-b17b-95e32b7a18bd",
|
|
|
|
|
"value": "3a093f2c2cb5ba59197a4c978cfa9687d5778a53ae17c2ce2757d3577a5e7c69"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "dcd5f3ba-3e06-4066-99d7-b5bc576c30fd",
|
|
|
|
|
"value": "9e0e0582eef9e2e2f38893a06c552d607f835fcc"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "ea14d28d-c153-4bef-89f5-89c7340eaf47",
|
|
|
|
|
"value": "b0f95350b13b65ae427075fbdf5f7230"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0ee6a53f-5c91-464d-b369-9af985b8c7b4",
|
|
|
|
|
"value": "137a3cc8b2ecd98f7d6b787d259e66ca2c1dae968c785d75c7a2fecb4cbbcaf0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "42d09161-45da-4029-ae59-d73192c4871f",
|
|
|
|
|
"value": "1a7967c6357269414cfd1f9e1060a8613bc59f7b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "751443c0-2aec-435e-b952-d40bbad25664",
|
|
|
|
|
"value": "869de5ac4d3520373a8a2f1a5991d365"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "bc24edde-c19b-4024-8366-4324e95069f8",
|
|
|
|
|
"value": "9e010a2b43a6b588b95b5281544739833fb0250e8e990a4fe9879459f92367d0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d2ab52fd-74c1-4a18-b893-4701f0d49959",
|
|
|
|
|
"value": "24732b6b00326439dc373df56aff78c9c82d7169"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991452",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c1047eab-dfec-41a3-82fa-b2e58eb83c8c",
|
|
|
|
|
"value": "814019ff0004d54c9b14981ac02752d4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b6530802-1e39-4ff5-ac1a-9536c0269dc7",
|
|
|
|
|
"value": "408608c6b6f7299561c04f37ab46ca9c82834428ad0e8d42b16ca5da9b86d62e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f9fbffca-b239-41c1-a036-ff15798f1150",
|
|
|
|
|
"value": "9f596346c9acc09772bc5baf8c4dbc80fbdbf03b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "2a0162fe-06d5-4479-9355-14e8ea180648",
|
|
|
|
|
"value": "3801a156c01b2d3ab42bc431a5f2fc46"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f33630b7-6708-4714-897c-a3d90cf7e71d",
|
|
|
|
|
"value": "6cc33a21417967a1bb3294179ea10aa3d9ee8d945a5ea0f6c44530189344a10a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "382b7e62-f7e3-478d-8af0-70ff5a86c4e3",
|
|
|
|
|
"value": "6f43f6e8cb1474a6272f9632487fa1932dfba18c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "64f4cc76-6db4-4535-97b1-70b421cafaf7",
|
|
|
|
|
"value": "6d6c3cbf2c2a3f106fcffdcbf4c70990"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e75ed34f-f967-48de-89ad-6294a334b962",
|
|
|
|
|
"value": "24b749191d64ed793cb9e540e8d4b1808d6c37c5712e737674417573778f665b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "099008f5-a76a-4c73-a60d-e9a134f0cb02",
|
|
|
|
|
"value": "26062de2657bd2a3c228049af27333d2c46a041b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "84f0d1ca-6e4c-4c7c-9642-f3b402ce872b",
|
|
|
|
|
"value": "58c734474fc415905c6c9f95783d79b7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "237d5c34-3cbc-40d8-9e35-f9b2387deaf7",
|
|
|
|
|
"value": "a95dfb8a8d03e9bcb50451068773cc1f1dd4b022bb39dce3679f1b3ce70aa4f9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "72311538-df03-41b4-8384-acc9a283f100",
|
|
|
|
|
"value": "1e8bf3c1a05f37857a9e8f7adb773ed9b9af1b8b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "638b3f82-91a9-41ac-a3bc-bb409b46794e",
|
|
|
|
|
"value": "4ef9466b7ef300ec5fc98257e07efd40"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6c40f614-7c36-4b7f-ac8b-71f4a7e2ff06",
|
|
|
|
|
"value": "efaa30bef6327ca8123e5443aa831dd7173de8ac9a016aaa2ae878641f85f952"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "bb409307-8964-427a-99d8-6f58bb02db07",
|
|
|
|
|
"value": "04951144dc621f5f7ff2d66c8bcb710b77cc3d55"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6d27e083-e8f3-41a1-88f2-2a9c20f3ba15",
|
|
|
|
|
"value": "80397808492e12b83e5c9f5467740fd7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "d6454a7b-0e66-422e-82e5-3d0d38c3e5e1",
|
|
|
|
|
"value": "699bd1babf50a360e0a2ba6b5e0ed2379571ee8356f3f08b09ff8ce434d72696"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "744a72a8-864e-40ff-8543-a05da2c8b55b",
|
|
|
|
|
"value": "3c10a0256cc1f0af3c31770314257eb8f994260c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "cbfadbc6-c513-4553-aced-339d2018e157",
|
|
|
|
|
"value": "09c34b06199eb1cacfbfc159e88e13e4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1cf1b286-5ccb-4729-9430-a0a0369abdc1",
|
|
|
|
|
"value": "d6af2d1df948e2221a4bdaa3dd736dc0646c95d76f1aa1a1d314e5b20185e161"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "68535c67-a7cb-47a4-a8b5-7d6cdece3073",
|
|
|
|
|
"value": "44858761afc0439ba361c90f04ae9719b362d315"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "bd267e04-52c7-48e2-87fe-956436e28aef",
|
|
|
|
|
"value": "9afe1f1936145a0a2ff1f6b34160c37f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "8df2a760-b75b-44b7-b6c7-506802797545",
|
|
|
|
|
"value": "0ecd7741dbdfa0707ccd8613a5ea91e62ab187313dd07d41760c87ed42649793"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "60b26709-3799-4e4b-a1eb-813165f2089f",
|
|
|
|
|
"value": "daacbe773105fd7b0834ed2e3a05ef80275e3c11"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5efda199-96d2-4019-8c87-94dc26cc8efd",
|
|
|
|
|
"value": "e8357ac87261f74c5d40e4baa273d3f0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "2bb91b0d-845c-4b98-8b66-015ea7d2c0c1",
|
|
|
|
|
"value": "2360fa60a1b6e9705bf6b631fcfe53616f37738cf61bc0444ea94ce09c699c7f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "2c018ee4-78a9-404d-a65f-eca18340f408",
|
|
|
|
|
"value": "54e9de60e3a5c58fc2f3daadd18a1355350e13ec"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "61dabcff-7c64-4ff8-98f3-51b5f4ce32b9",
|
|
|
|
|
"value": "e0592c56ee8f0a2149fd9a8ed3b85f6f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "7e858382-2857-43d8-a82d-2bec08d265f2",
|
|
|
|
|
"value": "ffe19202300785f7e745957b48ecc1c108157a6edef6755667a9e7bebcbf750b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d071c804-01bd-4b4d-8605-995410bf403f",
|
|
|
|
|
"value": "25d0321df77623c5af6629c357201941d4cd452c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "ac2a7092-5565-47ac-9b54-dbbf518f5399",
|
|
|
|
|
"value": "ddf7ed52856f7ab9cb75403c30cc2c2b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "afd9c82e-cac6-4322-857f-8b3873d4284e",
|
|
|
|
|
"value": "d45c1ce5678259755df24bd680316a945515fc1bd916ce1d504f9d27cf9d03e4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "447bec02-13aa-4977-97bf-059797255cc4",
|
|
|
|
|
"value": "0f5a74f11c270a02b0c0cc317e0b850c78261b04"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6ac97ec5-4527-40bc-8506-d660350ef1d7",
|
|
|
|
|
"value": "a2972cb5228a56a530543f187e33e160"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "4952ec1b-7c20-4513-b90f-495a4e8de604",
|
|
|
|
|
"value": "00847787ea6568cfaaa762f4ee333b44f35a34e90858c1c8899144be016510ef"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0d663efd-9cb9-4e91-9874-8bbf83cef779",
|
|
|
|
|
"value": "d82bc3800396452ee519fbb35f708802fee335af"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Zupdax",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991453",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c9503e42-0225-4d10-94f9-536fd02f99d9",
|
|
|
|
|
"value": "41f3e576216bb551a0ab1f3f18e9749d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1ea60445-f7ee-45ca-a493-f7a02977b0cf",
|
|
|
|
|
"value": "947f042bd07902100dd2f72a15c37e2397d44db4974f4aeb2af709258953636f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "42a519d7-23b7-4432-8e38-0d1c4129c4f2",
|
|
|
|
|
"value": "09c29c4d01d25bae31c5a8b29474258dc1e40936"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f4f49faa-2632-4fb6-a3d5-06bed9cc0d2f",
|
|
|
|
|
"value": "a2f2e6cdd27c13d2d2d3a5d15e905bb4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1a5809a0-ab97-4ae2-a2d8-65fc304fe74b",
|
|
|
|
|
"value": "949cb5d03a7952ce24b15d6fccd44f9ed461513209ad74e6b1efae01879395b1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "8b9053a2-3f62-4a52-8eda-d8f9add376ae",
|
|
|
|
|
"value": "55604a258d56931d0e1be05bcbe76f675ed69e6e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "89536fc7-b481-442b-94ee-81d9a0a1ab33",
|
|
|
|
|
"value": "5cce810a04197dc25231c477e7e0b402"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "c31e5875-4a02-4978-afff-1b6157d9a64c",
|
|
|
|
|
"value": "35e36627dbbcb2b6091cc5a75ab26d9e5b0d6f9764bc11eb2851e3ebd3fbfe6e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9cf9258a-b79d-4ef2-8421-9ab2119cfae1",
|
|
|
|
|
"value": "415ae82bc0aa94e425009068a239e85a78b8e837"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "34663d08-38a8-4768-bce8-334ec2b34129",
|
|
|
|
|
"value": "f250cc6ea8b240cfe9eb7e2007656e53"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0277467e-9385-463c-8058-9e71183ab32f",
|
|
|
|
|
"value": "730b9ee9f031c8c543664ee281c7988467a3c83eabbbde181aa280314a91ba41"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d186bf1b-aefe-4470-bdb8-b892b287c5fb",
|
|
|
|
|
"value": "7be81aa01715c78166b8529eb999ec52f01a6367"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "fd7ed46e-7617-4500-804a-52330441571a",
|
|
|
|
|
"value": "399e655f1544e6c34601d3ee1e99d088"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "489d0c3b-5cff-4bda-ad81-fb3c32e8d49c",
|
|
|
|
|
"value": "16c2e10b2e3d74732edfae4a4fcc118600e9212162256434f34121fa41eaf108"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "fbfc563b-4e1c-4827-9966-13c87b84b784",
|
|
|
|
|
"value": "7f9d53dc8247e68bfc30c2399eb227a9f1aa9dae"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c7ec2580-f91a-4e9a-967e-f932bb53b26b",
|
|
|
|
|
"value": "850c1355f713c6f6235863d7245221ea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "ef3ff6b0-6940-4495-9f44-ea0df7f17a20",
|
|
|
|
|
"value": "b822a4ec46aacb3bb4c22fe5d9298210bfa442118ee05a1532c324a5f847a9e6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "122cf7ed-65a0-4ff4-a61f-e9e017b6768e",
|
|
|
|
|
"value": "869bd4d2520e5f2cf1d86e7fa21d0fb9a8fae41b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9f203629-c9fb-41f7-bed3-cbebe50b2763",
|
|
|
|
|
"value": "12c83dc14e08c206725933e7b69e8e66"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "9aa62de4-f07b-4c11-8cad-9d94f40bea2d",
|
|
|
|
|
"value": "192499ad69ec23900f4c0971801e7688f9b5e1dc5d5365d3d77cb9bf14e5fd73"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "09f13c1e-dd0f-4b0d-a292-2727252857e6",
|
|
|
|
|
"value": "c3f82d46c5138ba89e3a8fe5ea80ce3b0d2467c0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "78c5a221-0475-4ee8-a072-cbfeae63fe1f",
|
|
|
|
|
"value": "5865679e252c0c9fcfcae4546760f7a5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "a43ca87f-a097-4ebb-af20-a37d75fa06bc",
|
|
|
|
|
"value": "56b9648fd3ffd1bf3cb030cb64c1d983fcd1ee047bb6bd97f32edbe692fa8570"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "91f6ed21-fa01-48a9-aeea-bf4b527d52c0",
|
|
|
|
|
"value": "a8d5e941b04cdd0070fe3218fa1bc04fb1bdd1b4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c9a3d4dd-67a6-415f-903a-c4eba03041f7",
|
|
|
|
|
"value": "a5d85f982d6650b26cccee4741fc3f00"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "fb135b17-9718-4ad1-8abd-9953947dcdc8",
|
|
|
|
|
"value": "0bac8f569df79b5201e353e1063933e52cfb7e34cd092fc441d514d3487f7771"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a8d72b29-0de7-4c54-921f-1e399950b35d",
|
|
|
|
|
"value": "64d97ea909a9b14857490724f19b971bb95d641d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "40c00324-f633-4289-a358-69f7b722d15a",
|
|
|
|
|
"value": "cb9617de5bc93949844a3e26e1360aa3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "20f44718-848b-4f5b-8f3d-9d154e0cc052",
|
|
|
|
|
"value": "1bab80116fa1f1123553bdaf3048246f8c8a8bb3a71b2a13e87b704e68d10d2b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f1e3566e-e947-4447-a1bf-d7adaf720ced",
|
|
|
|
|
"value": "3f32c341a71a32b6421822f44d4efde30d15421b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "3aed1c85-6bba-4c69-b86b-ae8060e5f956",
|
|
|
|
|
"value": "e26713d8091da1946a158f168342cae9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "c7cecdbf-1538-4046-abf3-4abc7863ee27",
|
|
|
|
|
"value": "444d376d251911810f3f4b75923313b3726050153d50ad59deff5a0b8b1ada20"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "c5b63bf5-9bb0-4ba3-aeee-5bee8da9719d",
|
|
|
|
|
"value": "90ff670baddb8bce0444a8a422096461e78fb287"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "34268124-cf14-433e-9b9f-e18c7803221d",
|
|
|
|
|
"value": "bf11b368d610922ac28cd4a9f20bfe97"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "cc4b3af7-4432-44e6-8745-5b20435ae2f1",
|
|
|
|
|
"value": "84eb2efa324eba0c2e06c3b84395e9f5e3f28a3c9b86edd1f813807ba39d9acb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "41c6ff12-ef02-410a-978f-40230b7be557",
|
|
|
|
|
"value": "82c18765ac3a1a2ecf3f258c0912beaf5aedd175"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991488",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "6a9647d9-00ff-4a44-87fe-00f8d0bde4bf",
|
|
|
|
|
"value": "ddc9174f111e8aa445a71b8eeb0ad490"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3e1d7bac-8422-49ea-8a9c-8dfa2ef0f36a",
|
|
|
|
|
"value": "14b03ac41b5ef44ca31790fefb23968f2525c3aabfe11e96b9b1ccb6215eb8be"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "5e714891-3cb5-40b3-ac76-9932ce8691e0",
|
|
|
|
|
"value": "e5882192901c00d8ac47bd82b7d4565761847e7b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "4e8b8175-e251-412f-88b6-c4fda6a9fa80",
|
|
|
|
|
"value": "7b7c21eac0d9a06178a68d73fc5a18a6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6ec20c7b-3f57-416f-83bb-b23c9e54f166",
|
|
|
|
|
"value": "b1d6ba4d995061a0011cb03cd821aaa79f0a45ba2647885171d473ca1a38c098"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "bb4569e1-bff1-4874-819f-7a514de16f2f",
|
|
|
|
|
"value": "9f671e338bc9b66e2dd3b7a3c9115723911b8f65"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "2a2d91c1-4166-4348-82ca-6408307148bf",
|
|
|
|
|
"value": "135f224c2d740b1f1b6f43235e96d3f2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e2deed8b-6a81-48f9-99f1-78539a6c4ff3",
|
|
|
|
|
"value": "5847c8b8f54c60db939b045d385aba0795880d92b00d28447d7d9293693f622b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "9a80f880-e66c-4e06-8699-b62bfa11e785",
|
|
|
|
|
"value": "878b2b8543ee103841cf30af70813b1c27434d71"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "ef7ffbfd-f5ae-4960-9364-b92d0ba72f3d",
|
|
|
|
|
"value": "10b52c1ccaba52a52c991b05704bb12e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b9739230-23b3-4176-96da-f04d7b7bb294",
|
|
|
|
|
"value": "95811d4e3c274f4c2d8f1bf092b9ddc488aa325aabf7c87a2c4877af4ba8bfb7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "70a31194-dccb-490e-bb94-9e46b79f2d87",
|
|
|
|
|
"value": "6b0bebd54877e42f5082e674d07563f527fdd110"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c9bcb38c-fc1f-4807-bc29-1a35512fd8bc",
|
|
|
|
|
"value": "fed14e228ba25fdef9904adaf70c145f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "16f6ec45-22a9-4eb0-885d-8ed9c1cbd7f5",
|
|
|
|
|
"value": "0712456669e65b2b3e8d1305256992c79213a6dd4fd9128cf3e78ab9bae3cff6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "424ed44a-2f99-44b4-88f7-b30efabf789a",
|
|
|
|
|
"value": "ee6b0845ebaae57f88b262c198fad8cf151f6b85"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f5a8e175-9518-434b-af4a-b968829203a1",
|
|
|
|
|
"value": "72571ebddf49e7546f9d5fafc0664e0c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "1063756b-0c94-4efd-83fd-efcdbf39659e",
|
|
|
|
|
"value": "607c92088b7a3256302f69edbfad204cab12bf051a5aac3395130e18ae568dd5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "70d3e7c2-7331-4550-9a0a-9a1fd4ced5e4",
|
|
|
|
|
"value": "2452567c5e28f622fa11c8e92f737cd5d8272abf"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "4ee73875-6903-40dc-ae8b-ec1cddba2fa6",
|
|
|
|
|
"value": "3562bd5a94f4e8d62250201e035e1a49"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "36b02708-56ca-4918-95cf-3c49b6e94dc6",
|
|
|
|
|
"value": "d0fb0a0379248cdada356da83cd2ee364e0e58f4ed272d3369fe1d6ca8029679"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f6e7472a-a26f-434e-bcc9-6ad5d8ef4571",
|
|
|
|
|
"value": "96bae22955bd85110c3f0b7de9a71b81c025f76a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "d9f4f9ce-a58d-4cae-95d5-0c65ec412c52",
|
|
|
|
|
"value": "8a8425a0a4988fa7e9bf98def23c1ec4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b74ee28f-3dc0-4cb4-bb44-20d6f89b7cee",
|
|
|
|
|
"value": "a8a16168af9dcdc4b34d8817b430a76275338dbbda32328520a4669dbe56e91b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "07fdc96f-3992-4764-b8c6-26085d77818a",
|
|
|
|
|
"value": "57bd45e4afb8cd0d6b5360de6411ae0327812d5f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "8146f76f-6b5a-4499-bd68-1ba34c043ba0",
|
|
|
|
|
"value": "a2b245bbb1de4f61dd8c31f391b28605"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "f4681046-eb83-4bac-ae49-2cd6779f53a9",
|
|
|
|
|
"value": "7b7a65c314125692524d588553da7f6ab3179ceb639f677ed1cefe3f1d03f36e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "562eeb34-5e46-4777-a06a-38c50d90fb43",
|
|
|
|
|
"value": "a97b1e1e0de7f0eab5304d206f4d7131987aca6e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9140476f-706f-4e4f-b455-4226c0f12b6e",
|
|
|
|
|
"value": "568594397a24a53ecbbb9c7766194678"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "974beac9-e2f7-49b0-97b0-a7ac6042816a",
|
|
|
|
|
"value": "f6c4c84487bbec5959068e4a8b84e515de4695c794769c3d3080bf5c2bb63d00"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "a7fb7228-c964-4c92-9f23-8da6f48e2276",
|
|
|
|
|
"value": "9358b341bc217dcd15599b43d88b157f8a9f4882"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "c87f703e-d8f9-4b1c-a4b7-c94195a2b08c",
|
|
|
|
|
"value": "05a025736a6fd75f183a04a267cee165"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "82da61b0-928a-4c3f-8e0f-cc2269792353",
|
|
|
|
|
"value": "467979d766b7e4a804b2247bbcdde7ef2bbaf15a4497ddb454d77ced72980580"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "576235f5-ad18-4ef2-b80d-a8bcd21e15a8",
|
|
|
|
|
"value": "ae021c91c759d087ead95319608326e0ed154cfd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "a45a767d-8d4b-48ab-9956-b458241bbcf4",
|
|
|
|
|
"value": "78acab8a8d263968c46ef07d8ba98f0a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "d5bc2cf0-6bd2-480f-8ba1-1fa3ede4d2a0",
|
|
|
|
|
"value": "3e57ca992c235b68027cb62740d8e86a3294ac0ebcff4a2683b29bdaec016646"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d25a58cd-79be-455a-bf0d-7270e851346d",
|
|
|
|
|
"value": "aad3241fd23372523528a99f4c18127a3ebbea59"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "b442c475-ce6d-40c5-87d8-d994b2db5ca9",
|
|
|
|
|
"value": "a75c81a18e3965b5942e7b1669db16ca"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "213f4196-e6a6-4e19-a0f8-8bc17a30f9d3",
|
|
|
|
|
"value": "c3415bddc506839614cbb7186bfc6643713806de4f5b1c15445e96a644b44bea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "5f900978-03ff-46fa-b43d-afdffb55bed8",
|
|
|
|
|
"value": "e29b263a89217412f45d6c7a0235b19af030755a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "8ad1cc62-dec8-488c-ba36-da10531bcfe7",
|
|
|
|
|
"value": "b1f907379148c1e09009cda3cbd3877b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "011bc8b2-00f0-4a83-ab70-2fde03b8f41e",
|
|
|
|
|
"value": "d3a50abae9ab782b293d7e06c7cd518bbcec16df867f2bdcc106dec1e75dc80b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "014006bf-b59c-4c02-83d0-8425231a3033",
|
|
|
|
|
"value": "a9d64e615171b05a402422056ddfcd250febae93"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "ecf3b8c5-30f2-49a6-a601-aa451e6ea7c5",
|
|
|
|
|
"value": "b03192389159b15f5552c82a29c747fe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "6644052b-0fef-43af-b5e8-8f9135d4825b",
|
|
|
|
|
"value": "69863ba336156f4e559364b63a39f16e08ac3a6e3a0fa4ce11486ea16827f772"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "8bc77e04-2b3e-4a51-a4cf-3fd70e1c30ef",
|
|
|
|
|
"value": "ec928047d511286c4db2580045d02ced34b639ea"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "679eea8c-6319-48d3-885a-83711e89e26c",
|
|
|
|
|
"value": "27ea69e0233f32d521c7bb1330690731"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "0ddc5260-94f4-4bca-aaf2-2a66934cf290",
|
|
|
|
|
"value": "50f035100948f72b6f03ccc02f9c6073c9060d6e9c53c563a3fdb1d0c454916e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "d3d9cb5a-4ae8-4710-93f7-af42fa843996",
|
|
|
|
|
"value": "d5ce13a66e8407baec0f447c7fb41d493fd8d73a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "cee80ca9-5466-443a-93d2-665bab4d90f3",
|
|
|
|
|
"value": "343a9cc37cc9843cf862dd946c7eb714"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "5e2ee787-11ed-4eb3-980a-6fcb1062f282",
|
|
|
|
|
"value": "6bc77fa21232460c1b0c89000e7d45fe42e7723d075b752359c28a473d8dd1fd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "727df8de-d741-457d-85a0-e82e58442f68",
|
|
|
|
|
"value": "74847db3abdb5b0fd3952bb76018f9346815035a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "f3fb441d-2ff2-4af0-8338-692897ea4849",
|
|
|
|
|
"value": "359ae18fbfc16b5b09e0f571d563d8e6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "5935d36b-f530-435e-acdb-14b976f4edb0",
|
|
|
|
|
"value": "3ccae178d691fc95f6c52264242a39daf4c44813d835eaa051e7558b191d19ee"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "103aaf14-aae4-4b52-89b3-6a1ba845b58e",
|
|
|
|
|
"value": "0e40d0424aefa672c18e0500ff940681798f2f02"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "aa713d9c-d294-4df5-bdd4-abbeb1da7843",
|
|
|
|
|
"value": "196222b313b6c2ef728695ad5133da06"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "3ecc7f9a-b35b-40af-876f-0b00e8bb6956",
|
|
|
|
|
"value": "a99612370a8407f98746eb0bf60c72393b1b4a23f52e7d7a6896471f85e28834"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "78c0c60e-91f0-42e8-84a9-a3c2d06dea7d",
|
|
|
|
|
"value": "757af512d07fc8fe1167750a748dbb9c700f71f1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "MyKLoadClient",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1653991489",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "7d1a11b1-7630-4922-a792-8bdb6d756d57",
|
|
|
|
|
"value": "6b2e4ff182bffe5a22944fa8d2a7d41d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1654069126",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "pdb",
|
|
|
|
|
"uuid": "03cc138b-ae76-458c-b9f6-f97453bed527",
|
|
|
|
|
"value": "d:\\Leee\\515\u8fdc\u7a0b\u6587\u4ef6\\P1Rat_2017_07_28A\\src\\MyLoaderBypassNorton\\Release\\loaderexe.pdb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1654069126",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "pdb",
|
|
|
|
|
"uuid": "3953fb50-dbe6-445f-9fac-0978abb14446",
|
|
|
|
|
"value": "d:\\Leee\\515\u8fdc\u7a0b\u6587\u4ef6\\P1Rat_2017_07_28A\\src\\MyLoader_bypassKIS\\snake\\res\\SiteAdv.pdb."
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1654069162",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "pdb",
|
|
|
|
|
"uuid": "0b5b61e1-63b5-4976-b296-e1cb0aed4a33",
|
|
|
|
|
"value": "%USERPROFILE%\\Desktop\\Badger\\En-v2\\\u514d\u6740\\MyLoader_bypassKIS\\bin\\loaderdll.pdb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1654069244",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "pdb",
|
|
|
|
|
"uuid": "f68f0a9d-9818-4a22-b789-7bd973105989",
|
|
|
|
|
"value": "h:\\E\\\u9879\u76ee\u95ee\u9898\\UDPUDP-\u82f1\u6587\\bin\\server.pdb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1654069244",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "pdb",
|
|
|
|
|
"uuid": "9ead6ce0-9b4a-4191-9aac-7d72ba394a2d",
|
|
|
|
|
"value": "d:\\\u78c1\u76d8\\E\\\u9879\u76ee\u95ee\u9898\\\u7248\u672c\\UDPUDP-\u82f1\u6587\\bin\\server.pdb"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"Object": [
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "Metadata used to generate an executive level report",
|
|
|
|
|
"meta-category": "misc",
|
|
|
|
|
"name": "report",
|
|
|
|
|
"template_uuid": "70a68471-df22-4e3f-aa1a-5a3be19f82df",
|
|
|
|
|
"template_version": "5",
|
|
|
|
|
"timestamp": "1653986974",
|
|
|
|
|
"uuid": "81b42b01-1626-4012-bbab-b333c5db9014",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "link",
|
|
|
|
|
"timestamp": "1653986974",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "5ce4f447-0e09-4860-a56c-7592919bc616",
|
|
|
|
|
"value": "https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/space-pirates-tools-and-connections/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "summary",
|
|
|
|
|
"timestamp": "1653986974",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "272b6404-0d82-43c7-a310-fc48c34167d9",
|
|
|
|
|
"value": "At the end of 2019, Positive Technologies Expert Security Center (PT ESC) found a phishing email aimed at a Russian aerospace enterprise. It contained a link to previously unknown malware. Our experts discovered the same malware in 2020 when investigating an information security incident at a Russian government agency. During the investigation, several new malware families using a common network infrastructure were also discovered, some of which had not previously been mentioned in open sources.\r\n\r\nIn the summer of 2021, PT ESC revealed traces of compromise of another Russian aerospace enterprise. The organization was duly informed. As a result of the investigation, we found connections to the same network infrastructure on its computers. Further research made it possible to identify at least two more organizations in Russia, both partially state-owned, that were attacked using the same malware and network infrastructure.\r\n\r\nWe could not unambiguously link the detected malicious activity to any known hacker group, so we gave the attackers a new name\u2014Space Pirates. The reason for the name was the P1Rat string used in the PDB paths, and the targeting of the aerospace industry. This report describes the group's detected activity, the features of the malware it uses, as well as its connection with other APT groups.\r\nGeneral information\r\n\r\nWe assume that Space Pirates has Asian roots, as indicated by the active use of the Chinese language in resources, SFX archives, and paths to PDB files. In addition, the group's toolkit includes the Royal Road RTF (or 8.t) builder (common among hackers of Asian origin) and the PcShare backdoor, and almost all intersections with previously known activity are associated with APT groups in the Asian region.\r\n\r\nThe group began its activity no later than 2017. The main targets of the criminals are espionage and theft of confidential information. Among the victims identified during the threat study are government agencies and IT departments, as well as aerospace and power enterprises in Russia, Georgia, and Mongolia. At least five organizations were attacked in Russia, one in Georgia, and the exact number of victims in Mongolia is unknown.\r\n\r\nSome APT group attacks using malware were also targeted at Chinese financial companies, which suggests a monetary motivation. All potential victims were notified by the respective national CERTs.\r\n\r\nAt least two attacks on Russian organizations can be considered successful. In the first case, the attackers gained access to at least 20 servers on the corporate network, where they remained for about 10 months. During this time, more than 1,500 internal documents were stolen, as well as information about all employee accounts in one of the network domains. In the second case, the attackers managed to gain persistence in the company's network and remain there for more than a year, obtain information about the computers on the network, and install malware on at least 12 corporate nodes in three different regions.\r\n\r\nThe Space Pirates toolkit includes unique downloaders and several backdoors which we have not previously encountered and which are presumably specific to the group: MyKLoadClient, BH_A006, and Deed RAT. The criminals also have access to the Zupdax backdoor: its modern variants use a similar MyKLoadClient execution scheme; however, the code of the backdoor itself dates back to 2010 and cannot be uniquely attributed to the group.\r\n\r\nIn addition, the attackers use well-known malware, such as PlugX, ShadowPad, Poison Ivy, a modified version of PcShare, and the public shell ReVBShell. The dog-tunnel utility is used to tunnel traffic.\r\n\r\nThe main network infrastructure of the group uses a small number of IP addresses indicated by DDNS domains. Interestingly, the attackers use not only third-level domains, but also fourth- and higher-level ones, for example, w.asd3.as.amazon-corp.wikaba.com.\r\n\r\nIn the process of investigating Space Pirates, we found a large number of intersections with pre
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
|
"meta-category": "misc",
|
|
|
|
|
"name": "virustotal-report",
|
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
|
"template_version": "4",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"uuid": "2ab87780-14c5-451c-ab22-d6640deb4850",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "permalink",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "0bf8adca-f50c-4881-bdd9-9cddac41ebab",
|
|
|
|
|
"value": "https://www.virustotal.com/gui/file/2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "5b1b9919-78ff-4279-9157-759b894d1bae",
|
|
|
|
|
"value": "0/57"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"uuid": "ee1a367c-26cd-43aa-b9dd-2f8a3ea79d8a",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "b452b608-2d61-4689-8501-9574071b92ae",
|
|
|
|
|
"value": "b1aadcb19d49519f4564d6f52c3c8efa"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha1",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "f6ba3eaf-fa9f-4b3d-93d3-b48a91daef76",
|
|
|
|
|
"value": "d80b939d9d46cdff9cf20f6234186a1bf3b963c2"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "5021a8fc-a35b-42a6-b792-52080552e407",
|
|
|
|
|
"value": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "tlsh",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "tlsh",
|
|
|
|
|
"uuid": "b6d703ee-2a40-446e-becd-e52b8cf1a329",
|
|
|
|
|
"value": "t175f229573164a4c90d81935f47eaf62ef4eb88f52c385ba79cfd9ff2a1a44800ca518d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "ssdeep",
|
|
|
|
|
"timestamp": "1653987747",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ssdeep",
|
|
|
|
|
"uuid": "068253f5-dbe0-4750-a8ea-2f0673edbfb1",
|
|
|
|
|
"value": "768:Kl0E7raH9NpcxR8RQmi4M9u3IgD81BzU8bDHJG5tq9FM:K/G7psR8RQmBku3Id1BoioT5"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
|
"meta-category": "misc",
|
|
|
|
|
"name": "virustotal-report",
|
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
|
"template_version": "4",
|
|
|
|
|
"timestamp": "1653987767",
|
|
|
|
|
"uuid": "6f0f8b25-237d-4fcb-b914-653621b4e0bf",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "permalink",
|
|
|
|
|
"timestamp": "1653987767",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "1b90a2ee-7007-404a-8d33-c1de8bc60809",
|
|
|
|
|
"value": "https://www.virustotal.com/gui/file/672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
|
"timestamp": "1653987767",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "0385d5d0-2dd5-4f95-8d89-d0e3ae52a206",
|
|
|
|
|
"value": "30/68"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
|
"meta-category": "misc",
|
|
|
|
|
"name": "virustotal-report",
|
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
|
"template_version": "4",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"uuid": "f1ea13db-86d5-484b-8f48-f96c1b74bd73",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "permalink",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "39431234-ee94-46fc-8ffa-7edc1cbf904f",
|
|
|
|
|
"value": "https://www.virustotal.com/gui/file/d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "cb36850f-17a0-4bea-84a7-178fe065e9b2",
|
|
|
|
|
"value": "40/68"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"uuid": "437e1761-ba5c-454f-9ef6-b197930ef918",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "3f6d2c66-c7a3-4cd4-8f08-2f6159281315",
|
|
|
|
|
"value": "15d973bcaef5f97329f76be89ee26cdd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha1",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "e17ce0e8-6d7a-4030-bf17-84ca8a6a62a1",
|
|
|
|
|
"value": "72881125929a2c445c6cd094fa13607b9cdea95c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "b0dbea8b-c344-4ef5-9ca4-b3655b793e7c",
|
|
|
|
|
"value": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "tlsh",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "tlsh",
|
|
|
|
|
"uuid": "77d3330c-9579-46e4-a81e-a7386b5126db",
|
|
|
|
|
"value": "t17b042743a6ec3cdad0398370b7bb83c4d72eec6551a2c61e46d002959e7e5537d22be4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "vhash",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "vhash",
|
|
|
|
|
"uuid": "e7afadd9-6801-4c2b-8a15-9839f4f40c1a",
|
|
|
|
|
"value": "015076655d151515155az42!z"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "ssdeep",
|
|
|
|
|
"timestamp": "1653987923",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ssdeep",
|
|
|
|
|
"uuid": "c27e8cba-b960-46ee-99b0-f7587b92fa16",
|
|
|
|
|
"value": "1536:Pixtl/JF3yqJCPFmHCeN6PulhXvsW2d09dlhm5GPOd4Cx:PibJr3pJC8CeN6PWhOMfs6Q4C"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
|
"meta-category": "misc",
|
|
|
|
|
"name": "virustotal-report",
|
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
|
"template_version": "4",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"uuid": "e7eea1e9-b576-47c2-82c7-ff52ac8b7813",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "permalink",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "40ee21a7-9a04-4ec0-a5af-7a672f42e363",
|
|
|
|
|
"value": "https://www.virustotal.com/gui/file/d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "7c2ba27a-a43d-420d-87c7-1a114a2220cb",
|
|
|
|
|
"value": "7/57"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"uuid": "6904ad08-6cf6-44c2-b0ae-ddb145be07ee",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "9aa40025-57d6-45ce-a9f9-ec1483f29a2c",
|
|
|
|
|
"value": "08b419b754122d44b44831384c520b21"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha1",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha1",
|
|
|
|
|
"uuid": "0170f106-ee50-4f4f-8693-beeb0b4ac0e0",
|
|
|
|
|
"value": "a43edb2221919ac5d52bde498f604164b3c86118"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "bfde5fb0-3943-4409-8321-003150841118",
|
|
|
|
|
"value": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "tlsh",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "tlsh",
|
|
|
|
|
"uuid": "8324010e-01b6-433f-8274-23955997a7c5",
|
|
|
|
|
"value": "t17fc3f1d4256d20b0e4399579c8c2467bdaf2b44a93b961cf27c909a60f476d1f338bc3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "ssdeep",
|
|
|
|
|
"timestamp": "1653987938",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ssdeep",
|
|
|
|
|
"uuid": "f7025461-9ded-4b13-bcbb-4f6ceea22335",
|
|
|
|
|
"value": "3072:pq02gisdora1HhYHIrnPLXISm9HVwQ+K2r:pqLgVJHSHIrnPTISmNVwnr"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
