2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event" : {
"analysis" : "2" ,
"date" : "2018-09-09" ,
"extends_uuid" : "" ,
"info" : "OSINT - Multi-exploit IoT/Linux Botnets Mirai and Gafgyt Target Apache Struts, SonicWall" ,
"publish_timestamp" : "1536846519" ,
"published" : true ,
"threat_level_id" : "3" ,
"timestamp" : "1536846498" ,
"uuid" : "5b991442-a9f0-4b5b-bc56-445f950d210f" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Exploit Public-Facing Application - T1190\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#ffffff" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "tlp:white" ,
"relationship_type" : ""
} ,
{
"colour" : "#22681c" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "malware_classification:malware-category=\"Botnet\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:botnet=\"Mirai\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:tool=\"Mirai\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0da800" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:tool=\"Gafgyt\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:botnet=\"Gafgyt\"" ,
"relationship_type" : ""
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536758878" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b991454-051c-4bd8-a0bd-4e4a950d210f" ,
"value" : "https://researchcenter.paloaltonetworks.com/2018/09/unit42-multi-exploit-iotlinux-botnets-mirai-gafgyt-target-apache-struts-sonicwall/" ,
"Tag" : [
{
"colour" : "#00223b" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536758905" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b991479-1434-4a91-9224-493c950d210f" ,
"value" : "Unit 42 has uncovered new variants of the well-known IoT botnets Mirai and Gafgyt. These are the IoT botnets associated with unprecedented Distributed Denial of Service attacks in November 2016 and since.\r\n\r\nThese variants are notable for two reasons:\r\n\r\n The new Mirai version targets the same Apache Struts vulnerability associated with the Equifax data breach in 2017.\r\n The new Gafgyt version targets a newly disclosed vulnerability affecting older, unsupported versions of SonicWall\u00e2\u20ac\u2122s Global Management System (GMS).\r\n\r\nThese developments suggest these IOT botnets are increasingly targeting enterprise devices with outdated versions.\r\n\r\nAll organizations should ensure they keep not only their systems up-to-date and patched, but also their IoT devices. For Palo Alto Networks customers, WidlFire detects all related samples with malicious verdicts. Additional protections are noted in the conclusion below."
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536825257" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5b9a17a9-46f4-4829-a645-41bb950d210f" ,
"value" : "l.ocalhost.host"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536825258" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5b9a17aa-17d8-479d-a049-4e2d950d210f" ,
"value" : "185.10.68.213"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536825258" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5b9a17aa-4d98-4ac5-8764-42f4950d210f" ,
"value" : "185.10.68.127"
}
] ,
"Object" : [
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536822608" ,
"uuid" : "5b9a0d50-ad90-4793-b2d8-41d2950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536822608" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a0d50-0db8-4b6b-9701-4a98950d210f" ,
"value" : "d6648a36f55d6b8ffd034df7d04156d31411719ce9bc28e6d30c8427feacb397"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536822609" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a0d51-6454-44e9-9ddf-42f2950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823728" ,
"uuid" : "5b9a11b0-9f94-4354-a268-43aa950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823728" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a11b0-b558-4b1a-9eca-437a950d210f" ,
"value" : "710d56a90b5f61c7ae82fcf305d23d48476e4f237ffff9d68b961171f168f255"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823729" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a11b1-3b64-466e-ba0e-47d1950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823741" ,
"uuid" : "5b9a11bd-ec9c-4b8b-97d3-4f7a950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823741" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a11bd-79d8-480d-bbbf-45a1950d210f" ,
"value" : "52274c46933c20aaf64fd4c11557143fcfdc76eef192743fafd1b3a8bed3f4d2"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823742" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a11be-ddd0-4b74-913f-4d85950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823782" ,
"uuid" : "5b9a11e6-9cdc-41f5-98f9-4912950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823782" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a11e6-aa50-4ec0-95f1-4b81950d210f" ,
"value" : "078eef70d754e9b64bc783f085846a2e8ae419653a79ed2386c4ade86fde68cb"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823782" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a11e6-e3b0-4e5c-abd3-4be2950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823792" ,
"uuid" : "5b9a11f0-9c10-492e-9b51-4257950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823793" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a11f1-36f4-48c9-977b-4ac3950d210f" ,
"value" : "ef090093496ccdab506848166a07554bfa74eb98a0546171b84fc73861f67c79"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823793" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a11f1-5490-47fa-8ab2-4432950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823880" ,
"uuid" : "5b9a1248-1f28-48ac-be89-45c3950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823880" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1248-3270-4c9b-8fcd-416c950d210f" ,
"value" : "49cdb537f5e4081362545532a623f597212c8cea847cf9f2b2f1fe1f3cd0ec2f"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823881" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1249-5474-4476-995f-4d90950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823902" ,
"uuid" : "5b9a125e-9f20-423b-b45f-4054950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823902" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a125e-5db4-4f91-9f4d-441d950d210f" ,
"value" : "99c22a0c0e252ab123fb3167f49d94dc12960b79565ca6dfd28f2ff5b0346348"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823903" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a125f-e0a0-44d7-a2f0-48bb950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823929" ,
"uuid" : "5b9a1279-20f4-4f5e-b2dc-48ca950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823929" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1279-dee0-4810-8cd3-4f08950d210f" ,
"value" : "ae2354a5d8b84fb6ea6fc4b9ca3060959d5c0c77684cd2100731df2a3c7a204e"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823929" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1279-b380-44a6-9c25-4416950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Apache Struts exploit CVE-2017-5638" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536823944" ,
"uuid" : "5b9a1288-1af0-4da4-8f3a-447b950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536823944" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1288-c088-4c25-9f23-493d950d210f" ,
"value" : "1913cf8e65114136cc309e72c384b717f0aeaaeae0c040188648c4afebce1669"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536823944" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1288-e790-4d03-a460-4cbd950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824082" ,
"uuid" : "5b9a1312-b374-493c-986d-49bd950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824082" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1312-6d54-4e1a-be43-4413950d210f" ,
"value" : "1814c010f5e7391c7ea38850f9caf0771866e315f8d0c58c563818e71d30c208"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824083" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1313-1324-49af-b8e0-49a2950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824095" ,
"uuid" : "5b9a131f-bec4-4d20-baea-4929950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824095" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a131f-2c54-4fb5-90ec-417b950d210f" ,
"value" : "29540468514cd48b6c2571722018dffb49d12f99c95b248a44a1455fff01acfb"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824096" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1320-889c-4393-b901-4e2c950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824115" ,
"uuid" : "5b9a1333-b508-45d9-9896-4e23950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824115" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1333-0614-4a15-af26-42b0950d210f" ,
"value" : "39891a1c13e4e6ec9de410201f697d23c05e83a29ec0010c6c62c6829386e6a6"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824116" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1334-4ce4-4227-bd39-4d87950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824134" ,
"uuid" : "5b9a1346-5384-4908-a5a8-4df7950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824134" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1346-43dc-4f32-ad9d-4ba6950d210f" ,
"value" : "596270e91ccee3ec04a552bafde586af127ecac7141852edb9707ac6c4779a99"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824134" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1346-cb84-4b0b-b65c-4f66950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824538" ,
"uuid" : "5b9a14da-00bc-4f8c-92b4-4c86950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824538" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a14da-eb80-4afc-9d19-40c6950d210f" ,
"value" : "68b27935c7d064478339f7d95b57ff06ffa1efbd81009b4a2870c5cf3e0b0b35"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824538" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a14da-3c20-4dc5-b52c-4d69950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824553" ,
"uuid" : "5b9a14e9-221c-4e02-b682-4575950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824553" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a14e9-da78-4529-9f86-4a12950d210f" ,
"value" : "92a4c6ae034c3a03c21b74bdc00264192e60a85deedd90b99a3e350758eb85c1"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824554" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a14ea-0698-430d-9436-4d6d950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824577" ,
"uuid" : "5b9a1501-cc14-4764-bf87-46cc950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824577" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1501-db4c-4d2d-9b05-435e950d210f" ,
"value" : "aab0ec600cdf57f28f9480ff3a9d3547f699af005c015b74c5c9e39a992570b6"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824578" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1502-0664-409b-b961-484c950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824594" ,
"uuid" : "5b9a1512-a77c-4500-a8c9-4481950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824594" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1512-8a84-4014-b818-457a950d210f" ,
"value" : "d8fbf6d68993045b4840729c788665ab10c50c42b27246a290031664f3b956eb"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824594" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1512-c694-48d1-be93-4469950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824615" ,
"uuid" : "5b9a1527-6be8-4405-8242-44f9950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824615" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1527-0a18-425a-97aa-4cbf950d210f" ,
"value" : "dafe1b513183902692c8ba8b2a95fede7c13937e49bf21294de448df05edff18"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824615" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1527-8484-4667-9898-43d3950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824628" ,
"uuid" : "5b9a1534-31f8-4c5b-9d0b-4dc8950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824628" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1534-62e0-43ad-90c8-4ea9950d210f" ,
"value" : "f89d742c4d3312ac9bd707a9135235482c554e369cb646dcd97f6a14b4210136"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824628" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1534-b130-4a35-9437-447e950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "Sample with Sonicwall GMS exploit CVE-2018-9866" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "14" ,
"timestamp" : "1536824641" ,
"uuid" : "5b9a1541-1924-4272-80b3-4240950d210f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536824641" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5b9a1541-5ee0-45cb-a0bf-453c950d210f" ,
"value" : "fab034d705b3ad7a10101858daf5da93a88f8bfd509dee9b8072678b27290ed3"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536824642" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a1542-12ec-40f5-891e-41a5950d210f" ,
"value" : "Malicious"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware." ,
"meta-category" : "vulnerability" ,
"name" : "vulnerability" ,
"template_uuid" : "81650945-f186-437b-8945-9f31715d32da" ,
"template_version" : "5" ,
"timestamp" : "1536833646" ,
"uuid" : "5b9a386e-b6e4-47be-8342-4230950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "cvss-score" ,
"timestamp" : "1536833646" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "5b9a386e-e358-4e72-b737-4437950d210f" ,
"value" : "10"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833646" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a386e-1350-4e96-9d52-4468950d210f" ,
"value" : "https://cve.circl.lu/cve/CVE-2017-5638"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833646" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a386e-1078-423f-bf71-4ac2950d210f" ,
"value" : "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833647" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a386f-d6ec-4e6c-89ee-4fb4950d210f" ,
"value" : "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833647" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a386f-3c84-45e2-b0d8-4f7b950d210f" ,
"value" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833648" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a3870-610c-4c63-a2a4-4e0b950d210f" ,
"value" : "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "references" ,
"timestamp" : "1536833648" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9a3870-1788-4488-8fe5-42d2950d210f" ,
"value" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536833649" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3871-c88c-491f-abdc-4e9d950d210f" ,
"value" : "Published"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "published" ,
"timestamp" : "1536833649" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3871-1048-497a-82ab-449b950d210f" ,
"value" : "2017-10-03T21:59:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1536833649" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3871-689c-4183-8c14-421c950d210f" ,
"value" : "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "modified" ,
"timestamp" : "1536833649" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3871-4350-449d-82f5-4062950d210f" ,
"value" : "2018-03-03T21:29:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "id" ,
"timestamp" : "1536833649" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3871-b3f4-4491-b702-4741950d210f" ,
"value" : "CVE-2017-5638"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware." ,
"meta-category" : "vulnerability" ,
"name" : "vulnerability" ,
"template_uuid" : "81650945-f186-437b-8945-9f31715d32da" ,
"template_version" : "5" ,
"timestamp" : "1536833922" ,
"uuid" : "5b9a3982-b92c-4520-9b89-4a5c950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536833922" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3982-05b4-4540-8e31-4e43950d210f" ,
"value" : "Published"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "published" ,
"timestamp" : "1536833922" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3982-8998-4f86-af94-4d10950d210f" ,
"value" : "2018-03-08T16:29:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1536833922" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3982-a884-4721-9937-4d5d950d210f" ,
"value" : "A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier."
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "modified" ,
"timestamp" : "1536833923" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3983-6dc0-48ed-9a27-458b950d210f" ,
"value" : "2018-03-08T16:29:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "id" ,
"timestamp" : "1536833923" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3983-167c-41c6-acf7-4400950d210f" ,
"value" : "CVE-2018-9866"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware." ,
"meta-category" : "vulnerability" ,
"name" : "vulnerability" ,
"template_uuid" : "81650945-f186-437b-8945-9f31715d32da" ,
"template_version" : "5" ,
"timestamp" : "1536834106" ,
"uuid" : "5b9a3a3a-ed68-4f01-9808-438e950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "cvss-score" ,
"timestamp" : "1536834106" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "5b9a3a3a-0680-4ff7-9864-44b3950d210f" ,
"value" : "9"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536834106" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3a3a-e6f8-4526-9510-458a950d210f" ,
"value" : "Published"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "published" ,
"timestamp" : "1536834106" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3a3a-988c-42ad-a2d1-40e6950d210f" ,
"value" : "2017-06-04T13:59:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1536834106" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3a3a-e830-4160-83b5-47bf950d210f" ,
"value" : "A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI."
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "id" ,
"timestamp" : "1536834107" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3a3b-5c5c-4efb-bdda-4d76950d210f" ,
"value" : "CVE-2017-6884"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware." ,
"meta-category" : "vulnerability" ,
"name" : "vulnerability" ,
"template_uuid" : "81650945-f186-437b-8945-9f31715d32da" ,
"template_version" : "5" ,
"timestamp" : "1536834355" ,
"uuid" : "5b9a3b33-9c4c-4549-b0e2-4c6e950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "cvss-score" ,
"timestamp" : "1536834355" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "5b9a3b33-fc98-4233-991b-4db5950d210f" ,
"value" : "6.5"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1536834355" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3b33-ac5c-4c93-aaf1-4416950d210f" ,
"value" : "Published"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "published" ,
"timestamp" : "1536834355" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3b33-febc-418d-b535-4ccd950d210f" ,
"value" : "2018-03-20T11:29:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1536834355" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3b33-ed9c-4f5c-971a-4853950d210f" ,
"value" : "Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code."
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "modified" ,
"timestamp" : "1536834356" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b9a3b34-80a8-4946-910c-4e65950d210f" ,
"value" : "2018-04-19T11:04:00"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "id" ,
"timestamp" : "1536834356" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9a3b34-7378-4f86-9184-475d950d210f" ,
"value" : "CVE-2017-17215"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845807" ,
"uuid" : "c9655c57-1760-44de-8ccc-7029b572eae9" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "c9655c57-1760-44de-8ccc-7029b572eae9" ,
"referenced_uuid" : "09f198df-da65-491a-b0aa-b776a71ebd10" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-037c-4f9d-aab3-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845804" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "3378cba9-9cff-462b-a2fb-16d88106cd44" ,
"value" : "e0b32c133cedca69b05dd3a9dd6e1910"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845804" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "540546b5-0c1f-4a0e-a6e8-e5aeae9e1401" ,
"value" : "ff7c182fb460d62195d1bae8c394b2e81182defe"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845805" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "2637b721-0f72-4059-b3d5-a9f964620c94" ,
"value" : "710d56a90b5f61c7ae82fcf305d23d48476e4f237ffff9d68b961171f168f255"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845805" ,
"uuid" : "09f198df-da65-491a-b0aa-b776a71ebd10" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845805" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "cbaa39a5-ae89-497b-ba65-0901ebe6762b" ,
"value" : "2018-09-13T01:25:45"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845806" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "279a4f6c-0ce4-4d69-9af0-dc6b013928db" ,
"value" : "https://www.virustotal.com/file/710d56a90b5f61c7ae82fcf305d23d48476e4f237ffff9d68b961171f168f255/analysis/1536801945/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845806" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "75778552-b07e-4f8b-85bf-eaaeee5be422" ,
"value" : "25/58"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845809" ,
"uuid" : "85dcb3db-5f44-45ce-91ed-474e10a184ce" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "85dcb3db-5f44-45ce-91ed-474e10a184ce" ,
"referenced_uuid" : "2f799c8d-3791-4020-8203-8f673107e71a" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-1a7c-4ad1-8d8a-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845806" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "4e7903a9-92c8-47c5-bc50-e35e4e294668" ,
"value" : "6a77f21e15a0a4763e86d166763dbd05"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845807" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "ae854bd2-75aa-4a31-8334-48e3ef021b9e" ,
"value" : "a4a4d892d04f516261c2fa4c56de3ff21afd2812"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845807" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "6db1af42-756d-445d-a7bf-a34f5cc20c27" ,
"value" : "29540468514cd48b6c2571722018dffb49d12f99c95b248a44a1455fff01acfb"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845807" ,
"uuid" : "2f799c8d-3791-4020-8203-8f673107e71a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845807" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ea58763f-c5f9-4765-a316-a8ee71d3fccd" ,
"value" : "2018-09-13T01:25:59"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845808" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "c949938e-0e64-43e0-944a-40a3b391d0aa" ,
"value" : "https://www.virustotal.com/file/29540468514cd48b6c2571722018dffb49d12f99c95b248a44a1455fff01acfb/analysis/1536801959/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845808" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "70c9ab68-2528-495d-a5a8-78d179b63a00" ,
"value" : "23/58"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845811" ,
"uuid" : "5892a64f-3a60-4d35-b243-5b5ee982d5aa" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "5892a64f-3a60-4d35-b243-5b5ee982d5aa" ,
"referenced_uuid" : "c0c775a5-3da7-4a09-b2b3-401164eadeb0" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-3160-4615-8588-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845808" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5902a53a-8b91-4d34-87e6-3d814dbc3d8a" ,
"value" : "1998b2f489c4da5ecafe7fb5cc790575"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845809" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "8fc67189-522c-4946-9e14-62c0a08badf6" ,
"value" : "13c72eb4c783b74046aeb53f50173eccfb64c7ca"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845809" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "af98ef0d-bb40-4d07-a09c-f2bae9f9c7d4" ,
"value" : "ef090093496ccdab506848166a07554bfa74eb98a0546171b84fc73861f67c79"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845810" ,
"uuid" : "c0c775a5-3da7-4a09-b2b3-401164eadeb0" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845810" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "1144ae7f-5675-47d6-97f0-df298c23cbb1" ,
"value" : "2018-09-11T06:12:03"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845810" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "c4d12609-ad7a-4cff-8bb6-259c956faaf7" ,
"value" : "https://www.virustotal.com/file/ef090093496ccdab506848166a07554bfa74eb98a0546171b84fc73861f67c79/analysis/1536646323/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845811" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bb80ca2b-f4ce-47e0-949f-c3b0b611c005" ,
"value" : "23/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845814" ,
"uuid" : "b8d711a9-9a6e-4659-b9b2-b42dc5fb64bd" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "b8d711a9-9a6e-4659-b9b2-b42dc5fb64bd" ,
"referenced_uuid" : "526f5584-f6ca-47e3-9fa6-94a38edeac72" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-8a08-43ef-ae78-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845811" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "f7ca2d2f-1a83-40d1-9a30-5b260fcc9677" ,
"value" : "218821892d5d5e460101d6914cfe2a3d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845811" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "017ab2ad-762b-4938-899c-fb88e0fbdf3f" ,
"value" : "1da48a03224df6397f2215cd6b79308dbda7cf86"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845812" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "16bdec95-3785-4f1c-90fd-fcbadfb1d962" ,
"value" : "dafe1b513183902692c8ba8b2a95fede7c13937e49bf21294de448df05edff18"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845812" ,
"uuid" : "526f5584-f6ca-47e3-9fa6-94a38edeac72" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845812" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "db64872a-34a9-4bf5-adf4-a6aaa45cf956" ,
"value" : "2018-09-10T14:18:14"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845813" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "0a9bcc4e-e99a-4e38-9585-e27415770029" ,
"value" : "https://www.virustotal.com/file/dafe1b513183902692c8ba8b2a95fede7c13937e49bf21294de448df05edff18/analysis/1536589094/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845813" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "84e65e5c-1e5f-41ac-93c2-97f15f9a571d" ,
"value" : "16/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845816" ,
"uuid" : "3bd19fac-4ad2-4d33-b023-7359e714c116" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "3bd19fac-4ad2-4d33-b023-7359e714c116" ,
"referenced_uuid" : "c28acd19-e6ca-4fa4-a444-c884b75c7a0a" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-df90-48f5-ab5d-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845813" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5211272c-e45a-4e2a-b7d7-f44dd3a97f2f" ,
"value" : "3df581337af37f4e66be5026062dcfb2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845814" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "02a982dc-3132-4fb9-a438-135834d82ad2" ,
"value" : "61116e2b1614cebeed29b489d699f4bbcf217fa3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845814" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "8318d0ed-0a8b-41fa-bf98-d3bf3def789a" ,
"value" : "52274c46933c20aaf64fd4c11557143fcfdc76eef192743fafd1b3a8bed3f4d2"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845814" ,
"uuid" : "c28acd19-e6ca-4fa4-a444-c884b75c7a0a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845815" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "43e8d1b7-22fd-4ab9-899c-4473ad895757" ,
"value" : "2018-09-13T07:59:15"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845815" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "01ffe445-591f-4e55-bcb0-8bfbaebf687f" ,
"value" : "https://www.virustotal.com/file/52274c46933c20aaf64fd4c11557143fcfdc76eef192743fafd1b3a8bed3f4d2/analysis/1536825555/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845815" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5c91c16b-b4f8-4c3a-b62b-236a1c911f46" ,
"value" : "20/57"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845818" ,
"uuid" : "832a413e-bc2f-47a6-b913-d9ae101ea8d0" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "832a413e-bc2f-47a6-b913-d9ae101ea8d0" ,
"referenced_uuid" : "ef7a87c9-d339-48a4-a939-93db4c14e085" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-12b8-4ada-8011-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845816" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "a1f0d49e-6e68-4c08-be68-f320a0713a8b" ,
"value" : "9387e4ce5b53ee19af2dafcf8c5aedd1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845816" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "406ab928-a441-477a-bed1-6d133db49dd0" ,
"value" : "8588546bc5ca10137fc6d2268085a2173a7638c8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845816" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "4312d2cd-6746-47c2-8402-dc367651e19d" ,
"value" : "ae2354a5d8b84fb6ea6fc4b9ca3060959d5c0c77684cd2100731df2a3c7a204e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845817" ,
"uuid" : "ef7a87c9-d339-48a4-a939-93db4c14e085" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845817" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ceb2089f-f043-4d4b-84b0-744285914f35" ,
"value" : "2018-09-10T14:15:40"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845817" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "54a8e308-a2f0-4e97-9ecf-ca11a4f431a0" ,
"value" : "https://www.virustotal.com/file/ae2354a5d8b84fb6ea6fc4b9ca3060959d5c0c77684cd2100731df2a3c7a204e/analysis/1536588940/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845818" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "8387e690-d923-4f33-8cde-768ab505083f" ,
"value" : "18/57"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845821" ,
"uuid" : "fd8a9a4d-bf88-4db4-b070-cda698f7e250" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "fd8a9a4d-bf88-4db4-b070-cda698f7e250" ,
"referenced_uuid" : "24952aa6-ab94-4152-af25-3437ccf8a6d4" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-826c-45ed-955a-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845818" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "16038725-6ef8-4d9f-bb2d-98553f5a539c" ,
"value" : "75cbd3709696219b94d1355349348e84"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845818" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "37f92afb-75b9-4004-8d82-f50e54f1c7bb" ,
"value" : "3a9a06a2f2efdf1fed10793fa7220730bc315af1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845819" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "2591a4c7-8eb8-420c-b803-6ccb85927671" ,
"value" : "49cdb537f5e4081362545532a623f597212c8cea847cf9f2b2f1fe1f3cd0ec2f"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845819" ,
"uuid" : "24952aa6-ab94-4152-af25-3437ccf8a6d4" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845819" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "69f9765e-d423-4a90-b910-952b150e503e" ,
"value" : "2018-09-13T01:26:10"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845820" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "740f1058-5283-4224-8dc0-44d8a81a9214" ,
"value" : "https://www.virustotal.com/file/49cdb537f5e4081362545532a623f597212c8cea847cf9f2b2f1fe1f3cd0ec2f/analysis/1536801970/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845822" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "1c63801e-198c-46e3-9eb9-df05d0b1e755" ,
"value" : "22/57"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845825" ,
"uuid" : "8eff451c-0576-4361-b4a7-a4e2f7949bd5" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "8eff451c-0576-4361-b4a7-a4e2f7949bd5" ,
"referenced_uuid" : "5f60eec5-1e31-47a7-a572-3c69ff9cbd7d" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-f9f0-4ea6-8209-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845822" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "23052521-d9d0-4f1f-ae41-c7bc85337cef" ,
"value" : "af525f736a3d31837e16575136752d2b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845822" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f74635f9-c8e6-4bb6-8405-315bf7fc8b0f" ,
"value" : "adde5df82821d40c8821452f38704dc70f378eb9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845823" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "c2db3508-7027-4206-bf7d-790d0de1639d" ,
"value" : "68b27935c7d064478339f7d95b57ff06ffa1efbd81009b4a2870c5cf3e0b0b35"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845823" ,
"uuid" : "5f60eec5-1e31-47a7-a572-3c69ff9cbd7d" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845823" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "b91a61f5-ebae-4f5e-9556-0f4f47bebc45" ,
"value" : "2018-09-11T06:00:17"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845824" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "b64fd84b-850e-4cf1-8608-0e345e8ebaec" ,
"value" : "https://www.virustotal.com/file/68b27935c7d064478339f7d95b57ff06ffa1efbd81009b4a2870c5cf3e0b0b35/analysis/1536645617/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845824" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e1074a2c-3c90-45e1-aaed-fb41141987b3" ,
"value" : "25/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845827" ,
"uuid" : "b93e361e-6457-475a-8466-3229a898dd5d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "b93e361e-6457-475a-8466-3229a898dd5d" ,
"referenced_uuid" : "c0ada5f7-d274-4011-9a05-b1bdb2ebe146" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-29f8-45cf-9a57-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845824" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "ef077428-fc14-4761-abd0-a949623e0601" ,
"value" : "6a6307b57a6baf33f9bf148b3fecd9a4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845825" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "fb23f52c-6c92-474e-bfe4-8cb86de4dd29" ,
"value" : "a6a3190afc1c87c98c3ba6b8c82c230b11a02565"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845825" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "fced4fb2-9e6c-44ce-a7f8-eebd108e22f0" ,
"value" : "f89d742c4d3312ac9bd707a9135235482c554e369cb646dcd97f6a14b4210136"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845827" ,
"uuid" : "c0ada5f7-d274-4011-9a05-b1bdb2ebe146" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845827" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "7431f176-47a0-4aeb-a93a-b5b8aaa3155d" ,
"value" : "2018-09-10T14:19:02"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845828" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "b9f2a194-9392-41fd-9849-9953d0b6a129" ,
"value" : "https://www.virustotal.com/file/f89d742c4d3312ac9bd707a9135235482c554e369cb646dcd97f6a14b4210136/analysis/1536589142/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845828" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "767f6eaf-08b2-4b5e-929c-9cd867b9bebe" ,
"value" : "16/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845831" ,
"uuid" : "5eddfb2f-6cc7-461f-b6ce-136882e44252" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "5eddfb2f-6cc7-461f-b6ce-136882e44252" ,
"referenced_uuid" : "50f46239-1bfb-4c67-aa7d-37f5d327db89" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-a2a8-4169-960b-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845829" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "c25f357d-4aad-4aba-a3b2-9a73d3c0e3a1" ,
"value" : "9bcf535899fe77d4f3c78f3bd9810e10"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845829" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "228aee38-f096-4d22-9f9b-32fbfe5f1bd8" ,
"value" : "0baafb0dc6ecefdda5c131e8128aa6ac698b7c1f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845829" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7822ca46-7377-482b-b2e8-20c38e08bc48" ,
"value" : "d8fbf6d68993045b4840729c788665ab10c50c42b27246a290031664f3b956eb"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845830" ,
"uuid" : "50f46239-1bfb-4c67-aa7d-37f5d327db89" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845830" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "39767421-d6e6-4589-aedd-6988492548f7" ,
"value" : "2018-09-11T06:10:07"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845830" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "ecc5384b-1a99-472c-a1fa-79c3d4bdb50e" ,
"value" : "https://www.virustotal.com/file/d8fbf6d68993045b4840729c788665ab10c50c42b27246a290031664f3b956eb/analysis/1536646207/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845831" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "2f4bbc93-4fc7-4d0e-9471-159600402a6b" ,
"value" : "23/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845834" ,
"uuid" : "1409de38-3c59-48e4-bc96-95e5d351ba78" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "1409de38-3c59-48e4-bc96-95e5d351ba78" ,
"referenced_uuid" : "8c3716af-2702-42c0-af1d-ffb02e2e5418" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-fda8-45e8-8f7a-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845831" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "3f132559-afa7-45f8-b101-6f2407c1ea01" ,
"value" : "e407843bffcf913dfd4fa816b067c33c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845831" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "b857cd3e-3130-4d71-bf46-79022bfbfb97" ,
"value" : "b73865efa77e07a75eb3bdd24d95a92b301a0a74"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845832" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "6814140c-2867-4479-8a11-c5721c3fedc3" ,
"value" : "078eef70d754e9b64bc783f085846a2e8ae419653a79ed2386c4ade86fde68cb"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845832" ,
"uuid" : "8c3716af-2702-42c0-af1d-ffb02e2e5418" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845832" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "197fd2f8-187a-4dd4-827c-333abecba11e" ,
"value" : "2018-09-12T10:59:31"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845833" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "acd59703-f3e3-4fea-b989-174c2f4e44b4" ,
"value" : "https://www.virustotal.com/file/078eef70d754e9b64bc783f085846a2e8ae419653a79ed2386c4ade86fde68cb/analysis/1536749971/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845833" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "cb23a3ca-b153-4074-bb77-1007af2b3d1b" ,
"value" : "22/57"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845836" ,
"uuid" : "a85d42ef-debd-451d-815b-ff5467bd75b2" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a85d42ef-debd-451d-815b-ff5467bd75b2" ,
"referenced_uuid" : "17cf418e-64b5-41ec-922b-54d42d0ee510" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-f358-469c-9909-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845833" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5b674651-7ab2-438c-af65-1fbd085d57cd" ,
"value" : "b324726c2a526fd98b06145b557408f0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845834" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "dd387ce9-ca8b-4771-a574-dc8b145e8273" ,
"value" : "95e7b1213aa808678cd04cd1befdebba8b37ebf7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845834" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "30047801-df88-48a4-9db1-cd5e7e2e0f8d" ,
"value" : "99c22a0c0e252ab123fb3167f49d94dc12960b79565ca6dfd28f2ff5b0346348"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845835" ,
"uuid" : "17cf418e-64b5-41ec-922b-54d42d0ee510" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845835" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "c43399fa-212e-4d49-b8e4-16b9c17a87ee" ,
"value" : "2018-09-11T07:55:29"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845835" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "3b6822a4-4f37-4f1e-91be-01b076bbbbff" ,
"value" : "https://www.virustotal.com/file/99c22a0c0e252ab123fb3167f49d94dc12960b79565ca6dfd28f2ff5b0346348/analysis/1536652529/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845836" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "ba72f04f-02a5-49e6-aa16-29dd0e33b163" ,
"value" : "23/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845839" ,
"uuid" : "f04ab39a-7beb-4615-b61f-b246d5530a1d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "f04ab39a-7beb-4615-b61f-b246d5530a1d" ,
"referenced_uuid" : "9b32fc2b-5313-4b24-b254-76b77752b779" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-5948-4343-9d55-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845836" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "ed4d5241-3e22-41e0-b358-baab230c5cd3" ,
"value" : "6b33b5c8d7e57e3c1c674eb1ffaf2cb2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845836" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "8bd13ed2-bcfe-47a1-b96c-8f7be1712bcf" ,
"value" : "8606fd59486682c5fe32e3b1d1df622922e734e8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845837" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3edc73a1-1098-4602-a14d-ff55c548e11a" ,
"value" : "aab0ec600cdf57f28f9480ff3a9d3547f699af005c015b74c5c9e39a992570b6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845837" ,
"uuid" : "9b32fc2b-5313-4b24-b254-76b77752b779" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845837" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "9aae846b-805c-430a-9fc3-855881423ded" ,
"value" : "2018-09-10T09:43:09"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845838" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "207f6dfe-b3ac-41ec-8363-228ac90d09c7" ,
"value" : "https://www.virustotal.com/file/aab0ec600cdf57f28f9480ff3a9d3547f699af005c015b74c5c9e39a992570b6/analysis/1536572589/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845838" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "0677f378-8f0c-4473-a74b-505cc2a6cad0" ,
"value" : "24/58"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845841" ,
"uuid" : "01a176a0-f1c1-4ead-8cc6-a657d617f57d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "01a176a0-f1c1-4ead-8cc6-a657d617f57d" ,
"referenced_uuid" : "499422cf-0c27-46f7-9926-fbabf396ce2f" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-b830-4ca9-91da-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845838" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "6cc764a0-17d7-41b8-8f8e-f00b527fd538" ,
"value" : "d26bf0c4bef27196aae4b0b533877f16"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845839" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "85a983e4-cfa1-41d9-8380-b55d3a39a782" ,
"value" : "96575a020408a67d03d0058735090d601df2e1a8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845839" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "e1309772-7098-4488-b7f9-13cf48d42cb4" ,
"value" : "d6648a36f55d6b8ffd034df7d04156d31411719ce9bc28e6d30c8427feacb397"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845840" ,
"uuid" : "499422cf-0c27-46f7-9926-fbabf396ce2f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845840" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "c75451f3-6f0d-436d-a3cf-f526d6f2b115" ,
"value" : "2018-09-10T13:23:05"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845840" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "9147ab65-176e-4e95-a4ae-1a21d12d51a9" ,
"value" : "https://www.virustotal.com/file/d6648a36f55d6b8ffd034df7d04156d31411719ce9bc28e6d30c8427feacb397/analysis/1536585785/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845840" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "034e3e61-12fc-4acf-8974-1301ef7d8113" ,
"value" : "19/60"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845843" ,
"uuid" : "11eb620d-cf54-4826-a5e1-cd47cf0c42c8" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "11eb620d-cf54-4826-a5e1-cd47cf0c42c8" ,
"referenced_uuid" : "3a5d4ca6-6c1c-45c8-b969-f42e24018080" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845855" ,
"uuid" : "5b9a681f-14c0-4ec9-8e36-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845841" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "8c7dd80b-47b8-4abb-b9e1-3e6b147863d3" ,
"value" : "f8e0ec8a7c6629c2f206c2b8860ded3f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845841" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "514d9ac2-0c72-463d-a9d5-e9ef7a3d940e" ,
"value" : "9d00562ca754411b4158d4e0e953e486cc4b3886"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845841" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "2aa6e597-3ddf-4c44-bba5-584e62da9a95" ,
"value" : "596270e91ccee3ec04a552bafde586af127ecac7141852edb9707ac6c4779a99"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845842" ,
"uuid" : "3a5d4ca6-6c1c-45c8-b969-f42e24018080" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845842" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f757360f-d424-412b-9e62-c6c4ef056a61" ,
"value" : "2018-09-11T05:10:56"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845842" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "164f4b29-d0f9-4c29-adde-2b124d558914" ,
"value" : "https://www.virustotal.com/file/596270e91ccee3ec04a552bafde586af127ecac7141852edb9707ac6c4779a99/analysis/1536642656/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845843" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "fca216f8-84e9-4497-9ad3-090cb3a399ed" ,
"value" : "22/58"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845846" ,
"uuid" : "25927348-f7e5-4c73-bb65-1a697c164887" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "25927348-f7e5-4c73-bb65-1a697c164887" ,
"referenced_uuid" : "bd12dbfb-3c97-438b-9431-b91856a77007" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845856" ,
"uuid" : "5b9a6820-7818-48a1-996d-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845843" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "200b3234-0071-4ea5-b637-91ed9c395374" ,
"value" : "d1dffadb8f075c8d4fe822fa81a3ddb1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845843" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "50ac9f18-7f97-456e-8e90-e693800ba23f" ,
"value" : "c90535a54d0494b981c6a4f09b331762cebbfcc9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845844" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "9d2d0189-c490-46f6-8f74-ac51ad156e1c" ,
"value" : "fab034d705b3ad7a10101858daf5da93a88f8bfd509dee9b8072678b27290ed3"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845844" ,
"uuid" : "bd12dbfb-3c97-438b-9431-b91856a77007" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845844" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "4dcd8a36-6411-416b-aba9-64c1818398cb" ,
"value" : "2018-09-11T05:09:31"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845845" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "aac80e1e-6cdc-467f-8771-7e72effbc129" ,
"value" : "https://www.virustotal.com/file/fab034d705b3ad7a10101858daf5da93a88f8bfd509dee9b8072678b27290ed3/analysis/1536642571/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845845" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "08caff6d-2bd9-48af-8850-d27b75126967" ,
"value" : "24/60"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845848" ,
"uuid" : "cd8a9a3f-2459-42e5-a868-efddc1ea6ac4" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "cd8a9a3f-2459-42e5-a868-efddc1ea6ac4" ,
"referenced_uuid" : "bfd604f5-f81f-4c06-a20b-776c02c983e0" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845856" ,
"uuid" : "5b9a6820-f2bc-43d7-98ae-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845845" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "bd155f2d-f96c-492d-8e9c-5e4adfb48608" ,
"value" : "943aa993dd600b3c8080e7a064cf5568"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845846" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "2338e0e8-ce5a-45c1-a35a-1978523eb720" ,
"value" : "9828898850d3e69d16b8ff312635e95ecf4478e9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845846" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1fe7c59b-3198-41d9-95ce-71a3b1e0134f" ,
"value" : "39891a1c13e4e6ec9de410201f697d23c05e83a29ec0010c6c62c6829386e6a6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845846" ,
"uuid" : "bfd604f5-f81f-4c06-a20b-776c02c983e0" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845847" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "771d6784-63d7-403d-aeb5-a20134c399f2" ,
"value" : "2018-09-11T05:54:54"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845847" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "b3fa45af-080f-4132-a8de-4c8f487f2a2c" ,
"value" : "https://www.virustotal.com/file/39891a1c13e4e6ec9de410201f697d23c05e83a29ec0010c6c62c6829386e6a6/analysis/1536645294/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845848" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "edc16cb6-6700-4b30-99be-5f415c0f498c" ,
"value" : "23/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845851" ,
"uuid" : "41a04017-73fb-4631-887a-0671543e7f41" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "41a04017-73fb-4631-887a-0671543e7f41" ,
"referenced_uuid" : "bda04530-cb00-4b96-b39a-8a9f8e68e4b7" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845856" ,
"uuid" : "5b9a6820-e120-474a-83b9-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845848" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5e987d5f-9482-43b6-a143-695f249619b1" ,
"value" : "dd0d4d4196735db691a77ad2201fcb2a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845848" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "1e7d6f9b-b5a9-4f4f-8843-3bd6ba414303" ,
"value" : "2e9676699462fbb3b36ad205a8189e93fd68599e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845849" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "d76987d4-a5ea-4263-9d02-fb2f87bf7e59" ,
"value" : "1814c010f5e7391c7ea38850f9caf0771866e315f8d0c58c563818e71d30c208"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845849" ,
"uuid" : "bda04530-cb00-4b96-b39a-8a9f8e68e4b7" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845849" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5d064180-dde6-47df-9e92-52108e0b2c1b" ,
"value" : "2018-09-11T05:50:49"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845849" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "0a7cb0a0-13d8-40d4-9e47-8f273ce41258" ,
"value" : "https://www.virustotal.com/file/1814c010f5e7391c7ea38850f9caf0771866e315f8d0c58c563818e71d30c208/analysis/1536645049/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845850" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "d0ec1e2b-44aa-4792-9faf-1a294393e2a5" ,
"value" : "21/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845853" ,
"uuid" : "a4c7f3b3-28f7-48c2-ba26-e788139df68d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a4c7f3b3-28f7-48c2-ba26-e788139df68d" ,
"referenced_uuid" : "6aa5bf4e-0751-467c-b327-1883ce155cb3" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845856" ,
"uuid" : "5b9a6820-4708-47e8-aa56-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845850" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "33a93805-349c-4392-a213-6cb10de17bb5" ,
"value" : "f6388e1650573bac1f933011acda71f2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845850" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "7079eea2-2c3d-452e-a23e-668554d791d6" ,
"value" : "86e7114c21dfdbcefd90f61426b9ce88d2698b12"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845851" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5d0390f9-f8e8-4c16-9d17-8cf726a524be" ,
"value" : "1913cf8e65114136cc309e72c384b717f0aeaaeae0c040188648c4afebce1669"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845851" ,
"uuid" : "6aa5bf4e-0751-467c-b327-1883ce155cb3" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845851" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "127ea910-669d-448c-962d-5688970e3f1c" ,
"value" : "2018-09-11T05:50:55"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845852" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "9e604b76-733e-41a3-a577-cebe99f787b6" ,
"value" : "https://www.virustotal.com/file/1913cf8e65114136cc309e72c384b717f0aeaaeae0c040188648c4afebce1669/analysis/1536645055/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845852" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5052f9c6-992e-4ea7-a3c0-8c9e1b4c3e16" ,
"value" : "21/59"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1536845855" ,
"uuid" : "0ac97056-2d5a-45ae-876d-966288ca2ba9" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "0ac97056-2d5a-45ae-876d-966288ca2ba9" ,
"referenced_uuid" : "7a81dcbd-cd16-405c-b04c-04b5aab112bf" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1536845856" ,
"uuid" : "5b9a6820-a974-4109-a59b-5c7502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1536845852" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b47f0fe1-6c02-4910-8e9f-4ae22f6bc35f" ,
"value" : "2b0919caab591515af6ff99fb76896e8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1536845853" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "c2454b24-2987-48af-b70d-18dccf77a3f4" ,
"value" : "99ff9c25bc2e0a874ca4090abb6c612ea984c30c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1536845853" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "da68a596-5e3a-431c-bf26-a4f92fc63273" ,
"value" : "92a4c6ae034c3a03c21b74bdc00264192e60a85deedd90b99a3e350758eb85c1"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1536845854" ,
"uuid" : "7a81dcbd-cd16-405c-b04c-04b5aab112bf" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1536845854" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "4f66e666-cc07-49b1-95d4-649d6b094a43" ,
"value" : "2018-09-12T01:40:46"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1536845854" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "8ec552cc-d839-4117-a6e0-824ba5d25e68" ,
"value" : "https://www.virustotal.com/file/92a4c6ae034c3a03c21b74bdc00264192e60a85deedd90b99a3e350758eb85c1/analysis/1536716446/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1536845855" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "26b9502d-8ad2-45bf-b828-6b68cba58d6b" ,
"value" : "23/59"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}