2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
"analysis": "1",
|
|
|
|
"date": "2017-06-02",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "M2M - Malspam --> 62909008.pdf",
|
|
|
|
"publish_timestamp": "1496416565",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1496416559",
|
|
|
|
"uuid": "593133d6-46f4-49e7-b1f6-422f950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "593133d9-f10c-47f0-a215-4bff950d210f",
|
|
|
|
"value": "e364235c573d3b60a5f56a124b325da0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "593133db-da10-411f-814e-442e950d210f",
|
|
|
|
"value": "04a20327fc3a5d98c41e0096452bf9e6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "593133dc-15f0-48a2-84cd-4792950d210f",
|
|
|
|
"value": "603befc50bfcc0a214eacf473ec6baec"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133de-20e4-4e43-92c2-43b1950d210f",
|
|
|
|
"value": "http://benefeet.org/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133e0-04a8-4f13-ac42-4543950d210f",
|
|
|
|
"value": "benefeet.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "benefeet.org",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133e2-d0cc-4f61-ab71-4abe950d210f",
|
|
|
|
"value": "76.74.128.210"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133e4-5d7c-46e7-8453-416c950d210f",
|
|
|
|
"value": "http://dsopro.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133e6-4204-45e9-8211-41cb950d210f",
|
|
|
|
"value": "dsopro.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "dsopro.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133e8-cb64-4d9f-8706-454a950d210f",
|
|
|
|
"value": "35.166.221.246"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133e9-a094-4b37-ad39-4957950d210f",
|
|
|
|
"value": "http://eselink.com.my/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133eb-8198-4f5e-b0da-4fd8950d210f",
|
|
|
|
"value": "eselink.com.my"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "eselink.com.my",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133ee-dbac-4350-9bcb-49a7950d210f",
|
|
|
|
"value": "124.150.140.96"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133f0-bfa8-417a-a021-4249950d210f",
|
|
|
|
"value": "http://e-snhv.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133f1-7774-407a-b893-4d97950d210f",
|
|
|
|
"value": "e-snhv.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "e-snhv.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133f5-62a0-423b-bc36-4a56950d210f",
|
|
|
|
"value": "61.106.62.37"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133f6-42b8-48ad-8929-41af950d210f",
|
|
|
|
"value": "http://fabriquekorea.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133f8-9674-43f5-ba2f-470c950d210f",
|
|
|
|
"value": "fabriquekorea.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "fabriquekorea.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133fa-3c50-4981-8b74-47f4950d210f",
|
|
|
|
"value": "211.174.62.52"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "593133fc-c6f4-404c-a4c3-46b0950d210f",
|
|
|
|
"value": "http://katoconsulting.ro/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "593133fe-8118-4284-aada-4945950d210f",
|
|
|
|
"value": "katoconsulting.ro"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "katoconsulting.ro",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "593133ff-58ec-41df-a867-4991950d210f",
|
|
|
|
"value": "87.229.112.11"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313400-05d0-4a96-b874-40f1950d210f",
|
|
|
|
"value": "http://newserniggrofg.net/af/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313402-bd54-44e5-aca2-47a4950d210f",
|
|
|
|
"value": "newserniggrofg.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "newserniggrofg.net",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313404-77c8-4f47-aba2-4825950d210f",
|
|
|
|
"value": "185.195.24.85"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313406-d784-45ad-86fb-4b21950d210f",
|
|
|
|
"value": "http://orhangazitur.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313408-7f80-410e-8f3c-4a45950d210f",
|
|
|
|
"value": "orhangazitur.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "orhangazitur.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313409-f2a0-40de-9df1-4ffb950d210f",
|
|
|
|
"value": "109.232.220.235"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "5931340b-da7c-4806-857a-4335950d210f",
|
|
|
|
"value": "http://paradigmenergycorp.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "5931340e-d1fc-4b27-8190-42a8950d210f",
|
|
|
|
"value": "paradigmenergycorp.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "paradigmenergycorp.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313410-47dc-468a-bbd3-4978950d210f",
|
|
|
|
"value": "107.180.40.126"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313412-87ec-48dc-94fc-4205950d210f",
|
|
|
|
"value": "http://poltec.com.au/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313413-5c38-4e69-b62f-4367950d210f",
|
|
|
|
"value": "poltec.com.au"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "poltec.com.au",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313414-19a4-4996-88ef-4f11950d210f",
|
|
|
|
"value": "27.54.86.236"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313416-3fbc-41ab-a6c4-4359950d210f",
|
|
|
|
"value": "http://praktikum-marketing.de/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313417-036c-4a04-8a39-44f4950d210f",
|
|
|
|
"value": "praktikum-marketing.de"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "praktikum-marketing.de",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313418-a344-41c0-b999-4a0d950d210f",
|
|
|
|
"value": "76.74.235.244"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313419-8f00-435b-94e5-4224950d210f",
|
|
|
|
"value": "http://pw-shop.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "5931341a-0d84-4991-bfdb-4556950d210f",
|
|
|
|
"value": "pw-shop.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "pw-shop.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5931341b-a2a8-46ef-b913-487a950d210f",
|
|
|
|
"value": "93.170.136.50"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "5931341c-690c-445b-8817-48d4950d210f",
|
|
|
|
"value": "http://resevesssetornument.com/af/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "5931341d-5bd4-465f-ab05-4ae9950d210f",
|
|
|
|
"value": "resevesssetornument.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313420-b6cc-4c18-a737-4b85950d210f",
|
|
|
|
"value": "http://tasfirin-ustasi.net/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313421-7d30-4bdd-9172-4bf7950d210f",
|
|
|
|
"value": "tasfirin-ustasi.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "tasfirin-ustasi.net",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313422-a36c-426d-8470-40d3950d210f",
|
|
|
|
"value": "95.173.189.38"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313424-8b8c-4677-ab56-4fc7950d210f",
|
|
|
|
"value": "http://theexcelconsultant.com/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313425-9418-4f28-9425-4492950d210f",
|
|
|
|
"value": "theexcelconsultant.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "theexcelconsultant.com",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "59313426-0db8-4df6-91fc-422d950d210f",
|
|
|
|
"value": "65.39.193.50"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "59313427-fb94-4e62-844b-4217950d210f",
|
|
|
|
"value": "http://vigs.mx/7rvmnb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "59313428-d794-4b27-a4d3-4157950d210f",
|
|
|
|
"value": "vigs.mx"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "vigs.mx",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5931342a-e8ac-4fe0-b9e7-4d0b950d210f",
|
|
|
|
"value": "192.185.48.180"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "5931342b-b158-48b4-ba22-4a0f950d210f",
|
|
|
|
"value": "http://whoisfoxxrobiouy.net/a5/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397373",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "5931342c-9d24-4760-acb9-4eff950d210f",
|
|
|
|
"value": "whoisfoxxrobiouy.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "whoisfoxxrobiouy.net",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496416525",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5931342e-7540-4cb7-a564-4218950d210f",
|
|
|
|
"value": "5.101.66.85"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: e364235c573d3b60a5f56a124b325da0",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397428",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "59313674-52fc-497a-86fb-41ca02de0b81",
|
|
|
|
"value": "98f0f68feb0495de61add43c717ccb462fbe46bc977bb295c688bd4511272b55"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: e364235c573d3b60a5f56a124b325da0",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397429",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "59313675-b4d0-4572-b11d-4fa402de0b81",
|
|
|
|
"value": "fdcf6a75156d3ecae169ceadb6a89d06f9e00410"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "- Xchecked via VT: e364235c573d3b60a5f56a124b325da0",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397430",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "59313676-7ad4-4820-8384-467b02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/98f0f68feb0495de61add43c717ccb462fbe46bc977bb295c688bd4511272b55/analysis/1496390071/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: 04a20327fc3a5d98c41e0096452bf9e6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397432",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "59313678-1068-434e-9974-42f502de0b81",
|
|
|
|
"value": "824901dd0b1660f00c3406cb888118c8a10f66e3258b5020f7ea289434618b13"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: 04a20327fc3a5d98c41e0096452bf9e6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397433",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "59313679-bcac-4e4d-a696-4cfa02de0b81",
|
|
|
|
"value": "ed69a648f6bce5e652d24fc7dd3f622b04acb98b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "- Xchecked via VT: 04a20327fc3a5d98c41e0096452bf9e6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397434",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5931367a-5b9c-4764-9fda-4ddd02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/824901dd0b1660f00c3406cb888118c8a10f66e3258b5020f7ea289434618b13/analysis/1496392189/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: 603befc50bfcc0a214eacf473ec6baec",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397435",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5931367b-b318-4acd-aa54-461b02de0b81",
|
|
|
|
"value": "312940e15c0251315fb2a8f2920d842fb61f54d5f4d0ce61b60420d972c3c978"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Artifacts dropped",
|
|
|
|
"comment": "- Xchecked via VT: 603befc50bfcc0a214eacf473ec6baec",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397436",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5931367c-5748-4dd8-b3e7-488d02de0b81",
|
|
|
|
"value": "85a85eb1046aaffd6d4752b38d1a8b1eb3ec2581"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "- Xchecked via VT: 603befc50bfcc0a214eacf473ec6baec",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1496397437",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5931367d-75b0-46ab-befa-41e302de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/312940e15c0251315fb2a8f2920d842fb61f54d5f4d0ce61b60420d972c3c978/analysis/1496352757/"
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|