{"Event":{"info":"OSINT - File-Locker Ransomware Targets Korean Victims and asks for 50K Won","Tag":[{"colour":"#ffffff","exportable":true,"name":"tlp:white"},{"colour":"#850048","exportable":true,"name":"workflow:todo=\"create-missing-misp-galaxy-cluster-values\""},{"colour":"#7a0042","exportable":true,"name":"workflow:todo=\"create-missing-misp-galaxy-cluster\""},{"colour":"#e7007d","exportable":true,"name":"workflow:state=\"incomplete\""},{"colour":"#3b0020","exportable":true,"name":"workflow:todo=\"expansion\""},{"colour":"#c8006c","exportable":true,"name":"workflow:todo=\"add-mitre-attack-cluster\""}],"publish_timestamp":"0","timestamp":"1540997801","Object":[{"comment":"","template_uuid":"688c46fb-5edb-40a3-8273-1af7923e2215","uuid":"5bd87702-40d0-4020-bbb0-45db950d210f","sharing_group_id":"0","timestamp":"1540912898","description":"File object describing a file with meta-information","template_version":"15","Attribute":[{"comment":"","category":"Payload delivery","uuid":"5bd87703-6bf4-4363-8bb8-406f950d210f","timestamp":"1540912899","to_ids":true,"value":"b6b5e455c4ebe875907aa185988c2eb654ed373dc0e6b712a391069d63dc5c3f","disable_correlation":false,"object_relation":"sha256","type":"sha256"},{"comment":"","category":"Other","uuid":"5bd87704-eb2c-4741-9fc6-43c4950d210f","timestamp":"1540912900","to_ids":false,"value":"Malicious","disable_correlation":true,"object_relation":"state","type":"text"}],"distribution":"5","meta-category":"file","name":"file"},{"comment":"","template_uuid":"688c46fb-5edb-40a3-8273-1af7923e2215","uuid":"5bd87712-d774-4c8c-87c0-4505950d210f","sharing_group_id":"0","timestamp":"1540912914","description":"File object describing a file with meta-information","template_version":"15","Attribute":[{"comment":"","category":"Payload delivery","uuid":"5bd87712-ddc4-49ca-ab38-4aac950d210f","timestamp":"1540912914","to_ids":true,"value":"Warning!!!!!!.txt","disable_correlation":true,"object_relation":"filename","type":"filename"},{"comment":"","category":"Other","uuid":"5bd87713-5c64-4229-ab09-4baf950d210f","timestamp":"1540912915","to_ids":false,"value":"Malicious","disable_correlation":true,"object_relation":"state","type":"text"}],"distribution":"5","meta-category":"file","name":"file"},{"comment":"","template_uuid":"d0e6997e-78da-4815-a6a1-cfc1c1cb8a46","uuid":"5bd87865-61fc-4432-81d1-45bc950d210f","sharing_group_id":"0","timestamp":"1540913253","description":"An address used in a cryptocurrency","template_version":"4","Attribute":[{"comment":"","category":"Financial fraud","uuid":"5bd87865-e77c-449f-8f16-4173950d210f","timestamp":"1540913253","to_ids":true,"value":"1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX","disable_correlation":false,"object_relation":"address","type":"btc"},{"comment":"","category":"Other","uuid":"5bd87868-2f48-42c4-aec4-4995950d210f","timestamp":"1540913256","to_ids":false,"value":"BTC","disable_correlation":true,"object_relation":"symbol","type":"text"}],"distribution":"5","meta-category":"financial","name":"coin-address"},{"comment":"","template_uuid":"d0e6997e-78da-4815-a6a1-cfc1c1cb8a46","uuid":"5bd8787b-1760-49c0-a467-4042950d210f","sharing_group_id":"0","timestamp":"1540913275","description":"An address used in a cryptocurrency","template_version":"4","Attribute":[{"comment":"","category":"Financial fraud","uuid":"5bd8787b-3e7c-4c25-b168-4e9f950d210f","timestamp":"1540913275","to_ids":true,"value":"1BoatSLRHtKNngkdXEeobR76b53LETtpyT","disable_correlation":false,"object_relation":"address","type":"btc"},{"comment":"","category":"Other","uuid":"5bd87885-b180-422d-8c75-408d950d210f","timestamp":"1540913285","to_ids":false,"value":"BTC","disable_correlation":true,"object_relation":"symbol","type":"text"}],"distribution":"5","meta-category":"financial","name":"coin-address"}],"analysis":"2","Attribute":[{"comment
