2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event" : {
"analysis" : "2" ,
"date" : "2022-02-22" ,
"extends_uuid" : "" ,
"info" : "CISA - Malware Analysis Report (AR22-055A) - MAR\u201310369127\u20131.v1 - MuddyWater" ,
"publish_timestamp" : "1645945648" ,
"published" : true ,
"threat_level_id" : "2" ,
"timestamp" : "1645945639" ,
"uuid" : "5dd2ce03-5651-47c6-9e96-633c5fbc2c90" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#ffffff" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "tlp:white" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:country=\"iran\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:threat-actor=\"MuddyWater\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"MuddyWater - G0069\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#004646" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "type:OSINT" ,
"relationship_type" : ""
} ,
{
"colour" : "#0071c3" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:lifetime=\"perpetual\"" ,
"relationship_type" : ""
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A B t C A Y A A A B 9 T h / r A A A B R W l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A y C D E w M F g y W C V m F x c 4 B g Q 4 A N U w g C j U c G 3 a 0 D V Q H B Z F 2 S W o H m B l e e 9 m R O / M e p P d V a q d c N U j w K 4 U l K L k 4 H 0 H y B O T S 4 o K m F g Y E w B s p X L S w p A 7 A 4 g W 6 Q I 6 C g g e w 6 I n Q 5 h b w C x k y D s I 2 A 1 I U H O Q P Y N I F s g O S M R a A b j C y B b J w l J P B 2 J D b U X B L h d f Y 3 c A h y d j M y d C L i W D F C S W l E C o p 3 z C y q L M t M z S h Q c g a G U q u C Z l 6 y n o 2 B k Y G T E w A A K c 4 j q D x L g s G Q U r 0 a I T V F h Y P D i Y m B g 6 k G I 2 T 5 h Y F g h B f S 2 B k J M 5 R w D A + 9 t B o Y 9 l Q W J R Y l w B z B + Y y l O M z a C s P m B U c 0e8 f //pz4GBs7jDAy/3/3//zv0//+/qxgYmHcwMBzgBADn1VvNBYkTjwAAzU1JREFUeJzs/XecVMeV94+/7+0cJ+c8MMAAAyKHQeQsECBQsCRL9nq1wWHXG+zH+3hfu88+u7/dZ/PX6yDLsiwjSzKSQAEkRM5oSEMcYGaYgck593S+4fdHd196RkOQhILl/vAauvveulV1q845derUqVOCqqoqMcQQQwwxxBBDDDHcM+gBFEVBEAQEQfi86xPDp4yIPh3r688WKgq/j3MZUdB93lWIIYYYYvhcIMQsWDHEEEMMMcQQQwz3FnqXy8WJEycoKioiPz8fVVXvmXVDVVUEQvpbRIsTBAFFUUe0mEXK/rhWlpHqHn3tTu92L9/9dmVEMLxeI9271TMfp1xBEGhqaqK/v5/x48dr+UWXf6t6fJy2u9trd5P/x017p+fv9O7Dy/qofaGiIiBwzPUmJwffB1lEUqWPXfffBQiAjIxNdPJ02t8Rp09GVRUEQbynvD3S9dv118cp95PgdnW7nVz6qM/dSaYMp+ORro1U7r3CZyFXf98xvH/h1vLrbmjwo5Z5L3E3vP6R5fAnfL+7GTNGam+93+/n6tWrJCUl3VMFS1Whob6OHreEThTQCyCoAj6fH4fDhCQFsdlsWCwWEhIS0Ol0Wrkft/yRnou+dqd8PwshcLs63qr8e1mv3t5euru7R2yX29Xj47TdR8nno7zjJ22Pj/Lud/p9twi4DfS165iaPpUkSxKKqvLlHXIEVBQMogmTaAldEcTw573j7ZGu36v+uhe4m4FteLrI7+g0t0p7N/x6uzw+q7aKKVefPu5EIx813Uct817ibnj9bifud8rzbutxt2PG8HL0giBgsVjQ6/UfuQLBYBCv1zvkmtVq1fLyej20dvvxYMesBEEBqy6IoPqob2ykqKgIWZZxOBzodDoOHjzI0aNHcTqdbNiwgby8vFtatYb/bmxspLa2lgULFqCqKqIocuPGDerr61m4cCF1dXVUV1ezfPlyra6qqmpp29rauHLlCosXLx7yfrIsYzKZtLJup9VGpxnpe29vL5cvX6a5uZnKykr0ej2LFy8mMTGRV155hdLSUoqKiti8eTMmk4nMzEzWrVvHa6+9htfr5aGHHqKuro6JEyeSlJT0kfsLwGKxsHPnTo4dO4Ysyyxfvhyn08mbb77JpEmTeOCBB3jvvfe4ePEiDz74IJMnTw73pReTyYQoilpeiqIgiiIVFRW43W5mzZql+fMpisLhw4e57777SExM1NL7fD4sFsuQtqmqqsLlcjFjxoy7skIeOXKEUaNGkZWVpfXfrSwXw2f4jY2N1NXVMX/+fNra2qioqGDp0qXs2bOHadOmceDAAc6ePcvEiRN5/PHHOXXqFAkJCYwZM0ar67Zt28jNzWXjxo1YLJbbN7gKCHC88gI/O/gmr3/1MeanL/zoHfc7DFVV2bt3L2VlZcTHx7Np0yaysrI0+rkTb9fV1dHU1ERpaanWn5F+P3/+PKIoMmnSJAD279/PpEmTSElJAeDs2bO8++67xMXFsWHDBnJzcz+z9/7ggw8YPXo0KSkpBAIBysrKmDNnDiaTib1797JgwQKMRiP79+9n8uTJJCcn09nZydWrV5k/fz6qqlJTU4PL5WLKlCnU1tbS39/PtGnTUFWV/fv3c+zYMVJSUli+fDkNDQ3MmTMHo9HI4cOHGT16NHV1dYwePZqLFy+yatUquru7qaioID8/n1deeQVJkjQ5c+bMGe6//37sdvtHlm3RiO6fysrKEXk7ZtW6N4i048mTJzGZTCiKgsPhoKqqitOnT5OTk8PGjRtJSEigoaFhiOy7evUqixYtoq+vj1OnTrFs2TLg9v0cLUvLy8uxWq2MHz9+iB/37WhkJJqJvub1ejl+/DilpaVYLJYh4/+BAwcoKSkhNTWVt99+m1OnTlFQUMBjjz2Gw+HQ5MnwPF0uF2VlZSxcuBCj0UgwGERRFIxG4y3r2dPTQ3l5OUuXLsXn87F9+3YefPBBAA4cOMCyZcuoqKjgvffew2KxsGnTJuLj4/n5z39OMBjEarXyJ3/yJ4gQGvg+qiuWoihcvHiRc+fOcfHiRS5dusTZs2e5cOFiOC8VhzOOFHOAZFxYZD92QwBnoki3x4PZZMThsAEqJpOJa9euceDAATZu3EhpaSlVVVVDXj7SeRFEfsuyDEB7ezvHjh1DEAQkKbQE09zczNGjR4HQwHro0KEhnSoIgtYhLS0tHDt2DFVVCQaDAFy4cIFXX331tjPP6I6J1mgjSkb09Z07d9LV1UVFRQVjxoxh/fr1OBwOXnzxRb761a/S2NioddCaNWtYtGgRr7zyChkZGSxcuJCGhgZcLhc7duwYQkQfBYIg8MEHH1BSUsLjjz9OZmYm1dXVbNq0iaamJn77299iMpl48MEHeeONN2hpaQHg2WefpampCVVVtTaPtF1FRQXnzp0bUkYwGOTo0aP09vaiKAoQUlh//OMf09vbq7WzIAjU1NRw/vx57dmR6hyhUUEQKCsro729fUj/RZ6LThfdH7IsIwgCLS0tfPDBB0CIZo4ePcrbb7+N1+vFZrNx+vRpHnnkEQKBAK+//jpVVVVcu3YNAEmSqKysZN26dQiCwDvvvKOVeScMBPvocXfSH+xGQSGoBlG+5P9kJcSHp0+f5syZM2zatIk5c+ZQU1Oj0c/d8HZraysnT54c0o+Rfr906RJXr17Vnj1y5AhdXV0ANDU18e6777J+/XqmT5/OBx98oPH2Z4Hdu3fz1ltvIQgCp06dYvPmzYiiSF1dHe+8845W78OHD9Pd3Q2Ay+XiJz/5Ca2trQiCwIsvvsi5c+cQBIEDBw6wa9cuAoEAFRUVlJWV8dBDDzF58mTKy8s5evQoRqMRvV5PWVkZDQ0NGg9++9vf5sqVK/h8PsrKyqiursbj8fDkk0+ydOlSFEVh586dBAIBrQ8iuBvZpqrqEN6L9E9VVdUQ2RCdZwyfHBHZc+LECc6dO8fVq1d57rnnaGtr46GHHiI7O5vKykoA6uvrKSsrA6CtrY3jx48DMDAwwMGDB++qn6PH4/Pnz2uyURTFDz07/Pvw3xGaib42ODjIwYMHtTE8Op/Dhw9rY8ehQ4eYOnUq48aN49VXX6WnpwdRFLX2iM4zEAhw8OBBrQ4nTpxg69atI9YzMqYODAxw4MABbaLwve99T5P3hw4d4tq1a+zcuZP169czc+ZM3nnnHa5cuUJHRwdPPPEEa9euxWQy8dHNVmEEg0GCwSAzZszAarUC4Bp0ceH8BWRZRq/XEwgoeP0QsJhx2+0oXjedrS7MVjuuvk5qa1opHJUVblg3FouFcePGcfHiRSZMmIDf7+fNN9/k4sWLrFy5kqKiIl577TVcLhdf/epX6e3t5d1338Xj8ZCenk5SUhLnzp3jnXfeoaSkBIfDodVNp9MRFxfH5cuX+eUvf4nT6WTFihVkZmayfft2ysvLGTNmDO3t7Tz33HMUFxdjt9t5//33Wb58OQcPHqSuro4VK1Ywffp0bfa8Y8cO8vPzKSwspK+vj+LiYq5cuYLT6WTfvn1MmjSJ1atXY7VaGRwcJDs7G1EU2b9/P8FgkClTpuBwOHC5XOj1ehwOB+fOnWPPnj
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "06c3132b-eb33-487c-b39e-97265c40079b" ,
"value" : "Figure 1"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A D K C A Y A A A B 5 V z 69 A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AAEAAElEQVR4nOz9Z3Rd53nnDf92Of0AB733RgLsFAk2sUmUbKu5xGWS2LGT9eT1O8k4kzwzK/P1XZNPz6zMematZGayUiaxo8gttiyJktUpdooNBEiA6L3jADi97Pp+2NibAFhEyVQcO/gvU8Y5e5+7XHe77qsKpmmabGADG9jABjawgQ1s4JFB/GU3YAMb2MAGNrCBDWzg1w0bDNYGNrCBDWxgAxvYwCPGBoO1gQ1sYAMb2MAGNvCIscFgbWADG9jABjawgQ08YmwwWBvYwAY2sIENbGADjxjy/R6YpolpmgiCgCAIn2ojbEfG+zk0/ku0YQOPBvYYbozXBjawgQ1s4FcdJiaGqWPy8QMuCBthGjawgQ1sYAMb2MAGHi3ukmBpmoZhGEQiEWKxGMXFxYRCIUea9ahhmibRaJRoNOpIzdZLtEKhEHl5ecjyfQVuG/hXguXlZTKZDOXl5b/spmxgAxvYwAY28IlgYiIgsKBOMJDuIK5HPnYZd3EsmUwGVVW5ffs2AwMDHDx48FNnsBYXFxkeHkbXdUzTxDAM5x9AY2MjgUBgg8H6FcD4+Djz8/MbDNYGNrCBDWzgVxaGaSAJEn3pq/zV9J8ymB782ErCuzgWQRAQRRGv10sgEMDlcj2i5t4bgiBQU1NDRUU565WVNlMny/Kn3o4NPBq4XC68Xu8vuxkb2MAG/o3h0xICbODfJuyZ5BUCFLtryBipj2GHJQDm/Y3cbQnSp2mipes62UwWTdeQJMuh0a7ONE1EUUQQBDRNwzRN3G73xgL6Vw5bArmBDWxgA/+S2DgbNvBIsTKfAlKIWs9mPIIfHoLBsp3yTNO4P4P1qLCeQVu9CDKZDKOjY8zETHRBwmemkQQP6aSC32eQkyORSmXJyQkSDOaQm5tDXl4ehmGQTqfRdR1BEPD7/UiStKY+u577fQZQVRVBEHC5XGu+1zQNsKQxuq6jaRoej2fNO6vLM00TVVWRZRlRFO96Z3296zeC9c/sm9iDaGfXqWmaYzcnyzJerxfDMEgmk/j9fmRZdtS+AF6vF5fLRTqdxjRNvF4vpmkiSZJDw0cFwzCcukVRfKTjtPo9W7W8fhxX03D1++u/VxTFYejtf+vxqDdvTdNIpVLAHamfIAgYhoGqqs5lwr5c2H1TFAWXy4Uoimv68CAPXPuZYRjOXF5Ni/vR5UG0vBdd7bEA7qnO1zQNQRCQJAlBEIjH48689fl8Dt3vV69dhn3ZWi+xeNDvwJpH9jy317g93oqiOH9ns1my2ewaaayiKCiK4rTfHgPDMNasHU3TSKfTGIaBIAj4fD6nPbIsYxiGs2/Z7bD7Yz+TZdlpv33JtdeS3adgMIgkSZimiaZpyLLsrDOb9vZ42/uYYRgO3ez+2/Ws1xBkMhmn76qqks1m0TQNn8+Hx+Nx6GXXpWkamUzGGX+v1+vMMxvr9+1gMLhmHgB4PJ679ieXy+XsAXZ9pmk6ZXk8HkRRJJVKOevY4/EgCIJTjiiK+Hw+ZFkmlUqhquqasu3+SpKEoijOXPH7/Wv2A3t9yrLs1C9JEsFgcE1f7fljj5uu67hcLnw+H5qmkc1mnflhr2V7H1tdttvtxu12O220P5umSTKZRJZlZzwURQHA7XY7/brXd6qq4vP5EATBoZl9jpqmSSaTcfZrXddJpVIO/SRJIpFIoOs6fr/fmTf2+WLXkUwmcbvdzhxavS9ks9k1e24gEHBo5Ha78Xg8zrlh9+9ee/K99qP1e5z9nn1eulyuNXvGg/Z1cSWK1Sb/Xhq9O+77nl2HJEospsL8sOdHdMx28P997NufHoOlKAqRSMRZyDYkSSI/P985QERRwEWKjOJDwYdsasguE3+un8nJEQzdoKioELAmnmma3Lhxg1OnThGJRAgEAjz99NPs3r0buJtgD/r85ptv4nK5+NznPuc8y2aznD59GlEUOXHiBAMDA7zzzjt85zvfuSdjZE/SH/zgBxw6dIjNmzc7z+fm5gAoKSl54EDer40P+s2NGzeYnp6ms7OTpaUlgsEg5eXlbN68mbm5OS5cuMDevXsJBoPcuHHDOZh37dpFYWEh586dwzAM9u3b52z89vu/qKhdEARUVaW7u5sPPviA2dlZCgsLee6552hqarprkt+PBnY7fv7znyPLMs8+++xd7yUSCTo6Okin03zmM595YLl9fX1UVFQ4G7u98E6ePMn8/DyNjY2UlZWxbdu2T9z3j4JpmqRSKc6dO8fZs2cRRZHm5maOHz9OVVUVPT09XLhwgW9+85uIosilS5dIJBI89dRTpFIpXnzxRZ577jlqamoeeqOwn3V0dHDp0iX+8A//0GEM1r/zoDI/6lk2m+XixYtkMhlnTdlIJBKcOnWKqqoqWltbcbvd/OEf/iHFxcXU19dz4MABtm3b9sC5oaoqZ8+eJRqN8sUvfhFBEFheXiYajVJbW/vA9iYSCV566SWOHTtGc3MzH3zwAZOTk7S3t9Pa2soPf/hD6urqKCoq4t1332V2dpZAIMCJEyfw+/288cYbzM3NkZeXR15eHqWlpdTX1zM6OsrmzZtpa2tD0zSuXLnCT3/6U0RRJC8vj89//vOMjo4yPz/P1772NZLJJNevX6ewsJD29nbeeecd0uk0X/jCF5ifn+fMmTNs376d1tZWlpeXuXz5Ml6vl1gsxvvvv+8wLr//+79PVVUVfX193Lp1i3379jE6Oko6nWbfvn2EQiG6u7sZHh7myJEjdHR0sLCwwG/8xm+QSCS4dOmSY3qRyWT4zGc+4xxSy8vL/MM//APf+MY3HHqcP3+edDpNW1sbzz77LOfPn6eoqIijR48CcO7cOd5//32H4Th+/DjHjx93GE1BEJienua///f/TiAQICcnhxMnTtDc3Myf/umfEggEyM3N5dChQxiGwbVr1zBNkz179vDEE09w4cIFEokE+/bto6ioiP7+fl5++WVUVWXHjh14vV7+7u/+jubmZoqKiti/fz+pVIof/ehHhEIhioqKeO655wgEArz22mtMTU2xd+9eWltb6e/v5+LFizQ0NFBRUUFvby8jIyPU19dz4sQJWltbnQvOyZMnmZyc5MiRI/yf//N/kGWZkpISvvSlL1FbW4thGHR1dfHuu+/yjW98g1u3bnHt2jUSiQRVVVU8+eSTDA8Pc+PGDTRN4+mnn6a9vZ2hoSEuXLhASUkJ27dv56WXXiKbzdLQ0EB7ezunT59mZGSEuro69u3bx9jYmPN+e3s77733HrOzsxQUFLBt2za2bt3KqVOn6OjooKSkhMcee4yioiI6OzuZmprixIkTZLNZfvSjH1FWVkZhYSFPPPEEAwMDDA4OEggE+OxnP8vi4iKnT59GlmUOHjxIfn4+P//5z0kkEuzfv5/9+/dTUFDAX/7lX1JXV8eRI0e4cOECZ86coampicOHD5NOp+np6SE3N5cnn3yS7373u4yOjuJyucjPz+fLX/4y7777LnNzc5SUlPDMM89w4cIFbt++TVFREU888QStra2k02mWlpbw+/3k5+ffcz/q7e3l/Pnz/P7v//6aM2RpaYmf/OQnPPPMM1RVVQHWXjw9PY3b7aagoO
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "504312f7-711b-4c65-a5b1-7aeac7d3e8b1" ,
"value" : "Figure 2"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G C C A Y A A A A 8 K 70 I A A A B R W l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A y C D E w M F g y W C V m F x c 4 B g Q 4 A N U w g C j U c G 3 a 0 D V Q H B Z F 2 S W o H m B l e e 9 m R O / M e p P d V a q d c N U j w K 4 U l K L k 4 H 0 H y B O T S 4 o K m F g Y E w B s p X L S w p A 7 A 4 g W 6 Q I 6 C g g e w 6 I n Q 5 h b w C x k y D s I 2 A 1 I U H O Q P Y N I F s g O S M R a A b j C y B b J w l J P B 2 J D b U X B L h d f Y 3 c A h y d j M y d C L i W D F C S W l E C o p 3 z C y q L M t M z S h Q c g a G U q u C Z l 6 y n o 2 B k Y G T E w A A K c 4 j q D x L g s G Q U r 0 a I T V F h Y P D i Y m B g 6 k G I 2 T 5 h Y F g h B f S 2 B k J M 5 R w D A + 9 t B o Y 9 l Q W J R Y l w B z B + Y y l O M z a C s P m B U c 0e8 f //pz4GBs7jDAy/3/3//zv0//+/qxgYmHcwMBzgBADn1VvNBYkTjwABAABJREFUeJzsnXd8HNXV/r8zs72p92LLstx7BWMw2NTQWwgEAoGQnvCmF9Lr+3sTEiAhJCQhhd7j0Ew1xtjYxjausmxZktUlq63a1im/P2ZnvJJWtmyMDck8n48tafbunTt3yn3mnOecI2iapmHBggULFixYsGDhuEE82QOwYMGCBQsWLFj4T4NFsCxYsGDBggULFo4zbCd7ABYsWLBgwcJ/PBJqnNSaHAFBOGIHo315tNbJvcPh+tdAQ9Pb6V9I3UxL7vkwY046Vr3N4Q9OGzrYww810Vg48oQNaX+47+pDHFt/ekfGj6EnZPg8WwTLggULFixYOJHQOBLneL87+K+CQQyTyZY5e0dDrEbdASlPh/BBErmPdSiapiEIgslCVVVF0zQkSULTQFWHTaQgIIpjZ7wnE8b4AURxLG817y9URb/+hKN0JmsaJss/2u8eCzRNQ1GUxLkWR55rTdP/CcLoN5Smgqrqn4vSMY/B2P/xut40TTOvcQBJkj4U17IFCxYSGGJ8GmauSfw48h2tpfx19NaHehzL4yJ5+U3VXhv+y+GNXUeFVIczunFMZzNjfQTq3CphUTPWpCHfPfZ1VhsyKSP7+UARrP9UGKRJEHTSZOH44Yjm4lR3lKrorO99JinGi4AFCxb+ezFigU3Br4Yj9eYjLdXCEPIzht0csXch1fbjTLCOlYCMdb9aqj+Svvxexj987MP7ek8EK9kd+17XEUVR2LdvH319fciyPGo7Y8FKS0tj2rRpCILAI488Qn19Pd/+9repr+/liSf2sX17G5omoaoKp55axIoV45g2Lcs0YnzQYCzGlZVdvPhiLb29MW65ZSbjxgVO+EJtzFF0QGXjX/opnOWgcI4TT6Z4RMu08d3mbVE698ZxZ4mULXVjdwnv69w3NTVx9913k5uby8c+9jGKiooRSOxQVaFpDzRVw7RTIT0vecT6AUVDsONNeOcFKJ0GZ14D3rQjmt+McxMOh9m7dy933XUXH/nIR7jgggvw+Xzv+dwpikJ3dzf3338/O3fuJD09neuvv57p06fj9/stEmfBwgccx7LAjn5HH2lJf2/7PR44gtTrhO/zRCHVsb0nDdYYtGtjhqIo1NTUoGkaHo8HVVVTthNFka6uLg4ePMjUqVMRBIFVq1bx9ttv8+1vf5vnnqtl1ao62tr6ycryoSgykyZlEYmMTtreTyiKRl9flA0bWpk0KYPy8nRUVRthyTJJTVShszNMT0+UWEw5KWM2EA9pbH2oHznqI3OCXSdYR0KCrxzcG6f65RCZZXZKFrqwu96fWyAcDrN//34efvhh3n33XU45ZTGxWEwfiCBATxvs2wwbn4f6Sv33Octh/AxIyz7E+FQVwv3Q3QoZ+bqV6yhkDqqqEgqFaGlpYeXKlcTjcZYtW0ZBQcF7IkDhcJjXX3+d119/ndbWViZPnkwoFBr1/rBgwYIFCx8MHBPB0hIRBzFFJSorqBp4HTbsonjMFgpBELDZbMycOZOioqLDtt29eze1tbWIor7gBwIBsrIyURSNRx+t4vTTi7nppnOYNCkjxdhHupQM953hQx0aKTHUN53KxWdopoYfD0A0KlNZ2cm11z7H9753Cl/5ynwURcNmM3Q6Q/uZOzeXuXNzU/ZljGW40VGXFQlJYx372A8HQQRPhojDIyCIukTJJB3DpEyG5kpLrPs2p4DTL+LwDvNLa8MiRhjZV3J/o7UzdElVVVX885//5NFHH+XFF19kzpw5iQYqKDJsfQWevRfqdunb9myBve/A9T8AXwZINkAFlwfOuFr/lwrJGq4kQYUx716vl1NPPZWXXnqJr3/969x///0Eg0GuvfZa0tLSjlqTlWwZW7VqFRdccAEXX3wx5eXlQ6fEsl5ZsPBfjBQ+rxRb/pN1QB+UJ2Aqd+oxESxB0MMRNzZ28siOWgZicb586nRm5KXhsduOOb7BEAmrqoqqqiMWD0PIrijKEJIhywqgIUkCNTVBVqwopaTEl3IfqUjG8G3Dw0pHW8PGoqvyeOykpTlxuWz4/Q4kSURKoZ8eC/kxLF+pFtVDn41t7GOFquj/JLswwltm8A1NTXjSksTwkk3QjUDqsPZHkj4lSJogccSLqKmpiQcffJB//etfbNq0iZycHDRNRRASrsz9W2H7G/pOP/W/ULURTrkYZp4BHj/YbJhs8UgYIo4fXZGqKArf/e53eeCBB3jssccoKirijDPOICMj45jceTabjfLycpxOJ4ODg0cdomzBgoUPGI5WHDUExheMl7wxqeNTa6ksvO8YM8EyFtOOwQhvHmjnrfp2JEFkIBanIThIOC6PtEwcAzRNQxRF0zo1WptkuN02Kivbufji5+joCPPAA5WsW9eM3W5DVWVuvXUOH/nIBGIxhd/+dgvz5+eycGEB+fleAO66aws+n4Ozziph3LgA69a10NDQh80m4nRKPPZYFeFwhKVLx/OZz8zC53OYxKq/P8YXvvAqXV1hNE2/jEVR4I9/PIeqqm7+9KfttLYO0NMT4a67tvLCC3WoqkpBgY9Pf3oWCxbk09kZ5le/eof9+3uIRmUyMtycfnoRl1wykfx8rxk1IYoCr75azyOPVNHaOgBAbq6XCy8s4+qrJwOwZUs7+/cHicUUcnLcPPXUPtrb+ygvz+Zb31pETo4HSTqK8AtNJzt7XhikaUsUBHD5RaZd7KXsNBeqrCHaBPa/HmbXyhCKrKEpGna3iM0toiZ5OQUBOqrjbPxLH5FeFVUBX67E1As8FM1x4vDpDwtBgvX39tFeGUOR9VgYRYY51/iYeKYLQdJJ5vbt24nH41x++eWUlJSMHH9/D/R16b+XTIWmfZBdBOm5mKa4TS/AO6ugZT/YHeANwGlXwJLLDjHH7lao2gQ718Cya2Dba7DlLcjKgNMuh1lnQlq2TtUEgczMTE455RTq6upYv349M2fOPCaCZbxQlJeX097eTnd3N4IgpHz5sGDBwgccqdbHUcjWEZVWoxuujhnvlYSNZShJ9PB93c/JwvCxHbUFSwCkxMN9YpafdLeN5r4Q0nGIjtM0DZvNRkdHB1u2bMHhcIxIErZo0SJstpHDFgSw2QST+IiiiM0moGliIkUDhEIyTz21D0HQmDQp0yRYq1YdIDvbxbRpWRQXB6ipCfLEE3uRZY3FiwsQRZG9e7vo79eYMSOLZctKcLvt7NvXwzPP7GPTpjYKCz0EAi5kWcVm0+dCFIWExUpMjFHAZhNRFJCkoZYoURRwOCTa2wepru5FUVSWLSsxx6iqKpWVXbz5ZhP79/eQnu4EBPbs6UKSoLw8nTlzcmls7OfZZ/ezf3+Q888vIxpVaG4eoKZmgPnz87j44nLS0pxjPieiDdp2xUz9lZQgUwBpBRKBIhs99XH2vhyiaUuEorlOEAUGuxQEEfy5DlB1K1jrjhj7XguhxDUcbhE5ptLXIrPz6UG82SK5UxxE+lRq1oSpeSOMpoG/QEKTQRS1EVfv2rVr6evr4+abb0aW5ZHXRf4EKKrQCdKbT4AqHzKxqaqeikEQdDehpkFHI2ypgqyiBMFK7HMgqFu/nr1XF8NrGsRjsHeT/ll2sa7n0l
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "485c4d0c-8b91-42dc-8d5c-08f431e94e20" ,
"value" : "Figure 3"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G L C A Y A A A A b J O z A A A A B R W l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A y C D E w M F g y W C V m F x c 4 B g Q 4 A N U w g C j U c G 3 a 0 D V Q H B Z F 2 S W o H m B l e e 9 m R O / M e p P d V a q d c N U j w K 4 U l K L k 4 H 0 H y B O T S 4 o K m F g Y E w B s p X L S w p A 7 A 4 g W 6 Q I 6 C g g e w 6 I n Q 5 h b w C x k y D s I 2 A 1 I U H O Q P Y N I F s g O S M R a A b j C y B b J w l J P B 2 J D b U X B L h d f Y 3 c A h y d j M y d C L i W D F C S W l E C o p 3 z C y q L M t M z S h Q c g a G U q u C Z l 6 y n o 2 B k Y G T E w A A K c 4 j q D x L g s G Q U r 0 a I T V F h Y P D i Y m B g 6 k G I 2 T 5 h Y F g h B f S 2 B k J M 5 R w D A + 9 t B o Y 9 l Q W J R Y l w B z B + Y y l O M z a C s P m B U c 0e8 f //pz4GBs7jDAy/3/3//zv0//+/qxgYmHcwMBzgBADn1VvNBYkTjwABAABJREFUeJzsnXd8HNX19r8z27Xq3WqWXOTejSs2Bgw2vYeQUEMnJECAFJI3gR+kkZDQEgKhhN4SOgYMtjHGNu699yLJ6nW1dWbeP87O7kqWbBlMS+b5fGRLuzN37r1z595nzjn3OYphGAYWLFiwYMGCBQsWjhrUr7sCFixYsGDBggUL/22wCJYFCxYsWLBgwcJRhkWwLFiwYMGCBQsWjjIsgmXBggULFixYsHCUYREsCxYsWLBgwYKFowyLYFmwYMGCBQsWLBxlWATLggULFixYsGDhKMMiWBYsWLBgwYIFC0cZFsGyYMGCBQsWLFg4yrAIlgULFixYsGDBwlGGRbAsWLBgwYIFCxaOMiyCZcGCBQsWLFiwcJRh/zILP1QeaUVREo6LH6soCglffWmQ63011/o2I/G+JHxI9MMjKQgUiP7T3UHR474I7+9UxhHWVdf16Bg8+HjDMDAMo9vvLViwYMGCBROKcSgW9C3H5+EBX/R6HS51NK+beJc6lduZuxytephk4uCLmZ8ZHS8KX01nd75WhzodrUt00XYLFixYsGChh/jSCFYoFKKiogJN0zp8bhgGHo+HoqIiAHTdYMOGOhYvrkLXdY49toihQ7MPW35Xa+rh1njznPb2MAsWVFBWlkZ5eUbs80Od/yWs4YdGAnf5OsoyCUZtbS1Lly7lmLFjyc3Lk6Iqt4MnGTLye3ZxTYP1C6B4IGT26qJi0f9r98HGxTDuFPCkdDqOgxuReFPMomr2wLYVMOw4SM2C6t1QXwV9R4LL00VnGNFiFFpbW5k9ezaTJk2iV69eCZeRvli/fj1LliyhvLycKVOm9KDtFix8e9D5Ha67haG7qaQnx3c45nDzkhH9p9MxSuffjuZcacHCUcRRdxGai1FzczO7du0iLy8PXdcBWcTC4TA7d+6MEazm5hBPP70BXTcoLEwmGNQOVXwMiWRH1w1U9WB336xZO8nIcDNxYoFZO0DB4bDh94cJhbQOn3f2giX+fThyFWrTWf2qj5bKCKoKJRPd9J3iQbH1qDkHX7eTcaZxd4TNH7TTvD9CyXg3g09PAkPavuPjAIoK/Y730FwRYcPbPoIt0uelkz2UTXZj6F173rojjoqiUFFRwUMPPURWVhajRo2SL5a+B8/fDenZcOaNMHwaOJywei5UbIeTLwOHq2NDDB1eux/O/KEQrM6NNP9XFAi0QXS8xGfOxJutwcI3we2BY06B+kpY+wlMOitKoBQI+CASluM3L4XlH8Dld4PT3YXVS4kWb6DrOjt37uTTTz/lxhtvpG/fvjEXaSAQ4Nlnn6W9vZ3i4mLLwmXhvxqHeus+0jfybo8/3OMTM8t3LKGb1y0LFr5x6BHBCms6rcEwT67chtOmcs3YAbgdtkO+OGiaRnZ2NkOGDDnou3nz5gHQ1hZm+fIDbNvWyD33HEu/fhl4PHYiEZ1IxMDttqFpBqGQhtttR9N0VFWhuTlIOKyTm5sEgKoqtLaGaGoKYhiQleUmHNZ58cVNFBen0qdPOna7QlaWh+bmAD5fhFNP7YvTKYxDFkqDykofhgHZ2R5cLhvhsI7drtDSEiIQiJCb6+3SaqYoEGg22DbHz4jzvBiGwdInW8gd6CQlz0Z7vUbYb2B3KyTnxBmXr04jEjCwuxSSsmwoatTC1qATatVJylJxJqu0VEb49OFmssudDDotCXeaLUaYDmwI8/Gfmyg71k2/4z007o2we1GQoWd6MQxY9lQrClA62U0kaOCr07A5FLzZNhRFrhcJGvgbhdQ4kxVcySq6rnPvvfdSWlrKzTffLH20fyvKf/4CpYMhNQeyi4hNdx89C6vnQNkwGDQh3jlNtRAOgM0Oqg20CNhs0Fwroyc1S45rqQO7C2b8IKF3FWhtAF8zKDbILpTrLX8fNi2CksEQaocF/4bRJ0J7Mzg9cOIlcZJmXtfulMbW7ZdrOj0QbIfGahSnGzLySUtL4/bbb+fhhx/mr3/9K/fccw/p6ekYhkEwGERVVX74wx8ycODAWKyWBQsWvnooiSuP9Rha+IbikATLJA97mtp4Zf1uDrS2o+kQ0Q//DmO+4e/YsYOqqiqcTieGYVBcXIyiqBgGvPvuTh55ZDVbtjRw001zcTpVHn10BmvW1LB06QF+9auJbNhQx6OPrubPfz6eZ57ZwKpVNdjtKsuXH+DXv57EWWf1Zf36Om6/fT6KIgTsjjsmMX/+PhYv3s/q1W42bapn6tQibrllLK+/vp0XXlhHMKjwq19N5KSTehMKabz00maeemo9drvKqFG5/PKXE5gzZy+vvrqFgoJk5s3by49/PJpLLhnSpbVMsYHTq2AYYPeolE704EpWaNgdYdULrYTaDZorNAac7GH4eV62z/Gz7g0fTq+KO1XhhJ9n4PAoVK4JsfqVNoyIga7DCT9LZ8/SIOGAQU5/O3aXQk4/B4oK9TvDbH6vnV7DnKT0klup2hQyS+2UT/fgTlcJtemsfc1H7iAH617zUbstTCRoUDDcybgfpNJcqfHxn5oIt+sodoXyk90MOyuZlStXYugGF198MYqioBuGbDnVNXC4Ycr50HuwNH7nGiE/k86BlR/C4IlCpJ69C5Z+CL1K4MAucCfBW3+DdfPF2rRzPVz7Zxg4Hl79M6xdBE4b3PUGJGdAJCSWr8pdUF8PA4fBd38uJG7rMvjgSTj2XEjNhKZqmPU4rF8K2dlwwwOQVyb1UFUhU/NehI+egcvuFnL41t/gwB7wN8OU89FP/D4KCpdeeil//vOfWb58OdOnTwcgLS2Nuro6tmzZQnl5+RE+ZhYsfPPxZfKUoxmHYvEpC98WHJJgmSSib1Yqdxw3nPm7DvDGxn2oPRzhdrud2tpaNm7ciMvlwjAMMjIycDhsGAZceOEAhg/P5s47F/HAAyeQn+8FYMmSKgIBLbprC/z+CIoi7sRIROPuuycza9ZOFi3az8yZpfzsZ/M5//xyrrxyGCDkbtKkAhobA5SUpHLjjaNin19++VDOO6+cP/xhScxFuHp1DbNm7eTdd8/DMAxuv30+L764ifz8ZPbta+Whh05k/PheLF1aRWtrkPR090EuIkURN+HOT/zYXSoFo5yodoXUXjZ6j3fRUqXRXq+xZ0mA/id6qNsVQVFhxAVeSie5AWiuiLDggSZcKTZKxrtY8VwrG99pJxwwCLbo7F8RpLlCIznHz+QbU9k2x0/ZsW78jTpN+yOxukSCBu0NGs4UFW+uDU+6ytp/+9j0fjsDZyTRsDvMhrfbGXy6l4V/ayIl38YJP8uSczUpZ/PmzbiT3KSkpEhbAYrK4aKfw9O/gbYmuPz/IL8PLHlX/i8bBv/5KzTVQF0FbFkCd74ss+ufLxfGHg4IqblvHuzZBO5kSEqFq++V2Knn/g/CoegAcsKIafK9ulriuBouF1ffzCth8xJY8jaodnE9Xn+/HPPuo0KsQKxX/lb5LKcI7nlXTH+P/1yI3oQzYNtKePcfKMddiOJwkpSURE5ODlu3bmX69Om0tLTw9NNPU1ZWxsiRI1FV9ZA7ZC1YsNAR3cZhHdHZlnPQwrcLPXIR6oYBBgQ1DT1Keg73kCiKQigUYs
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "67da7a7a-db65-439d-aa5b-c79f6e1004d9" ,
"value" : "Figure 4"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A C S C A Y A A A C Z i r Q n A A A B R W l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A y C D E w M F g y W C V m F x c 4 B g Q 4 A N U w g C j U c G 3 a 0 D V Q H B Z F 2 S W o H m B l e e 9 m R O / M e p P d V a q d c N U j w K 4 U l K L k 4 H 0 H y B O T S 4 o K m F g Y E w B s p X L S w p A 7 A 4 g W 6 Q I 6 C g g e w 6 I n Q 5 h b w C x k y D s I 2 A 1 I U H O Q P Y N I F s g O S M R a A b j C y B b J w l J P B 2 J D b U X B L h d f Y 3 c A h y d j M y d C L i W D F C S W l E C o p 3 z C y q L M t M z S h Q c g a G U q u C Z l 6 y n o 2 B k Y G T E w A A K c 4 j q D x L g s G Q U r 0 a I T V F h Y P D i Y m B g 6 k G I 2 T 5 h Y F g h B f S 2 B k J M 5 R w D A + 9 t B o Y 9 l Q W J R Y l w B z B + Y y l O M z a C s P m B U c 0e8 f //pz4GBs7jDAy/3/3//zv0//+/qxgYmHcwMBzgBADn1VvNBYkTjwABAABJREFUeJzs/Xe8HMd1p40/p6q6e8JNwEUGAYIEM8VMkSIliqRI5WxLtmTLSbJsr73r9epdb979rXfffde78uvsdVi9CpaVrGBlU5GkIoOYcwZAZODmCR2q6vz+6JkLgAQhUpa4kjwPPoN7b890d3VPd/W3zjl1jnzxi1/U//yf/zMXX3wxIQQAjBGKooK8RZZabJLjdQEvJWQZuab42MCXDhOEhiptA43M0Yk9hBEjRnwvqCqqijEGVSWEQJqmqCq+qhBjEITDbzJVJcaIqtJutxEj9PMCjYFWqlSlp/IR6xzOZYhYfAhEICIourw9o4o5SrtCCMQYSZKEGCMigrV2efkTMcYsty3LMvI8p9FoUFUVRVGiSYYINJ0jhhL1Jc4KiXUEVXxQAobKK+IS0sRh8BgxlGW5vA/vPSKCMQYRWW7r8P3hshEjRoz4QaGqOOfYtWsXDzzwAH/0R3/EFVdcgauqClWlLEseeughRKTu0COkYQpBCbZD5fr0TaSjDk1W0B4fY7I5TcNEklDx+PaHqaoOsRUR/T99uCNG/GgyFEppmi4LlyRJKKuKWHmsMRhrlz+LERRAI8Y6ljodjDVkjQahKjGhSyNrYozFBwgRYhQwFjGGCMsCS0URBfcU9+9QyMQY8d5jrUVElkWMtRZVpSgKkiRZFjpZllFVFTFGnHOIGCocPnhSA5ZA2e/SbqaoQlEWBLVkrTEqFfp5RZY6rFYYY6mqiiRJcM7hvV8WmN570jQFWG7fUAyOGDFixA8SYwy9Xm+5HwRww04zz3NUlWazSYwRYwVsThEjuUJuVtJYdRzr1p1BtKvJy4QyRhI/T5YskS3tIiwuwagzGzHie0ZEUNWBpafAWrt8b7ayBkRFB6JBY0QR0izFVxWgrFo1jY+RXq9Po9mg7RxFP6eqAtakJGlKxFKFSGRguBKBgcgSeJIF+nCLWr/fp9FoICLLoklECCHgnANqC5K1lizL8N6zsLBAmqbL1i4xhmgt3nu6vQ5NJ4gGOksFWZrRyFKqKLWlymUkWQMIVEWFmFq0Dc9JkiTLbfPeA+CcW7agHS4AR4wYMeIHxbDvLsuSqqoAcMOOqCxLjDFYaynLsu6wkpJ+VJLxaTaccAHJypM54Ncxu5ixuKSYYp41aQ5uhn65hI9dXGiCjkxYI0Y8U4ZCpdFosGnTpuW/azdhwuLcIjMHDqAhYp1FB7qhyAsajYw3/czPcO555/EXf/mX3HHnnbztl3+NTWvG+MwnP8nN37mdoBXGJvTzfm3Bso5IJKLUsioiUYl6SJAMR2JDkTJ0YTrnOOGEE+rBmLEYU7d12J/s2bOHPM8REbZs2cLk5CQzs7OgkYMzc0RVTjrpFCyBRDxOlHxpgX379rK4sMjY5AqqCP1+n6TRxofA+FiblSunSZJkWYTOzs7S6/UYHx9n69at5HnO9u3bcc4tt10P649U9aiC64nH+YQ36zP0tISajrq/ESN+CDnWff901z28n3jiukNLurUWO/AyOBHBh9rMXnlPnhdY64ga8Haeiek1rDzueMqJ49i11OaB/Q261TQ+NGiEBmOthIP5NoIukbgc4zNg1MOMGPFMqQWVZ8vxx/PWt72NLVu21Obm+l3+1x/+IV/Z+ThBBSMD156thZZ1CRPjE2zcuJH22DigrFw5xcbj1pIkDl8VqFHysoOqEHFECUjiUAIxVEQDqXGoD/iBRUpE8D6A1C5AY+oYqA0bNvDP/uk/ZdPmTZRFPSBTMTQbGTMzM/zxH/0RB2cOctXVL+Hiiy5i/fp1dDtLbNu2nb/6/96NycZ4+6/8Mls3byKRgCEwu38v37npRj7y0Y8x3+lj0gaghBBpNZu85tUv5bLLLmfN2rWIwLZt23nve9/LDd/+NieffDL/5Nf+CbNzs7zz936PxYWF2rIVIwx+isjAyqZ4H4iqCGCNrQUrSvBHxpQZY7DOIbDsjoRDQm05Vi7W4tLZZGTEHzHih5Cjiamna90erju835/uQM3FUGCqSFMtSRFxriT6PhWRfMXpTGy5hLx1Eg/ur9g9r3RiBb6H830m3AEmzD5i/xFMXuLUDjqnkcAaMeJYCGAUVISIIYpBMJRRqcSRNdsUZcEXPv9ZlhbnaDi49aG96PgmXnv+RiZPPpOOZHQevZNbb/oWPszTc01mi4Kx/i7EZcz7Bra/RFUKS24tWxp9nnP2uaw68xKy1PHIvffw2Lc+QTG5mQuufiVZZxfXffUbbDz9fC6+8AKuu/bLzB3cz0tfcjW+LPnSl75EUVZgLQtLS3zuC1/GOcdp51/CJc87m/23Xsfn73yY/X1hX9XkZa99I2+6+lzue3A7H/v6dRxgJWetTVjlcvbGDJNleCKf+dQnUV/w0quu5GWveAV333Mv3/z2zfiiwopDonLiSafy/Fe+Fn9gJx9976epZJyNa1eQVjkbj9vAxVe8kKkTjmdissmv/vzPcMdt99GRwNYzTmX/w/czOT1Ntwp89dqbabkWV1x4EcdtWUWvWuJbd97EY3c9SqYZp158LmeceTpNBwsF3Hfv3Wy79ToWZYIrXvpqNk0Ydh2cY+WGLcS8xx23fod1ayY5++znsXPHbr7+7c/SWaoQadSWL/EgJapjoBZMF9Sho6lAI0Z8V4ZxmwBFUSzHpg5jQYdWfmMMSZIsh1UcjWHM6NDSlKYpRVEc1Ro1ZBgeMWzLMLZzSD0APbTMe08I4VAMFtFjQkTzQBoNLgRy7ZNNTJJseSHd1rnMzEywY3aGfoRoFFN1cEXOWHsPrnicoreNpKowaggyElgjRnw3jCoaIYoQELwFjCEP0Cs8QYSlTofbbruJxx66j4kUthdbef0bfpFfvnwlO5vrmXXjnNg/gxNWpXzm85+jEx1lmjLuZwghUrgxEl1Eo8U3N/CSyzfyyte/il3tU3AhcNXlz+PuiR188q4lzr3kKk5J9vDQXXdxzoXP42fe9Frm5w5y31238YbXv5aHH7ifr1/7RXqdPriU+fkF/u7Tn6Xby3klk5x98VnMbbubD7zvA+wKKznvyldy3iUXsbT7bj7x13/NNd++k9k1F3F+cx9y8EE47YVEI8wuzHPzLd9hafYgF5zzHNYct4lmswlRSZyhikLR7ZE0mlTtMfzODnfc+HUe3S+snbDMzuxmbPPxTG3cxKLLWN1wPO+8s5h9fJawZpJXv/ENdHfcR6WRe7bt5I4H93PlxZfz2ouez565h0nGA6dfcjof/rMPsOu+PZx5zgWcfsrxJPk8zePP5OLnX8IX/vgRPnv3LOdeeiUvP3ua7Qe6ML6BqSRy6cXnkUrOCVvOw3ulio/xpWtuQNUi4lBTobYL1RioQZMcNENx/6cvwREjfugZxnpWVUWr1VoOmTh8AkuSJOR5jvd+eZbz0XjZy17GueeeS6/Xo9Fo0Ol0ePe7383S0tIRIQVDhlaqoih4/etfz9q1a/nUpz7FaaedxoUXXsh73vMe9u/fv7zPYdvg0CxqZ22Cqqdb9tDMMV8FYrqKVau2Iis3s3sxsn+mQ79UCq1nGrlgoPKoCr6KdBb7TARFNBIHQagjRox4ajQOfPbGEAjECI
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "acae1e35-1e12-4468-82c7-1b13cce3d88c" ,
"value" : "Figure 5"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A D x C A Y A A A A X 6 s n T A A A B R W l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A y C D E w M F g y W C V m F x c 4 B g Q 4 A N U w g C j U c G 3 a 0 D V Q H B Z F 2 S W o H m B l e e 9 m R O / M e p P d V a q d c N U j w K 4 U l K L k 4 H 0 H y B O T S 4 o K m F g Y E w B s p X L S w p A 7 A 4 g W 6 Q I 6 C g g e w 6 I n Q 5 h b w C x k y D s I 2 A 1 I U H O Q P Y N I F s g O S M R a A b j C y B b J w l J P B 2 J D b U X B L h d f Y 3 c A h y d j M y d C L i W D F C S W l E C o p 3 z C y q L M t M z S h Q c g a G U q u C Z l 6 y n o 2 B k Y G T E w A A K c 4 j q D x L g s G Q U r 0 a I T V F h Y P D i Y m B g 6 k G I 2 T 5 h Y F g h B f S 2 B k J M 5 R w D A + 9 t B o Y 9 l Q W J R Y l w B z B + Y y l O M z a C s P m B U c 0e8 f //pz4GBs7jDAy/3/3//zv0//+/qxgYmHcwMBzgBADn1VvNBYkTjwABAABJREFUeJzsnXeYXVXV/z97n3br9Eympk16ryQhCRB6rypKEVREUewNFBSwI0XAAlKULkVKqIGEkoT0RnrvmclkJpl66yn798e505JJ0Vdfff3d7wPPk7n3nr3XWbutvapQSimyyCKLLLLIIosssvinQa+p3vXvpiGLLP79EP9uAo4DR7sKibYvxbF/m0UWWWSRxb8cemtL07+bhiyy+Pfj/4qA1S2dh0pTIitgZZFFFln8m6FLqR/jJ93t1KLT5/9JJ9ORaP07IQD1P3y/f0YbWfzvQf67CThOdCs4qUOmmADvf4ecLLLIIossuod+rKuuUgohDhUQ1BH+/e+EQimOQetxN/U/e/6f1UYW/3v4vzJER6Tz/8oLZJFFFln8/4FjqK8Emq4hUHieL2gJAZ7joqREonBdDyVElwu0UgohJQKF8pS/9QvhP+//AKUynyMQsu151aH0UQrV9p1SeEod8ttDSdXQdQnKy9AqkRI818VTPk2qrY3MexzeHwjh042USAGu46KEQArRle62zzLvSyf6ReZdAYSUKNfBU0ehPYt/P/6vyyft9GdnWBZZZJHFfwKOIGApFBoGCTbOfZ2nXviQPXEHLZDPkBNO56prz6Lp5Qd5tWUQ111zHmWylZgNmgSEhqFLnGSClKdhhSwMKXCdNKm0jYdAagaWaaBJgfJsUikb1wOp6RiaBKXQDBOpbBLJNOgmYcsA1yaZsg8/C4VE2AdZNvN1Xp65hOpWGxksYtRJZ3Px2SdSEVIowyRgGgjlkk6msD2FkBqmoYECzTTQlEsinkRGLHa88QTPby/gqi98igGBGE2xNEgdyzIz75MilXLwhEQ3DaRSCN3AkGAnEziGRXrHYv785Bz6X/sDLh/gUdeU/D9/jmfxn4qsYJVFFllk8Z+EbgUspUAPSOqXz+Leu57BPeESPjmxjFj1LuqcFhrqqlm34H1m1e9nQN9ChpUXUBiRxByBTDWx70CMvN7D6JeTYPuaNdS1ukSLK+ldXoiJS7qljp01tRxsTWNGi+nbp4SIKUnHmqhtjCFNneZ91SQCxfSvKkNv3suKbfsgp5Sq3sWYok3z5AuCpmriw6fv5dcv7mTU2edy2ZBi3P0bWLhqMUv7jmTA1Fz2797J+j312FYulX0qKQgbOLEm9ja0gqHTUrOHFplH76q+9IjVs37hh7y3vojKARU0l+ZS0b83QbuJ7Zt2sj/mktuzF73LCzG8JAf3VhPXLLyGWvbHoKiyL31KNfatWcD773/A3qoplNfnUti7F0VRE+Vlxawsssgiiyyy+G9GNwKWQimJIR1qd6xmk9ebH37t63y2Cg40NJNwFc3rPuD5rTUcbEjz0pON7Dz5PMZ4S/jDSyspGtAX6QU48aIgu7f+jb/M3ICre6T1Ms648nquObOKPXNe5sHXF1GTdEm2CEZefB3fuGY62p7Z3Hvr76jpM4aig1vZ0mgy8ZwL6B/7mPdXbGTngSAXfefHfPHk3gjHzgiCGo3r5vPk31Yz4qqfccc1YzFcF6Gmc3pTDFcPsn/1ezxw31OsOgjSSdNj3IV888bLKatbzf3fu5Nd/U5ksNzPlu376Xna9XzrjAgbN+2gfs9+Xn/6z2wedSZfKtGZ++wjPDdnK57uktLLOOfar3HNyRHeuedH/PVgMaMqQ9Tv3EJzj2l8+2uX0LrmY/Y2HiD2xlO0LhvIFV+9ih65Fp7jIWRW45BFFllkkUUW/63oJnZKIISH7WqUDhzLMGsHD/3oJm6/73HeXryVZlvSc9zJnH7yCQw/6VP89IHfc8uXTiVXJajdlWTIuV/hwQd/yrjm93hmTiOX3vYnXvjrI3zntHwW/u0FltYLegyeyvW3/JrHn36ah74zgU3vvsq8Dc0EQhpN1fWovDF8+zf3cPP5UWY8/BirwtP56X2/5RuT0sx47gNqk6BpAiUkOjY1W1ewN9iHqacMJ2QnSKbSpGyFFcmhINTAa48+xhI5jpt/+3vu/+FFxBe8yNPvbcAJmMT2N6AXjee79/yRe757GnveeIYVkVGcfdZJDD/hXH5474PcffM5HHj/BV5a4XD5z/7EC889yjdPCvPBX//Kxy0mWrKF5tZ8LvjaT3nkd9+jb/UcXlvbzOhLr2DSwCF88ocP8Pj9NzKmLJIVrrLIIossssji/wPo4jBHbd9J20l75PU/he/9SOeNWQtZt/BdZr/wFLmjL+b7P7wC4bm4jk06lSLteHiOS+G4aUwe0ZdQooaNm1ewclMdPPhjZnuKZP121jX1YFu1zYklDq89+Xvu39qCqWrZtSVFfeNBUpbCKhvI6NNPY0SvXKxRYxnYx2bCmZPo0zMHbeoggn+q5mDSocLKEKs8UvEYMhAiYoHtKhASlIurLNyD61i2y2Xq589mVEUBofIzOHv0O8zYuJW6wfkEy/tRNWUixTLN/orh9A5/wM66BP08hefapGwX1VrD2k2rWb2pEfnArbwNJPdvZmNLBdv2xNHDUaqmncLQAg3M3gyuiLDgQCOxlIdSHnY6RTIl8BRoh0U5ZpFFFllkkUUW/23Q16xeyb6aGkzLBAWO6zBs+EhKSytwVZgBUy7iG+NPpaGxmb0rX+f2W17k2QlTOSugZyLlMtF5CqyQhh+6ZxOPJeg5ZBKfvOpswi3NuGaQaFE5/Xrs4k+/uI8P7EFceME5VGkf07D7PVJpF6UEuqWhGQI77WB7Eku3CEmHtO3iCVC4qLaEi0qhpEYkvwde8wb2NyuCPXVSCReh6QSsAHpDCltpRCwD5drY0iBomSg7jeMqdE0gdYXrAq4HeLhtruhS+h25aRKxFOUjpvCpq6cTaGnBM4NEe5RTVaqY4UpMS+B64LkeKDcT9egLq1KA53lIzaCp8QArVyzrJp1EFllkkUUWWWTx3wK9ubmJflX96dW7L+lUCgSYpoXyHJItB9i9G3qUFlNQUkmwfz8KzTgNjSk0qbATLlYgTCScQgrhp0ZQDq5VQK+KXngfNxPseyIXDzBoaTjAgRYPrWUeK7ckmPqDL/D1T0+gYdYO7ou34mk6UgikkAgyqQ6kyJjT2lIr+KkXMp8AHrZrUjHkREZbs3jtqdeY8r0LqQhZeMl6Nm3aQShUSr/cNEuXb+LK00YQblzGsk37yTu5hLygwhOyI22DEEjpp1/QhMJJOpimSaiogr7lJSS3x4j2n8r5/QxaGuqpb0piWgkQMvP+bXTL9nZUOo2HQW6eReJggmgkhxMmTvm3DnoWWWSRRRZZZPGvhS41jWAoRDgcRtd9rZTngaY77N/0Aff+4T1kWSUlUdi7bimbyibyvVMGULG+EvnWO9x3Z5zTTptKJJ2iNZbEU4pk2mL06Z/g9EV3cvfXv8yHY3th19bgVUzgqisnc+KwCG8++yfu3PkezavfYOXOOCfi4jppYq2tpFwQApSTorU1hu35ApWy47S0gpNRMAkBrm0TKB/D57/2CX5x35N8+5sLGNa3ELdhN9tbi7nshm/yyU+cxJLf/ZmfNK0m98DHrHCH8o3TxpDjzKW5OUahq3wBSzkkWltoSUrKBvYj9Oob/PE3v2Td5KmcctYnOWXZPf
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "9e379f61-e1b8-4741-b710-a74c1cb65357" ,
"value" : "Figure 6"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "port" ,
"uuid" : "86c8123a-8e95-46c6-9f21-b7f43eb42235" ,
"value" : "443"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "url" ,
"uuid" : "ee90a146-d80f-458a-adf8-920e1a4a390a" ,
"value" : "185.183.96.7/index.php"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A C A C A I A A A B Y 9 o D g A A E A A E l E Q V R 4 n O z 9 d 5 x k 13 E e D D 91 z r m 3 c / f 0 5 L S z M 7 M 7 m / M C u w D B A F K i R J E S K Y p B w Z I t W c G 0 Z d m y 9 X v 9 / f w F 269 f W w 6 y 9 c o S J f l V o i Q G S Z Q Y J B I M I E g w I R D Y g M 0 7 m y a H n T w 9 n e 85 V d 8 f t 7 t n Z n e B B Q l S A Z r i k u z p v v f c O u F W n a p T 9 R S J C L b o 7 z I J U I V o Y S H 96 f P z X / j S 1 a 54 j K 2 q q K i C Q D l L p N x L t 0 E A 3e8 h r 3 C d q F d 2 + y t n 4 G 8 / 3 X e I + K + D i 79 J e q l 1 K I A v p R i V 5 o v c 3 N X 2 L 967 L 6 W c w B J V A Q E i g A D R v 0 52 t + h V Q + Z v m o E t e q V E g C 8 i t q q 82 P z I l W M 7 U m 9 / 3 c E g c F Z r g I l E A H M f E f r S W j C k V 6 i H X s 4 j v q M M / O 2 n + w 7 R 3 / M R o C J z 2 q P z E / N / + f l n X b A L U R I x E I 8 A g Y K A X u F 2 a 4 v + v t K W I n w 1 E D k l V s F D W u t 4 V N q b D M S A B L B A A O j 7 T f T L k b C v U J O 9 c i H + y l X p 3 y z d d w T u e 8 H f 9 R G 4 L 730 C I i F Z 6 B 6 S j q q S w o M a I E i o f D O V / 3 o b N F 3 j r Y U 4 a u B W A F K A w h E l Q K I Q A I h B c A H t C g l d F / P 531 p S x G + Q t o a g f v S f Y a I W E Q J q o 4 c o 6 b / R I i J l I D o V W 8 w b 9 F 3 j L Y U 4 d 95 E s A q I R M o m I o K v G i M C G I g R C R E U K B X v 0 9 t i / 4 + E I k Q k W K t 4 B M A h O o v A E R B E 4 U n h V u 0 R d 80 b S n C v / N E g I K E + 2 E l Q h I A A F W F Q u 8 o C Z T m l z w k v D t G 4 Y 4 Q K r n L F r n z + n u 1 u f F L t a F N o j v b v w d L t J k N W n d + y W Y G X q y l j Q z Q y / M 73 n 39 x i e + x I 33 v O a e 9 p v c 64 L a s + 7 H Y m M W X g 5 X d z N w 3168 c t f s t 8 w S 3 f 3 V P Y g B Q D O J B b M i w A h A U I A Q F E R e / T b z F n 1 n a E s R v h r I s G I b h Q / f e R 77 A I h B 2 h E Y o g A C 3 S d s 9 D 5 S 827 P 6 p 1 f 3 E t + 0 R 1 / f L N 6 K b x w g / o k r H 9 J d 6 q R l 3 r 6 f T V 92 D 42 P O s e X X g p T u / R o 3 u 7 o + X O C 16 + + N 7 U o z q 3 d + 4 Y X o K B l x h z e h E e v k l X w n 0 78 m I s 1 X p x n y e y d g p g L a L W L y P x a g / e O i f c o m + V t h T h q 4 V C y S C e s F f 7 A A A M K E e K 4 L 303 X f K J 7 r j 17 s F z C a B d b f F e H f 7 m + y Z + 5 x Z N t o n q d t J t E F 9 y g a G h O 7 N o U C I G j r q T k V x T 81 + N 4 c C A U A v y a 3 U F N J 9 + h N y K H e b f f S i W u j e D 9 r I c c M 4 v F c D L z 2 n d / E m d w / K n U 98 x f R i L N X + / 36 r g i U A F I N A q r Y p k t C Q l h f X 5 V u 0 R f e n L U X 4 d 54 E c M o q z w L R Q F t f O w D Q N a d o G E O g 77 L O G v f e 14 G H z d f I B g m 87 q 18 E Y G 5 U b K J 3 O P L O x 664 Z e a x l B 1 Q U e E 0 E F a 0 4 K b W 7 v D W U i A r O t B y D 1 d u 3 f 5 W u k u D s M b X 1 o + 36 P x e 9 F L W G 5 A G M x E s s H G e 5 k P e q l m a d P H + 83 R P R q / 0 1 b 9 N o X 7 r C + / u w z C x o T c c 4 k q M S B S Q o p N G C x K A M C h A w Q Q Q L 9 i F r f o 7 y N t K c K / 80 Q A g w k M g I F Q Q E C E S A g i 0 B o E 4 U 2 G U 22 r X 7 e s G i J l Q 5 s 1 W p d D c u d P G z 7 f 38 A D U f h U I g g Y Q i I g q i s 1 o b v a o I 0 f Q h 0 l E B G I E G 0 8 E A p j g W p / U 9042 H C o C B L h 2 g i E r F D d G C E A d U y J 0 G 4 k w j o v 91 Z N s u 7 c F W B 9 b B v s 1 g 3 X D U 7 b x k h L o z M i E v 5 J F H Z B 0 8 Y 77 h 5 B i I i E z d Z 8 v U o 1 B n d d q w j W t w 50 x 6 P D X 2 W d 4 Z e c u X W D u n Y v h 0 / e Z I 6 v W + l 3 K b S Q 5 d C q r t 2 h N m 92 p G 50 K l B 96 b 7 I G k M d c U A z a R Y t U l P U J K C Q s 5 e x D L d o i + 5 F W 4 r w 7 z w J o G B C a W d Y k y g A k F C q M s E R E U h J K K B E Q K G O 1 A C F I T Q E k L B A h H R o d w h R 44 M A q q E 3 G 65 I F i E B h T E 6 d f G + L o 8 a + l b q V p z m m q C y C k p B g Y g B h i M A o t a b r + u C k L f 6 D y Q Q g i O l A O 1 q + i r s k 4 B 0 Q w g K S G p f E o V y m o S U U x u c w w I W Y S I V q u W 65 a j q J 0 2 N U W E o h B 0 D m E L t U 1 N k T E S A I g A U 2 u C i A I Z A S C k G h G D C d h k i g I I T K C Y i W B I o M k Q 188 U J A 6 z A D e 18 T z c f A U Q K d d 3 g Q s 5 q 1 r H U z G W I U l Q P E 1 Y c O s f r C k O E l S K C F j T U 4 d 0 P q b c V / h M h 0 h T q I F L h p L q a d m U K d x W g k B 8 V 7 i l q c y Y i T i l F d S t N N m z A i A A w K d n w q w g J 1 d d Y u C e Q h h 8 A A l G o 7 R u k v p F h Y l V f 3 u s j s 0 V b 9 M 3 S l i L 8 O 0 8 E a D g W R v i B g t q 3 T o k W c C k 3 P T u / F E h n b 297 O s a A C s q V 3 N L E Z D G g S O + O b C o Z Z V G u q A j W S y h h J R J o r Z 0 o 4 Y r W I E S E o Z Q I S G A 1 F I u x I p 4 r C 0 W c U l J z v z p d r Y g Q I p 6 Q D k 0 X q Z J S 4 b 0 C I u U U c p X l w u 2 J E k c y L d t b o 1 H 2 R O A I R F Y L Y D 1 R Y I h B B Q J w F E o 5 Y w E Y M s W 1 x e n R G Z d N d m / r T W v D D s S Q a p m 9 a i E o L Y 6 u u i o 3 b + v J N s V J s 5 D n A H H w g t L a 7 N R E f m H V x D y v s y u V 6 W n 2 y C l W T v m l 3 P L S z M 3 F t b K g 2 V Z V a 2 e y e 1 t z x E u Q A O Q A Y f g M A I G B B p t Q I A t V q p V q J V 9 a W V 4 q k / F b e j u a E j F x l k i D y J Z K d m k x x 8 F C 0 U S T f n d P U 1 R H p O w Q t 6 R 8 F K h U m Z 9 a m 15 c L S O W b c 72 b G u L x g w 5 S 0 p J Q 23 V V B E g S g g C Y V c M A l t c L O V X S + W k l + x o a f V j P s M p I V h l F Z w h j w r 5 l a m Z 4 d V C y U p r a 9 f 29 v Z U D P D Z C Z W V U p X V t b H J O S R 6 O 7 q b U r 5 V L C A j 5 G o 7 J 6 K a b w G k Y Y n L U K p c r N w a m 84 V n a F U b 2 u s t b u t b I w H R N h x p V x Y y + V y i 6 s q E s v 29 K W S 0 C A R 5 k B p J t j C y s r k x O 1 c y U W i m d a e r u a W j A J M T W M F 5 c L q z F T O u U T P t o 5 o A o 7 E c w o K V S J f A h K y 2 n O A B 0 e o K o 45 g V I Q J Y 60 I 4 B Y i A B N C B S Y R G 1 p w i 361 m h L E b 5 q 6E4 Z U P M V C o Y v X / n K 0 + d 6 H 3 y 0 43 t e F 9 M W p E v F 6 s X z 5 y b n l n e / L p r e u 8 d o g o 4 B s E K + 0 n C B J 0 Q c 2 G o l m k w B A G k L K A q V L j S J l A o s x o v E t E F D Y m u o C F m C 1 C I Z o I A o A 1 b g g R U U C Y P M 4 u 25 x z 77 N Y m 1 v O V d b 9 v W 0 8 y w S q n Q D B J o U O g l g 0 d 176 c C i R D I V s r f e O a Z b 4 w V X / + 29 / Q d 216 P H V U 2 c L n C 0 s z 48 P W J R d 1 d z Z w 4 l k o p B k Q z c b m a y w 8 P T 5 + 7 c j 1 f K C W J + / o G h u K P t j T H P R S M w + L k 7 B e + 8 O y q 6 E Q s V i n J r n 0 D b d 3 H P Q 8 q d N x C l I T e X F X z z F F o S O t K J V h a W L x 6 / d L t l f y 2 v Q 83 H 94 X J W e U U Q R 2 U i g E t 2 f m J q / c r F J 86 K F k 0 / Z m I U 1 C E X G o V q Y n F 0 + / c H N i c d I w t 6 a b t X 5 t + 0 B f U h G F b t J 7 k Q I C 5 n y h M D c 7 c e P 6 r Z y J H D h x s r 2 v J 7 R 4 i T S 0 F b J r a 5 V r t 65 f u X a 1 u B p o W T h 8 O N G X T e l I t U o V Q 9 q V g u F L V 545 c z 7 e c e D R 73 o 0 1 d z w b F L N x q u b o q p m G J t i L n / p 8 t U L l 6 + s l Q K D x H h r 8 u j J 17 R u 64 I i Q M p B Z W V 14 d r V S 2 O r t m f 3 i d a j e + I E c l Z T I I F d W s 4 N 3 x i 9 f m O k V C j G j N q 2 a + + u w 0 f b m 1 I g C D M R L S 0 u f u 7 z X 6 h U k j / w g 28 f 3 N l a c y j U / l s 71 / Y A D c X w N o X 1 b t E W f V t p S x G + O k g B t Q S J + g G U U 7 o 2 u S b q k 9 H M C g C U C F Q 6 n T 125 E D s 1 p R S 3 s r K m q i A C J R I G k 87 Y Q 0 b r B a H h 6 / M r 63 s 2 n U 4 m f S r o n Q i m Y 4 a J Q 4 u W L 29 e P P M R c 5 m O v b u 9 q E 9 p S P R e C y i X L V S K a x 6 X l z r R D m w V W s D B S + a i E W N H x 7 j s S O t l R 9 V R l s F K G I A o h U B J A r E U H X X I z x N D l o g I F t z 72 l 4 k a j S Z e Z A A Y A G B M p E o 15 z W 6 b F G / J j L T d K m U p V Q 1 g R m K y q 5 i f H R l b z 1 Q c e f k 1 b S 0 I X F s b G c j d H F i n q d 8 Y d X K D Y 9 f T s f O 3 R Y y 2 t s W p Z I n H P i / o i j R O 2 u m + U t E D V A 3 N Y o J P J p v h 2 P 5 b Q F 2 + M i S j H I F 8 p R 0 J Q f i S d 6 d j l p 5 q 1 v j 5 T r F g S E S Y h I X L B 8 u 2 Z k f H F 9 h 27 j 77 p o Y Q U l s a n Z q Y n S 9 H 2 P Z 0 + g a F A U K p h E 4 Z z G s
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "4d21ff7a-35e4-4827-a068-c7aad98223b9" ,
"value" : "Figure 7"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A B 9 C A Y A A A B + m B 1 w A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AAEAAElEQVR4nOy9dZxdx5H3/e3Dl4ZHMyNmjUbMFlgyyJw4iSFxsnGYnGR3s7vZZOnZ3Wef3Wd3A5s4nDicGBIzyySDyJLFzDAgDdOlw/3+ce4dENgOOc7zuj4fSaO5557urqqurq6u/pWQUsp8Pkt7awu+7/NGk5QSy4qxf/9umhpPcfN7bqWt9TSKogx/DgCBlIWfxMAvi/8M+wkx5B8pzvfEG0gi6i8S8VqP/gYkpSQWi/HYow/QMGMODTNm09XZjqqqv8dW3qwkCOQbO85IVy0OHzrAsSOHueHm99Ld3XWOrv6pkSICxB9pZrwahWFIPJFg86b1eJ7HNde9k9YzLW8K/RZC4Ps+jz1yP++68b3ohk4+l/uD60LRXj72yP3MmrOA+ukNdHV2vCl48ha9RW/RcNL+2B14vRT5JxKBREqJDImMigwj/0kWnhJyyBeG/CCjvwRvjLM1zJEq9OnNt4S9RW9GklIixG/vikebkKJT/xb9PknKyP680Q5NUaa/p5cRSokQyls68ha9RX9AuoCDJfH9EFUrODBSoCh/hJkoJUEYRsZFgBZKDGEQxhRCXxLKACkg+lgUFiWJFGHk00glCnUJAYQDTlZEBVfrDRrWoIv1xvExDAMiuyxQ/8SjLG9+kgRBGP34G/BbyhApKUQ+JAgNy1RxHfd1O+RhGCCEiijMBd2wENLD9cL/pxdQKUOCQCJExL/X45TKMETy29kzKSW6bqLrCvm8/arPRTL93ZgvZQhCQQCabiBkgOsFr/YNgiAsOOgKqnoeHZQSoRqUxC1cO4vz/7iOvEVv0R+TzuNgSRAGVdVxsr19hEYCSwnI5GxCKd+4xVpKFN0gFY8V2guQtodnS/p6jtPWozFq3Eh81x5YoBRFQ1FBhj6hLxAoKJpAKgoEIGTAgFf1/7hRkQgSJWUYqkAGHplsniCUhEGAFAqaqhCGEqEICEOkEChCRJ8TuYKqqiLDgDCUKKoafV78v6L+cZzuNyVJpNAoLU+iCkEYOGQyOSSD/IwiHpIgiJxeVdVABggthqVLcjkbTdcJst0cOpFm9Lix6CKIFkyiIylFUQb4LxQFVRH4gSSRTOHl0nihgqFB26nD+LFqRlUl8fwAGYaEMpKhIDp6k3JQpn+KJKVEM2OUxS0IJblcFtfzBxzWAZ6HAUFBfwlDNCuBjksm56HrasFJCwcdEikJwgCJQFVVBJLAj/5vmAZdbY20deVoaJhKcJ6UCiklqq4T0wWZnDvg9J3dThiGyDAERUFVlCGfC4QS9UPTLULfBkWlr/0MjpagqjR2IYaAqlNakkBXBYHvkMnk8f2AEFCEgqKAFAI/c4YXNh2lbspsxlUnsB2voE9vbcLeorfo90nDHSwpEZqF7NvP3/3bE7z3b/4K49hjbOqq4j3XLiOua0jfpj9j84fc9sgwRE2k6N73Ml+990l6bB9V1dBqpvPpv76VUd19PL6jjZFjxlNmlRGkPITfjxoaZBybVKwGVRW4QRanpwdpJKAQ4RoaFfhtjuykfL1GaCh/5MC/QvyhDwolEgVLdXjq59/g2T3N1Nav4EM3rabEUkikUiiBQ29flnjcxHMclHgKLbTJuiHJ0jI0RaAqkv6+NEaqlJipY+cyZHIu8VQZcVPDyWXI5N3f6Sjr/w2SSGFgeq18+//8B019NhPmX8l733Epim+TKKvEFD59/WlCoVFaXo6uCnL9PRCrou/Qc2xsVLnuuhV09vpU6Hke3rqVyrHjMRRJsrQEQ1XxPJt01iZRUo6lq/hOjt6MT20FPHz3L5l61fsYH/dQrBS9Jx7lVHwuE0eW4niSVFk5li7I9vfhoVIaj6GoCnamn7wb/MltNmQYoidSnNmylu8/8CyBleTWW99P/YQ6VM1AVxVUIenv70dNlJKKGWQz/eixJIfWP8hxpZ6bVs/kTHM7WixBRTKO9Gz6+jOgWVSUJFGlT39/Pz46FdWVKKGL7XjY2TZ+9tWf8Z8//Oa5fJMS3bJoO3qIdcc8br56Jm7eAQG6laAiYRG6Nn3pLLFEkphlEjg5+jN5NCtORSKGDAPyuRy6YXDiwDqs6vlMm5Die1/7V9rnfJTPv3Mq6ax/VrMhQo/jtx3i6/95FyfTHrHa2dz28ZsYW5VEV1UcO0s6H1JXafKdr3+DA9ZsPjxpBlLRKa8qQ3h5+jL5t+bzW/QW/R7prAiWRCgqgd3DI7/4HtrSt3Odu5f1Ryfy/rfN4ev/8Q1KZ67m5qvmE9j5P5iTJRRB6LlYNeN53/tv4Hv/8u/oKz7IR29YgXlmJ9+452WS41ZQkujgqXseZneTTll5FjU5nfe9fxV7nn+Ae9fuY+HFV3L98vn0O/3REUwh3C6HODy/Yc+Q/Da7vCKfJPBqIf7fncIgJFGW4MDTj/OLjT386z/cRtPhRgI07NZ9fO9Lj+HVzuKjt1zO1pd3M2nmTPp2PMaZ2Cwun57giXsfo6O3lzMZgz/74C2cfP4eXthxnAWX38B1yyby8hN38+zOk8y59J1ctXAiju28ZZQVHZE7w7pth/izv/4CO372X3xPKeFf3z+fB376DQ67tdx6yzuJ51u4944fcPhMjpU3f5BZ8eN89atfZ89plbB8PFfVe/zgFw+QSc0mriuobh/P3vsgh9o6GTVpDu+8dAFrf/09th7vZvzcVdx42WyeuPMH3P6de5iws5HPfvRDGN1P8tSuFlZdtwovgJhi89Qvf8wrx3Jc82cfZrTo5p6XNtDV0c+Kd9zCgnFleJ7zp3VMVHBkmvfupNkdzcdWj+Kedbv5l9FlPPXg/XT09XM6a3Hrh2+h98V7uW/9IZauvoEZFd18+WvfpklM5NjRd/HeGy4jfXQTt9/7AqnJi3n/u6+CM7v51ncepUsZybvfdxNj1Ra+9+2v0qaP4b3vu4nJ02Yxa9p4XMc9TwRXomk66fYzrN9p897r52Jn8sSSMVr2vMTtT26mcvpS3v+ui9n63BNs2rKX6nmX855rl9C550W+9egmzIpK5ixeRY1zgNt/8FOsqqX8+Rc+Q2lJjA1bHqd/ZRV6smKY5RJCIAMXpXI8ly+bwt996Rk+fetfUGPZvPjgQ2w83svsZZdx1byR/Pr2/8tdaw+w6LrZuD7ofhc/+u+vok5aynvedjF+LgtvRbLeorfo90LnzCQhwHEkF12xjMyhzRzPmoypSfDir38MpsErD/2Yp3a3k4xrheOOP0RERiBDHyNVwex5c5kyfgyT6+cwZ1Kc0vhY5k+QPP3CNkTosWbjOrpP7WX7hjPsObydTS9t4I4fPcmsi6Zy5JVHOdCXwzT+/2MwhIDQD4mXliAyp9mw/QT18xczsSzDt750O/bYeWjHn+aH97zA9oMn6XQEx7c+xfq9bZRaLvd8/euc1MZz3erFdJ04yEsHWlmweBHlMYVD6x7kuw/tZN68Sfz6G19m3YkMCVMlfCt7H4lCWeUI6pdew4duWMTJg9t56bF7eGbXaXp2PckvHtvK4efv5L6N7Vx19aWkFJ9Y9URWLp3H7NnzmDO5grxSw8UN1bz87FN0eyZxJcv9P/kp1Mwhe+YYvZk8ibJaFs6Zwkv3fo
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "9b17f685-fdaf-41f1-8fd6-6ea69d2d15c6" ,
"value" : "Figure 8a"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A B 8 C A Y A A A C 1 x M 7 V A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AACtjUlEQVR4nOydd7wdRfn/3zNbTr/93vTeQwhJgITee5MOgvQmYEEEUURR7NJUBKQISJPeIRA6BAIhlDTSe7/9nn62zPz+2HOTm5AEguiXn+77RV7cs21mZ3dnn33mmc8jhg0bpqWUbAtCiM6/AI3Wepv2DwkJCQkJCQn5b0NKSXt7O2eccQbmCSecQC6X62I0bZ5gvcDXGt9XoHxAI6XEMIz/SMVDQkJCQkJCQr6OaK2JRCLMmDEDwzAwM5kM8+bNY6teLCHwXA/tuyRjFqlUEjOaQhs2pXyWtra2zzXQQkJC/n0IIZFSgFb4SoMQGFKC1iilCH3MISEhIf9+DMMgnU4jhMDUWmOa5uYNLCFAa7Ry6dO/D3b9EFrM3rSIOnIigVA2w6x5ZN97CKQJYTceEvJvRrDRt4wOjCnPKZLLlcCOk4xZaN+hkMnhmxHisSiW1OVNN/4Q0uX9g6WbbKM1ukt52xoKEBwnOOY27ITQ+jM9iejsi7ZW1ib13Ryd57DZdtjM8q713/xHpEbrL99GISEh/10YhrG+rzCVUvi+v1HHIIRAA9r3iUVMeo09gHT1zszKN7Asl6StCPmSpptdZICxCqV8tA4605CQkC+PgPUeJylNDEOUX/CdsY4a3/NQSqOFwLQs3HyJofsdyZknH4Z4+w5+89A0zP57cPHlpzFg7kv85b5nmN9hE7M0ruvhK4XWAsM0MSQoz8NTrP/tux4KMEwLicLzPBQS0zSQgsCgkAJRNoZ830NpkNLAMCQajfYVvu+hESAkpmkiUPi+QkgJSqG0Lq8zEDroh3ylEVIipSwbWgIhNL7nB21iWphBJYJ+pxwH6ns+SIkg8NgJIUErlJAYUqJ9Dy1MTFMGbex7+L5CC4GUJqYRHNNXfhACQdkraBgYUmxodw3CMBHKw1dgWBaG0HiuB9LANGRoZIWEfE3ZnCNJ6y8WR965b9C/BP3flvb1fR8A03XdzxhYAEIKausaMAbsyzvGHixcZlDIu6AyaF9TabrsUfEp7Z9OwfU1Qnhf5nxDQkI60QrfSHH8727hlP4m2XyekuMjTRMnM5M//+g6ZhcMkqkKolZgQPhugXQmT6S6nqGDBiEXJFBOCSIpBg4axJBiAxHh4ngS6bsY8QoqIgYCKGSzlDyIxqupiPgUczkKRUWssoqoVOTTHZRElFRFJZbhkO7Io4Qil7XZ68wLOO3AHTCLJazKauKGwinkyJc0Biv4+1XXMb92V4466kDGDuxGXPp4qsjiTyZy63VPUnPSD7j87IPpWWqnNe8HRpVyWDfvLR544Blmr8kjTQMhwCv6dN/5CL513KEMrzdRWqN8BWoVD//5Nt6YuZrk9ntx6g8v48Dou9x8/f1MnpslVhHH8opkcwVEsoqYKJHOFvE8HztRSWXURGpFsZAlm/cxbYlpxUhVRjGExncdCrkshZLANCSRRCVxS1DMtFOKpKiOSYodbaRLguqaSnByZAouhinCb82QkK8huVxuI1tHa000Gt16iBSB06lQKOB5HhUVFXieRy6XIxqNYprmZ+yn9QaW53kopT5zwN59B2OPOIp3Mtsxd3ke6ReRWiGUh+NC9+o8iZZprM3nUFoiRNijhIT8S2iFQmHE60hWruPVu67gF3fOJV4dBW0QSVYxbO/jOefsE9ipZwwosei957jlhtvI5YsUlYJS4N1SrkdRKdxiCd9XeK5PzZhDOOP809h/ZAMm8OHzt/HjP7/AqGOv5TenVvD0n3/CDQ93cPG9d3NkqpG/f/s47q08lut+ewGj0g9w1rfvYXlREImWeO+fN/Hegx460sCx1z3IhcPX8ezN1/HnB2ciEyaR7hO47Jc/Ze+aHNOfvZM/3P4MLYk+7DSmDxoNhk1FRZLUgvs55dSbWN3tQH7622s59qCzKM6azvwVH1GUSWzpkC01cPAJR3DQuAG8e+PZXPHgdJxIAzvssTNGSxZZN5qLf/9L9kt6uP5B/Pi6g5n+2vM073Q4+ztL+GDWUnrusy+9Zv6ZEy5/BmP00Vx48ensPbASUKz84Cluu/kO3mqp4bKf/JwjdxmGAqS/jncevY+7Hn6BTxurOfOXf+SC8X1Z+Nqz5MYcxQ41OT58+K88tW4oP/ruMbS8dRd/vPF+5uZsbLnl4cyQkJD/PEophg4dCmzwWkUiEZYtW0axWNyqkeX7Pj179qSyspIPPviAyspKdtxxR5YuXUomk9lool9Xz5aplNrIwNJa09CtG5FB+zJHjWJtSwnhFJHaR/sK5Xng+lQbebItzYGlVj5gSEjIv4BWKDT4JbSK0GfU/pxw8iiiyQi51TOZVxzLJZedzrDcfCY9/C5ttRM46YDjOPeCLPd8kAUpkeUhMgWBVwiB7znIqvGc99Mfsm9VK9Oeu5/Z7hBOOOxEjn76Zd6f8Sb5U05lYE09db2708+yIGbRbXBf+pjV1KU0a5+fTlPBAREJ+gtBMDyoNL6vAQ9PKbTWuErSvc8u7FyjKc15k0cfeJQ56QRVpZW88dIyFCb1ysfVoOJDOfS4k+lIDqZXhQQyNGdzlHyCYUQkpmpn0YocjIPh+x7PGeZIGttaWTrzPWatKxKJ27z26DN0P+EIhsl5vDzpPSa/v4xdh++D6tmPwYMzTHnscV5ZMh+67cb3f/pdxhU/4u+/e4SliV256KJjuez7GdZe8yTT3nyGpW8UaPYrGHfEOXzjpLPJN3/KlXc24nsOJS3oM24E77z/BnO235UdT7qMUR3z+HjmEnbZ43CO/OQtZj60DLvKRnvh5IKQkK8DQggcx+GKK65g4MCB+L6/fpjvrLPOYvHixUSj0c3aMZZl0dzczK9//WvGjx/P1VdfTZ8+fTj//PO59tpreeSRR6irq8PzvPVlddpUnxkilCgqBoxnmT2Wpet8spkC0vPRXgnhK7TrIZVLQmcp5jO4roc0wvirkJB/Ga3wtR8Mt6saxh14NuMOLK9repxf/bMfw6Iunzz1OH/63R2s6v4NBu56A/WVQ+hRNwMHiNEZyxTELAk0nusQH7ove9Rr1n70Jnf84Re8mNuZASP/zGF7duOFSbOY7mvG9axi4IR+xHQHKzsElSN3ZVRTAw1a8fyMdeSLHto2We+bUR6+EcRrBdX38VwX7ZvIaC1xLWhalyXdVsIw4ygfrIhFIZvD06B9ED3246Ir9isfoZ2Pn72bJ6YtpoSB5Tk4CEwzz1sP3smt3vEcvP+hnDvmMEDRtOADHrn5zzz+7hxeffo5hh98FCPjC3nhgVt4ZXl3drk0hiws46U7f8lv/zkXWVXD9kf8ll1rPJoXmfToNwRDVgJQOexgdqu7l0mrcwzbcxwDYhaVhoMiTkWfwcTdJTgYRITi0+d/z8W/b+E71w5ieI8+fHTnDfxtzRgmXHcWkepuRLy5OL4R9Jf/sZsnJOR/hy1NUtna9kopmpqaeOihh/B9n2w2y/HHH49hGLiui2VZmz2OUopYLMa9995LKpXi8ssvB+Dll19mypQpxGIxHMdZv68uz9wGMBcsWEBrayuGYVAqFRk5ZgLNybEsarVpacviuy6G66BdB3wP7bgI30PlO1izZhUdbU
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "b0d43d87-5c9b-4218-b961-04a92e2d5aee" ,
"value" : "Figure 8b"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A X 8 A A A A 9 C A Y A A A B F o 2 m 0 A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AAAeJElEQVR4nO2deVhV1drAf4d5luGAoIjKIRQChxzTa6VpQaCRdh1AvI3OZlqamnNaft6yKxlaWXojcSiHSETFicw0cUTNCUGUwQFkns6Bc74/uOzcHkAwcGL9nofnYa31rmnvdd691rsmhU6n0yEQCASCRoXBgy6AQCAQCO4/QvkLBAJBI0Qof4FAIGiECOUvEAgEjRCjC5nqB10GwQPG3twQpaXhgy5Gg6FWq8nMzMTZ2RkDA9HfETROcnNzKSsrw8HBARA9f4FAIGiUCOUvEAgEjRCh/AUCgaARIpS/QCAQNEKE8hcIBIJGiFD+AoFA0AgRyl8gEAgaIUL5CwQCQSPEqKbAm9evsWj2VAACBg6mz4uBsvA/E47z7Zef8+mK/6JQKBqulIKHAp1OR0hIiOS2sbFhxYoVD7BE9UdRURFvvfXWXeW+/PJL7OzsZH5hYWEYGhoybty4hiqeQFDv1NjzLyzIZ+um9WzdtJ5L58/phV+/ls7WTesRp0I//qSmprJ+/Xq0Wq30V1xczPr168nMzOTs2bPExMTUKc3k5GS2bNnSMAW+B26vW15eHmvXriU7O1vmX1088RsQPGrU2POvxMTEFB06NGo1xiYmDV0mwUNIfHw8ISEhlJeXS343b97Ezc2NvXv3EhcXx+rVq/H39691mnv37mXq1KkEBQU1QInrhoWFBevWrZPcSUlJREdHs3jxYnx9fWuM++677zZw6QSC+qdWNv+f9x0mLzeH0KB+DV0ewSOEo6MjxcXFdO/e/UEXRSAQ1JF6nfA9sG83bw4OlP42RHwrC9+09nsWfvgeAJNHhvLm4ECWLponhYd/9glvDg5k/GtDqkx/zvvjeXNwIAtmTK7PYgtqQc+ePYmOjsbPz48//vhDFjZp0iS+++47rl69ip+fH35+fvz444+cOXNGcvv5+TF37lwpzrx58/j888/Jy8uTwleuXElqaip+fn5cvXpVlseQIUPYvn27zG/+/Pn4+fnx6quvNli97yQ4OJjo6GiOHDmCn58fGo2GhQsXsnjxYpncli1bZHX38/Nj/PjxMpmjR4/qybz88ssymZs3b0phP/zwgywsPDyc6dOnAxAUFMTevXuBioPsKuMsW7asvh+B4DGhVmYfgA6dulFeVk7kqq8YNGwEpmbmejKWVla4tXKX3NfSUvll4zr6DxoKwOWki+zZvpXWHp7YKx1pYmuHRl1K5KqvACguKsStlTsGBgZErvqKvv79cXJuRkF+HlE/rcXM3By3Vu4YGRsTueorXhkSirmFxd99BoJa4OTkxIsvvkhUVBT79u2juLiY5557DoDmzZtjb2/PzZs3cXeveP+2traYmZlJboCSkhKWL1/OmDFjaNq0KY6OjiQmJkoyDg4OFBUVsWPHDgoLC2X57927l379/hp5rlixgqKiItzd3bG4j20gLi4OnU5Hx44dcXd3R6FQcPLkSUxuM4dGRUVx6tQpWd3j4+PJzMyU3Pv37+fgwYMymcTERHbt2iW5T506xZ49eySZxMREfvzxR/75z38CcO7cOWJjY3Fzc8PV1RUrKysSExPZsWOHFMfR0bFhHoTgkafWyr/vSwNwbu7K2OGD6PJ0L1zdWunJdOjcjXZPdeHmjWsArP/vSr74v/mS8ge4npHOiiWL2LIvHnsHJXGxMYwMDsLJ2YUFS5bzbD9/8vPy6KxyxMPTCyfnZmTfymLe1HdYvWk77k+04dzpBEYOe5m+/gOE8r+PKBQKwsPDee2110hJSaFt27Y4Ozvz/vvvU15ezurVqwkPD5fFCQ8PJyMjA61Wy86dO3njjTcYM2YMo0ePxsTEhISEBFmcCxcu1KosCxcuZNGiRbz00kt6q28amu3bt2NoaKjXE69k6dKl+Pj4yOo1Z84coqOjJfe6deskRV3J2rVrOXDggOSOi4tj8eLFHD58GIAlS5bwySefSMofKibNFy5cyIULF7CwsCAqKorPPvuM/fv3o1QqMTU1rbd6Cx4vaq38AXzaP8Wvp5J52suVyR/OR+nUVE+mIC+XZ3xbS+6WrVWycO92Hdiwfb9evL3HEzEyqrk4rw30q0txBQ3E6tWrWblyJe3atePGjRt3lff19SUrK6tey3D16lUGDhzIrl27WLVqVb2mfTc++eQTRo8efV/ySk9Px9XVVXJ37NhRFt6rVy9iY2Ml94ABA3jhhRcwNzdnx44dvPDCC/elnIJHjzop/7uxd+c2vl22hJ9ifwfgl5/Wsm/ntnpLf8nXEbjd9jGxd1DWW9qCuhEUFIRKpaJLly58++23VcqcPHmSt956i59++gkrKyvi4uJ4//33660MixcvJiYmhueff57du3fXW7oPE02bNmXr1q2SuzYmLhMTE+Lj4/niiy84ceIEU6dObcgiCh5R7kn5vz56Itcz0jn8u7wHn3Mri/NnT+PboRMA8b/r9/D/Dk+09cbTy6de0xTUjvPnz/PTTz/x4YcfAqBUKvHx8eHIkSMUFBRUGaegoIAjR47g6+uLg4MD6enpdc43NTWV1atXU1RUpBfm4eGBtbU1x48fr3O695NvvvmG/ftr/i1s3ryZzZs36/mbmprSuXPnOuVnYGBA586duXbtGlZWVnWKK2g83JPyHzlxCjMnjSHqx0iZv00TW9w9PLnw52mgYodwfWBsbIKntw8Zaalw214ad8+2dzUVCeqHtLQ0NmzYwIABAyS/vLw8fH19sbS0xNHRkZYtW3Lq1CkAnJ2dsbCwwNfXl/Pnz2Ntbc3ly5dladrb2+Pp6SnFcXR0xNTUFF9fX1JSUtBoNFy8eJENGzZQWloqi1sZp7CwEG9v7wased1p3bo1JiYmUhl//vlnzpw5Q4sWLSSZ5s2bk5OTI8nExMRw6NAhWToODg64u7tLMgDm5uZ4eHhUm3dubi5XrlwBKj7QzZo1q7d6CR4v6lVzPu/fny5P/4MuTzhLfnfa/O8F52bN+SXuKP2f6cSFs6cl//2nLuPk7PK30xfcnT59+nD8+HEMDf+669fR0VGy+bdv354ePXrg5eUFVJhkpkyZQkJCAkqlskqbf1BQEL169UKprDDfTZkyhcWLF5OQkICXlxfnzp3j6aefJiEhAScnJ1ncDh06oNVqee211/jtt98aqtr3xMqVKwkLC6Ndu3YAnDhxgk2bNskmfGfMmMHOnTslmXXr1tG7d2/ZERPDhg2jZ8+etGzZUvLr2LEjx44dqzbv7du3M3RoxQILYfMX1ITi/M3Savell2k0ZKSn4tzMFWNjY1lYdlYmBQX5ALRo+dcEr1arJe1qiuQ2MjLGpXnFhFVuTjYlJcU0df6rN1JSXMTNG9dp4dYK/nc+UGUaTk1dMDUzk2Svpaeh0fx14XwzVzeZMhLcG3W5wD0pKUn639DQUKaYNBqNtD7fwcGBJk2aAJCSkiLbGXz78sby8nJSUirai62tLfb29kCFuUetVmNmZkazZs1ISUnB3t4ea2troGKVi06nw9ra+q7LGe/lAveysjKuXLmCq6urbBnnlStXsLW1xcbGRvKr/ADe/oHKzc2VPniurq4sXLhQ2h9QSXFxMRkZGVLcX375hbfeek
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "f76e4c02-dcca-4e21-b920-dcebc84d9968" ,
"value" : "Figure 9"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A B e C A Y A A A D / o G r o A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AABO/0lEQVR4nO2deXhU1fnHv/fOPslM9pCEEBZJ2GTfCRD2RaQurdYFRIoFgWLdEBEVq1WrYnEBrVihtII7iiKLgkhrQUVcILKvIUCWSSazz9yZO+/vD3qOdyYTlhD198j5PE8eZe527jnvOec97/ue90pERBAIBAKBQCAQNBnyz10AgUAgEAgEgl8aegCIRqM/dzkEAoFAIBAIfjHofT4f3n//fRCRULQEFx2SJAEAhKdcIBAIBE2JPhgM4uOPP4bRaITBYPi5yyMQ/KREo1FIksQVLYFAIBAImgI9AOj1elx22WW47LLLoKqqmGwEFwXRaBROpxOyLCM1NVXIvUAgEAiaDD0RgYggyzJ0Oh1kWRYTjeCiIBqNQq/XQ5IkGAwGIfcCgUAgaDL07H+0bhIx0QguBpjMa/8EAoFAIGgKRJoGgUAgEAgEgiZGKFgCgUAgEAgETYxQsAQCgUAgEAiaGKFgCQQCgUAgEDQxQsESCAQCgUAgaGL0Zz/l7LAM8D/mTixtOgmB4OekoS8e/NyyybLRa/ugSKQqEAgEPw9NomD9FBOLmCQE/1/4uRWphkjUP/6/llUgEAh+6VywghUKhVBRUYFoNAqTyYSsrCwYDAYQ0XkrROx7iJIk8YmB3cfhcCASiSArKws6ne5Ciy0QNApFUVBVVQVVVaHX/9B9VFVFZmYmTCZTo+VTVVUAaNT10WgUNTU1kCQJGRkZkCQJiqKgsrISycnJSEtLa1SZBAKBQNA4Gq1gMUXowIEDuP322xEOh1FUVIT77rsPrVq1apSCJUlSvcklEonAYDBg7ty5OHnyJJYvX47MzMzGFlsgaBTRaBSyLOPYsWN44IEHcPDgQYTDYZ4N3u/3Y82aNSgsLASARsl/YxUrWZbhcrlwxx13ICkpCc8++yzMZjOOHj2K2bNnY9y4cZg6dWqjyiQQCASCxtFoBYvFQ7ndbmzatAkAcPLkSdx5552QJKnBOJWG7iVJEtxuN/773/+iVatW6NChA4Af3B6ZmZmIRCJ8EhKTheCnhMU3eTwebNiwAampqSgqKuIyaDAYsH79ehw5cgQjR448b9mMRCL4/PPPEQwGMWLECK44nQ32HFmWkZWVBbPZzI95PB589NFHuOSSS2LeQ/QbgUAg+PG5IBdhNBpFOBxGSkoKVFVFRkYGAoEAIpFIwsmBuQDZIM+UNPbvgwcP4qqrrsKsWbPwl7/8JWYyePzxx2PuxX6Pvyc7Fv98rfslGo3GBP+KOBXBuWI0GgEAt912G+64446YY8OHD8fRo0exdetWZGZm1rNIqarK5TTeDe52u3HnnXfi+PHjKC8vRygU4u5GIuIfYY+/nsl8SkoKFi5cyJ8DnJb15ORkmEymeu/B+gBwWjkTfUAgEAialkYrWIFAAP/85z+xe/duLFiwAKqqIhwO47nnnsOQIUNw8803IxKJxMSpJHIBAqcnBFmWkZmZidTUVKSnp5+zu6She8ajPUdMKILGwhR6n8+HcDjMfwOAu+++G0eOHMH999+Pa665pp4lK5GcMoUpPT0daWlp8Hq90Ol0sFqt/BxJkmL60fmUVVXVhNZk0QcEAoHgx+W8R202IYRCISxduhRutxuLFi0CAJSVleHOO++E0+mMUbDYQO/1enHkyBF4vV7o9XooioKcnBwUFhbiwIED+PTTTxEKhbB//35s3boVqqoiKysL7du3x65du+D3+9G9e3cYjUYQESKRCGpqanDkyBG+wgeAFi1aIDc3FwaDgZd5586dCAQC6NmzJ8rLy1FeXg5ZlpGWloa2bdtCp9OJ4HnBOSPLMnQ6HbcmERHGjh2LU6dOYebMmcjLy8PIkSMBnLYWqaqKvXv3wuVyQZZlNG/eHHl5edDr9aipqcGXX34Jh8MBj8eDL774Aj6fDykpKejSpQtcLhd27twJi8XCFyP5+fnIzc2FTqeDLMsIh8PYtWsXdDodOnXqlLDMTDmMRqM4cOAAHA4HAKCwsBB5eXk/Wd0JBALBRUF1dTXdcssttGbNGiIiikajdCai0ShFo1Gqrq6m0aNHU+/evUlRFFIUhXbu3El5eXk0adIkUlWVgsEgERGpqkpERIcPH6bevXsTALLb7QSArrvuOiIimjx5MgEgg8FAOp2OkpKSCADdcMMNREQ0adIkGjBgAFVVVcXcc926dWS320mn05HJZCKDwUCLFy+OKbOiKHTdddfRgAEDiIjoiSeeIABkNBppwoQJZ3xfwS8XVVWpurqaHA7HWeU+EokQEdHOnTvJbrfTo48+GnNNNBqlcDhMpaWllJycTE8++WS9e15++eUkSRKZTCZ6/vnn+e/vvvsul31JkshmsxEAat++PZ06dYrefPNNAkDJycn8+r/97W9ERBQOh4mIqLa2ln71q1/R9ddfT36/n4iIduzYQWlpaXTPPffw92Vcd911BIAA0MKFC2PeQyAQCAQXTqNchJIkwWKxIBgMwuv1ckuRLMuoq6uDoijcBUH/s3itXbsWmzZtwmWXXYZhw4bBZDIhGAyiW7duiEajGDt2LCRJwhtvvIHu3btj6NChCIVC6NKlCwDgxIkTOHHiBI8vkSQJTz/9NGpra3HbbbfxmCoiwqlTp/DQQw/hnnvugdVqBRHB4XDgu+++w/z58xEKhTBnzhzo9XqoqorHH38cV111Fdq3by+CgAWNRq/XQ6/XIxwOczkFgNLSUrz99tvo3bs3evfuDVmWUV1djSeeeAIzZ85EYWEh/vjHP2L16tVwuVyYMWMGgsEg8vLykJSUhPbt22POnDmw2WxcPo8fP45Fixbh2muvRXZ2NsLhME6dOoXk5GTusoxHlmXs2LEDq1evRmFhIebNmwdFUdC7d++fqooEAoHgouG8FSxJkuD3+7F7926kpqbCZrPxWBRJktC5c2eYTCacOHECFosFaWlpkCQJr7zyCjZs2IBjx44hIyMj5p6qquKaa67B0KFD8f777+NXv/oVZs+eXe+52mBdSZJw9913Y8yYMVi3bl3MuXPmzMGTTz6JGTNm8FgWk8kEv9+PRYsW4ZFHHsGMGTMAAB988AF+9atfoX379mjfvj2i0ahwFQqalO3bt+NPf/oTVq9ejfHjxyMcDmPWrFlYsmQJJk2ahE6dOuGZZ57Bnj17cOzYMfz5z3+Oub5z5874y1/+AuD0bkNJknDjjTdiwYIFGDFiBLKzs0FEMBqNPAi/IY4cOYJnnnkG//jHP3D11VfXOy4WFwKBQNA0nHeUKxFh27ZtmDVrFq6//nq88sorMBgMMBgM6NixI1atWoV+/fph0qRJ2Lt3Lx+ws7KykJ2djYqKCoRCIQQCAYRCIUQiEQCnJ46ysjJEo1E4nU4oioJQKASfz8efGx+s27x5c1itVng8Hn6+oihcGdMG8SqKgszMTG5FUxQFiqLA4/HAbDbDYrE0uhIFAuCHzznFf3UgOTkZRqMR06ZNQ5s2bVBYWIhly5bxc6LRKBwOB4LBIMLhMBRFgdfr5Xm2gNPyO2PGDLRu3RodO3bE2rVr0blz5xhrlXZnYEPlKy4uxpYtW7Bs2TKMHj0abrebXysQCASCpqNRQe6nTp3CF1
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "4d735b97-6406-4b0a-9495-e12f5370b526" ,
"value" : "Figure 10a"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A B O C A Y A A A D 8 d m h z A A A B R G l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J x j Y G A S S S w o y G F h Y G D I z S s p C n J 3 U o i I j F J g f 8 b A x M D I w A k k 5 R K T i w s c A w J 8 g E o Y Y D Q q + H Y N q B Y I L u u C z K r k i u O 4 c U b g 0 e Y D E / o F a n u P Y q p H A V w p q c X J Q P o P E K c m F x S V M D A w p g D Z y u U l B S B 2 B 5 A t U g R 0 F J A 9 B 8 R O h 7 A 3 g N h J E P Y R s J q Q I G c g + w a Q L Z C c k Q g 0 g / E F k K 2 T h C S e j s S G 2 g s C 3 K 6 + R m 4 B j k 5 G 5 k 4 E X E s G K E m t K A H R z v k F l U W Z 6 R k l C o 7 A U E p V 8 M x L 1 t N R M D I w M m J g A I U 5 R P U H C X B Y M o p X I 8 S m q D A w e H E x M D D 1 I M R s n z A w r J A C e l s D I a Z y j o G B 9 z Y D w 57 K g s S i R L g D G L + x F K c Z G 0 H Y / M C o Z o / 4 //9THwMD53EGht/v/v//Hfr//99VDAzMOxgYDnACADfJXTVpGz87AABDzklEQVR4nO2dd3zUxdb/P9trNptOgCQQSGiKNAlFmoQmXVqw0OyoYL2KXhv4EwXBqIiCeBUUgxWQCxhC9KEoMURBaqSHBBKSTbLZzfZyfn/wzPjdJQHU3Hv1ufN+vfJSkt39zpw5c+bMOWdmZU8++SRBIBAIBAKBQPC7ICIEg0HI5XLIZDIAgMzn8wkHSyAQCAQCgeB34nK5UFdXh5iYGKhUKgCAUqlU/oebJRAIBAKBQPDXRaVSQalU8v8CgPw/3CaBQCAQCASC/3MIB0sgEAgEAoGgiREOlkAgEAgEAkETIxwsgUAgEAgEgiZGOFgCgUAgEAgETYxwsAQCgUAgEAiaGOFgCQQCgUAgEDQxwsESCAQCgUAgaGKEgyUQCAQCgUDQxAgHSyAQCAQCgaCJEQ6WQCAQCAQCQRMjHCyBQCAQCASCJkY4WAKBQCAQCARNjHCwBAKBQCAQCJoY4WAJBAKBQCAQNDHCwRIIBAKBQCBoYoSDJRAIBAKBQNDECAdLIBAIBAKBoIkRDpZAIBAIBAJBEyMcLIFAIBAIBIImRjhYAoFAIBAIBE2McLAEAoFAIBAImhjhYAkEAoFAIBA0McLBEggEAoFAIGhihIMlEAgEAoFA0MQIB0sgEAgEAoGgiREOlkAgEAgEAkETIxwsgUAgEAgEgiZGOFgCgUAgEAgETYxwsAQCgUAgEAj+ADKZDEQEmUzGf6f0er3/wSYJBAKBQCAQ/LXx+/1QKpXw+XwIBAIAAFltbS39h9slEAgEAoFA8JeFRa6IfnWplNJwlkAgEAgEAoHg9yH1qUQNlkAgEAgEAkETIxwsgUAgEAgEgibmL+NgBQIBXjj2n8Lv94cUsAl+5UrjEwwG4ff7/40tCsXv9yMYDP7Hnv9bICL4/f6QXP5fnaaQ/2+RC3ut9Of/On8lHWc0tV2/nI4wG3S5vzV1m/6d69a/Quf/aPuvZs6G6+3V6PHV2oL/tN8gs1qtf3orTkSIjIxEMBiE3W7Hb6kbCz82+UfaYDabAVycjPX19f+nFsDfQkMyNRqNkMlksNlsl/yNiKDT6aDRaGCz2a56gWyq+kC5XI6IiAh4PB44nU7I5X/efQURQalUwmg0wul0wuv1Npkc/hMQERQKBSIiIuB2u+F2u39Xf4gIarUaer0e9fX18Pv9jX5OMBiERqOBXq8PeX9dXd2/TJZNqa+/53OZjv8RGf+r2nY5TCbT77LrjbVHqiPShZWIoNVqodVqYbfbQxZwIoJer4dKpYLNZoPJZEIgEEB9ff0fahMRwWAwQKFQ/MvXC2nfpdTV1YW85rf2x2AwQCaTob6+/ne1SaVSwWAwwOFwwOfzXfJ8mUwGk8nE9VYul8NkMsHr9cLlcjX6uRqNBjqd7oq2ICIiAkTUJPr1e/jzrjT/SzAYhMFgwJNPPonFixdDo9FctaLKZDKo1eo/vKAyRXn44Ycxbtw4PP/883A4HPzei/8mZDIZNBoNl6lMJoNcLsdrr72G+fPnQ6/XhxivQCCAiIgIbNiwAbNmzUJ9fT2USuVl5aZQKKBWq/9wW4PBIJRKJerq6nDfffdh06ZNiIyM/NOOWTAYhFqtRklJCW6//Xbs37+fG4i/Iszo19bW4o477sD27dthNBp/844yGAxCr9dj//79mDp1Ks6ePYuIiIgGd7l+vx9msxn79u1DVlYWsrKyMHbsWDz22GPQ6XT/sjmrVquhUCj+7Z8bDAYhl8tRXV2Ne++9F9u3b79kkf1XoFQq/9AcZXbjb3/7G1577TVERET8oUgDmzv79+/HPffcg9OnT0Mul/OxViqV+Oabb/DAAw+gqqqK/40t1uvWrcPf/vY3AMDjjz+O119/HVqt9ndHBJnuv/vuu3jhhRfg9XpD2tOUBINBmEwmHDp0CLfeeiumTJmCcePGYe7cuVAqlZDL5dxuXy3MGXn99dexaNGiBk/IXQ7mXB49ehTTp0/HsWPHoNPpuDyJCHK5HDabDbNnz0Zubi60Wi3q6+sxd+5cfPLJJ1AqlQ321Wg0orCwENOnT0dZWRm0Wu0l7WLr04IFC7BkyZLfZXeagj+9g8V2wKWlpaioqLhqZ0kul8PlcmH37t2orKy84qJ+pc8yGAz4+OOPsXHjRmzYsAHARUfgr7r4/R5kMhncbjd27twZYqTkcjny8/OxZcsWqNXqS3aHCoUCtbW1OHPmDILBYKM7CRa9KSkpQUFBwWVfe7Xtlclk8Pl8OH/+PAoLC/Hjjz/+qcdMLpfD4/Hg7Nmz2LNnDw4fPvyXjmApFAo4nU58+OGHKC4uhlKp/M2LFtMhp9OJU6dOYffu3Th16lSDclGr1fjll1+wY8cOnDx5EsePH8epU6dw9OhR5OXloaqqCiqVqkl1IBgMoqioqNE2/R6Y3hYWFuLs2bOX/VyZTAa/34+ysjIUFBRg3759/zLbxOboL7/8gqKioj/8eWVlZaioqGiS9iqVSpw9exbvvfcebDZbiAOo0+lw7NgxfPjhh/B6vSF6qNPpUFRUhJycHPj9fpw7d+43rTXhsH4oFArs2rULmzdv/sO27EqcOHEC3333HU6cOIETJ07g1KlTOHLkCLZt2waLxYKqqirs2LHjqtohjXTl5+dj27Ztv1kWwWAQKpUK5eXlWLNmDS5cuNDgvHO73cjJycHRo0f5mJw9exY1NTUNtpNtmk+fPo01a9bAarVe1qZs3rwZ+fn5v8vuNAX8olGFQnHJTonlORUKRYiAA4EAF6D0tT6fj3vM0hypXC4P8UbD86cymQxKpRIymYznwlUqFYLBIA8fv/322wDAw98sv8wu9pI+JxgMQqvV4uDBgxg1ahTeeOMNzJo1Czabje9irxbmVNjtdjRv3hwAEBcXh4qKCqjV6pB+hbdJLpdzmbI2SpHKhcnjcjIFwI2D9HnSsWP5a5lMFvJZ0rFjnrz0cxtqv1SmUkd3xIgRWLVqFaZOnQqbzQaDwQC1Wt3gDolFkKZOnYqpU6dyWbBIAus3GxOj0Yh//OMf+Oijj1BQUICoqCiuDw0RnmOXyjQQCMDpdMJkMmHjxo248847MWXKFBQVFUGhUIS8T9p3qfzZ5XFSnZHKOPxvTG7h8peOJWubVOcDgQCICA6HA61atcKOHTvQt29fbNmyBVu2bIHL5brkOVL9AsA/p7E2XW4ehv+toXmoUqkuqY9ozG6wZyoUCvj9fuh0upDXsfbL5XL4fL5LPkv6HLVaDbvdjh49emDHjh3o0qULCgsLsWzZMng8npBnWywWvPDCC3A4HHxBMRqNKCoqwk033YQVK1YgNTUVNTU1UCqVV+yP1NaFjzvrX11dHe655x7ceOONeOmll+D1evliIq2DCZcxI7wNcrkcKpUKVVVVmDZtGmbMmIHHHnsMPp+P22Lp2AWDQcTGxuKf//wnJkyYgA0bNuDgwYOora29ROas7Y3pRGNtYrbC5/PBYDDg5ZdfxoEDB7Br1y4eIWnIBoXrolRHiAjvvPMOgIupLNYOaT1UQ/rVGCzb0apVK9TV1aGurg5arRYAUFlZiUAggKSkJFRVVSEuLg4qlQqBQIAv/qmpqXC5XHj33Xfh8/
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "b1b224e3-f2b0-4595-8620-a0d35f3c5705" ,
"value" : "Figure 10b"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "port" ,
"uuid" : "7433ed9f-1618-485e-a410-1a7abcd4c814" ,
"value" : "80"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "url" ,
"uuid" : "b3319198-efde-4eee-b823-a959ef45581d" ,
"value" : "185.118.164.21/index?param=<computer_name>/<username>"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A P 4 A A A A W C A Y A A A D g g S G + A A A f c E l E Q V R 4 n O 2 c d 5 x V R b L H v 33 O z X M n B 4 Y J D M O Q H E A R E A Q R U F A J K q h I M C I G R E E W R V E Q B B S Q o A Q l r r q i i A E V E 0 F A l C S i g g w 5 D j A M a Z g c b z q n 3 h 93 y K y g 69 u 36 / P 3 + c y H e / p W V 9 W p 6 u q u r u 4 L W k S S N H 1 y j u T n n h A J F M m U Y e P k l 60 z p X P H y f L G 39 + R X R m T p X 37 y T J 29 D j 5 / l i J S K B Q X h k y T j I 2 T 5 Y b b 35 b P C I i U i Y 5 h 49 I z o 6 P p E W r V 2 T D 6 l F y Y 4 / J U m K K Z L 7 d R y a / P l W u b z N e T s i f D X v k 6 X Y v y o G T j 4 d W y 7 N 3 t 5 R Q W 5 o 8 u y p f j v / 0 n g w a N V v 27 j 8 o n 0 17 R m Z + + 6 k 8 b u 8 u S z 2 Z M r L j U F l h L p U n 6 g 2 W A 0 V L p U v S c z J n 6 W R 5 b + W P 8 n L L S J m x N y C y c q j Y e 30 m O + c N k l s H v S + G i K y d 2 F f e / 3 m h P G b t L t 949 s r z 7 Z 6 W F Y Y p I g U y 828 T Z E P 5 m f o t l g F N J 0 p u 5 d O W V X P l w 6 W 7 R E T k + + m 9 J N 4 d L c n J y V K / 1 X O y 4 b i I G C V y N P u o n N g 8 U x q 3 m C y r F s + S M W + v l N y M a f L o P b N k 9 q N 3 y v C V B y V v 33 d y Z / t n Z E t A Z P k b L 8 r 8 X w r k m 8 H t Z e b q / d K n x 2 j J F B G j P F + y D h 2 T v c u H y S M D p s k D j T r I G 4 d E v h 33 i D z 17 n Y J 7 H h V + g z 5 V N 7 u 1 V l G r D 4 k + f u W S + d 2 Q 2 R L 2 S 8 y q G c n O e A R 2 f H V o 9 L p y d e k Z 5 e X Z N 8 Z b + U t / k S G d n h K 7 r i 8 k w z 5 / r D I g U V S s / c M 8e2 Y J E + M / F z e 7 N l R R q 49 L A V 7 v 5 a O b Y b K l t K f 5 a l b b 5 O s A h H P 1 k U y q m t v a d d x v B w S k d W T x s i E h R v l 6 A 9 T 5 I n H P p E y E a k o X S I T X / g y O L a N g O x b P E k a N 6 g h K S m d Z G m + i O S / J 61 a T 5 G 3 Z k + V V f s / l I e v n y o z p 4 + X 5 Q e 9 s n F 8 S x n 9 X d A J P 0 9 o J a N X n n S I V 774 + 0 v y y d E K 2 T S h t Y x b 7 T n 1 P g V r Z 8 p T C z J F P H k y 9 p m b p F + 3 d E l M q S m v z 98 j I k u l d + d R k r l 7 r t w 4 b u V 5 I z C w c 4 F c V S d G e s z c I t 6 f Z 0 u 7 l 4 M 0 n v X T p O 3 L 66 T 0 0 F s y + q 0 1 k v 3 O z d L h H 6 c j U O N c G D 581 b p z X 9 i n f J V d Q T W X C x M Q B R Y 9 S K L U 6 W 4 W D F a P f I o R I 6 b w 0 q t z 2 F / h B 0 c o b W 9 q Q 4 g C q t c E 0 z x P z J 8 D N X l x f A 6 T X z 0 U f E x q y d i 5 q y n 2 v s 2 S 20 a z K m s D 65 c t Y c K 4 s S z f Z S M 65 A r 6 z E v n s y G j O V Y r n T T V g o 79 K 3 h 5 + K e k 9 e p I Y s D A e n g F H 5 i T e C R N h + b X c 822 P e y O T O D O 9 s 3 Q A J K q 4 S m p T Z 95 d f l 4 y F j y 6 j W i p q a A C P o M d D B h 6 K Z / q m 39 K x u S s f Y X y g F f R R U G z f + J r K w s P h 0 Q w 5 K 1 i 1 k y 6 D F G j p r E S 1 P m c 0 w p 6 r Z q h e P w X I a 9 e Y C r O 6 S y f n 0 B W z 8 f x 9 A J 86 l e L 5 L C A l A a + M t K u f 7 l 6 X j n D m N / q Y 6 w j 7 f 7 D 2 D 0 6 J e Z O G c l F V Z F I L 0 t N y W B J z K F a + p X Q Q Q s Z V k s / 6 m U L Z + 9 z J A J C 6 j T u A q 565 d Q n P o 8 K X a o X b c B t W y h p B z b w m Y A B A D b r p / Z U S 0 e v X 47 n m q e A M k 1 u T a 3 j N 2 a w l Z 6 g K 9 / K m f z g r E 8 N / E L G l x d h Z w f l u G 96 j m S I 8 B e r w P D 5 o 8 k V v M D c G W X V v g 2 z G D U v G M 0 7 t Q E O + B w t C U l a S t 7 j n h A 0 6 n R / m / 8 v H k f G 7 + + j j l D v g B d Q 3 Q b L S 9 P Y e 3 U 18 j v 3 J F 4 v x 9 T T M L C I j l R W g Z A S e E h Q k O c A P i L 9 / P h u 2 + z b M I Y X l 24 j x W L P 6 X I K 2 C U M / + H L G 69 O g p M R W l o H R 56 Z x v Z B 1 Z y Z M N k P u j d l 0 88 R b w 97 j 12 f j G F D z a X V 3 o z a A u 9 T h d + 3 H m C 29 d 15 J 2 d I R w t C c o u L y s k O k 7 n 48 f 7 s m j l U i Z 8 u J 0 9 X 0 5 i S 0 6 w 3 / m B r 4 R A R Q i N u 16 O P T 8 e R 5 g F s V q I K / D z 85 E Q 0 K 0 U F 55 A m Q a G H o J O D h + M L K X t z J e Z M n w g A Z s F J Y L f 7 w + q Z p o o M f G J k z A A k d 8 a X f / R s F / 5 K t e W j + L 7 L 6 a R 8 v w 7 w c b C Y + y M c l O j d j r 1 L r + O m T N m 8 E z X V C z a X j 4 Y v J N 7 X 3 m D t q V L + D j z B 9 Z / G s W Y y R M J + e R J v j 7 m w E x q z S 0 V / X n 3 B L B t N S t S U q h h B P A E j E p 7 C n b X H j 4 Y v I c H X n m D V n k f 81 F m 5 c R a r R 8 D n A O Y v f + f K O u u x 4 P J K 3 j x R w i x n G 4 u y y / B H n q I 9 y Y p 7 p o 1 j s m P 302 B C A d + X o O 11 k C m j e 3 O z i / m U S 0 t j 1 r X T G D G j P G 4 j X B S Y i r n d G U C q T S 92 s K q H z M R c w t r f m r C l B m T G N W u E c f 9 A Z Q R I A A o M Q k Y Q X 2 N k G q 0 r J d N n V a v M m P G G K y l T l J b X I 9971 g K g S P L P y P D l s b Y V 2 r S M 3E0 p S g 4 / j 23 t V t B r x F d c W / c x f J S o O A Q y 0 O s 1 B L B 565 O q 3 o H u a z N Z G b M G I V Z 4 C C t R S t k 3 X i K A L J X M f r 2 o W Q H 3 I Q B O 5 a v I b r l S K Y O 78 i W j 2 e T Z w K 6 h e v S 45 m / r Z h d M 27 h o a 93 A V C U n U V + u D t o N F H U a l a d V b M j u f + J N D x e A z N g E H t 5 I 4 z d 2 Q B s X R N G r Z p B c m t I M m N m L 6 B / n w f o 0 K g K 9 R s 2 x W 1 T V J T s J T v b R n p 0 O D i d N P T E c n C j H 6 S I 0 t x y r n h 2 G d + / 2 p v O N z Q l o X E H r k 9 z V H p N s W 7 q 7 T y 1 K j g R H M n O J z Y 9 n Y g f d y F A T p a P u i k x d J m 8 g d l D 7 u f 2 q x O J b 9 y J 2 t E K O D f w l c L h c m H B S 8 o d r / H B 1 F t B 2 Q g N j e X u / n V 5 t b 2 b K v F 3 s j 0 n E u o 0 p V V W b + 5 + N Z s X P q / H a F 2 j z g 2 P 4 r V Z s V i c u B z B k a V b H G g p 6 Q x I G U N q / X H k K H V J A f X f A w s N u 9 x M X t i 1 z J f 5 K K W h G k 9 n 4 d I R N K p / N z f G L c L t t H P T f J N m j W + k / 8 h U e i v F U 2 Z z n q z R l h Y N N l J T u V k 94 B P 6 J v r x + q s x a v F 0 P m 6 p U L c d I n v + n X i 8 O g 6 r h g I s d j s E m t B v R B L 3 K s U Q V y e e q n H a j V e P f o k T E x f g B c B K S L i T M y 1e48 G B + I Z M o z D J y 8 R b 6 u B 0 O u n 6 n o U 7 r n u E M W 9 F 86 B S N H l 4 C q 4 I J + l N b u L Q m E 64 Y l o T O v A f D P / g C 7 z T o 1 E R l 3 O i f Q e S E X S H C 7 s l K L 9 Z u w d p 3 D w C q 9 a F L l d / S R W l 6 P H e b m K j 3 b h D n W i A 1 e H E r m t g c W C z R t J n 3 n K K J 4 W i o q 6 i / P Y O p N i v o n u b W F K U o t c u B 61 c Y L Z 4 i V 3 v H O E K p V D X v 0 z X z B + 4 J d 4 g I q a E 2 b f a U b W H M / P l R 5 G A i d f r 5 v G P v y N v n A M V 3 R J 1962 k O J v z y H 1 p p E c p w h q + Q p N 3 J j K q w U y S Y 54 l u v t t b O 7 T h N C a t 5 P 2 x E v E V Z o y u k U H H H M + x t n 3 N a J e 6 o B V V 1 z 9 e i R z x l w P p o W w M D s V X M 6 i 0 i + 4 x f S i H C 5 s e H F f O R j z 475 c q e y s b P c 27 c O P M 6 L G E 6 z W X V S r U 5 / 0 2 q n U S U 2 g W l I i u g I 5 f I R 2 X e 8 j x g r g o O u g t n x 1 f x K u 6 H Z c 1 X M 8 l 9 V O J T 0 9 n X p 1 a p C Y V p e 4 E I O F w 8 b y w a 5 c m j 88 i r K n a 6 J U Q 8 r 7 H a P z l Q 2 Z 1 X 4 T d t W U B 6 b u 44 n G i Y S n 1 i O 9 d g 3 S a y S Q U L 0 2 d j 2 b 4 X U G o b S I J G n S e z R L h n Q k M j r m v G E t w B 8 a q i L w p w v + C + N 82 / 3 h 1 v w V 4 W f Y + Q y x / 9 z 8 F 9 f t 36 j 9 O Y L P V / o 8 X Q o z G P n C Y A r q v M K k x + r 9 y 3 r + m p 0 E F e T / K 2 P Z 5 w W b P Z g R a d o Z C l 9 k / F / M x r / W X U R Q S o H X A 3 b H m d + c 4 n p S H 8 t J Z u F O / Y L M / n B H / z 8 J e r i Q 7 f 6 N 736 m n d W F m 8 / p c H G W / 5 J C / w I u o P R 5 L e H x d O s 9 m p q X / + t B / 0 9 E n p K s L k 6 E z R 78 V z u Z j J 0 k v c j 4 v 5 j u v 9 Z d n f z y r K A / m + t J f S w A U S 4 N 57 B d + L T w i 4 j 9 C 3 / h P x k u Y M f / t R L / F T i 14 t t 1 h U 9 X E D B B F M q q g s U k v w k o s P 7 / W a k v C S d r l G e a R Q R 8 E m y z a B c q n f 7 v w Q D O T d p E I E D Q d 4 a A f o a y h g T / A D Q F l t / p X 6 M y j T w p 2 y 9 / 3 F g R C b 6 X R Y E p Q d 4 q O B a V A v k j Z Z 3 E u X Y C E H B Z h X I P K I s 65 X q o z N 595 i k 6 b F p Q b 4 t G q D I o 8 W k o / e I 0 p + x n C p i V c s w L 0 B g C A Q G t M k Y r a d z K o P R M P h f B O c U 9 j d
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "b2cd18a6-26c5-4b11-b089-3c6e6ef81e70" ,
"value" : "Figure 11"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A c c A A A A t C A Y A A A D b V K D i A A A / d E l E Q V R 4 n O 2 d d 3 g U 5 d b A f z P b s 5 v e g C S U h B I 6 S O + o g B R p I o g g i n p F k K q I i N I s d E Q Q E E V E A b s I C I i C C E i v 0 k R q E p K Q 3 s t m 68 z 7 / b E J B A x X 76 f 3 e r n u 73 l 4 O H l n 5 s y Z n T l v O W + T k p K S x c X L 8 X S 5 p y N e v H j 53 y Y r M 4 P Q s P C / 2 g w v / w W 4 X U 7 c b h d G k / m v N u W / E q 0 k S e y O K + G A y E Z G p b v 2 J M 3 l S 7 x u f 5 C 7 t T / T R n u R 2 Y 4 H u V d 7 l l a a S 8 x 2 P E g X 7 R l a a i 8 z x z 6 A n r q f u E t z h b m O B + m m P c V d m i v M c T x I d + 1 J m m r i m e N 4 k B 7 a E z T R J D D H 8 S A 9 t S d o r L n K b M c A 7 t c e p 6 E m k T m O A f T W H q O + J p m 5 j g f o o z 1 G P U 0 y c x w D 6 K c 9 Q q w m h b m O B + i v O 0 x t O Z V 5 j g d 4 Q H e Y W n I q c x 0 P 8 K D u E D F y O v M c D z B Q d 4 A a c i b z H P 0 Z V E 4 e r N t P V T m L + a V y l J z N A k c / H t b t I 0 L K Z a G z H 0 N 0 P 1 J F y m O B s x + P 6 H 6 k k p T H Q m c / h u n 2 E C Y V 8 I a z L 4 / q d h M q F f K G s y + P 6 X Y T J B W x y N m H 4 b p d B E l W F j n 78 I T u B / w l K 286e5 f K J b z p 7 M O T u p 1 Y J B t L n L 35 h + 57 z J K D J c 77 e U q 3 A 5 P k 5 C 3 n / Y z Q 78 C A i 7 c c v R h p 2 I 4 O N 8 u c v R i p 344 W h W W O n o w 0 f I c G l W W O n o w 2 f A v A c k c P R h u + R S C x w t m d 0 f p t K M i s c H R n r O E b X G h 513 k f Y / X f 4 E D L y u u y j p X O b o z T b 6 V E G F j l 6 s p 4 / R a s w s g q V 1 c m 6 L d Q J E y 87 + r C s / r N F A g z q 1338 K x + C / n C z I e u e 3 h W v 5 l c Y e F D 1 z 1 M 1 G 8 m W / i y 1 n U 3 E / V f k y n 8 W e f q f J M 8 S b + J V B H I x 65 O p X I Q H 7 s 68 o J h I 9 f U Y D 51 d W C S Y R P J a g i f u d o z 2 b C R q 2 o Y X 7 j a 8 Y J h I w l q G F + 62 j H Z s I E 4 t R L r X W 2 Z b N j A F b U S X 7 n a 8 K J h A 5 f V K m x w t W a y Y Q M X l Q g 2 u V s x x f A V 55 X I 6 / I 5 J Y o t 7 h Z M M X z F z 0 o 1 t r i b M 8 X w F W e V a n x T K p 9 S q v O t + 65 S O Z r v 3E150 f A V J 5 V o t r u b 8 q J h P T 8 p N d n h b s K L h v W c U G q y 0 92 Y y Y b 1 H F d q 84 O 7 E Z M N 6 z m m 1 G G 3 u y E v G N Z z V K n D H n c D X j C s 54 h S l 73 u + k w y r O e w U o 997 n r X 5 f 3 u u j x v W M 9 B p Q E H 3 b E 8 b 1 j P A a U h h 911 m H h d r s 1 E w 3 r 2 u R t z T K n F c 4 b 17 H M 34 Z g S w 3 O G r / j R 3 Y S T S g w T j O v 50 d 2 M E w V + F J m 1 I M R f n P V 4 + a t x K w q q q q L X 28 D 7 O f w K K e X a N f H g s i M c U p q T 5 D + Y q g X v M 7 L K B f L c F n w p w q I W c 9 U d i K 8 o x i K s J L o D 8 R W F W F Q r l + S q / O S I J F A q 5 p o I I U C y Y s F W T r Z z T Q Q T I B V j x k G K C C F A K q p Q D p S K 8 P m 9 s h p C k F y I E S e p 12 U X q W r w 75 K D 5 U I M 5 W Q 9 L t L U Y I L l A v S 4 / 6 k c I h e g Q y F N D S J E L k C L Q v o / k U P l f D S o F c o y K h k V y o I M N Y g w O Q 8 J Q Y Y a S J i c X y o H E S b n I s F 1 G S D z F j l c z k X c J E t k q o G E y 7 m o S G S p A Y T L e a V y I O F y D i o y W W o A l e R c l N v I b j R k q / 63 l S v L u b g q l H N w o i X n N 2 U d O a o f V e Q c 7 O j I / X / J 2 d j R k 6 v 6 E S F n U 4 K B P N X 3 h i x 8 i Z B u L 1 s x k H + T b C F C y s G K k X x h J l L K o f i 6 n E 0 R J g o q k o W J A i q S f S j A h 0 g p m 0 L h Q y E + R E n Z F P w O O V / 4 U H S T b C J K y i F f m C n C W J p u u S 7 n C Q v W U j l N B O J G i x D y X 5 f j e P n v Q S r 931 s w V o i U c u 2 a G L T 8 C A d E A 4 K k Q o o k C w O D r z G 8 f 0 d c L g W J G 7 + d J E k I J I Q A n U 7 H w v c + 4 X v R C l D + w k f w 4 s X L b y M x x b C e T a 5 W n F c j / 2 p j v H j 5 r 0 d 7 X R J a n j b u 4 O 2 i j l S v 5 I / d 4 c J m d w O g C k / B m J F T x J n z i V j M e u 5 t 2 w j V c + A m h Z I k E C X q j V o J E u h l k A G 36 i l H t R K 4 h C f d p d 4 I 8 Q h A r 0 H S / A u V G U U F N x 5 d 0 m + e / U + R h E A 4 h c c e I Y G h 1 G 4 v X v 4 H O K L U J k f 43 p w o B N h V j 1 z q e 5 T 5 M I B O A 1 q P a w l H q a / K M u h L n c 2 t e n x Z K v U X C U C A 7 Z / p l E E r 3 a J T 8 q S X + b C 71 K 9 N s i c z U A U 4 b t g k a W / R q Z V B V 6 r T q Z Z l W j f y B X t Z B d 5 j p y S B c C o 36 v W y D E Y J S R W I s t 9 D U / q c i g B n a Z 4 m y q V T m t / Z V E 96 q Q 13 P A 7 F 8 y y a / 4 F n + Q O U y / q 1 j N Z 8 T f c q V p o 3 r I 3 d 4 Q a p t J z A 860 t e H c L z R r V J D j Q H 1 W A q t 7 a Y h Q I m w 8 b Z t c h 47 V Y 8 u b U J W N a D I 9 G A C 6 V 4 F a R Z D 9 T i Y B 6 o W R M j 2 F 4 F T 3 T R t Y g e U Y d s u f E k j W 7 L g u j F c T v b Y g q K n 7 N I 8 g Z X 4 W a 5 g p e p K v U w X 4 n w s f I F + N q k j c 7 l q I F M c y M 0 v 3 + i 714 + a 9 G c P i W w l G S B L L G j 6 N v 1 C V n T l 0 W 1 F A Q q k D k G / l 8 T i x F 8 + q y p a 0 O V B A l G q a M j C Z v T i w n H w k h T O f J G F o 2 q c T V e X V J e j m G A Y E K I E D 4 c f i N u u T O r c u b M T d 0 f j L b o 3 N b e 4 P n N J v M x C d r k D s 7 l t O P h V P F U F o l d i g 0 61 C V h J c r 0 a h E B a F C W D A J C + t S M K 8 u 29 p q E E 6 B y D e w 9 n W P z u 2 d j R 6 d d p m x j 1 Y n Z 3 Y s Z 5 + s R H W j i k Y 2 s G F 6 P Y r m x p I 0 t S p d t Q r C q T D 0 o T r k z o 4 l d 149 s s c H E 25 T E T o z P 77 m 0 X l x k B 8 o 0 L R u K G d f j y V r d i z 58 + p y a Z A f O I W n Y M w 3 s G p m H Y r m 1 e W H r j 5 / z a v 9 k 5 A A b A p T n q 7 D e 818 y r W c / p 7 c K B w l O 3 f Z l v H T t S I S k q + h 12 l Q V V A B u 8 P F 7 k N n s e g V X E 47 k R G V U V W B o q q / 1 i g k q v h o 2 b U z m c C J 5 x h w U r B m d A 3 a h s j I B i 3 B f h p k v U x Y g A 5 f D Q T 56 Q n R F d F w 5 G W W Z a s 8 + 4 + q t H K X 6 l V L / 5 V v R o p b 0 o W n 8 Q j i 5 n R Z Y v L I u i T 3 M d 6 o H Z a / t o z r f 0 s M 61 q F g b o C A i d f I H p l G o k O q e J 7 l r + u n B 0 36 b x V f 9 n x i m z w 4 u X f j s R 4 / V Z q y 6 m l f w u E y 5 f z s y L 4 + c s k J v / i 5 v m n q t L A p m P t v O p 0 T 8 q k 64 c 5 d O 0 f x V M S 9 L o / g t k R N l p M T a S k a Q i v V 9 F h C A h m 31 A L o 2 f F 87 k w M O u + Y H Q O C + f m R h C / M Y n n T r m Y M K I a d 9 m 0 v D e r O n 1 T s 7 h 7 V T Y d + 0 b x j A x d u k W w M N p B y 6 l X y W 0 Y z K y q B g C 6 t q / C 9 t 4 W I v y 1 G I Q A p 4 W f J o a x 8 / M r B H 5 S Q I / + t R g b q W H J j O o M z s q i 4 z u Z t L 4 / i v E a a N + 5 M m / F u m j 98 l X S 6 g Y x K 9 q I K v R 8 t v k S v m O u c j T A w s p h o f g 5 d b S N 0 X L 28 D W C J p 4 j Z E k O G V o 9 b 4 y K o M 2 l V H x n J V L U O I L d L c A m a 2 l g K u G e K R c J m J 9 I Y p 0 I x J g g R I m W + V O q 8 W R h D m 2 X p N P w v g g m 6 f + 6 N / x H E e j 44 K V 6 z K 4 j 46 v 9e7 c a o X z h K L Q 8 o f u e O J 8 m 7 D 91 B b 1 W U x r t l E j N z G f z t j 34 m V R 2 / r A L S d Z 5 y o P b N P E E o N d J 6 C 0 6 D u 1 O Y Y v d w P z a 2 u v R m w q v M a j Y 7 D J y t o t U g w D 0 T O w V x t K + 4 S z s b M F s F 2 D S M e a e U B b 3 C W N O j 1 B G 1 t R h T S t m 4 U / F J B V o G d Y j l D f 6 h v N 2 W x 86 t A h n f A 0 J n + h g Z j c z g E u m X 9 t g l v Q J Z 3 H 3 Q O r q Q B t g Z m q P U G b 1 C u e N X v 50 D N C B y Y c n a 2 v J u m D l g 0 w n I K h a z Y / 5 f c N 58 / 5 Q H q 6 u B Y 2 e Z + 8 L 4 b X u o S z u G 8 S I D q G M b + q D P w L M P s z s G U Q H f w k M J m b 2 D e e t P u H M a G U E p 0 z f V k H M 7 B b C o v 6 h D A z 5 u 9 f N v P w n u S m s 6 h a Y m v l S W 1E4 k m 5 l 1 b k S k M 106 W y k v V 5 i 36 l C D u c 7 S L b r G d x O S 4 P q J q 6 d L O K K 3 s X 2 y 4 L e j X R U b e 6 H P s 3 G z z h Y 9 Z O d O u E m 6 n b 0 p Z 5 Q O Z x q 5 c M L J Y C Z b p 2 N t D N K 7 D 9 Z w P F C B 1 d t O g a 31 V I v 2 k T 66 S K u G N x s u 6 D S p 4 k e k A h T 3 C y / 6 L o R 1 f M R O F w Q H G C i X Y Q G c J K h 1 d P R V + b A y U J O W p 1 c L t Y y u K 2 G 2 B g z 2 W e K u G x w s e U X h V 6 N D A i 1 k C / O C T D Y O Z Q I R p 2 M R t Y Q F Q T 1 a g Y y a 2 A Y n S w C N O C 2 C f
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "44690fce-2465-4c06-bdb2-85eace599816" ,
"value" : "Figure 12"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A N o A A A E x C A Y A A A A a 6 b w u A A C B o E l E Q V R 4 n O y d d X Q U V x u H n 5 m 1 u K H B 3 d 2 h u E O x A q W U Q q E U K 3 V v + U r x U o M q p V C g S I E W h + L u r o E k h E A 8 I e 5 Z n 5 n v j w 2 Q 4 I E k J O k + 5 + x J d n b m y s z 9 z b X 3 v l e w y o q C n Q K N S o B l y 2 H U S N v 3 K l X g 6 D E o V R r s T 69 w I D 7 r B N h 5 N J I C v X q D l 5 f t e / P m 4 G 0 X W a H C L r R C g q c n v D T U 9 v 8 P P 4 F d Y 4 U L d W 4 G l p 6 e T n x 8 f G 4 G a S c T l Q r c 3 G x / V S o I C n 7 W K S q 6 O D o 44 O 1 d G j k X 32 Z C b v X R B A G + + u o r z p 0 + Q 736 V Q D h Y W d n + 5 a c b M x Z X I C j R o V Z k r F m u R s u K h A E 4 U 7 w W f + / H a 1 w + / 90 g 1 S o a g Y H B 9 s n O Y m H 3147 T 4 x G o 2 H 16 t X c v H k T K R c L h z p X C 5 o C c + b O p G 9 f f 2 J j 9 Y i i A s g I y I B k + 1 + Q Q Z B R B B l Z k X F y U B E S / H a O o / p o V y B j m 5 W n T j G H 28 d e v Q o p y T K C w Q J G C 4 L J C i Y J T F Y E q w w W C a w y S D K S S W L z x 1 V z L e t 2 i g 5 r 1 q 4 F c r d 5 n q t N R w A B h e v X E z G Z x g D p g I A F E Q l H T I g Y M 0 B M h O I m E D Q K t Z + b k 8 M Y b j J 0 8 T m G t m r K 8 v O R f N 3 t j l h 8 o 800 b S m S F i 5 h S b Z i S T F j t p i x m M x Y U i y 2 T 7 I F K U Y i V S U g y Q o q 0 V 412 M l O X p S I X B e a A q B I Y D 2 P X j 7 A S a 3 I Z d y w 0 h o h p R 7 K Y S h 1 A 9 o o U M U 1 A S n D 9 P i B m 8 M g a A h 686 f s 9 o u g a a W S 2 X 4 W 9 B Z 6 p T s Q E a F C t q j A q k H t I m D V q l F K K C i K g l Y H S g Z s P p 6 U q / m 2 U 3 R Q M n t T g p B 7 I 7 u 5 L j Q b M p h i s a q u E o u K a x T D Q l 0 w g x w F + q t Q X w Z 0 a Z D x m P 0 z x Y z s / w J i j f / x X d x c 0 l 1 e p F H z d 7 K f o 7 f Q R + t M Y g M V x Y v r U A H 7 j y m 0e05 A k 3 n K 6 q 0 y L 78 o c i 1 R n 4 v 5 t V O U M J v N R N 6 M Q a P V U K y Y V 66 I L Q + E J g A S G O O Q H H 2 J R o U / p T G R D G Y F O U J A 8 o N 0 S Q E x B d m S X W g 3 b 1 q w W m U Q F E A B Q c D L T Y / T j d Y o J c Y S 8 u u f p E j 1 K D / g H a K j k y l b 2 u P O x Q Y z s U k K i W Y Z j + I q G j a H e p 3 j i V Z K 8 E o 7 m P w z 7 D l 6 k + v h Z f n r L 4 U f x u Z + 7 u 0 U f o w m E / 7 + f r i 7 u Q H k i t j y p k Z T Z N B H I j t c 5 i Z q / E j F Q B J Y B e Q w 0 P h C m l U A 0 r F i y H Z p m T J n + f C j 0 i h Y k Q Q r 6 S n + j G z 2 K W 1 f + I i M 3 R e J V 9 d j m U M f 5 D n b + X 35 b p S g H + 9 c b J B I T L O S Y J L R o W L T B m g w I A H X t B I o C i z + C 0 5 e v s k b f c o y + r U 8 y b m d I o D J Z O L G 9 e u U L V c O d 0 9 P 3 N z c U K u f T i p 5 J D Q L 3 I w k 0 q g n 3 g W S S c I k x M L N K E g Q S E y B G E k h g g i M Z O + j i R o L o 98 v x S c / B u I o G F j y + g x c G 35 L z K + / 8 s M W b / a 6 D U Y t G + n Y v g p N G m f v o 2 G 0 k J R h B h c F 79 I 6 b k b D h U M 1 q O g C a c D w 4 d C s X z M a u s G E u Y V p Y N 9 O f i J Z r a S k p l D c V A K r x X K 7 z / Y 0 5 I n Q Z N l K R G g C V 6 M h w Q k U L C B E Q a Q v p A o Y g T A U L h G E / i 6 h o T K S m G z h 0 l U r m 159 A 9 e K w 4 l e s J R f 1 n v y m 3E0 D v E p W E 1 W q l V 2 Q 1 G Z s 19 r l t F b r F z 3 l / l j D 9 R p A u s q 7 O b Y 1 m P E k k I s q c S S w s F e T d H 2 e T U v s m 7 H z n 3 J E 6 E p i p V r I Q k E y J D o A D I W E C I h P l N o C o Q B O o I x c J d Y 1 A Z M F p G W p S 7 Q W P I l f M N l 5 q z x Z J n x F R x N K V h N E l a j F c k s g 3 i 30 K z U q + H A m n U y R / Z A 0 D U I q F O K i r 1 P o s O I F y Y q C i a O p V S x z / f a y V f y R G g S V q 4 E J 3 L N A I m a L D V a q h + k g h E I B y y E Y M U 127 W K a E Q Q t O z a + B 1 z T I N Z e 6 M t k Y Y S a E z p W E 0 S F q M F q 9 G K 1 S K j i H f V h m a J c q V 0 L P k J P E r A 9 R h w c W 5 I / N X V O C D j i o Q F m b e L O z J 7 R U J e Z N 2 O n f u S R 6 O O V i 6 F p B C Y D I k i K I o Z h A g w m G 1 C U y A U S C I O q J X 9 c p U R j W i i R o d l r E g 0 g 7 M J D 7 W E V S c h m a x Y t S J W B x U u T l o U y 11 C s 8 i Y L T K p e p m Y W I W 0 V J B S w N P b P d t p W o 2 I w R S b + 1 m 3 Y + c B 5 L 5 l i A B g Y f u p a q S Z y 5 G h T w N Z A r T Y p r M l M p C 5 i g L o u H s e X j G l c W D f V f p 1 k J A F B U U Q k Q U Z W Q R F A E V Q U E Q F m W t c W e S f 7 d o x H Y v z 1 q I Q V G B b W 6 I o I G O L V 7 n z V 1 G g S h k H m 12 k H T v 5 Q K 4 K T U F B l r X E x M x G k o R M 0 S m Z U s o y c i M o t 8 t 9 p h J u E x P 2 F m a L F e H 2 P J p 8118 l 8 x q Z D w b 3 y n b t h G 4 l o F u J 3 M y S n f 8 g u T H K e D e 5 K j Q 3 N z d q 1 K i J T q f L z W D t 2 M l X P G + t s M 1 F c l V o q a m p X L 16 l e r V q + d m s H b s 5 C u i S p X 7 Y e Z m Y A I C q a m p u R m k H T v 5 j p g H f X e 7 K w M 7 d v K B X F 34 a T d q s l N U U L L 8 V X j 6 s m 2 v 0 e z Y y Q f s Q r N j J x + w C 82 O n X z A L j Q 7 d v I B u 9 D s 2 M k H 7 E K z Y y c f s A v N j p 18 w C 40 O 3 b y A b v Q 7 N j J B + x C s 2 M n H 8 g j B 6 q g W C X S M i w o g o C T i w 6 N X d J 2 / s P k m d D S b o Q w e c 4 p 9 q y + y m e X p v N q l d w J N + r o F d Z e N t P r l S b U s P m 3 J P y s L 6 v 2 J q N S q 6 g 7 s A m 9 q m h B i m P x N 1 e J V h w Z + G k z a q s B M t j 4 k w 9 X D Q L N X 6 h P 15 r O g J U z m 305 F J h B 8 U r l G T q 4 P A 6 Y O L T i A m d i Z F A U y n Z p y M t N X C A p l K 9 + C 0 f B n d H / q 483 g C W J 3 + Z d J c 2 s 4 r k B 9 W h b w w l r h p 4 d 6 y 8 S E A u y p K J h 91 p 0 a + x u b z 78 h 8 m z Z + 9 W s y o / L R z M 6 w 20 D 7 H I f M A P 9 z 2 s 4 L P x C H + c N x D 0 y 2 b 2 R G U e l W + w c F I 0 T X p V o 20 n m X 9 G H S a Z D L 6 v s 5 j L 5 e s w q I O F T x o c 4 i Y K O 8 a u Z r m + H P 27 e L L 5 r a O c R C H u b B D H o y T a t q / E j c 27 + P N E O p D B l t 9 P 4 F a v K u 3 a V a R B W Q d Q I p n Y 6 C T F B t Z g U I V Y W o w + D 5 h Z N v o I i Q 3 L 0 L O p G z 98 d 4 x A k 4 w 5 P o l d 5 x N o 1 r o i 7 d u X p 7 q 3 w z 1 e t + w G 2 P 8 t 8 v g l K 2 X f Y 0 o y s / 5 / K 3 A W p u P o P I u l f r b i Z 0 p N Z 0 K z z x F U U 3 F 2 / Z f g + y 4 H E m j w Q j u m v N O Q S h 6 q O w V X 8 C B F E 4 z g X I z a Y T E E t q + C R 8 A F P i 7 d n j k j i l E 8 O Y X d 1 / e z / U g K 3 y e X Y e 7 n 5 a n q p c U n 8 B C / b Z Q p 0 a w G 777 R h F Y t y t C + k i M + A S m A g N Z Z R 5 U a J a h d p y S 1 S q n h a g T z u 9 Z h f O 2 S 1 B p R n 37 L T 7 I p w s L 2 M q 6806 Y 8 D b t U p m 9 K H O s u W 9 G q w L m Y K 7 V q F a d 23 W K U L a a 1 p d e Q y u u t Z t B / a Y b d 3 d 1 / j D x r O t 6 P q K 2 b W R D b k A x l B C R e Y / i r m 3 h + a z + W d p y L 1 + 9 f o b T I L H 4 K D 9 k 7 J 3 t d I A h u 9 B 1 U h S W f r O Y z B 0 / m f 1 O R j E s + 0 K g + / q u 28 / l Z b 1 Z O F N l + 9 i b 68 u 44 H z r F i w v C G D a k M o s C 44 D S t o C S Q 1 n m q 2 b M x N K A i d o N S 7 L g 8 w 18 f T a U e r N G 82 P / 8 r x y f i c T 5 h l p L E W z R 5 L p 6 e B I j + R 4 J v x 4 g j Z a K 1 s v J d A W E E S R s E M + T L g Q i 6 D V M e S D j g x t 4 Y 6 g 0 t J 5 c D P S a 2 n u z p S d I k 6 + C i 3 y c g y e X b s B I L l X p 0 W j 81 i J x v d C W c a 3 y K K s H L z u l d A L / L J Y 4 o 9 j I 3 A J O 8 p L / T e z 6 C d v W L 2 V p U 0 H s m V u e V b 23 E j N H q W I X r + T U c 6 d + W P p i 9 y c / Q f 7 y 2 f 6 h g g 8 Q 52 W 15 h 6 + U U 6 e q s A J 179 b j C v A g Q f p l m 7 / V w f O o i / 9 v f l y B U T Z S s 4 s / n d F D y K i / T 9 q R f 1 L y a h 0 k n E b I m j f H k B y S h T p U c z p n 7 c h m y S 0 j r w y k c 2 h 0 I P f Z f Y K X K I W R e 2 P e 0 n K 7 J V x o I Z o w S G d D D L U H 9 A Q / R / n O Z G G i S c 2 M v u 82 V w o S Q N O 0 X z z e + R m A x m 0 t K s d / n F y h K m R c o M U 8 G Q D h Y Z s F g w m g 0 k p o I U b 8 b s 6 I q u X U 3e1 z v R p k 95 h P O H G X m o O c N 6 u f O i W y m 6 D q p F 2 Y R w P v 3 b l d e H a i A 8 h C Y t z z M r Y g j 9 X R U y T D Z v W 8 Z 0 E w Y J N n 91 G M v g + l Q F L D p 3 m j Q r T s C C M x h / 7 k Y 7 Q B J 11 K p b C i 8 p i U t V v R j i p c Y M y J K M x X
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "09f9d1a7-d594-4171-82fd-58dbe3176f42" ,
"value" : "Figure 13"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A M M A A A B n C A Y A A A C 98 v Z S A A B a + U l E Q V R 4 n O 2 d Z X Q c x 7 a 2 n x o W W 7 J k t m V m k J m Z m W 2 Z K Y m Z K W a K 48 T M M W P M z M w c M z P K L K b R Y P f 3 Y 0 b S i B L b J 8 n 97 r l 615 q l V n X V 3 r u q i 7 p 611 t C l m W Z b 0 C M 2 Y K T W v U t S V O R i v 8 v o f i W R B / D 9 b T 57 Q i X n 3 / 6 u + 1 J R S r + x 5 C k M f z V M B F t s t B 6 + Q m C c h S h z e o z X H r + 8 R 8 x L K k d 3 z S A J S 87 T p T 8 H 0 t O L C t h W K K 436 T g 26 S k H O v L r Z A h Y W Z k + S / S y 38 t X U 65 f B J p T j b e l 6 R N N s 4 X Z D t J Y x B A 2 n m 3 E D N u I W b d R f T b g v h + O e K H F Y h 289 h 45 Q n P F W 5 k y p G N L O X L 89 O + 28 A 5 G g i B 0 i M N H h 4 e e L i 7 k b l I B X a 8 + P z X F q S A m F s 7 q F O 4 B G p n N S U K 12 H H r Z h v l p U k j + I N g z Q l W R E k A J D u z a G A a z a O f 7 J 8 g 6 z z t B M 1 u G w W S e S v C o X 9 / b s y 7 v A 7 W 3 j w a W q 4 O z P t 9 n s O D u w e F x 6 L k J e L S S t c m f 0 o 2 E H B O 3 q m F Z T u v 5 i 5 N U q x + F 28 n s + P d 9 K / S D a 8 X V x J 27 Q p m 298 i H / m H 24 w o G E D N K 4 u Z M + c n 1 k 7 H m H L n e D Z / L 7 k 1 X l R u G h R 0 r l 74 O a i R g g l 7 h 6 u + B b s w e F t o y k 2 f C / C l h l O 9 f d C 4 d W f V 0 I A g s f z m l F 18 F 6 M d l U x V 5 b i p R D 0 P y 2 I t S 745 R L y C o G r h w c e H h 64 O m s o 1 P B 7 b l t A i P f 86 O W O c E t D G v t 9 N 9 d M 9 F p 4 m M V 14 v M o x G V q C 0 H v b U + S L d v j o 5 v h o n a O k + G k F k y 7 L h B C 5 s b O h b Q o o U K r z Y V f w 1 n c k a x c m z e M i S f f p v g s k 50 m 6 R T Q s Y U f n V o U w c V d C 3 X q 2 H 5 u L n x f u S D N M q i 4 f P w s 3 L / J 8 q 7 V A T U Z 3 Z r x I D y M 8 P B w w i M i e b m 3 I / 2 a z i E Y U m 6 V K Y R L z z a Q v / V c v t 97 C r P e z K m 93 z O 3 d X 42 P J O + T p C c Q i + B Q O v m g k Y J 0 u t N + D X c z d T 7 b 6 i V X p U 0 v p z w O k F H C Y A S J 1 d n l M I x k U 2 + W o B K p 0 O j U g A f G N B l F N U 2 P W V U M R 9 M K g 1 a V a L i F 84 U I 5 o F m x / H h 11 b x B p V f g q q 0 t P E 35 m t R 0 P s N x 4 z p t J Q C h 18 Q 1 B 0 F K / m j 2 B V 337 c C D R A T D A D + v U g z Q 9 T M E V F 8 + r F Z m 6 M L 0 f X o 5 F A M C v G 7 G N 4 c A j 37 t z h c 0 Q 4 o W 82 M b j b C i L C o 3 j 9 Y C X 1 K p Q l Z s t p X g D w k A 0 n u j C w y w k u P b R p f h R w n X J V S 6 I F w M i R s x H M X d K Z A 5 P W x x e X 7 E y D 7 q u J C g 8 n P D y c K L 2 J / b 0 / 0 6 j W G k C F L E q w L T S M M P v 9 y K j 3 L O l X j 9 Z t t A 55 F K T D k + O L Z n M j S r I X e H z Z m k 0 Z m X g u M E 5 G j F l m V E m I O P M z H R d / Z v o p C 0 b j c y 70 P E b F k j + T u X w O j l x 9 n V y F A P 7 i n S G l O r y 4 f S U m l P D m y I D 6 Z E q j w T Y 0 m Y l w 6 F g 1 O S p T 7 s k 77 t v s 5 + D s z j S o O w D / d l N 4 b J R t w g W c W P A 9 b m 6 e F G 9 U h t Z 5 G r M 3 E s 7 / v g m / v s t o n d M D A I + c r V n W 149 N 684 C t x i R u x 39 m t U n c x o P i v Z c R K R s q 4 k m 42 M G t v N n Y N 16 d J 79 E I R A i J u M y e / P p B 618 H a v w a L j U f Z s y 1 j 1 J n r 3 m s m Q A 1 t p 4 W v L s B A m F v a t R 4 d a 7 a j X 9 w A m A d Z b a y n Q Z i F R A o S Q O d C n C N 22 h 8 T 1 g k K o c U u w l u C O T i H i J m E a 9 w w c H F y S D 5 W n M L p h Z s B K g r Y T W 96 y k l J N 2 + I x b x s P A J D Y + e s V + q 0 d Q 7 r w c H L W a 49 + 91 F s X U I w n 4 N C k I U Z A D f f i m z Z v 4 Q C n j r C g g 7 x N r o S A + u V t A n W + r F h Y T u 29 p 3 F z h X j W R n 1 n p F F i r L l v u 2 B h Y d H Y z T F E B n b 12 T 2 o 37 Y W r Y 8 A h 5 d Y V v p U g w r V Z p j l x 4 C 9 z i + P h e N a m U G w B w W x I m 3 D 6 j X d S J N A o e x M a 4 T l z E b 9 f E y g R w 1 O p H 7 + h 0 + o U S k U L 986 n V w y K O E z q 0 i Y 9 u 7 U X f C b p I t t M S Q o t m + / h 2 D F g 4 k t 6364 N J 4 B 492 f k f G A n 4 o T 14 j M o W k y T Y G t U r J 5 t 232 L z 7 D t E m K 5 w 6 D i e P I Y R k m z J 9 v 5 y e v x 3 D T a e O t 8 G q 59 P b E N 69 D e D t u z f c / P 0 X L v W u T x X g 2 c a + z J D 6 c v D I f D Z P z E L x d k t A w K v N / W l + u x r h k a F c X N i d s 6 / f E G O Q e P p S S 4 l i a R L Y l K Z Y C b Q v n 2 L B y t P n e w l v v J R 3 Y Y G M z b W D X r M v A L C y X X G K T 9 z M v C O H 6 S v 1 o u / G 14 C F + 48 P E 9 r r K E G 3 a r O l + V g + 4 o R K p 2 V X n 5 J s j y 5 L j S z e N i U C j n + f l l O 19 r P h + C b 211 p B 2 u 9 P o P R r R o c L a 1 n 7 D j B e Y t a W D L S o 52 W 3 T E l Y 5 G 6 K u L n j 7 h 77 y 8 D k o E A 0 g N L J m f u T S t N y o z P 1 q p V H F a s o O c g y l o x V G F R r N f O P A 4 Z z L I 5 q R d + S S g w m E 8 Z s H W k f 8 x s X o w E q s O X B e D a U 1 y C K F q X P z B k 8 j n D D S Q U x j x 6 h y F A E r d p B t l 9 l y n y 6 T u H v Z t L b u z K / P b x D 20 I p r Q b 60 n W I h p M X 33 H 35 G k 6 N 6 q B Z 7 X G Z L v z E D 5 f 4 Q 9 N d f K 62 m K G f d y P F F U V N 0 0 O R k 5 p y 6 F 957 H a s 2 i M C u H d 23 c E B L z l Y 9 B L D o 3 v x 8 f J 35 E e C a 3 b I / w 948 v M x S s r w z Y + g C y d H P I I s g S l f / i F M X s 68 v 3 + h F X W y T 2 U a d V 8 b D J 0 S k T 7 d a C w c P / N R 2 S t Q 3 a E C 5 l z Z g S 3 c v T R b u b 3 h L P T O K g 2 X A + l Q 0 n P B I F m i x X / 5 n 4 I A T u X v y C 6 b C 0 Q A v n U c a h e y x b p 6 F G H F A o M M Q 9 Z / v M E M i o s m K O f c v C h 4 M S V t k A 0 V y 58 R B 2 + k b G j 96 D m H R 67 H r J b 7 k 30 c Q u z B j V A A T h l b 0 5 P 902 Y l A p c n Q x E h i e y N D w S g 84 F B R a 83 G o z q E c 2 A O p 1 + I G z w + 9 i N Y e y Z V c m c h a Y y B O s R D 2 H l y 7 n k d r n J q 1 b N b q X V g C 1 y S u P J x A V C l 6 g L L i K D c 7 r a D f j K B e n 1 g c e s m F 7 F q y e U x l 7 z Y L G a M J z 1 Q o e L q 9 J 3580 l F 50 g / Y 1 D x A 4 Y A K N X W M N s 5 L G r R n 3 I n a R L 87 Y C C b 6 N M Y E K O R P P J Z 78 u h 4 Z r 4 f 3 I 8 a + 1 e Q Q 5 d C H U T G Z H C h 5 e A f G D f u d 96 M / k i W z k 3 J Z L i E h I Q F V 0 p U i + b q P T O V y q r R F R j K + Y B B h N x 7 w M E 9 M / i + b R d + O 7 i B f J 4 u i M g w r I 5 d b 2 Q Y 7 y Q v t B g w y V Y M U Y A 2 J T u g W J 32 P B + 7 m 6 O l f a n T 1 B m 1 N g / R b n t 5 t v 0 0 I Q O X k N 4e7 + H v M 9 j / s h L u Y 54 R E / a c m / f 2 E N 6 n E k J Y e X 1 t L 9 O n v k O j k A i 9 v Y V 92 a e j n 1 k Q C M A Q m Z 8 t o a d p l U x 7 t O U R K p U F h E y U V c m g W y e p V t i P v Z W 2 I h S 2 z i Q m w p P R Z 4 I Y V t Y 5 P r E 5 F H e d O z q H e a t 9 E g I o q d V Y 0 P Z o K L 27 J a z z A K q q u V y T B C a U I B w m y g 6 T 5 g S T a w l n 11 K M W L q A E g I g k j U 9 G 7 F s 52 f m t f Z A o 3 S n e L 22 d C / l i V G h p W d f Z 9 x l A / u 1 M t F R 1 n g x A m Q B F a t l 44 c j F 5 n V r G W c H R e P r C B b 9 Y E o e A 8 y W C R s n Y R C a X s 3 U L v i o / S l a a f v y C d H o H L q j Z e n N w q u I 8 s W j B Z A Z U Y S S h R I m I 1 Z a f F j N e p 5 + L D R t Q L z v g t n Y A 4 N r t Y 0 F G v 3 H U 2 c w j G p f 6 D P C G f c Z N B 2 G 0 8 x 98 l M / Z S b P k P z 4 Y i 4 K W L c g w 0 n R p I R g N n g T t P h T f A t 4 o Z / j p + Z c z C Y + S 3 c k y 9 z Q L Y Y 0 F U Y Q M f g Y g z b O Y k f R m b C Y J H t p Q y 5 y j f h 8 N 1 n o N p N o V X F u b + o H l 6 F i 9 C x 8 F K i H r T n 0 J 1 A K h R r T J g 0 B r M R s N e T V 1 t n 8 s l / G b 6 Y v m B F B h Q V + t L u U 0 e O K B v T y t U F t S Y z S v M 7 p m / 4 z I D 1 e e y x H r N j k T e / n p 2 C n z o K h b E R Q Q N n c j x M T x 1 J S b 4 a 3 Z m x t B d O A P S j e 5 p q z H v 2 A w N z 23 I T H Q 6 k T a o 7 V / k m H L 55 F 8 r a X 6 R l w L U c 67 c 2 o U u n U e T V 21 a t h J A x R I b H Z x J A 7 U b V i k Z 237 H S J Z u 9 + s Q c x b / U R k b d X U O x + h 2 I 7 n s E u Z t / k v F Z k S W N m s R Q q 5 R s 3 n W T T b v u E B 0 W g u 76 T X T X r o P O A 92167 Z r T c J G J E t W r H H 12 o 2 u g 7 q z Z s q v v M O J W s 1 z s O r g Z f Q Z f H B 7 s Y V 8 b Z Z i V O i o 3 S o T k + a v 417 Y J +
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "41f40467-acae-470e-a9c6-4f2a25f6ae52" ,
"value" : "Figure 14"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A h g A A A J Y C A Y A A A A g 3 J 98 A A A W p 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I y y 5 p y X k J S 8455 y Q 5 C y K w L D n n Z A B R U U E R k C S g A g Z E F B A E E Q y A A Q M Z C Q o o Q U Q E F U U E C X K j n v j 9 v + / d 3 b t 6 b 17 / p q a 6 q n u q q 6 u r A e D U o k R E h C A Y A Q g N i 4 m y N z U Q 2 O n q J o B 9 C y C A B A Q g A N g o 1 O g I f V t b S w D T n / a f 9 G 0 I l o Z p Q P q n r v / 8 / r 8 S s 49 v N B U A y B 3 G 3 j 7 R 1 F A Y t 8 L P B j U i K g Y A 5 G 2 Y L x Q f E / E T T 8 C Y J Q o e I I y //sT+vzCK5if2/o15fsk42hvCWA4AGjyFEuUPAF4L5gvEUf1hPXjYFoY5zCcwDDYfAWMdagDFBwCOWlhGKjQ0/Cceg7EYLA9/50TBWM37X3T6/0O/97Z+CsV/G/+e1y+iMQqMjgihJP4/f83/TaEhsX9skOEHHxBlZg+3wvD/GwkOt9jGYd7WNn9woM8v+V84INbM6Q+mRhu6/cE+FCOL7b4h1pZ/sF+gifm2nhhzxz/YN9rY4Q+OCrfftuUXZaj/B1Oi/tqNDXba5gf4mm/rTwpwdPmD4wKdrf/g6GAHi78yhtv8qFj77fH7hpka/LVrsj330Oh/mW+g+XbfmABHs+25U/6O3zdM/6/O6J3bY/PxNTL+K+O0LR8RY7BtKyLEdlveN8R0mx8d57DdNwZenH/72m7/wyDKDts/GFgCY2AER58hCARhwBeEAgr8ZgS/RYMIEAK/Jcb4JsT8nJhheERiVKB/QIyAPhx9vgLmYVQZKQEFOQUFAH7G8u/lsWT/K0Yhtp6/vEi4v4Y6AIgzf3kUSQCapeAQuvqXJ6wCAF0xAC3T1NiouN+8nyEB0AAHGAAL4AR8QAiIAWmgAFSAJtCDR78D2ABH4Ao8ABUEwOOPAvFgLzgA0kAGyAJ5oAicA+fBZXAN1IGb4DZoA4/AM9ALBsEomAAzYB4sgm9gHYIgLESAiBAnxA+JQJKQAqQG6UDGkCVkD7lCXpA/FAbFQnuhg1AGlAMVQWVQJXQdugW1QU+gPugFNAnNQV+gNQQSgUewIHgRZIQsQg2hj7BAOCJ2I/wRkYgkxCFEJqIQUY64imhEtCGeIQYRE4h5xDISIOmQbEgSUhqphjRE2iDdkH7IKOR+ZDoyH1mOrEY2IzuQA8gJ5ALyOwqDIqIEUNIoTZQZyglFRUWi9qOOo4pQl1GNqAeoAdQkahH1A01A86Al0Rpoc/ROtD86Hp2GzkdfQjegH6IH0TPobxgMhg0jilHFmGFcMUGYPZjjmDOYGkwrpg8zjVnGYrGcWEmsNtYGS8HGYNOwp7FXsfew/dgZ7CoNHQ0/jQKNCY0bTRhNKk0+zRWauzT9NLM067SMtCK0GrQ2tD60ibQnaS/QNtP20M7QruOYcKI4bZwjLgh3AFeIq8Y9xI3hlujo6ATp1Ons6ALpUugK6WrpHtNN0n3HM+Ml8IZ4d3wsPhNfgW/Fv8AvEQgEMkGP4EaIIWQSKgn3Ca8Iq/REehl6c3of+mT6YvpG+n76jwy0DCIM+gweDEkM+Qz1DD0MC4y0jGRGQ0YK437GYsZbjMOMy0xEJnkmG6ZQpuNMV5ieML1jxjKTmY2ZfZgPMZ9nvs88TUQShYiGRCrxIPEC8SFxhgXDIspizhLEksFyjaWbZZGVmVWJ1Zk1gbWY9Q7rBBuSjcxmzhbCdpKtjm2IbY2dl12f3Zf9GHs1ez/7Cgc3hx6HL0c6Rw3HIMcapwCnMWcwZzbnTc5xLhSXBJcdVzzXWa6HXAvcLNya3FTudO467pc8CB4JHnuePTzneTp5lnn5eE15I3hP897nXeBj49PjC+LL5bvLN8dP5NfhD+TP5b/H/16AVUBfIESgUOCBwCKJh2RGiiWVkbpJ64Kigk6CqYI1guNCOCE1IT+hXKF2oUVhfmEr4b3CVcIvRWhF1EQCRApEOkRWyKJkF/IR8k3yO1EOUXPRJNEq0TExgpiuWKRYudhzcYy4mniw+BnxXgmEhLJEgESxRI8kQlJFMlDyjGSfFFpKXSpMqlxqWBovrS8dJ10lPSnDJmMpkypzU+ajrLCsm2y2bIfsDzlluRC5C3Kj8szyO+RT5ZvlvyhIKFAVihWeKxIUTRSTFZsUPytJKvkqnVUaUSYqWykfUW5X3lRRVYlSqVaZUxVW9VItUR1WY1GzVTuu9lgdrW6gnqx+W/27hopGjEadxidNac1gzSua77REtXy1LmhNawtqU7TLtCd0BHS8dEp1JnRJuhTdct0pPSE9H71LerP64vpB+lf1PxrIGUQZNBisGGoY7jNsNUIamRqlG3UbMxs7GRcZvzIRNPE3qTJZNFU23WPaaoY2szDLNhs25zWnmleaL+5Q3bFvxwMLvIWDRZHFlKWEZZRlsxXCaofVKasxaxHrMOubNsDG3OaUzbitqG2kbYsdxs7Wrtjurb28/V77Dgeig6fDFYdvjgaOJx1HncScYp3anRmc3Z0rnVdcjFxyXCZ2yu7ct/OZK5droGuTG9bN2e2S2/Iu4115u2bcld3T3Id2i+5O2P3Eg8sjxOOOJ4MnxbPeC+3l4nXFa4NiQymnLHube5d4L1INqQXUeR89n1yfOV9t3xzfWT9tvxy/d/7a/qf85wJ0A/IDFgINA4sCPweZBZ0LWgm2Ca4I3gpxCakJpQn1Cr0VxhwWHPYgnC88IbwvQjIiLWIiUiMyL3IxyiLqUjQUvTu6KYYFPjR1xorFHo6djNOJK45bjXeOr09gSghL6EyUSDyWOJtkknRxD2oPdU/7XtLeA3sn9+nvK9sP7ffe354slHwoeSbFNOXyAdyB4ANdqXKpOalfD7ocbD7Eeyjl0PRh08NVafRpUWnDRzSPnDuKOhp4tPuY4rHTx36k+6Q/zZDLyM/YOE49/vSE/InCE1uZfpndJ1VOns3CZIVlDWXrZl/OYcpJypk+ZXWqMVcgNz33a55n3pN8pfxzBbiC2IKJQsvCptPCp7NObxQFFA0WGxTXlPCUHCtZOeNzpv+s3tnqc7znMs6tlQaWjpSZljWWk8vzz2POx51/e8H5QsdFtYuVl7guZVzarAirmLhsf/lBpWpl5RWeKyerEFWxVXNX3a/2XjO61lQtXV1Ww1aTUQtqY2vfX/e6PlRnUdder1ZffUPkRkkDsSG9EWpMbFy8GXBzosm1qe/WjlvtzZrNDS0yLRW3SbeL77DeOXkXd/fQ3a17SfeWWyNaF9r826bbPdtH7++8//yB3YPuhxYPHz8yeXS/Q7/j3mPtx7efaDy59VTt6c1nKs8aO5U7G7qUuxq6Vbobe1R7mnrVe5v7tPru9uv2tw0YDTx6bv782aD1YN+Q09DIsPvwxIjPyLsXIS8+v4x7uT6aMoYeSx9nHM9/xfOq/LX465oJlYk7k0aTnVMOU6PT1On5N9FvNmYOvSW8zZ/ln618p/Du9pzJXO/7Xe9n5iPm1xfSPjB9KPko9vHGJ71PnYs7F2c+R33e+nJ8iXOp4qvS1/Zl2+VX30K/ra+kr3KuXv6u9r1jzWVtdj1+A7tRuCm+2fzD4sfYVujWVgQlivLrKICEH4SfHwBfKgAguAJA7AUAt+v3Wfu/CQkfPhBw6wzJQPOIM0gPlDgai/6MmcMO07ymncSt4NEEMr0FQwxjKdMwkY5FhzWJrYZ9llOCi8JdwNPDh+ZXFvAlZQrWCfULfyQjROnFGMTp4J3vu+QHqUnpAZn7sg1yF+SzFPYpBik5K+upSKgSVTfUZtQ7NW5olmgd1A7SsdfV0ZPS5zdgM2Q0ojVGGW+arJgumr0zn9gxYtFt+dDqtnW9zTXbK3aV9lccrjnWOF13rnep33nD9YZb/a469+u7azxqPOu8miht3p3UFz5vfb/6bQXQBbIFCQZLhiiH6oaZhztF+EbGR52IvhRzL3Yk7nMCbaJAkuoe673UfQn705MLUkoPlKWeO1h46OThtLQ9RyKP+h1zS7fO0D+ufEIsk+ckcxZdNm0O3SnGXI48Ur5kgVKh9mnjIqtip5JdZ6hng8/FlKaUZZWXnW+48P
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "4c08be95-9eb9-457f-82f1-63015549124a" ,
"value" : "Figure 15"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A I O C A Y A A A B k s X M 2 A A A W p 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I y y 5 p y X k J S 8455 y Q 5 C y K w L D n n Z A B R U U E R k C S g A g Z E F B A E E Q y A A Q M Z C Q o o Q U Q E F U U E C X K j n v j 9 v + / d 3 b t 6 b 17 / p q a 6 q n u q q 6 u r A e D U o k R E h C A Y A Q g N i 4 m y N z U Q 2 O n q J o B 9 C y C A B A Q g A N g o 1 O g I f V t b S w D T n / a f 9 G 0 I l o Z p Q P q n r v / 8 / r 8 S s 49 v N B U A y B 3 G 3 j 7 R 1 F A Y t 8 L P B j U i K g Y A 5 G 2 Y L x Q f E / E T T 8 C Y J Q o e I I y //sT+vzCK5if2/o15fsk42hvCWA4AGjyFEuUPAF4L5gvEUf1hPXjYFoY5zCcwDDYfAWMdagDFBwCOWlhGKjQ0/Cceg7EYLA9/50TBWM37X3T6/0O/97Z+CsV/G/+e1y+iMQqMjgihJP4/f83/TaEhsX9skOEHHxBlZg+3wvD/GwkOt9jGYd7WNn9woM8v+V84INbM6Q+mRhu6/cE+FCOL7b4h1pZ/sF+gifm2nhhzxz/YN9rY4Q+OCrfftuUXZaj/B1Oi/tqNDXba5gf4mm/rTwpwdPmD4wKdrf/g6GAHi78yhtv8qFj77fH7hpka/LVrsj330Oh/mW+g+XbfmABHs+25U/6O3zdM/6/O6J3bY/PxNTL+K+O0LR8RY7BtKyLEdlveN8R0mx8d57DdNwZenH/72m7/wyDKDts/GFgCY2AER58hCARhwBeEAgr8ZgS/RYMIEAK/Jcb4JsT8nJhheERiVKB/QIyAPhx9vgLmYVQZKQEFOQUFAH7G8u/lsWT/K0Yhtp6/vEi4v4Y6AIgzf3kUSQCapeAQuvqXJ6wCAF0xAC3T1NiouN+8nyEB0AAHGAAL4AR8QAiIAWmgAFSAJtCDR78D2ABH4Ao8ABUEwOOPAvFgLzgA0kAGyAJ5oAicA+fBZXAN1IGb4DZoA4/AM9ALBsEomAAzYB4sgm9gHYIgLESAiBAnxA+JQJKQAqQG6UDGkCVkD7lCXpA/FAbFQnuhg1AGlAMVQWVQJXQdugW1QU+gPugFNAnNQV+gNQQSgUewIHgRZIQsQg2hj7BAOCJ2I/wRkYgkxCFEJqIQUY64imhEtCGeIQYRE4h5xDISIOmQbEgSUhqphjRE2iDdkH7IKOR+ZDoyH1mOrEY2IzuQA8gJ5ALyOwqDIqIEUNIoTZQZyglFRUWi9qOOo4pQl1GNqAeoAdQkahH1A01A86Al0Rpoc/ROtD86Hp2GzkdfQjegH6IH0TPobxgMhg0jilHFmGFcMUGYPZjjmDOYGkwrpg8zjVnGYrGcWEmsNtYGS8HGYNOwp7FXsfew/dgZ7CoNHQ0/jQKNCY0bTRhNKk0+zRWauzT9NLM067SMtCK0GrQ2tD60ibQnaS/QNtP20M7QruOYcKI4bZwjLgh3AFeIq8Y9xI3hlujo6ATp1Ons6ALpUugK6WrpHtNN0n3HM+Ml8IZ4d3wsPhNfgW/Fv8AvEQgEMkGP4EaIIWQSKgn3Ca8Iq/REehl6c3of+mT6YvpG+n76jwy0DCIM+gweDEkM+Qz1DD0MC4y0jGRGQ0YK437GYsZbjMOMy0xEJnkmG6ZQpuNMV5ieML1jxjKTmY2ZfZgPMZ9nvs88TUQShYiGRCrxIPEC8SFxhgXDIspizhLEksFyjaWbZZGVmVWJ1Zk1gbWY9Q7rBBuSjcxmzhbCdpKtjm2IbY2dl12f3Zf9GHs1ez/7Cgc3hx6HL0c6Rw3HIMcapwCnMWcwZzbnTc5xLhSXBJcdVzzXWa6HXAvcLNya3FTudO467pc8CB4JHnuePTzneTp5lnn5eE15I3hP897nXeBj49PjC+LL5bvLN8dP5NfhD+TP5b/H/16AVUBfIESgUOCBwCKJh2RGiiWVkbpJ64Kigk6CqYI1guNCOCE1IT+hXKF2oUVhfmEr4b3CVcIvRWhF1EQCRApEOkRWyKJkF/IR8k3yO1EOUXPRJNEq0TExgpiuWKRYudhzcYy4mniw+BnxXgmEhLJEgESxRI8kQlJFMlDyjGSfFFpKXSpMqlxqWBovrS8dJ10lPSnDJmMpkypzU+ajrLCsm2y2bIfsDzlluRC5C3Kj8szyO+RT5ZvlvyhIKFAVihWeKxIUTRSTFZsUPytJKvkqnVUaUSYqWykfUW5X3lRRVYlSqVaZUxVW9VItUR1WY1GzVTuu9lgdrW6gnqx+W/27hopGjEadxidNac1gzSua77REtXy1LmhNawtqU7TLtCd0BHS8dEp1JnRJuhTdct0pPSE9H71LerP64vpB+lf1PxrIGUQZNBisGGoY7jNsNUIamRqlG3UbMxs7GRcZvzIRNPE3qTJZNFU23WPaaoY2szDLNhs25zWnmleaL+5Q3bFvxwMLvIWDRZHFlKWEZZRlsxXCaofVKasxaxHrMOubNsDG3OaUzbitqG2kbYsdxs7Wrtjurb28/V77Dgeig6fDFYdvjgaOJx1HncScYp3anRmc3Z0rnVdcjFxyXCZ2yu7ct/OZK5droGuTG9bN2e2S2/Iu4115u2bcld3T3Id2i+5O2P3Eg8sjxOOOJ4MnxbPeC+3l4nXFa4NiQymnLHube5d4L1INqQXUeR89n1yfOV9t3xzfWT9tvxy/d/7a/qf85wJ0A/IDFgINA4sCPweZBZ0LWgm2Ca4I3gpxCakJpQn1Cr0VxhwWHPYgnC88IbwvQjIiLWIiUiMyL3IxyiLqUjQUvTu6KYYFPjR1xorFHo6djNOJK45bjXeOr09gSghL6EyUSDyWOJtkknRxD2oPdU/7XtLeA3sn9+nvK9sP7ffe354slHwoeSbFNOXyAdyB4ANdqXKpOalfD7ocbD7Eeyjl0PRh08NVafRpUWnDRzSPnDuKOhp4tPuY4rHTx36k+6Q/zZDLyM/YOE49/vSE/InCE1uZfpndJ1VOns3CZIVlDWXrZl/OYcpJypk+ZXWqMVcgNz33a55n3pN8pfxzBbiC2IKJQsvCptPCp7NObxQFFA0WGxTXlPCUHCtZOeNzpv+s3tnqc7znMs6tlQaWjpSZljWWk8vzz2POx51/e8H5QsdFtYuVl7guZVzarAirmLhsf/lBpWpl5RWeKyerEFWxVXNX3a/2XjO61lQtXV1Ww1aTUQtqY2vfX/e6PlRnUdder1ZffUPkRkkDsSG9EWpMbFy8GXBzosm1qe/WjlvtzZrNDS0yLRW3SbeL77DeOXkXd/fQ3a17SfeWWyNaF9r826bbPdtH7++8//yB3YPuhxYPHz8yeXS/Q7/j3mPtx7efaDy59VTt6c1nKs8aO5U7G7qUuxq6Vbobe1R7mnrVe5v7tPru9uv2tw0YDTx6bv782aD1YN+Q09DIsPvwxIjPyLsXIS8+v4x7uT6aMoYeSx9nHM9/xfOq/LX465oJlYk7k0aTnVMOU6PT1On5N9FvNmYOvSW8zZ/ln618p/Du9pzJXO/7Xe9n5iPm1xfSPjB9KPko9vHGJ71PnYs7F2c+R33e+nJ8iXOp4qvS1/Zl2+VX30K/ra+kr3KuXv6u9r1jzWVtdj1+A7tRuCm+2fzD4sfYVujWVgQlivLrKICEH4SfHwBfKgAguAJA7AUAt+v3Wfu/CQkfPhBw6wzJQPOIM0gPlDgai/6MmcMO07ymncSt4NEEMr0FQwxjKdMwkY5FhzWJrYZ9llOCi8JdwNPDh+ZXFvAlZQrWCfULfyQjROnFGMTp4J3vu+QHqUnpAZn7sg1yF+SzFPYpBik5K+upSKgSVTfUZtQ7NW5olmgd1A7SsdfV0ZPS5zdgM2Q0ojVGGW+arJgumr0zn9gxYtFt+dDqtnW9zTXbK3aV9lccrjnWOF13rnep33nD9YZb/a469+u7azxqPOu8miht3p3UFz5vfb/6bQXQBbIFCQZLhiiH6oaZhztF+EbGR52IvhRzL3Yk7nMCbaJAkuoe673UfQn705MLUkoPlKWeO1h46OThtLQ9RyKP+h1zS7fO0D+ufEIsk+ckcxZdNm0O3SnGXI48Ur5kgVKh9mnjIqtip5JdZ6hng8/FlKaUZZWXnW+48P
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "78454fee-f7d0-4414-9287-2ab013132efa" ,
"value" : "Figure 16"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G O C A Y A A A B L 6 X 1 z A A A W p m l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I G 0 h L z k t Y c s 4555 y D C C w 552 w A U V F B E Z A k Q Q E V R B Q Q B B E M g A F F o o i g i B J E R F F R R B B Q b t Q T v / 9377 t 7 V + / N 69 / U V F d 1 T 3 V 1 d T U A H J r U q K g w B A M A 4 R F x M f Y m + v y u b u 782 N c A A k h A B H w A T / W N j d K z t b U E M P 1 p / 0 l f n 8 D S M I 1 I / d T 1 P 7 //r8Tk5x/rCwDkAWMfv1jfcBh3ws+mb1RMHADI6zBfMDEu6ieegjFzDDxAGH/5iQN/YRTNT+zzG3P/knG0N4CxLAA0BCo1JhAAgibM50/wDYT1EGBbGKYIv+AI2HwUjLV9g6h+ALA3wjKS4eGRP/FzGIvC8vB3DhSMVX3+RWfgP/T7bOunUgO38e95/SIaw+DYqDBq8v/z1/zfFB4W/8cGBX4IQTGm9nArBP+/8dBIi20c4WNt8wcH+/2S/4WD4k2d/mDfWAP3P9iPamix3TfM2vIPDgg2NtvWE2fm+Af7xxo5/MExkfbbtgJiDPT+YGrMX7vxoU7b/CB/s239KUGOLn9wQrCz9R8cG+pg8VfGYJsfE2+/PX7/CBP9v3aNt+ceHvsv8w022+4bF+Rouj136t/x+0fo/dUZ67o9Nj9/Q6O/Mk7b8lFx+tu2osJst+X9w0y2+bEJDtt94+DF+bev7fY/DKGa2/7BwBIYAUPADwxAMIgA/iAcUOE3Q/gtFkSBMPgtOc4/Ke7nxAwio5JjggOD4vj14Ojz5zeL8JWW5JeXlZcH4Gcs/14ey/a/YhRiHfzLi4b7q6sBgCj/y6NKANAuCYfQxb88IWUA8KUAdMz6xsck/Ob9DAmABjhAD5gBB+AFgkAUSAF5oAw0gC48enNgAxyBG/AEviAIHn8MSAS7wT6QAbJADigAJeA0OAPOg0ugCVwF10EXuAcegiEwCibAFJgD78AS+Ao2IAjCQkSIBHFAfJAwJAHJQ6qQNmQEWUL2kBvkDQVCEVA8tBvaD2VBeVAJVAnVQpeha1AX9AAahp5C09AC9BlaRyARBAQzggdBQcggVBF6CAuEI2InIhARjUhBHEBkI4oRVYiLiFZEF+IhYhQxhXiHWEECJB7JiiQjpZCqSAOkDdIdGYCMQe5FZiILkVXIemQ7sgc5gpxCLiK/oTAoEoofJYXSQJminFC+qGjUXtRRVAnqPKoVdQc1gppGLaF+oIlobrQEWh1thnZFB6IT0RnoQnQ1ugV9Fz2KnkN/xWAwrBgRjArGFOOGCcHswhzFlGMaMJ2YYcwsZgWLxXJgJbBaWBssFRuHzcCexF7E3sI+ws5h12jwNHw08jTGNO40ETTpNIU0F2hu0jyimafZoGWgFaZVp7Wh9aNNpj1Oe5a2nXaQdo52A8eIE8Fp4RxxIbh9uGJcPe4u7jluGY/HC+DV8Hb4YHwavhjfiL+Pn8Z/IzARxAkGBA9CPCGbUEPoJDwlLBOJRApRl+hOjCNmE2uJt4kviGt0JDppOjM6P7pUulK6VrpHdB/oaemF6fXoPelT6Avpm+kH6RcZaBkoDAYMVIa9DKUM1xjGGFYYSYxyjDaM4YxHGS8wPmB8w4RlojAZMfkxHWA6w3SbaZaEJAmSDEi+pP2ks6S7pDlmDLMIsxlzCHMW8yXmAeYlFiYWRRZnliSWUpYbLFOsSFYKqxlrGOtx1ibWJ6zrbDxsemz+bEfY6tkesa2yc7HrsvuzZ7I3sI+yr3PwcxhxhHLkclzlmOREcYpz2nEmcp7ivMu5yMXMpcHly5XJ1cT1jBvBLc5tz72L+wx3H/cKDy+PCU8Uz0me2zyLvKy8urwhvPm8N3kX+Eh82nzBfPl8t/je8rPw6/GH8Rfz3+FfInOTTcnx5EryAHlDQETASSBdoEFgUhAnqCoYIJgv2C24JMQnZCW0W6hO6JkwrbCqcJBwkXCP8CpFhOJCOUS5Snkjwi5iJpIiUifyXJQoqiMaLVol+lgMI6YqFipWLjYkjhBXEg8SLxUflEBIKEsES5RLDEuiJdUkIySrJMekCFJ6UglSdVLT0qzSltLp0lelP8gIybjL5Mr0yPyQVZINkz0rOyHHJGculy7XLvdZXlzeV75U/rECUcFYIVWhTeGTooSiv+IpxXElkpKV0iGlbqXvyirKMcr1ygsqQireKmUqY6rMqraqR1Xvq6HV9NVS1a6rfVNXVo9Tb1L/qCGlEapxQeONpoimv+ZZzVktAS2qVqXWlDa/trd2hfaUDlmHqlOlM6MrqOunW607ryemF6J3Ue+Dvqx+jH6L/qqBusEeg05DpKGJYabhgBGTkZNRidELYwHjQOM64yUTJZNdJp2maFML01zTMTMeM1+zWrMlcxXzPeZ3LAgWDhYlFjOW4pYxlu1WCCtzqxNWz62FrSOsr9oAGzObEzaTtiK20bYddhg7W7tSu9f2cva77XscSA5eDhccvjrqOx53nHASdYp36namd/ZwrnVedTF0yXOZcpVx3eP60I3TLditzR3r7uxe7b6yw2hHwY45DyWPDI8nO0V2Ju184MnpGeZ5w4vei+rV7I32dvG+4L1JtaFWUVd8zHzKfJZ8DXyLfN/56frl+y34a/nn+c8HaAXkBbwJ1Ao8EbgQpBNUGLQYbBBcEvwpxDTkdMhqqE1oTehWmEtYQzhNuHf4tQimiNCIO5G8kUmRw1ESURlRU9Hq0QXRSzEWMdWxUOzO2LY4ZvjQ1BcvGn8wfjpBO6E0YS3RObE5iTEpIqkvWTz5SPJ8inHKuV2oXb67uneTd+/bPb1Hb0/lXmivz97uVMHUA6lzaSZp5/fh9oXu60+XTc9L/7LfZX/7AZ4DaQdmD5ocrMugy4jJGDukcej0YdTh4MMDRxSOnDzyI9MvszdLNqswa/Oo79HeY3LHio9tZQdkDxxXPn4qB5MTkfMkVyf3fB5jXkre7AmrE635/PmZ+V8KvAoeFCoWni7CFcUXTRVbFredFDqZc3KzJKhktFS/tKGMu+xI2Wq5X/mjU7qn6k/znM46vV4RXDFeaVLZWkWpKjyDOZNw5vVZ57M951TP1VZzVmdVf6+JqJk6b3/+Tq1Kbe0F7gvH6xB18XULFz0uDl0yvNRWL1Vf2cDakNUIGuMb3172vvykyaKpu1m1uf6K8JWyFlJLZivUmty6dDXo6lSbW9vwNfNr3e0a7S0d0h0118nXS2+w3Dh+E3fzwM2tWym3VjqjOhe7Artmu726J2673n58x+7OwF2Lu/fvGd+73aPXc+u+1v3rD9QfXOtV7b36UPlha59SX0u/Un/LgPJA66DKYNuQ2lD7sObwzUc6j7pGDEfuPTZ7/HDUenT4idOT8TGPsalxv/E3T8OefnqW8GxjIu05+nnmJMNk4QvuF1UvxV42TClP3Zg2nO6bcZiZmPWdffcq9tXm3IHXxNeF83zztW/k31xfMF4Yervj7dy7qHcbixnvGd+XfRD9cOWj7se+JdeluU8xn7Y+H13mWK75ovile8V25cXX8K8bq5lrHGvnv6l+61l3WZ/fSNzEbhZ/F/ve/sPix/Ot8K2tKGoM9ddRAAk/iIAAAD7XAEB0A4A0BABux++z9n8TEj58IODWGZKG3iHKkZ4oMTQW/QmzgB2jeUk7jVsloIkUOgv6OIYKxjESnlmbJYW1gW2eQ5yTylXEPciL5lPi9ydnCzQJPhL6QEGI0InSi+Hhne+bxHvJaakR6dsyLbJn5XLk9yiEKDor6SqLq5BUNlXn1PrUr2iUae7XCtG219HWldTj02c1YDCkNUIZfTdeNVkyfWM2ZT5uMWB51+q6dbPNJdsLdrX2FxwuOTY4XXZudml2veJ2xb15R5PH5Z0Nng1eTd5t1C6fPt+nfq/9vwRsBeGDWUMEQiXClMJ1IswinaL8oxNjjsVWx92KH0/4lESbzJ+isst6t++epL2ZqUVpFfsq00/vLz5w/GBGxq5D0YcDjrhnWmfpHVU6JprNfZwpB59Lm4c/wZDPXkAulChSLNY6aVRiVepUtqPc91To6biKtMqcqsozLWd7z7
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "f6dd05f8-9c1f-48a7-9bac-0a8d3a43be55" ,
"value" : "Figure 17"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G Z C A Y A A A B V O k 9 Q A A A W p m l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I G 0 h L z k t Y c s 4555 y D C C w 552 w A U V F B E Z A k Q Q E V R B Q Q B B E M g A F F o o i g i B J E R F F R R B B Q b t Q T v / 9377 t 7 V + / N 69 / U V F d 1 T 3 V 1 d T U A H J r U q K g w B A M A 4 R F x M f Y m + v y u b u 782 N c A A k h A B H w A T / W N j d K z t b U E M P 1 p / 0 l f n 8 D S M I 1 I / d T 1 P 7 //r8Tk5x/rCwDkAWMfv1jfcBh3ws+mb1RMHADI6zBfMDEu6ieegjFzDDxAGH/5iQN/YRTNT+zzG3P/knG0N4CxLAA0BCo1JhAAgibM50/wDYT1EGBbGKYIv+AI2HwUjLV9g6h+ALA3wjKS4eGRP/FzGIvC8vB3DhSMVX3+RWfgP/T7bOunUgO38e95/SIaw+DYqDBq8v/z1/zfFB4W/8cGBX4IQTGm9nArBP+/8dBIi20c4WNt8wcH+/2S/4WD4k2d/mDfWAP3P9iPamix3TfM2vIPDgg2NtvWE2fm+Af7xxo5/MExkfbbtgJiDPT+YGrMX7vxoU7b/CB/s239KUGOLn9wQrCz9R8cG+pg8VfGYJsfE2+/PX7/CBP9v3aNt+ceHvsv8w022+4bF+Rouj136t/x+0fo/dUZ67o9Nj9/Q6O/Mk7b8lFx+tu2osJst+X9w0y2+bEJDtt94+DF+bev7fY/DKGa2/7BwBIYAUPADwxAMIgA/iAcUOE3Q/gtFkSBMPgtOc4/Ke7nxAwio5JjggOD4vj14Ojz5zeL8JWW5JeXlZcH4Gcs/14ey/a/YhRiHfzLi4b7q6sBgCj/y6NKANAuCYfQxb88IWUA8KUAdMz6xsck/Ob9DAmABjhAD5gBB+AFgkAUSAF5oAw0gC48enNgAxyBG/AEviAIHn8MSAS7wT6QAbJADigAJeA0OAPOg0ugCVwF10EXuAcegiEwCibAFJgD78AS+Ao2IAjCQkSIBHFAfJAwJAHJQ6qQNmQEWUL2kBvkDQVCEVA8tBvaD2VBeVAJVAnVQpeha1AX9AAahp5C09AC9BlaRyARBAQzggdBQcggVBF6CAuEI2InIhARjUhBHEBkI4oRVYiLiFZEF+IhYhQxhXiHWEECJB7JiiQjpZCqSAOkDdIdGYCMQe5FZiILkVXIemQ7sgc5gpxCLiK/oTAoEoofJYXSQJminFC+qGjUXtRRVAnqPKoVdQc1gppGLaF+oIlobrQEWh1thnZFB6IT0RnoQnQ1ugV9Fz2KnkN/xWAwrBgRjArGFOOGCcHswhzFlGMaMJ2YYcwsZgWLxXJgJbBaWBssFRuHzcCexF7E3sI+ws5h12jwNHw08jTGNO40ETTpNIU0F2hu0jyimafZoGWgFaZVp7Wh9aNNpj1Oe5a2nXaQdo52A8eIE8Fp4RxxIbh9uGJcPe4u7jluGY/HC+DV8Hb4YHwavhjfiL+Pn8Z/IzARxAkGBA9CPCGbUEPoJDwlLBOJRApRl+hOjCNmE2uJt4kviGt0JDppOjM6P7pUulK6VrpHdB/oaemF6fXoPelT6Avpm+kH6RcZaBkoDAYMVIa9DKUM1xjGGFYYSYxyjDaM4YxHGS8wPmB8w4RlojAZMfkxHWA6w3SbaZaEJAmSDEi+pP2ks6S7pDlmDLMIsxlzCHMW8yXmAeYlFiYWRRZnliSWUpYbLFOsSFYKqxlrGOtx1ibWJ6zrbDxsemz+bEfY6tkesa2yc7HrsvuzZ7I3sI+yr3PwcxhxhHLkclzlmOREcYpz2nEmcp7ivMu5yMXMpcHly5XJ1cT1jBvBLc5tz72L+wx3H/cKDy+PCU8Uz0me2zyLvKy8urwhvPm8N3kX+Eh82nzBfPl8t/je8rPw6/GH8Rfz3+FfInOTTcnx5EryAHlDQETASSBdoEFgUhAnqCoYIJgv2C24JMQnZCW0W6hO6JkwrbCqcJBwkXCP8CpFhOJCOUS5Snkjwi5iJpIiUifyXJQoqiMaLVol+lgMI6YqFipWLjYkjhBXEg8SLxUflEBIKEsES5RLDEuiJdUkIySrJMekCFJ6UglSdVLT0qzSltLp0lelP8gIybjL5Mr0yPyQVZINkz0rOyHHJGculy7XLvdZXlzeV75U/rECUcFYIVWhTeGTooSiv+IpxXElkpKV0iGlbqXvyirKMcr1ygsqQireKmUqY6rMqraqR1Xvq6HV9NVS1a6rfVNXVo9Tb1L/qCGlEapxQeONpoimv+ZZzVktAS2qVqXWlDa/trd2hfaUDlmHqlOlM6MrqOunW607ryemF6J3Ue+Dvqx+jH6L/qqBusEeg05DpKGJYabhgBGTkZNRidELYwHjQOM64yUTJZNdJp2maFML01zTMTMeM1+zWrMlcxXzPeZ3LAgWDhYlFjOW4pYxlu1WCCtzqxNWz62FrSOsr9oAGzObEzaTtiK20bYddhg7W7tSu9f2cva77XscSA5eDhccvjrqOx53nHASdYp36namd/ZwrnVedTF0yXOZcpVx3eP60I3TLditzR3r7uxe7b6yw2hHwY45DyWPDI8nO0V2Ju184MnpGeZ5w4vei+rV7I32dvG+4L1JtaFWUVd8zHzKfJZ8DXyLfN/56frl+y34a/nn+c8HaAXkBbwJ1Ao8EbgQpBNUGLQYbBBcEvwpxDTkdMhqqE1oTehWmEtYQzhNuHf4tQimiNCIO5G8kUmRw1ESURlRU9Hq0QXRSzEWMdWxUOzO2LY4ZvjQ1BcvGn8wfjpBO6E0YS3RObE5iTEpIqkvWTz5SPJ8inHKuV2oXb67uneTd+/bPb1Hb0/lXmivz97uVMHUA6lzaSZp5/fh9oXu60+XTc9L/7LfZX/7AZ4DaQdmD5ocrMugy4jJGDukcej0YdTh4MMDRxSOnDzyI9MvszdLNqswa/Oo79HeY3LHio9tZQdkDxxXPn4qB5MTkfMkVyf3fB5jXkre7AmrE635/PmZ+V8KvAoeFCoWni7CFcUXTRVbFredFDqZc3KzJKhktFS/tKGMu+xI2Wq5X/mjU7qn6k/znM46vV4RXDFeaVLZWkWpKjyDOZNw5vVZ57M951TP1VZzVmdVf6+JqJk6b3/+Tq1Kbe0F7gvH6xB18XULFz0uDl0yvNRWL1Vf2cDakNUIGuMb3172vvykyaKpu1m1uf6K8JWyFlJLZivUmty6dDXo6lSbW9vwNfNr3e0a7S0d0h0118nXS2+w3Dh+E3fzwM2tWym3VjqjOhe7Artmu726J2673n58x+7OwF2Lu/fvGd+73aPXc+u+1v3rD9QfXOtV7b36UPlha59SX0u/Un/LgPJA66DKYNuQ2lD7sObwzUc6j7pGDEfuPTZ7/HDUenT4idOT8TGPsalxv/E3T8OefnqW8GxjIu05+nnmJMNk4QvuF1UvxV42TClP3Zg2nO6bcZiZmPWdffcq9tXm3IHXxNeF83zztW/k31xfMF4Yervj7dy7qHcbixnvGd+XfRD9cOWj7se+JdeluU8xn7Y+H13mWK75ovile8V25cXX8K8bq5lrHGvnv6l+61l3WZ/fSNzEbhZ/F/ve/sPix/Ot8K2tKGoM9ddRAAk/iIAAAD7XAEB0A4A0BABux++z9n8TEj58IODWGZKG3iHKkZ4oMTQW/QmzgB2jeUk7jVsloIkUOgv6OIYKxjESnlmbJYW1gW2eQ5yTylXEPciL5lPi9ydnCzQJPhL6QEGI0InSi+Hhne+bxHvJaakR6dsyLbJn5XLk9yiEKDor6SqLq5BUNlXn1PrUr2iUae7XCtG219HWldTj02c1YDCkNUIZfTdeNVkyfWM2ZT5uMWB51+q6dbPNJdsLdrX2FxwuOTY4XXZudml2veJ2xb15R5PH5Z0Nng1eTd5t1C6fPt+nfq/9vwRsBeGDWUMEQiXClMJ1IswinaL8oxNjjsVWx92KH0/4lESbzJ+isst6t++epL2ZqUVpFfsq00/vLz5w/GBGxq5D0YcDjrhnWmfpHVU6JprNfZwpB59Lm4c/wZDPXkAulChSLNY6aVRiVepUtqPc91To6biKtMqcqsozLWd7z7
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "4b4b197c-c1d0-463a-9ce2-64b3bd31cd0b" ,
"value" : "Figure 18"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "http-method" ,
"uuid" : "4fea81f5-af12-4c4b-8778-bf592fcac00a" ,
"value" : "POST /EZEDCJRFVJRIFTMLDEDU HTTP/1.1\nCONNECTION: KEEP-ALIVE\nCONTENT-TYPE: APPLICATION/X-WWW-FORM-URLENCODED; CHARSET=UTF-8\nACCEPT: */*\nACCEPT-LANGUAGE: EN-US\nUSER-AGENT: MOZILLA/4.0 (COMPATIBLE; WIN32; WINHTTP.WINHTTPREQUEST.5)\nCHARSET: UTF-8\nCONTENT-LENGTH: 93\nHOST: 88.119.170.124"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "http-method" ,
"uuid" : "172311e5-f47c-4017-93da-822bd5d05aec" ,
"value" : "POST /LCEKCNKXKBLLMWLPOKLGOF HTTP/1.1\nCONNECTION: KEEP-ALIVE\nCONTENT-TYPE: APPLICATION/X-WWW-FORM-URLENCODED; CHARSET=UTF-8\nACCEPT: */*\nACCEPT-LANGUAGE: EN-US\nUSER-AGENT: MOZILLA/4.0 (COMPATIBLE; WIN32; WINHTTP.WINHTTPREQUEST.5)\nCHARSET: UTF-8\nCONTENT-LENGTH: 9813\nHOST: 88.119.170.124"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A d w A A A J Y C A Y A A A D I a l e m A A A W p 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I y y 5 p y X k J S 8455 y Q 5 C y K w L D n n Z A B R U U E R k C S g A g Z E F B A E E Q y A A Q M Z C Q o o Q U Q E F U U E C X K j n v j 9 v + / d 3 b t 6 b 17 / p q a 6 q n u q q 6 u r A e D U o k R E h C A Y A Q g N i 4 m y N z U Q 2 O n q J o B 9 C y C A B A Q g A N g o 1 O g I f V t b S w D T n / a f 9 G 0 I l o Z p Q P q n r v / 8 / r 8 S s 49 v N B U A y B 3 G 3 j 7 R 1 F A Y t 8 L P B j U i K g Y A 5 G 2 Y L x Q f E / E T T 8 C Y J Q o e I I y //sT+vzCK5if2/o15fsk42hvCWA4AGjyFEuUPAF4L5gvEUf1hPXjYFoY5zCcwDDYfAWMdagDFBwCOWlhGKjQ0/Cceg7EYLA9/50TBWM37X3T6/0O/97Z+CsV/G/+e1y+iMQqMjgihJP4/f83/TaEhsX9skOEHHxBlZg+3wvD/GwkOt9jGYd7WNn9woM8v+V84INbM6Q+mRhu6/cE+FCOL7b4h1pZ/sF+gifm2nhhzxz/YN9rY4Q+OCrfftuUXZaj/B1Oi/tqNDXba5gf4mm/rTwpwdPmD4wKdrf/g6GAHi78yhtv8qFj77fH7hpka/LVrsj330Oh/mW+g+XbfmABHs+25U/6O3zdM/6/O6J3bY/PxNTL+K+O0LR8RY7BtKyLEdlveN8R0mx8d57DdNwZenH/72m7/wyDKDts/GFgCY2AER58hCARhwBeEAgr8ZgS/RYMIEAK/Jcb4JsT8nJhheERiVKB/QIyAPhx9vgLmYVQZKQEFOQUFAH7G8u/lsWT/K0Yhtp6/vEi4v4Y6AIgzf3kUSQCapeAQuvqXJ6wCAF0xAC3T1NiouN+8nyEB0AAHGAAL4AR8QAiIAWmgAFSAJtCDR78D2ABH4Ao8ABUEwOOPAvFgLzgA0kAGyAJ5oAicA+fBZXAN1IGb4DZoA4/AM9ALBsEomAAzYB4sgm9gHYIgLESAiBAnxA+JQJKQAqQG6UDGkCVkD7lCXpA/FAbFQnuhg1AGlAMVQWVQJXQdugW1QU+gPugFNAnNQV+gNQQSgUewIHgRZIQsQg2hj7BAOCJ2I/wRkYgkxCFEJqIQUY64imhEtCGeIQYRE4h5xDISIOmQbEgSUhqphjRE2iDdkH7IKOR+ZDoyH1mOrEY2IzuQA8gJ5ALyOwqDIqIEUNIoTZQZyglFRUWi9qOOo4pQl1GNqAeoAdQkahH1A01A86Al0Rpoc/ROtD86Hp2GzkdfQjegH6IH0TPobxgMhg0jilHFmGFcMUGYPZjjmDOYGkwrpg8zjVnGYrGcWEmsNtYGS8HGYNOwp7FXsfew/dgZ7CoNHQ0/jQKNCY0bTRhNKk0+zRWauzT9NLM067SMtCK0GrQ2tD60ibQnaS/QNtP20M7QruOYcKI4bZwjLgh3AFeIq8Y9xI3hlujo6ATp1Ons6ALpUugK6WrpHtNN0n3HM+Ml8IZ4d3wsPhNfgW/Fv8AvEQgEMkGP4EaIIWQSKgn3Ca8Iq/REehl6c3of+mT6YvpG+n76jwy0DCIM+gweDEkM+Qz1DD0MC4y0jGRGQ0YK437GYsZbjMOMy0xEJnkmG6ZQpuNMV5ieML1jxjKTmY2ZfZgPMZ9nvs88TUQShYiGRCrxIPEC8SFxhgXDIspizhLEksFyjaWbZZGVmVWJ1Zk1gbWY9Q7rBBuSjcxmzhbCdpKtjm2IbY2dl12f3Zf9GHs1ez/7Cgc3hx6HL0c6Rw3HIMcapwCnMWcwZzbnTc5xLhSXBJcdVzzXWa6HXAvcLNya3FTudO467pc8CB4JHnuePTzneTp5lnn5eE15I3hP897nXeBj49PjC+LL5bvLN8dP5NfhD+TP5b/H/16AVUBfIESgUOCBwCKJh2RGiiWVkbpJ64Kigk6CqYI1guNCOCE1IT+hXKF2oUVhfmEr4b3CVcIvRWhF1EQCRApEOkRWyKJkF/IR8k3yO1EOUXPRJNEq0TExgpiuWKRYudhzcYy4mniw+BnxXgmEhLJEgESxRI8kQlJFMlDyjGSfFFpKXSpMqlxqWBovrS8dJ10lPSnDJmMpkypzU+ajrLCsm2y2bIfsDzlluRC5C3Kj8szyO+RT5ZvlvyhIKFAVihWeKxIUTRSTFZsUPytJKvkqnVUaUSYqWykfUW5X3lRRVYlSqVaZUxVW9VItUR1WY1GzVTuu9lgdrW6gnqx+W/27hopGjEadxidNac1gzSua77REtXy1LmhNawtqU7TLtCd0BHS8dEp1JnRJuhTdct0pPSE9H71LerP64vpB+lf1PxrIGUQZNBisGGoY7jNsNUIamRqlG3UbMxs7GRcZvzIRNPE3qTJZNFU23WPaaoY2szDLNhs25zWnmleaL+5Q3bFvxwMLvIWDRZHFlKWEZZRlsxXCaofVKasxaxHrMOubNsDG3OaUzbitqG2kbYsdxs7Wrtjurb28/V77Dgeig6fDFYdvjgaOJx1HncScYp3anRmc3Z0rnVdcjFxyXCZ2yu7ct/OZK5droGuTG9bN2e2S2/Iu4115u2bcld3T3Id2i+5O2P3Eg8sjxOOOJ4MnxbPeC+3l4nXFa4NiQymnLHube5d4L1INqQXUeR89n1yfOV9t3xzfWT9tvxy/d/7a/qf85wJ0A/IDFgINA4sCPweZBZ0LWgm2Ca4I3gpxCakJpQn1Cr0VxhwWHPYgnC88IbwvQjIiLWIiUiMyL3IxyiLqUjQUvTu6KYYFPjR1xorFHo6djNOJK45bjXeOr09gSghL6EyUSDyWOJtkknRxD2oPdU/7XtLeA3sn9+nvK9sP7ffe354slHwoeSbFNOXyAdyB4ANdqXKpOalfD7ocbD7Eeyjl0PRh08NVafRpUWnDRzSPnDuKOhp4tPuY4rHTx36k+6Q/zZDLyM/YOE49/vSE/InCE1uZfpndJ1VOns3CZIVlDWXrZl/OYcpJypk+ZXWqMVcgNz33a55n3pN8pfxzBbiC2IKJQsvCptPCp7NObxQFFA0WGxTXlPCUHCtZOeNzpv+s3tnqc7znMs6tlQaWjpSZljWWk8vzz2POx51/e8H5QsdFtYuVl7guZVzarAirmLhsf/lBpWpl5RWeKyerEFWxVXNX3a/2XjO61lQtXV1Ww1aTUQtqY2vfX/e6PlRnUdder1ZffUPkRkkDsSG9EWpMbFy8GXBzosm1qe/WjlvtzZrNDS0yLRW3SbeL77DeOXkXd/fQ3a17SfeWWyNaF9r826bbPdtH7++8//yB3YPuhxYPHz8yeXS/Q7/j3mPtx7efaDy59VTt6c1nKs8aO5U7G7qUuxq6Vbobe1R7mnrVe5v7tPru9uv2tw0YDTx6bv782aD1YN+Q09DIsPvwxIjPyLsXIS8+v4x7uT6aMoYeSx9nHM9/xfOq/LX465oJlYk7k0aTnVMOU6PT1On5N9FvNmYOvSW8zZ/ln618p/Du9pzJXO/7Xe9n5iPm1xfSPjB9KPko9vHGJ71PnYs7F2c+R33e+nJ8iXOp4qvS1/Zl2+VX30K/ra+kr3KuXv6u9r1jzWVtdj1+A7tRuCm+2fzD4sfYVujWVgQlivLrKICEH4SfHwBfKgAguAJA7AUAt+v3Wfu/CQkfPhBw6wzJQPOIM0gPlDgai/6MmcMO07ymncSt4NEEMr0FQwxjKdMwkY5FhzWJrYZ9llOCi8JdwNPDh+ZXFvAlZQrWCfULfyQjROnFGMTp4J3vu+QHqUnpAZn7sg1yF+SzFPYpBik5K+upSKgSVTfUZtQ7NW5olmgd1A7SsdfV0ZPS5zdgM2Q0ojVGGW+arJgumr0zn9gxYtFt+dDqtnW9zTXbK3aV9lccrjnWOF13rnep33nD9YZb/a469+u7azxqPOu8miht3p3UFz5vfb/6bQXQBbIFCQZLhiiH6oaZhztF+EbGR52IvhRzL3Yk7nMCbaJAkuoe673UfQn705MLUkoPlKWeO1h46OThtLQ9RyKP+h1zS7fO0D+ufEIsk+ckcxZdNm0O3SnGXI48Ur5kgVKh9mnjIqtip5JdZ6hng8/FlKaUZZWXnW+48P
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "a2d1404b-0175-48f8-96f3-6ad0ec210bed" ,
"value" : "Figure 19"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G a C A Y A A A D T r j 3 + A A A W p m l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I G 0 h L z k t Y c s 4555 y D C C w 552 w A U V F B E Z A k Q Q E V R B Q Q B B E M g A F F o o i g i B J E R F F R R B B Q b t Q T v / 9377 t 7 V + / N 69 / U V F d 1 T 3 V 1 d T U A H J r U q K g w B A M A 4 R F x M f Y m + v y u b u 782 N c A A k h A B H w A T / W N j d K z t b U E M P 1 p / 0 l f n 8 D S M I 1 I / d T 1 P 7 //r8Tk5x/rCwDkAWMfv1jfcBh3ws+mb1RMHADI6zBfMDEu6ieegjFzDDxAGH/5iQN/YRTNT+zzG3P/knG0N4CxLAA0BCo1JhAAgibM50/wDYT1EGBbGKYIv+AI2HwUjLV9g6h+ALA3wjKS4eGRP/FzGIvC8vB3DhSMVX3+RWfgP/T7bOunUgO38e95/SIaw+DYqDBq8v/z1/zfFB4W/8cGBX4IQTGm9nArBP+/8dBIi20c4WNt8wcH+/2S/4WD4k2d/mDfWAP3P9iPamix3TfM2vIPDgg2NtvWE2fm+Af7xxo5/MExkfbbtgJiDPT+YGrMX7vxoU7b/CB/s239KUGOLn9wQrCz9R8cG+pg8VfGYJsfE2+/PX7/CBP9v3aNt+ceHvsv8w022+4bF+Rouj136t/x+0fo/dUZ67o9Nj9/Q6O/Mk7b8lFx+tu2osJst+X9w0y2+bEJDtt94+DF+bev7fY/DKGa2/7BwBIYAUPADwxAMIgA/iAcUOE3Q/gtFkSBMPgtOc4/Ke7nxAwio5JjggOD4vj14Ojz5zeL8JWW5JeXlZcH4Gcs/14ey/a/YhRiHfzLi4b7q6sBgCj/y6NKANAuCYfQxb88IWUA8KUAdMz6xsck/Ob9DAmABjhAD5gBB+AFgkAUSAF5oAw0gC48enNgAxyBG/AEviAIHn8MSAS7wT6QAbJADigAJeA0OAPOg0ugCVwF10EXuAcegiEwCibAFJgD78AS+Ao2IAjCQkSIBHFAfJAwJAHJQ6qQNmQEWUL2kBvkDQVCEVA8tBvaD2VBeVAJVAnVQpeha1AX9AAahp5C09AC9BlaRyARBAQzggdBQcggVBF6CAuEI2InIhARjUhBHEBkI4oRVYiLiFZEF+IhYhQxhXiHWEECJB7JiiQjpZCqSAOkDdIdGYCMQe5FZiILkVXIemQ7sgc5gpxCLiK/oTAoEoofJYXSQJminFC+qGjUXtRRVAnqPKoVdQc1gppGLaF+oIlobrQEWh1thnZFB6IT0RnoQnQ1ugV9Fz2KnkN/xWAwrBgRjArGFOOGCcHswhzFlGMaMJ2YYcwsZgWLxXJgJbBaWBssFRuHzcCexF7E3sI+ws5h12jwNHw08jTGNO40ETTpNIU0F2hu0jyimafZoGWgFaZVp7Wh9aNNpj1Oe5a2nXaQdo52A8eIE8Fp4RxxIbh9uGJcPe4u7jluGY/HC+DV8Hb4YHwavhjfiL+Pn8Z/IzARxAkGBA9CPCGbUEPoJDwlLBOJRApRl+hOjCNmE2uJt4kviGt0JDppOjM6P7pUulK6VrpHdB/oaemF6fXoPelT6Avpm+kH6RcZaBkoDAYMVIa9DKUM1xjGGFYYSYxyjDaM4YxHGS8wPmB8w4RlojAZMfkxHWA6w3SbaZaEJAmSDEi+pP2ks6S7pDlmDLMIsxlzCHMW8yXmAeYlFiYWRRZnliSWUpYbLFOsSFYKqxlrGOtx1ibWJ6zrbDxsemz+bEfY6tkesa2yc7HrsvuzZ7I3sI+yr3PwcxhxhHLkclzlmOREcYpz2nEmcp7ivMu5yMXMpcHly5XJ1cT1jBvBLc5tz72L+wx3H/cKDy+PCU8Uz0me2zyLvKy8urwhvPm8N3kX+Eh82nzBfPl8t/je8rPw6/GH8Rfz3+FfInOTTcnx5EryAHlDQETASSBdoEFgUhAnqCoYIJgv2C24JMQnZCW0W6hO6JkwrbCqcJBwkXCP8CpFhOJCOUS5Snkjwi5iJpIiUifyXJQoqiMaLVol+lgMI6YqFipWLjYkjhBXEg8SLxUflEBIKEsES5RLDEuiJdUkIySrJMekCFJ6UglSdVLT0qzSltLp0lelP8gIybjL5Mr0yPyQVZINkz0rOyHHJGculy7XLvdZXlzeV75U/rECUcFYIVWhTeGTooSiv+IpxXElkpKV0iGlbqXvyirKMcr1ygsqQireKmUqY6rMqraqR1Xvq6HV9NVS1a6rfVNXVo9Tb1L/qCGlEapxQeONpoimv+ZZzVktAS2qVqXWlDa/trd2hfaUDlmHqlOlM6MrqOunW607ryemF6J3Ue+Dvqx+jH6L/qqBusEeg05DpKGJYabhgBGTkZNRidELYwHjQOM64yUTJZNdJp2maFML01zTMTMeM1+zWrMlcxXzPeZ3LAgWDhYlFjOW4pYxlu1WCCtzqxNWz62FrSOsr9oAGzObEzaTtiK20bYddhg7W7tSu9f2cva77XscSA5eDhccvjrqOx53nHASdYp36namd/ZwrnVedTF0yXOZcpVx3eP60I3TLditzR3r7uxe7b6yw2hHwY45DyWPDI8nO0V2Ju184MnpGeZ5w4vei+rV7I32dvG+4L1JtaFWUVd8zHzKfJZ8DXyLfN/56frl+y34a/nn+c8HaAXkBbwJ1Ao8EbgQpBNUGLQYbBBcEvwpxDTkdMhqqE1oTehWmEtYQzhNuHf4tQimiNCIO5G8kUmRw1ESURlRU9Hq0QXRSzEWMdWxUOzO2LY4ZvjQ1BcvGn8wfjpBO6E0YS3RObE5iTEpIqkvWTz5SPJ8inHKuV2oXb67uneTd+/bPb1Hb0/lXmivz97uVMHUA6lzaSZp5/fh9oXu60+XTc9L/7LfZX/7AZ4DaQdmD5ocrMugy4jJGDukcej0YdTh4MMDRxSOnDzyI9MvszdLNqswa/Oo79HeY3LHio9tZQdkDxxXPn4qB5MTkfMkVyf3fB5jXkre7AmrE635/PmZ+V8KvAoeFCoWni7CFcUXTRVbFredFDqZc3KzJKhktFS/tKGMu+xI2Wq5X/mjU7qn6k/znM46vV4RXDFeaVLZWkWpKjyDOZNw5vVZ57M951TP1VZzVmdVf6+JqJk6b3/+Tq1Kbe0F7gvH6xB18XULFz0uDl0yvNRWL1Vf2cDakNUIGuMb3172vvykyaKpu1m1uf6K8JWyFlJLZivUmty6dDXo6lSbW9vwNfNr3e0a7S0d0h0118nXS2+w3Dh+E3fzwM2tWym3VjqjOhe7Artmu726J2673n58x+7OwF2Lu/fvGd+73aPXc+u+1v3rD9QfXOtV7b36UPlha59SX0u/Un/LgPJA66DKYNuQ2lD7sObwzUc6j7pGDEfuPTZ7/HDUenT4idOT8TGPsalxv/E3T8OefnqW8GxjIu05+nnmJMNk4QvuF1UvxV42TClP3Zg2nO6bcZiZmPWdffcq9tXm3IHXxNeF83zztW/k31xfMF4Yervj7dy7qHcbixnvGd+XfRD9cOWj7se+JdeluU8xn7Y+H13mWK75ovile8V25cXX8K8bq5lrHGvnv6l+61l3WZ/fSNzEbhZ/F/ve/sPix/Ot8K2tKGoM9ddRAAk/iIAAAD7XAEB0A4A0BABux++z9n8TEj58IODWGZKG3iHKkZ4oMTQW/QmzgB2jeUk7jVsloIkUOgv6OIYKxjESnlmbJYW1gW2eQ5yTylXEPciL5lPi9ydnCzQJPhL6QEGI0InSi+Hhne+bxHvJaakR6dsyLbJn5XLk9yiEKDor6SqLq5BUNlXn1PrUr2iUae7XCtG219HWldTj02c1YDCkNUIZfTdeNVkyfWM2ZT5uMWB51+q6dbPNJdsLdrX2FxwuOTY4XXZudml2veJ2xb15R5PH5Z0Nng1eTd5t1C6fPt+nfq/9vwRsBeGDWUMEQiXClMJ1IswinaL8oxNjjsVWx92KH0/4lESbzJ+isst6t++epL2ZqUVpFfsq00/vLz5w/GBGxq5D0YcDjrhnWmfpHVU6JprNfZwpB59Lm4c/wZDPXkAulChSLNY6aVRiVepUtqPc91To6biKtMqcqsozLWd7z7
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "3ed58aa4-c839-4160-9d61-9374e9a95f86" ,
"value" : "Figure 20"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G c C A Y A A A A F 997 j A A A W p m l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A e J y V W A d U F E + T 79 k I G 0 h L z k t Y c s 4555 y D C C w 552 w A U V F B E Z A k Q Q E V R B Q Q B B E M g A F F o o i g i B J E R F F R R B B Q b t Q T v / 9377 t 7 V + / N 69 / U V F d 1 T 3 V 1 d T U A H J r U q K g w B A M A 4 R F x M f Y m + v y u b u 782 N c A A k h A B H w A T / W N j d K z t b U E M P 1 p / 0 l f n 8 D S M I 1 I / d T 1 P 7 //r8Tk5x/rCwDkAWMfv1jfcBh3ws+mb1RMHADI6zBfMDEu6ieegjFzDDxAGH/5iQN/YRTNT+zzG3P/knG0N4CxLAA0BCo1JhAAgibM50/wDYT1EGBbGKYIv+AI2HwUjLV9g6h+ALA3wjKS4eGRP/FzGIvC8vB3DhSMVX3+RWfgP/T7bOunUgO38e95/SIaw+DYqDBq8v/z1/zfFB4W/8cGBX4IQTGm9nArBP+/8dBIi20c4WNt8wcH+/2S/4WD4k2d/mDfWAP3P9iPamix3TfM2vIPDgg2NtvWE2fm+Af7xxo5/MExkfbbtgJiDPT+YGrMX7vxoU7b/CB/s239KUGOLn9wQrCz9R8cG+pg8VfGYJsfE2+/PX7/CBP9v3aNt+ceHvsv8w022+4bF+Rouj136t/x+0fo/dUZ67o9Nj9/Q6O/Mk7b8lFx+tu2osJst+X9w0y2+bEJDtt94+DF+bev7fY/DKGa2/7BwBIYAUPADwxAMIgA/iAcUOE3Q/gtFkSBMPgtOc4/Ke7nxAwio5JjggOD4vj14Ojz5zeL8JWW5JeXlZcH4Gcs/14ey/a/YhRiHfzLi4b7q6sBgCj/y6NKANAuCYfQxb88IWUA8KUAdMz6xsck/Ob9DAmABjhAD5gBB+AFgkAUSAF5oAw0gC48enNgAxyBG/AEviAIHn8MSAS7wT6QAbJADigAJeA0OAPOg0ugCVwF10EXuAcegiEwCibAFJgD78AS+Ao2IAjCQkSIBHFAfJAwJAHJQ6qQNmQEWUL2kBvkDQVCEVA8tBvaD2VBeVAJVAnVQpeha1AX9AAahp5C09AC9BlaRyARBAQzggdBQcggVBF6CAuEI2InIhARjUhBHEBkI4oRVYiLiFZEF+IhYhQxhXiHWEECJB7JiiQjpZCqSAOkDdIdGYCMQe5FZiILkVXIemQ7sgc5gpxCLiK/oTAoEoofJYXSQJminFC+qGjUXtRRVAnqPKoVdQc1gppGLaF+oIlobrQEWh1thnZFB6IT0RnoQnQ1ugV9Fz2KnkN/xWAwrBgRjArGFOOGCcHswhzFlGMaMJ2YYcwsZgWLxXJgJbBaWBssFRuHzcCexF7E3sI+ws5h12jwNHw08jTGNO40ETTpNIU0F2hu0jyimafZoGWgFaZVp7Wh9aNNpj1Oe5a2nXaQdo52A8eIE8Fp4RxxIbh9uGJcPe4u7jluGY/HC+DV8Hb4YHwavhjfiL+Pn8Z/IzARxAkGBA9CPCGbUEPoJDwlLBOJRApRl+hOjCNmE2uJt4kviGt0JDppOjM6P7pUulK6VrpHdB/oaemF6fXoPelT6Avpm+kH6RcZaBkoDAYMVIa9DKUM1xjGGFYYSYxyjDaM4YxHGS8wPmB8w4RlojAZMfkxHWA6w3SbaZaEJAmSDEi+pP2ks6S7pDlmDLMIsxlzCHMW8yXmAeYlFiYWRRZnliSWUpYbLFOsSFYKqxlrGOtx1ibWJ6zrbDxsemz+bEfY6tkesa2yc7HrsvuzZ7I3sI+yr3PwcxhxhHLkclzlmOREcYpz2nEmcp7ivMu5yMXMpcHly5XJ1cT1jBvBLc5tz72L+wx3H/cKDy+PCU8Uz0me2zyLvKy8urwhvPm8N3kX+Eh82nzBfPl8t/je8rPw6/GH8Rfz3+FfInOTTcnx5EryAHlDQETASSBdoEFgUhAnqCoYIJgv2C24JMQnZCW0W6hO6JkwrbCqcJBwkXCP8CpFhOJCOUS5Snkjwi5iJpIiUifyXJQoqiMaLVol+lgMI6YqFipWLjYkjhBXEg8SLxUflEBIKEsES5RLDEuiJdUkIySrJMekCFJ6UglSdVLT0qzSltLp0lelP8gIybjL5Mr0yPyQVZINkz0rOyHHJGculy7XLvdZXlzeV75U/rECUcFYIVWhTeGTooSiv+IpxXElkpKV0iGlbqXvyirKMcr1ygsqQireKmUqY6rMqraqR1Xvq6HV9NVS1a6rfVNXVo9Tb1L/qCGlEapxQeONpoimv+ZZzVktAS2qVqXWlDa/trd2hfaUDlmHqlOlM6MrqOunW607ryemF6J3Ue+Dvqx+jH6L/qqBusEeg05DpKGJYabhgBGTkZNRidELYwHjQOM64yUTJZNdJp2maFML01zTMTMeM1+zWrMlcxXzPeZ3LAgWDhYlFjOW4pYxlu1WCCtzqxNWz62FrSOsr9oAGzObEzaTtiK20bYddhg7W7tSu9f2cva77XscSA5eDhccvjrqOx53nHASdYp36namd/ZwrnVedTF0yXOZcpVx3eP60I3TLditzR3r7uxe7b6yw2hHwY45DyWPDI8nO0V2Ju184MnpGeZ5w4vei+rV7I32dvG+4L1JtaFWUVd8zHzKfJZ8DXyLfN/56frl+y34a/nn+c8HaAXkBbwJ1Ao8EbgQpBNUGLQYbBBcEvwpxDTkdMhqqE1oTehWmEtYQzhNuHf4tQimiNCIO5G8kUmRw1ESURlRU9Hq0QXRSzEWMdWxUOzO2LY4ZvjQ1BcvGn8wfjpBO6E0YS3RObE5iTEpIqkvWTz5SPJ8inHKuV2oXb67uneTd+/bPb1Hb0/lXmivz97uVMHUA6lzaSZp5/fh9oXu60+XTc9L/7LfZX/7AZ4DaQdmD5ocrMugy4jJGDukcej0YdTh4MMDRxSOnDzyI9MvszdLNqswa/Oo79HeY3LHio9tZQdkDxxXPn4qB5MTkfMkVyf3fB5jXkre7AmrE635/PmZ+V8KvAoeFCoWni7CFcUXTRVbFredFDqZc3KzJKhktFS/tKGMu+xI2Wq5X/mjU7qn6k/znM46vV4RXDFeaVLZWkWpKjyDOZNw5vVZ57M951TP1VZzVmdVf6+JqJk6b3/+Tq1Kbe0F7gvH6xB18XULFz0uDl0yvNRWL1Vf2cDakNUIGuMb3172vvykyaKpu1m1uf6K8JWyFlJLZivUmty6dDXo6lSbW9vwNfNr3e0a7S0d0h0118nXS2+w3Dh+E3fzwM2tWym3VjqjOhe7Artmu726J2673n58x+7OwF2Lu/fvGd+73aPXc+u+1v3rD9QfXOtV7b36UPlha59SX0u/Un/LgPJA66DKYNuQ2lD7sObwzUc6j7pGDEfuPTZ7/HDUenT4idOT8TGPsalxv/E3T8OefnqW8GxjIu05+nnmJMNk4QvuF1UvxV42TClP3Zg2nO6bcZiZmPWdffcq9tXm3IHXxNeF83zztW/k31xfMF4Yervj7dy7qHcbixnvGd+XfRD9cOWj7se+JdeluU8xn7Y+H13mWK75ovile8V25cXX8K8bq5lrHGvnv6l+61l3WZ/fSNzEbhZ/F/ve/sPix/Ot8K2tKGoM9ddRAAk/iIAAAD7XAEB0A4A0BABux++z9n8TEj58IODWGZKG3iHKkZ4oMTQW/QmzgB2jeUk7jVsloIkUOgv6OIYKxjESnlmbJYW1gW2eQ5yTylXEPciL5lPi9ydnCzQJPhL6QEGI0InSi+Hhne+bxHvJaakR6dsyLbJn5XLk9yiEKDor6SqLq5BUNlXn1PrUr2iUae7XCtG219HWldTj02c1YDCkNUIZfTdeNVkyfWM2ZT5uMWB51+q6dbPNJdsLdrX2FxwuOTY4XXZudml2veJ2xb15R5PH5Z0Nng1eTd5t1C6fPt+nfq/9vwRsBeGDWUMEQiXClMJ1IswinaL8oxNjjsVWx92KH0/4lESbzJ+isst6t++epL2ZqUVpFfsq00/vLz5w/GBGxq5D0YcDjrhnWmfpHVU6JprNfZwpB59Lm4c/wZDPXkAulChSLNY6aVRiVepUtqPc91To6biKtMqcqsozLWd7z7
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "e7baa62a-5fa3-43c7-9883-044cfe6232c4" ,
"value" : "Figure 21"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779050" ,
"to_ids" : false ,
"type" : "http-method" ,
"uuid" : "3193d66b-49a7-4497-a1fb-135b1fc61d7d" ,
"value" : "POST /JZNKMUSTNTBLVMDVGCWBVQB HTTP/1.1\nCONNECTION: KEEP-ALIVE\nCONTENT-TYPE: APPLICATION/X-WWW-FORM-URLENCODED; CHARSET=UTF-8\nACCEPT: */*\nACCEPT-LANGUAGE: EN-US\nUSER-AGENT: MOZILLA/4.0 (COMPATIBLE; WIN32; WINHTTP.WINHTTPREQUEST.5)\nCHARSET: UTF-8\nCONTENT-LENGTH: 93\nHOST: 5.199.133.149"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "http-method" ,
"uuid" : "96e3a541-edfb-4e9d-9260-c27b47f63318" ,
"value" : "POST /OEAJGYXYXCLQMFQAYV HTTP/1.1\nCONNECTION: KEEP-ALIVE\nCONTENT-TYPE: APPLICATION/X-WWW-FORM-URLENCODED; CHARSET=UTF-8\nACCEPT: */*\nACCEPT-LANGUAGE: EN-US\nUSER-AGENT: MOZILLA/4.0 (COMPATIBLE; WIN32; WINHTTP.WINHTTPREQUEST.5)\nCHARSET: UTF-8\nCONTENT-LENGTH: 93\nHOST: 5[.]199[.]133[.]149"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "4b53ca48-535a-49d9-8b2f-0d13f215f93d" ,
"value" : "185.183.96.7"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "75ea0ebd-708a-4d21-97d7-dd34d95b5e71" ,
"value" : "185.117.75.34"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "f63a2fec-41c7-45dd-b4e2-7db6492cefa2" ,
"value" : "192.210.191.188"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "1ed78b46-b445-4852-a50b-b34c90c46c96" ,
"value" : "185.183.96.44"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "55d62742-79b9-4154-9a10-2034c8a6ca80" ,
"value" : "185.118.164.21"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "516f45a4-7828-4810-bab9-dc8078b626c1" ,
"value" : "88.119.170.124"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "4684e686-36f8-4197-93b5-c40bbf9e8e61" ,
"value" : "5.199.133.149"
} ,
{
"category" : "External analysis" ,
"comment" : "MAR\u201310369127\u20131.v1" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1645779451" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "8de1c761-8dd1-4062-ba44-e369aa396c6e" ,
"value" : "https://www.cisa.gov/uscert/ncas/analysis-reports/ar22-055a"
}
] ,
"Object" : [
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "a8a549c6-5e05-4d61-80f1-703cff882aa1" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "da8f0949-5a83-415d-b129-0df4cdf8b9f4" ,
"value" : "a27655d14b0aabec8db70ae08a623317"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "2b1d207f-17d9-42f7-a772-89c2e501a67f" ,
"value" : "8344f2c1096687ed83c2bbad0e6e549a71b0c0b1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3bbb7fbe-44d0-4374-94e4-ebceeb6faec6" ,
"value" : "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "25fd2935-3a0d-43bc-a089-25d83599264f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7642ffb2-1b40-4026-a6a1-d1a5b94a66d5" ,
"value" : "218d4151b39e4ece13d3bf5ff4d1121b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "6055559e-63d3-4a63-88c5-1db4f51ecb9c" ,
"value" : "28e799d9769bb7e936d1768d498a0d2c7a0d53fb"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "4672d6dc-9ea2-4787-9b47-ae4e1e6d145c" ,
"value" : "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "70a90720-e7da-4fe3-963c-82a9a3db58bc" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "2456189e-846b-43de-8b94-23c596490450" ,
"value" : "860f5c2345e8f5c268c9746337ade8b7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "aeda2805-cbd9-404a-9440-c7d618949535" ,
"value" : "6c55d3acdc2d8d331f0d13024f736bc28ef5a7e1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "f3d571f8-2f0b-45fd-be62-1d6a9330b889" ,
"value" : "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "328567fc-0417-49f8-b23b-53dcdb8560c9" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "e418fbba-d55d-4bd0-b605-a43ed4a1cff9" ,
"value" : "cec48bcdedebc962ce45b63e201c0624"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "c9db696d-f924-4b7b-aa0a-ccaeb07c6fb0" ,
"value" : "81f46998c92427032378e5dead48bdfc9128b225"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "e36ba59a-bb7d-47ce-ad0c-7755e129dd68" ,
"value" : "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "12109767-e5e4-4dbb-adef-f12287028f1d" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "cefad518-1dbc-4aa8-9026-a239a1999b9d" ,
"value" : "a65696d6b65f7159c9ffcd4119f60195"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "72b379f6-76e3-42c7-8b7a-b324f00bfef4" ,
"value" : "570f7272412ff8257ed6868d90727a459e3b179e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "4898393f-93de-48b3-8cbb-c0f6ac834724" ,
"value" : "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "e0af5983-9c3c-489e-aa97-348a3d246445" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7f09346d-4418-411c-9e95-143a85f4fb58" ,
"value" : "4a022ea1fd2bf5e8c0d8b2343a230070"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "986182b7-d42b-42f7-a2da-b6b4a829fd3e" ,
"value" : "89df0feca9a447465d41ac87cb45a6f3c02c574d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "6be22585-9f59-49c9-885e-8abc3c96e861" ,
"value" : "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "42fea0bd-b6db-4f2c-b057-8652f33909ec" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "ca7d1e64-3256-4aeb-b07d-44027686669e" ,
"value" : "6c084c8f5a61c6bec5eb5573a2d51ffb"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "489cda59-8043-41e6-9ad1-f100a4e09bfb" ,
"value" : "61608ed1de56d0e4fe6af07ecba0bd0a69d825b8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "466cbd14-7012-4c3d-b5a8-11e62c704ed3" ,
"value" : "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "921e6391-749c-451a-a1a6-c71db2a098d8" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "9b432284-f193-4ce8-a320-ae06ae433fcd" ,
"value" : "a0421312705e847a1c8073001fd8499c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "7eb61e6d-bbdc-42a6-9423-2a3cd777d97d" ,
"value" : "3204447f54adeffb339ed3e00649ae428544eca3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "24789445-eaa9-4a76-a93d-aea6de43ab28" ,
"value" : "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "53436345-3436-4d64-9b3d-3597a9281309" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1fb50fb8-d491-4abc-9e6a-f4fee97ef980" ,
"value" : "a16f4f0c00ca43d5b20f7bc30a3f3559"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "eca082c9-19cd-412e-95f9-9fd499f0e3e0" ,
"value" : "94e26fb2738e49bb70b445315c0d63a5d364c71b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1e5c125d-09c6-450e-9235-3f630a9a619b" ,
"value" : "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "79c2ea48-f14b-451a-b69e-bba1d0799602" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "24cb9a34-317e-4c57-8af1-faabd1d50074" ,
"value" : "c0c2cd5cc018e575816c08b36969c4a6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "699be7ea-59c9-406d-b85e-ecdf46a351ce" ,
"value" : "47a4e0d466bb20cec5d354e56a9aa3f07cec816a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "d5d965ac-c422-425f-beb0-996869d13c45" ,
"value" : "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "887f0b31-0d3d-497c-bcb3-a527c96dd36a" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b671e94c-5a8d-47d4-b8ce-ebc9084d17b6" ,
"value" : "37fa9e6b9be7242984a39a024cade2d5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "db2e3fc5-7d3b-444b-b034-dd6e695ab68b" ,
"value" : "0211569091b96cffab6918e18ccc97f4b24d88d4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "4efc4253-f8bd-4a73-908b-e57ae453b44e" ,
"value" : "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "aecca46c-cfa7-45d9-b08e-541adc30d275" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "51a820fa-5c23-4932-b9d8-46e2d798c97b" ,
"value" : "0431445d6d6e5802c207c8bc6a6402ea"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "bedd002f-11f9-47c7-b86b-962162f0bfe9" ,
"value" : "3765c1ad8a1d936aad88255aef5d6d4ce24f94e8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "ae290e1e-08de-40d6-973b-62eacdde826d" ,
"value" : "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "d923471a-0c01-41b2-b685-7901ebb4e39f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "fb8e05d9-32a9-4df9-9c9c-226d6dac4a52" ,
"value" : "b0ab12a5a4c232c902cdeba421872c37"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "97a28cdf-b148-411b-8b3f-d1178b138dfb" ,
"value" : "a8e7659942cc19f422678181ee23297efa55fa09"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "31717b7b-0034-4760-b1ee-467decb57d05" ,
"value" : "026868713d60e6790f41dc7046deb4e6795825faa903113d2f22b644f0d21141"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "fb659d83-fa72-41e5-8892-f0671fdc46c4" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "c0942aa6-21a1-469a-9602-2fc6ec913cd0" ,
"value" : "e182a861616a9f12bc79988e6a4186af"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "0f77069d-288b-44e8-977a-3572b2ea7192" ,
"value" : "69840d4c4755cdab01527eacbb48577d973f7157"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1462a25f-3a86-47bb-a814-d1b14edd818b" ,
"value" : "c2badcdfa9b7ece00f245990bb85fb6645c05b155b77deaf2bb7a2a0aacbe49e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "74365ca4-809b-424b-be51-82f303d108f7" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "702a4748-9bc0-4677-a408-1a4baea2e53b" ,
"value" : "b3504546810e78304e879df76d4eec46"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "93e613df-40b8-4f50-a1cf-95a6258948fb" ,
"value" : "d02d93b707ac999fde0545792870a2b82dc3a238"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3c04a696-c415-4be5-ba53-71906ef4ee82" ,
"value" : "f10471e15c6b971092377c524a0622edf4525acee42f4b61e732f342ea7c0df0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "6ed910f1-d6ea-4f61-87c1-da1c79392234" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7b90f3a6-023b-437d-b15f-cd0bbdf8ff93" ,
"value" : "6cef87a6ffb254bfeb61372d24e1970a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "c962a14d-f684-48c4-ba46-d0195d1e4da1" ,
"value" : "e21d95b648944ad2287c6bc01fcc12b05530e455"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3ffddba7-b4b8-456a-b388-c271a7f96a80" ,
"value" : "4b2862a1665a62706f88304406b071a5c9a6b3093daadc073e174ac6d493f26c"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "5a09ff5f-0778-4915-9f5b-8cd3322eb793" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "63f9870c-7689-4a37-81e5-2ee5a0859471" ,
"value" : "cb84c6b5816504c993c33360aeec4705"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "d30074c0-9457-43d0-80da-590f92296f6b" ,
"value" : "9f212961d1de465c20e84f3c4d8ac0302e02ce37"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "0cc6d1ee-8417-4d77-8691-89434ed28268" ,
"value" : "d77e268b746cf1547e7ed662598f8515948562e1d188a7f9ddb8e00f4fd94ef0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "fc3f9b02-8d1b-43a4-8d87-d21b23f7f4b2" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "c3db4f0a-2587-4f0c-91ee-66f5480bcc51" ,
"value" : "2.757475"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "be15eb11-7cd5-45d6-b39e-134546e3fdb7" ,
"value" : "dbe1463d7d1b0850df5e47b5320ef5fb"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "9190e4fa-69f2-42c1-acbb-578db969f0f2" ,
"value" : "1024"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "f5324dce-0174-4873-a184-f867aa7ebf85" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1e67779b-0626-4d28-b1b7-943dabc6d9d0" ,
"value" : "c732c8e6ad0cf8292aa60a9da9dcbe7c"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "c51fd925-9bdd-48f6-af4f-74c1d1575aa9" ,
"value" : "6.609888"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "85ddde1e-dac0-4a0a-b624-215264b42e8b" ,
"value" : ".text"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "e95bf493-8e95-437b-9d20-bb3b7aaf7de3" ,
"value" : "54784"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "e11f4f1f-83de-430d-9b91-e24999849d6f" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "967793a7-567e-43d0-bb6d-f59ca0508658" ,
"value" : "3bd80fc1bbd1476e125d2e487662e01f"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "d2094d6c-0a9b-491a-837e-d4284efef94c" ,
"value" : "5.042288"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "32f0d0ce-9109-4361-ae87-97c6808b2987" ,
"value" : ".rdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "662aa34c-de6f-4475-9965-e5c6d819e97f" ,
"value" : "27648"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "53d7fd2e-2742-4084-9d0e-fb4b64aec293" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "699e1eb4-ecde-463d-bc44-3b78364aa839" ,
"value" : "ccd03992b1a52aba460a01a4113d59c8"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "eb0ffd36-7290-4284-baa4-0eca463f7274" ,
"value" : "2.366593"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "3179c4e5-516f-474a-b1ba-09e40a3c97ea" ,
"value" : ".data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "b330e940-10b6-496b-8aa8-b4177304e3d4" ,
"value" : "2560"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "90f3388a-6be9-4b94-a91c-e343bd7b5ea5" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "6058a465-ec1e-4b82-ae65-7b9db61fa1f7" ,
"value" : "c7a4e8ec050a078d37fff5197af953e2"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "2dda90d0-f5f9-4c76-8aaa-aa4898e5593e" ,
"value" : "4.712298"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "17fb6b4a-8fba-4a3a-9a8b-e6c25ccf153f" ,
"value" : ".rsrc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "91d9417d-8de4-4258-84ff-e3e7c0b7a74f" ,
"value" : "512"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779051" ,
"uuid" : "36f24fb6-9a14-4bfb-977d-01a99cbbcdc5" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "66208290-3e54-4ed0-ac55-976275e5d520" ,
"value" : "2de65738f49b99cdb71355bdc924c55a"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "2c274c3f-56d1-49f0-ad57-a24e1582dfec" ,
"value" : "6.411331"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "a9540e9b-1acf-4028-a6ee-01139e71d91a" ,
"value" : ".reloc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "6f60ee7c-90d4-460f-9981-428cfdb1e721" ,
"value" : "4096"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe" ,
"template_uuid" : "cf7adecc-d4f0-4e88-9d90-f978ee151a07" ,
"template_version" : "7" ,
"timestamp" : "1645779051" ,
"uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "fc3f9b02-8d1b-43a4-8d87-d21b23f7f4b2" ,
"relationship_type" : "header-of" ,
"timestamp" : "1645779055" ,
"uuid" : "9013bd5b-b43f-48d8-995e-fa382f26ccec"
} ,
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "f5324dce-0174-4873-a184-f867aa7ebf85" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779055" ,
"uuid" : "ccd735e2-a39d-4846-97fe-9d1863a283b3"
} ,
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "e11f4f1f-83de-430d-9b91-e24999849d6f" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779055" ,
"uuid" : "25a70eaa-4d00-4032-a9d3-50570ceb7e4c"
} ,
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "53d7fd2e-2742-4084-9d0e-fb4b64aec293" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779056" ,
"uuid" : "e4a37089-38cc-4537-91ca-eb4e82a63a99"
} ,
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "90f3388a-6be9-4b94-a91c-e343bd7b5ea5" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779056" ,
"uuid" : "3cfa0ae2-9bc6-4301-b17a-25b8c49bce1f"
} ,
{
"comment" : "" ,
"object_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"referenced_uuid" : "36f24fb6-9a14-4bfb-977d-01a99cbbcdc5" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779056" ,
"uuid" : "9830611b-054e-4435-a307-b0936e486a23"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "internal-filename" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "6d443b57-ce09-4907-b416-c2af59cb3788" ,
"value" : "goopdate.dll"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "original-filename" ,
"timestamp" : "1645779051" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "34248499-9520-473e-a0da-de888075e15f" ,
"value" : "goopdate.dll"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "number-sections" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "counter" ,
"uuid" : "43120de3-a534-4de4-958f-7f1ea3dfe512" ,
"value" : "6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779051" ,
"uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
"referenced_uuid" : "ed8a837d-f46d-4aa6-86a4-100b541f53bd" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779056" ,
"uuid" : "17ea5c58-44ac-4061-a397-9b7235f99f18"
} ,
{
"comment" : "" ,
"object_uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
"referenced_uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "448849ab-4810-4208-80ab-95ae2ccc102f"
} ,
{
"comment" : "" ,
"object_uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
"referenced_uuid" : "06c3132b-eb33-487c-b39e-97265c40079b" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "df82dec7-a358-42d7-8c99-bb8054e55412"
} ,
{
"comment" : "" ,
"object_uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
"referenced_uuid" : "504312f7-711b-4c65-a5b1-7aeac7d3e8b1" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "c9b9e330-555b-41b9-9fc5-68d3a3c09b95"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "3927621d-76c2-41c0-a608-4316d13138f2" ,
"value" : "a27655d14b0aabec8db70ae08a623317"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "c9ecd263-a5e6-44bb-81bd-4b7520e13e8a" ,
"value" : "8344f2c1096687ed83c2bbad0e6e549a71b0c0b1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "57cbba3d-c335-4405-a8e7-0ee36a41cf06" ,
"value" : "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779051" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "c53101d4-e9b5-423e-af09-2090e19e93d0" ,
"value" : "3c9fa512e7360fecc4db3196e850db8b398d1950a21a3a1f529bbc0a1323cc3b4c8d1bf95acb9ceaa794cf135a56c0e761976f17326594ce08c89117b1700514"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "69d27752-97eb-4852-af28-819e1eb29bae" ,
"value" : "1536:Ggw+CKmmOmwE1k4XGt2EkxtNh7aZgvADsW/cd+32UVGHgz:RCBTDE1krt2Ebg5+32UQHgz"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "3e803d94-9347-4bbe-8680-324d5193ec5c" ,
"value" : "goopdate.dll"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "2c771cc1-6589-4d55-80be-47f6e21c7cc1" ,
"value" : "PE32 executable (DLL) (console) Intel 80386, for MS Windows"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7ecddaf2-68a5-4da3-8173-5843ac467831" ,
"value" : "90624"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "4c9a4a80-d93b-4a13-a5d6-55fffe33d194" ,
"value" : "6.359392"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779052" ,
"uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
"referenced_uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "4fa4ac20-c020-4e13-a275-e938727ee942"
} ,
{
"comment" : "" ,
"object_uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
"referenced_uuid" : "ea85caa4-4116-4036-b6a1-dc970a8e344f" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "d27327ad-40b1-4a35-a313-67f2bf7eda47"
} ,
{
"comment" : "" ,
"object_uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
"referenced_uuid" : "485c4d0c-8b91-42dc-8d5c-08f431e94e20" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "52647086-8de4-4e8f-8055-e8fe274f8151"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "102eb1b8-399c-402f-901a-b6a28a7885b4" ,
"value" : "218d4151b39e4ece13d3bf5ff4d1121b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "676f1d77-b386-46d8-8a50-248b02c09753" ,
"value" : "28e799d9769bb7e936d1768d498a0d2c7a0d53fb"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "4507a4c1-e3b7-4716-8bab-a4628b717c98" ,
"value" : "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "74018cb9-04ed-4d97-9040-6edddb6617b8" ,
"value" : "8f859945f0c3e590db99bb35f4127f34910268c44f94407e98a5399fec44d92523d07230e793209639914afe61d17dfb41273193e30bbfb950b29ffce3d4b9d5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "2d4bb108-2e52-4ba4-a9fc-683868cfdc30" ,
"value" : "3072:bI+Rz2t2VGAQIP2DR7mOOfKI12sKDrS51ODTKjI2:bpF2t2VV2DNmOOyI8s441FjI"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "261ec8f7-95b4-4940-953c-db0a39c3c41d" ,
"value" : "goopdate.dat"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "e1b9e5b6-07d6-4489-b477-474dbc89c89d" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "87ac5816-0026-41f1-858b-ccf83b578536" ,
"value" : "115546"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "b9af1da7-5b32-4148-97be-1ee9b1e46e15" ,
"value" : "7.971267"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779052" ,
"uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
"referenced_uuid" : "57c67011-48d1-483d-8381-c44fae67b0af" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "52c77252-fb83-44fb-b7ab-463edebea21f"
} ,
{
"comment" : "" ,
"object_uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
"referenced_uuid" : "67da7a7a-db65-439d-aa5b-c79f6e1004d9" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779056" ,
"uuid" : "dfb23b7d-6444-4c22-94fc-7b01a3623ad1"
} ,
{
"comment" : "" ,
"object_uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
"referenced_uuid" : "acae1e35-1e12-4468-82c7-1b13cce3d88c" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779057" ,
"uuid" : "6451bb9f-2f3d-44e1-b494-e315678db3f2"
} ,
{
"comment" : "" ,
"object_uuid" : "a38b3735-eaae-463f-874d-cd702536ab21" ,
"referenced_uuid" : "9e379f61-e1b8-4741-b710-a74c1cb65357" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779057" ,
"uuid" : "7e9c90bf-488e-4266-8e22-17785b8262a3"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "c5c05f87-b044-4d21-86f0-c4a306ad994c" ,
"value" : "52299ffc8373f58b62543ec754732e55"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "8388ac9c-e811-4c9e-8e28-4530876781db" ,
"value" : "ca97ac295b2cd57501517c0efd67b6f8a7d1fbdf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "0480936a-dbec-4412-a01e-cd65b4ce0bef" ,
"value" : "ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "06ee3a04-fddf-46cc-8d16-bb1191f4b8f0" ,
"value" : "6c9dc3ae0d3090bab57285ac1bc86d0fa60096221c99a383cc1a5a7da1c0614dfdbe4e6fa2aea9ff1e8d3415495d2d444c2f15ad9a1fd3847ddb0fc721f101a2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "39b9ae45-fd9e-45cc-a67f-ec4e59dd76d6" ,
"value" : "48:oN/rGOTDwOQ0rSt4tD9f+1o09KP/iyrjfODVosSh9lwrjhChwsFKDUGymwx:qroOlfBPz5sSh+w9v"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "d7370b76-5e79-4657-8a89-414049e02990" ,
"value" : "config.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "adaa5d62-f11b-41a4-817c-eda4a324c8c9" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "94f08093-a8c7-41c3-93fe-9c83abb14d75" ,
"value" : "3364"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "337be141-1b53-4364-8423-97899054f883" ,
"value" : "5.346853"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779052" ,
"uuid" : "10e80e9a-1c9c-4f8f-96fb-3b2f437d65ff" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e158d43c-3c92-4bf1-8c71-8ff286ae61a5" ,
"value" : "Queried whois.ripe.net with \"-B 185.183.96.7\"...\n\n% Information related to '185.183.96.0 - 185.183.96.255'\n\n% Abuse contact for '185.183.96.0 - 185.183.96.255' is 'abuse@hostsailor.com'\n\ninetnum: 185.183.96.0 - 185.183.96.255\nnetname: EU-HOSTSAILOR\ndescr: HostSailor NL Services\ncountry: NL\nadmin-c: AA31720-RIPE\ntech-c: AA31720-RIPE\nstatus: ASSIGNED PA\nmnt-by: MNT-HS\ncreated: 2016-12-23T09:52:06Z\nlast-modified: 2016-12-23T09:52:06Z\nsource: RIPE\n\nperson: Ali Al-Attiyah\naddress: Suite No: 1605, Churchill Executive Tower, Burf Khalifa Area\naddress: Dubai P.O. Box 98362\naddress: United Arab Emirates\nphone: +971 455 77 845\nnic-hdl: AA31720-RIPE\nmnt-by: MNT-HS\ncreated: 2016-12-21T19:19:26Z\nlast-modified: 2019-03-18T14:07:12Z\nsource: RIPE\n\n% Information related to '185.183.96.0/24AS60117'\n\nroute: 185.183.96.0/24\ndescr: EU-HOSTSAILOR 185.183.96.0/24\norigin: AS60117\nmnt-by: MNT-HS\ncreated: 2016-12-23T09:50:04Z\nlast-modified: 2016-12-23T09:50:04Z\nsource: RIPE"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "2f407b4f-7213-4278-be25-038d1b17c9e5" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "58dd9e45-6c60-4d5f-85be-36375c69f50e" ,
"value" : "2.769462"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d697a529-74a8-4b99-aa5b-8f8f9d4bc760" ,
"value" : "b474b7d68214633e93dc1ab3fcad9a4b"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "a9be06be-ea91-4b5e-a15e-4d7d8ad46b5f" ,
"value" : "1024"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "89bbc87f-ccca-4739-b053-1f973331b0ef" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "ada0e054-3da9-4f55-be78-90c20a319f53" ,
"value" : "d9e1cff126e23d40d396bebc0fe103be"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "4b1b051c-4dc0-45af-8e6a-b13253fd1b83" ,
"value" : "6.612472"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "41f979c8-608b-4973-a1f7-78d7c4a2877d" ,
"value" : ".text"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "2649009b-7ece-4c99-8599-a274da6be5ad" ,
"value" : "55296"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "8519c619-0cb1-40db-938a-0de73879bb2c" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7a42e55b-c50d-4140-9a49-6e899f5454da" ,
"value" : "8528c24241b97c45d2f90f3ef1baceec"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "0eda6b95-9be2-428e-a738-d9caaa86ac79" ,
"value" : "5.178997"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "6f173493-894f-4d38-8857-a20bc27a9963" ,
"value" : ".rdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "9559a005-1256-4d03-8e25-b86a01dfbb1a" ,
"value" : "33280"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "bf4af298-9820-4a59-a97d-935af2bfea6b" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "af5b514e-be60-46c7-a8b4-808fa6b04ac0" ,
"value" : "96565e257370e82ea6cc20bdc7831a7b"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "b31e8334-585e-41d6-b5e7-c12a0ecb428b" ,
"value" : "2.380258"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "463af1c1-c462-4ee7-b4fc-32da9cc08de0" ,
"value" : ".data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "fa8b37f5-25c5-48b8-99e7-034ac93889ce" ,
"value" : "2560"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "7743a9fa-375e-46af-8874-4d4907fcdc1b" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7a4c90fb-9258-4a01-b99e-0229d7e1e5ff" ,
"value" : "43041985e356ec1bb76514dd6d7a347f"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "ee19c270-6e74-4f5b-a357-b9c3fd9a1c10" ,
"value" : "4.717679"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e163eb6d-48dd-42a8-a8d8-ab45c6e48e94" ,
"value" : ".rsrc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "3cc97543-f7f7-4387-bd8c-78bcb01ee25c" ,
"value" : "512"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "e4d0b671-d80a-4434-b33b-257b1fcf7a87" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "0397ded5-f43e-4704-a674-187b2a663c80" ,
"value" : "6b5a16c382d161788b9cc48d74f91543"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "017a9bef-ccac-4f28-8dbe-32c2c692e902" ,
"value" : "6.435504"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "f6d33e8d-01b7-4d07-93ab-c678588f5470" ,
"value" : ".reloc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "9b00404b-e8b2-4349-a63b-f4f9fb32f667" ,
"value" : "4096"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe" ,
"template_uuid" : "cf7adecc-d4f0-4e88-9d90-f978ee151a07" ,
"template_version" : "7" ,
"timestamp" : "1645779052" ,
"uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "2f407b4f-7213-4278-be25-038d1b17c9e5" ,
"relationship_type" : "header-of" ,
"timestamp" : "1645779057" ,
"uuid" : "99625f7d-4434-4c7c-a43d-18f8ae9df396"
} ,
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "89bbc87f-ccca-4739-b053-1f973331b0ef" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "93a2f855-42e0-466e-8b54-120032bfeff1"
} ,
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "8519c619-0cb1-40db-938a-0de73879bb2c" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "c0d23b78-7952-4900-acc2-f0710d2d4518"
} ,
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "bf4af298-9820-4a59-a97d-935af2bfea6b" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "a45d2b11-932a-4f97-9c09-468f5b69503f"
} ,
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "7743a9fa-375e-46af-8874-4d4907fcdc1b" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "ee7aab9d-be04-4ff9-abac-abcc38f370d1"
} ,
{
"comment" : "" ,
"object_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"referenced_uuid" : "e4d0b671-d80a-4434-b33b-257b1fcf7a87" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "61489154-3790-47b2-bfd2-beba9b89005e"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "internal-filename" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "745ecedc-79aa-427d-aa8a-a46d05e6375f" ,
"value" : "libpcre2-8-0.dll"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "original-filename" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "b22e6ac1-3282-4cf7-b5c3-9b4aa31ec475" ,
"value" : "libpcre2-8-0.dll"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "number-sections" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "counter" ,
"uuid" : "b636f83e-74bb-4899-9fd5-1a1cf93b66ce" ,
"value" : "6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779052" ,
"uuid" : "1c5a88fa-8589-4eda-b26f-5435546b732c" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "1c5a88fa-8589-4eda-b26f-5435546b732c" ,
"referenced_uuid" : "8e6214a2-fcf1-4e0b-9c89-6e6598c1c582" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "8928d6f4-77dd-4fc7-b105-b20b6415eb82"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "30a0a93f-3e94-433c-8f06-f95c5939b4d1" ,
"value" : "860f5c2345e8f5c268c9746337ade8b7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "f7da7c2f-c803-4b5f-967d-830854bb763d" ,
"value" : "6c55d3acdc2d8d331f0d13024f736bc28ef5a7e1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "48292841-e1cc-441d-a901-19f95329759c" ,
"value" : "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "1469a853-46bb-4880-a375-2a5ec16bbdb4" ,
"value" : "15b758ada75ae3a6848e3e528e07b19e0efb4156105f0e2ff4486c6df35574c63ccaae5e00d3c4f1ac3f5032f3eb5732179d187979779af4658e8e4dc5020f9f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "93f642c0-255e-4035-a459-e688c462a282" ,
"value" : "1536:TjdtPuB/MpXu7QeqqPKaSc9/Sc+Amru3xobZFsWo/dcd+0Q+MoOl5:TfuBwXuUeqqPIkSc4u3xobb+0Q+MRl5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "e921f5f8-64bd-404f-a0d9-a91ad648fd1a" ,
"value" : "libpcre2-8-0.dll"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "814a3129-96ce-406f-9ffb-a1a1618e4ed0" ,
"value" : "PE32 executable (DLL) (console) Intel 80386, for MS Windows"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "75753a4a-f8a0-4025-a238-bb1c9a2cb939" ,
"value" : "96768"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "e0d08d94-4001-4462-b908-452bc5c87945" ,
"value" : "6.397339"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "e79c6bdc-d90d-420a-80ea-cc8389ba2079" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "8c70f64e-f1bb-4462-abfb-4686a17cd3e2" ,
"value" : "2.778786"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b2eb4716-3e0c-4f51-8dc3-18554fb48713" ,
"value" : "644538127a7d5372f16bbc62790e1b5d"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "35422cb9-507d-4639-a016-864b560c3ecf" ,
"value" : "1024"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "c28b217b-abde-437f-b97d-f0839b9e0e3a" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "229b84f4-c1c1-4f51-86b9-766a9147a487" ,
"value" : "46d87fd65afee2330ee32fe404fe7657"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "511ff4dc-af18-4477-9710-1a81b8d4adb4" ,
"value" : "6.623812"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "a183c322-9c83-4560-8e71-51d514aa8127" ,
"value" : ".text"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "90430e76-1944-4af9-be18-076ca5f2ab20" ,
"value" : "55808"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "b95e7529-0dc6-44fe-966d-f76045838c79" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "74a3b4eb-83f4-4ad4-8414-ec8946b1d372" ,
"value" : "7bc20c2666aeb10cbe1787cdeeb38138"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "096ea454-d73d-44d9-9c7e-73a9243bf5e6" ,
"value" : "5.111049"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "16269022-567c-4ff0-b43e-2091a697bf3e" ,
"value" : ".rdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "4e9fa6ae-aef3-445c-a3be-8586ed9662c9" ,
"value" : "29696"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "35e010f5-6472-493f-8fc9-d48a6a4d0d21" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "2413e108-106b-49d4-a8e8-31fc4fce9579" ,
"value" : "8adf7f42b993b6d8b658ea5a9d554a49"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "928b51cd-42af-41d8-86d1-529ca93e5f48" ,
"value" : "2.380664"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "8b3909d3-76f4-4479-abf2-4197615d8a40" ,
"value" : ".data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7263b722-c4b1-41a0-9456-0698ea6f0d68" ,
"value" : "2560"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "5637e3c9-5741-4fbf-bc5b-5d01980e5889" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7979d7ab-f31a-4f6b-ab4e-29dc70534996" ,
"value" : "065463fcb19d087772450d47229f013f"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "09a7f579-1848-42b8-b82e-c64996927ab5" ,
"value" : "4.717679"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "8b038daf-bc31-4c9c-b8d5-6c5c504c13ac" ,
"value" : ".rsrc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "68f67875-b45f-4a25-b711-c733b1371142" ,
"value" : "512"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779052" ,
"uuid" : "aac2c81b-c9be-429a-9c61-599c82f8d000" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5b31f664-604d-45a3-92fb-e6fe12cf1ecf" ,
"value" : "1a870fa886d593f0dd1c9ce8816c3a63"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "88bc1d39-3fe0-478b-98da-2389d1f0e502" ,
"value" : "6.466938"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "2cd321de-60d7-442a-91cc-2486ca39c814" ,
"value" : ".reloc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "5193aa1e-562a-41e4-997f-209b4beba917" ,
"value" : "4096"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe" ,
"template_uuid" : "cf7adecc-d4f0-4e88-9d90-f978ee151a07" ,
"template_version" : "7" ,
"timestamp" : "1645779052" ,
"uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "e79c6bdc-d90d-420a-80ea-cc8389ba2079" ,
"relationship_type" : "header-of" ,
"timestamp" : "1645779057" ,
"uuid" : "25a95d8c-1ddd-4f1f-b68a-8851d4bf13a4"
} ,
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "c28b217b-abde-437f-b97d-f0839b9e0e3a" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "0d887689-b258-4224-bd8f-29117fa76fcc"
} ,
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "b95e7529-0dc6-44fe-966d-f76045838c79" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "ce184da4-c4d3-4c18-a4f3-ce059f236eb6"
} ,
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "35e010f5-6472-493f-8fc9-d48a6a4d0d21" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "fffa083d-c8f2-4f6e-a5f6-de0b0cf0cda6"
} ,
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "5637e3c9-5741-4fbf-bc5b-5d01980e5889" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "f63622f1-967d-4f88-a2d2-693027b7d08d"
} ,
{
"comment" : "" ,
"object_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"referenced_uuid" : "aac2c81b-c9be-429a-9c61-599c82f8d000" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779057" ,
"uuid" : "e6c46f11-065c-4719-9873-991935ac82f3"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "internal-filename" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "4b8a1b40-cf43-43d6-adae-018d13204088" ,
"value" : "vcruntime140.dll"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "original-filename" ,
"timestamp" : "1645779052" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "60e086ed-192a-4edf-adb1-32d575bbb67e" ,
"value" : "vcruntime140.dll"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "number-sections" ,
"timestamp" : "1645779052" ,
"to_ids" : false ,
"type" : "counter" ,
"uuid" : "0b2b675e-b51a-4afa-a956-8bc78968e969" ,
"value" : "6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779052" ,
"uuid" : "360fa8f3-ff83-4aa7-bb82-a7ebfee5f4ed" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "360fa8f3-ff83-4aa7-bb82-a7ebfee5f4ed" ,
"referenced_uuid" : "634b6916-b5d4-4804-b085-090275565edb" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "bb944223-7e56-4b3c-b906-6fc9a6f0d8b9"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "67ddefbf-ac10-42a4-bbdf-a23adbdcadf4" ,
"value" : "cec48bcdedebc962ce45b63e201c0624"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "fd1749d1-ee5c-46aa-84e1-9e65b17a6c30" ,
"value" : "81f46998c92427032378e5dead48bdfc9128b225"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "6c1019f9-75d3-433c-98ea-faa9da39db55" ,
"value" : "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "421856fa-9213-4565-915d-ebcd9eafc66e" ,
"value" : "661a59b4cdb4aab652b24cb9b7ca54cdee1d50ac3b0479cb418cf8ec2f7bda15fcc2622e6b08a784187ec3f43acd678d1d73efacd43ac33501963d5e4dfe32e9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "d049e4c9-923c-4aa6-8e20-02c984e7a70d" ,
"value" : "1536:jjevM3civEZfW15lbrWKIAy4pcd8uHxQEbZFsWo/dcdV0yjHe9c0b5i2MUql5:jzcbfO5lbr6Ay4huHxHbbV0eHe9c0b5I"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "60b62755-c915-44cc-aedb-55b16d10b70b" ,
"value" : "vcruntime140.dll"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "9f1c4e15-98f2-4c12-8c72-bd2c103d9b1c" ,
"value" : "PE32 executable (DLL) (console) Intel 80386, for MS Windows"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "ff433d18-33fc-48df-a732-d4d612ec5294" ,
"value" : "93696"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "4d3c342a-e744-4652-995d-d0ed7cc088ae" ,
"value" : "6.386276"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "9b7744df-ff9e-42f1-9ba4-cb52b083e2ae" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "fcbdbb1d-bf17-481d-b573-962fe414c9a6" ,
"value" : "a65696d6b65f7159c9ffcd4119f60195"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "95b19563-8277-41a9-8549-284136aa0aba" ,
"value" : "570f7272412ff8257ed6868d90727a459e3b179e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "ee78af42-4d52-4956-a40e-6efdec38cd62" ,
"value" : "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "bba807b6-549b-4641-9109-bae05392e4a2" ,
"value" : "65661ca585e10699eaded4f722914c79b5922e93ea4ca8ecae4a8e3f1320e7b806996f7a54dffbe9d1cdeda593f08e8d95cd831d57de9d9568ea6d8bd280988b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "58255e39-814b-49cb-aa42-2519ae479645" ,
"value" : "6144:AD5ss4qHWpWYY3X3YxMNkpMj7vl+AQOjI:Uss4QEWYwYxM+CdZ3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "f5762256-a208-46b0-9016-ea1678ce33c6" ,
"value" : "Core.dat"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "5569cf0a-0107-43e5-a743-83854f59a449" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "2ce56875-af4d-4af6-8ce8-11b8eaf83dc0" ,
"value" : "222554"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "91102098-b7f2-4b1f-b18c-20551bcbb1d5" ,
"value" : "7.990578"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "ec3e85d5-54fe-47c8-9477-dcedf8eb9648" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "a74e3209-65c1-4ab8-8aa1-0848b173d520" ,
"value" : "4a022ea1fd2bf5e8c0d8b2343a230070"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "e9957b51-d44f-4711-931e-93c769e10079" ,
"value" : "89df0feca9a447465d41ac87cb45a6f3c02c574d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "2781534f-181b-452e-b668-ca352d89d37c" ,
"value" : "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "0d1f8590-f993-43c4-aad0-2db69b3d1d18" ,
"value" : "bec85adf79b916ee64c4a4b6f2cf60d8321d7394a2ec299c3547160f552ecae403c6a2a9aa669cf789d4d99b01c637ac1d0da3c9ed8872bb6184b5ad9543d580"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "a45fe797-91b7-4658-ae78-07d33d15cb43" ,
"value" : "6144:HzUl+nQWOJ0h0Q+MhozbM8RTVwS9HTkSaRIJjI:HzNQkC06bZuSBTky"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "1d97c947-bb40-495d-ad65-fdb1000f2ea9" ,
"value" : "Core.dat"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "96da2b84-6cc6-4a2a-b239-9d486f6609c0" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "e93322aa-74d1-4c1a-94cd-da30d6d96669" ,
"value" : "222554"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "fc83fa28-f8d5-4538-8dc1-ebe972009f97" ,
"value" : "7.990584"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "b41b6b7a-1c1d-4e8e-9e03-40bad4318eaf" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "57ed3a03-4ff4-4630-b2b4-604c45c056b2" ,
"value" : "2.806123"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "f7e931cf-3010-4505-92c6-a3a332269199" ,
"value" : "57e428c7f6e8430e0380e9a1681a940c"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "de171ecc-d3fe-44b1-b686-7a977e3b14fb" ,
"value" : "1024"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "031bd67f-c23c-4613-b1ff-86ce95148260" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d0dbab3a-161c-4ddb-ba27-c35ed4b3f9ee" ,
"value" : "89eb652b81f7b3cd7e9ee9e718575c09"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "1101d1a5-a7f3-4dd3-a867-45f91bf647a2" ,
"value" : "6.614331"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "18f8ba67-7fba-4c2d-ac83-d78981bf1320" ,
"value" : ".text"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "01cab687-ae12-487c-bf88-13be2f2d5436" ,
"value" : "135168"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "b01b41f3-48dc-44d8-88fa-c1df65dc1a49" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "485c3e45-7f75-4481-bf30-26217fa8efa8" ,
"value" : "4f6c6295c85743cc3a2ca8f5dc2c4648"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "c6e9c40a-ac0a-4d8c-9488-db0f2c03aa06" ,
"value" : "5.330927"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bdc6e469-d358-47d0-8c72-047986773866" ,
"value" : ".rdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "ae0b54ca-995f-4829-be25-94bdf78d9861" ,
"value" : "58368"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "d1f7fb50-44e9-40fa-bb07-983db8510dbb" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "6dcb8ce1-40cc-4e24-a54c-a9c8f85a6d21" ,
"value" : "3fe517cfbe9700ed9c311661377fcbd9"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "00e006f0-58a7-462a-a898-f9b7f18c06bd" ,
"value" : "3.056628"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "c52f2d18-f3c7-4638-a9fa-05150e81f2c1" ,
"value" : ".data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "14ed9919-0799-4ee1-8bab-b54251f29ce7" ,
"value" : "4096"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "89960bfa-2dae-4690-a7ac-0be243a171de" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1d6ab8b6-9a5a-485e-b567-517588e0ae60" ,
"value" : "7d123d6987b6fa0f191e9ee2fb0d9484"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "3d04983c-6f02-45f5-8a4b-8b9361ef8ce6" ,
"value" : "4.711341"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "fc918300-a8bc-41ba-9e56-68b65dc12cf1" ,
"value" : ".rsrc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "bde97570-f853-4720-b439-7f6c4cc3e74c" ,
"value" : "512"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779053" ,
"uuid" : "2cc5689b-87d2-44d6-b5df-509b69da66d4" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "4be66c32-9281-49ff-9234-f27dbb1709f6" ,
"value" : "320df1e8ed4184af06bb4c62a00cc47b"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "47b695b0-e838-4fa0-b684-e356ef9b6acb" ,
"value" : "6.441951"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "362161e2-05a2-432a-9c68-d6bcf9b3c4f8" ,
"value" : ".reloc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7f1a644c-9045-4fb4-96ae-23347d40643b" ,
"value" : "8704"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe" ,
"template_uuid" : "cf7adecc-d4f0-4e88-9d90-f978ee151a07" ,
"template_version" : "7" ,
"timestamp" : "1645779053" ,
"uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "b41b6b7a-1c1d-4e8e-9e03-40bad4318eaf" ,
"relationship_type" : "header-of" ,
"timestamp" : "1645779058" ,
"uuid" : "465925c4-2bfa-48e8-8e5c-cee6f078cfe2"
} ,
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "031bd67f-c23c-4613-b1ff-86ce95148260" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "a92c4a90-44c3-4906-b821-da512a4957eb"
} ,
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "b01b41f3-48dc-44d8-88fa-c1df65dc1a49" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "3a1d83b4-636a-4843-90e6-cc2bfa891a79"
} ,
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "d1f7fb50-44e9-40fa-bb07-983db8510dbb" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "072ab916-e608-48b6-a3d7-d9fa898bea12"
} ,
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "89960bfa-2dae-4690-a7ac-0be243a171de" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "9bcdf197-92a5-4154-aa90-8b9784a97e3f"
} ,
{
"comment" : "" ,
"object_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"referenced_uuid" : "2cc5689b-87d2-44d6-b5df-509b69da66d4" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "7e2b707b-7409-43fd-824a-455377663b71"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "internal-filename" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "fd21cad0-4d87-46ac-893a-67b103ba36cb" ,
"value" : "Dore.dat"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "original-filename" ,
"timestamp" : "1645779053" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "8eb29834-a168-439f-bb99-94fa3b49b28d" ,
"value" : "Dore.dat"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "number-sections" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "counter" ,
"uuid" : "1b78d68e-4257-4f16-a91a-a38beeafeb6f" ,
"value" : "6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "fd54b60f-6543-4407-bdbe-a024879b303e" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "fd54b60f-6543-4407-bdbe-a024879b303e" ,
"referenced_uuid" : "5689bb69-0031-4f2d-8700-8cc9ffc6628e" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779058" ,
"uuid" : "58bdc7c7-d5a9-40d3-9e5d-be187d31552c"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "b6bcfa1d-d23a-40f7-9a0f-c912181eb991" ,
"value" : "6c084c8f5a61c6bec5eb5573a2d51ffb"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "5289cccb-939b-4630-ab24-cd523cb54da7" ,
"value" : "61608ed1de56d0e4fe6af07ecba0bd0a69d825b8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "2693944a-49eb-461f-9a39-9730434d11ac" ,
"value" : "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "cfe93708-2aee-40e7-a3a9-9da42b8b25b6" ,
"value" : "4eaa2d6f29d2712f3487ff7e3a463ec4ba711ba36edda422db126840282e8705ebee6304cc9a54433c7fac7759f98a9543eda881726d8b788f4487b8d4f42423"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "31ab7405-3a42-431b-9e2c-34a4b715640f" ,
"value" : "6144:LiJOsC/WBmefvpzeChVsg3euJHs7pdcAOlnI:LLWBmyvp/s5uJHs7pdcvI"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "29170e34-b131-4a4d-91b6-45203686f993" ,
"value" : "Dore.dat"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "9977b569-6623-4798-ac14-873573ea6bab" ,
"value" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "bb609bf9-8b28-4a66-a2a2-07723e877916" ,
"value" : "208222"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "33dbe50e-7c97-4481-97ac-021c112b2d3f" ,
"value" : "6.489815"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "079fe4a9-1e67-463a-b3f9-5496f1e68e96" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "88a1e349-f76d-4ea9-bd92-819379b34548" ,
"value" : "b6b0edf0b31bc95a042e13f3768a65c3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "de64d442-8b6f-4200-a7a4-055814d494e7" ,
"value" : "5168a8880abe8eb2d28f10787820185fe318859e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "e03a3fe1-52f3-496c-b547-48df4966266a" ,
"value" : "b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "97a0e1f8-904e-4692-b5b4-b978dbbd4141" ,
"value" : "669e655ca79c95d8d25e56cb0c4c71574ff74f55e11930e9cdbfb4a3767fce0d09ab362d2f188a153ba25497b8a2508d0501bca342c0558f06e921f603b2218c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "0ac3185b-c5c4-4091-9c0c-256f33d16a59" ,
"value" : "48:oOd/U/82KlaUdrSS1A82RBBboWuP7qgGgmzfBUXX7PXTWPJJ5wx:YmP71+Ju"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "db4cc09c-bf10-4ab7-8c63-950dfbb0a8f7" ,
"value" : "config.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "edcc3473-1a02-48ff-88b5-38dc3bc10335" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "e8127fd5-fee5-40ff-8f33-211c35afc6f8" ,
"value" : "3615"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "11eeb428-f5c9-4e83-86f3-8e51c668d98c" ,
"value" : "5.291145"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779053" ,
"uuid" : "38920e7c-f009-4d66-bb64-24b535c20a7d" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "536f6e1d-9cc7-4d2a-b63a-5f1cac200955" ,
"value" : "Queried whois.ripe.net with \"-B 185.117.75.34\"...\n\n% Information related to '185.117.75.0 - 185.117.75.255'\n\n% Abuse contact for '185.117.75.0 - 185.117.75.255' is 'abuse@hostsailor.com'\n\ninetnum: 185.117.75.0 - 185.117.75.255\nnetname: EU-HOSTSAILOR-20140124\ndescr: HostSailor NL Services\ncountry: NL\nadmin-c: AF11712-RIPE\ntech-c: AF11712-RIPE\nstatus: ASSIGNED PA\nmnt-by: MNT-HS\ncreated: 2016-02-01T08:50:02Z\nlast-modified: 2016-02-01T08:50:02Z\nsource: RIPE\n\nperson: Host Sailor Ltd - Administrative role account\naddress: Suite No: 1605, Churchill Executive Tower, Burj Khalifa Area\naddress: Dubai P.O. Box 98362\naddress: United Arab Emirates\nphone: +97145577845\nnic-hdl: AF11712-RIPE\nmnt-by: MNT-HS\ncreated: 2014-06-30T16:22:26Z\nlast-modified: 2019-05-29T09:39:31Z\nsource: RIPE"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "694faf23-b780-46f2-aefe-241a5d98af3b" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "8aefcbbe-1177-4dcc-b8d7-8ebb3d77d75d" ,
"value" : "a0421312705e847a1c8073001fd8499c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "bbe43126-332a-4d35-9b71-040c0df2c139" ,
"value" : "3204447f54adeffb339ed3e00649ae428544eca3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "c2c41fe8-baa6-478a-b78d-6275dd1c0266" ,
"value" : "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "d11f1aaa-ddc0-4df5-8a5a-2adf97c51780" ,
"value" : "32c89ce4ec39c0f05fdd578ac7dbd51a882fdca632a00a591655992f258fe1b870c5ac6732d79c835578fd85c237d69d10886b1bec087217b921b8dbd2d7ab50"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "9e30674b-51bf-428b-801a-de1dff507105" ,
"value" : "96:ND25Bb2G+6C3z+FPyY1PgWuRuSpqq8HRYwC+w7ivocD6ZpY59lmBZ1q0c3:NKnCGO3iFPysIW8YlHRYw5w6F6ZpYUB0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "305fe315-3914-4292-8df8-9e5617d684a1" ,
"value" : "Config.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "abef8249-e0c0-4d12-a943-3a09e2284eb2" ,
"value" : "ASCII text, with very long lines, with no line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "2866cd34-0ce5-49b3-a29b-ce226887f949" ,
"value" : "5037"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "a0fc814f-31ee-49bd-89ed-f192192e3f58" ,
"value" : "5.941005"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779053" ,
"uuid" : "15525186-a7c8-43ca-af5d-705400ccb100" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e82457aa-c4c9-4c0f-b4f0-66bd218b145b" ,
"value" : "Queried whois.arin.net with \"n ! NET-192-210-191-0-1\"...\n\nNetRange: 192.210.191.0 - 192.210.191.255\nCIDR: 192.210.191.0/24\nNetName: CC-192-210-191-0-24\nNetHandle: NET-192-210-191-0-1\nParent: CC-11 (NET-192-210-128-0-1)\nNetType: Reallocated\nOriginAS: AS36352\nOrganization: Virtual Machine Solutions LLC (VMSL-100)\nRegDate: 2019-03-26\nUpdated: 2019-03-26\nRef: https://rdap.arin.net/registry/ip/192.210.191.0\n\n\nOrgName: Virtual Machine Solutions LLC\nOrgId: VMSL-100\nAddress: 12201 Tukwila International Blvd\nCity: Seattle\nStateProv: WA\nPostalCode: 98168\nCountry: US\nRegDate: 2016-06-22\nUpdated: 2020-12-10\nComment: http://virmach.com/abuse to report abuse.\nRef: https://rdap.arin.net/registry/entity/VMSL-100\n\n\nOrgTechHandle: GOLES88-ARIN\nOrgTechName: Golestani, Amir \nOrgTechPhone: +1-800-877-2176 \nOrgTechEmail: report@virmach.com\nOrgTechRef: https://rdap.arin.net/registry/entity/GOLES88-ARIN\n\nOrgAbuseHandle: GOLES88-ARIN\nOrgAbuseName: Golestani, Amir \nOrgAbusePhone: +1-800-877-2176 \nOrgAbuseEmail: report@virmach.com\nOrgAbuseRef: https://rdap.arin.net/registry/entity/GOLES88-ARIN"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "2d931542-8378-4faa-a8cc-9694bddad3d9" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "1bea5b5d-df0f-4e0a-a338-a749361d72ba" ,
"value" : "a16f4f0c00ca43d5b20f7bc30a3f3559"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "096166ca-a580-4309-818c-a4902493de73" ,
"value" : "94e26fb2738e49bb70b445315c0d63a5d364c71b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "0f7f850f-38d4-4047-bf81-5a73a6fdd220" ,
"value" : "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "d410598c-04b4-4388-b6a4-782f2530c170" ,
"value" : "e1f929029e7382e0a900fb3523dbc175d503b1903b034d88aed3e50aed768ce79c52091520e4a3e40c04e00ab70af3d438de35c79502ff8b11adcb45f6f666bd"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "61adb95d-4181-4035-a1b0-f31fdc91c181" ,
"value" : "96:ND25Bb2FNushsy1XSWSAIm0Rs1yjLzJ8f3zT+ujYa42g2QR4HElM+ejX+2jIQSgp:NKnCFvsLcIm0bfzAd4F6HEl92pSgoFu"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "1a2045d1-98f7-4217-9669-e18a186d7b97" ,
"value" : "Config2.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "cc10273a-ae0f-407e-99e0-4ac0c3228776" ,
"value" : "ASCII text, with very long lines, with no line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "f4bc7788-7596-420d-8d82-77933d26ee1d" ,
"value" : "5037"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "7a32f498-83bc-436e-b787-1efb94150d96" ,
"value" : "5.935676"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779053" ,
"uuid" : "2a9b7399-d8a2-4f56-ad89-8bbef38b32b8" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "a1ecd92a-5d8f-4ffb-8a0c-ae0741473487" ,
"value" : "51bc53a388fce06487743eadc64c4356"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779053" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "cc16fae6-e914-4a69-8c91-247c52dc471a" ,
"value" : "b9e6fc51fa3940fb632a68907b8513634d76e5a0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "cc218603-61d6-4b1e-8ca1-52275a68a5ba" ,
"value" : "9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "a71b18a6-3ab4-4c77-8c25-f0947eda7f9f" ,
"value" : "43d291535b7521a061a24dc0fb1c573d1d011f7afa28e8037dea69eb5ae5bcd69b53a01a636e91827831066f9afc84efc1d556f64dc5cd780f9da79d38783b70"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "a1948cc1-6796-4fd5-a96b-c543e12902bb" ,
"value" : "48:oJX/VlShMEtkDJrSYChZh60cIpoEzMPkQwpCUOfcUeHe0eGeBr8ONIPoUy3pIhwx:uStoJCXhbcIvgPkQw8rfcR+xjBrRUsT"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "88d2ffd3-6e00-497f-8029-001760fbc839" ,
"value" : "AntheHannah_config.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "1af5acd1-3a6c-4c84-b0c9-a2fc59bc4a64" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "6527ceb7-b8cf-4755-b75b-83b5cc865748" ,
"value" : "3491"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "98118857-607b-457c-a4b6-8a6ba23090c2" ,
"value" : "5.319055"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "1c150932-a7d5-4fc2-adc4-e7479a47c13c" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "677d9feb-af29-4ffa-8ecf-02ceb6b51959" ,
"value" : "0ac499496fb48de0727bbef858dadbee"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "1bf1e49e-fee0-440e-9abf-793a0d21430d" ,
"value" : "483cd5c9dd887367793261730d59178c19fe13f3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "2f9304fe-f01a-4d9d-959f-290a4fcfa48a" ,
"value" : "255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "3df82fe3-7977-4cbd-a5b1-f88dd45d5578" ,
"value" : "be0d181aabd07b122fcdb79a42ba43ed879a5f0528745447f2c93c6d9cb75c00f1d581520c640fd7f4a61a6f27ef82d99ad09ee2f1cc85340252a7eb7a9fa7a1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "38a055f5-d4d0-4f44-8887-956d28890e5a" ,
"value" : "48:oHyk/BbLGAQUJaqQNMWyT1veKRzKykrSaowAQncpQNiqyC2V+mqoS3NwPK+2/t+Q:dyF1p7cKRzDbRBCUDP9X5NbfZJRQURC7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "ba3833bc-5d86-4400-b872-74c60d882fd0" ,
"value" : "TeresitaJordain_config.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "ded09ad8-03a6-42c2-8d50-bd59806b2d8b" ,
"value" : "data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "8925aa8d-2530-400a-833e-5059c02016c4" ,
"value" : "3580"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "eb78a575-4904-4eed-8b88-433621a3defa" ,
"value" : "5.296734"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779054" ,
"uuid" : "a7339914-9500-4412-8274-2a85eb122df2" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "829e5070-449c-44eb-8a1f-1978102e5242" ,
"value" : "Queried whois.ripe.net with \"-B 185.183.96.44\"...\n\n% Information related to '185.183.96.0 - 185.183.96.255'\n\n% Abuse contact for '185.183.96.0 - 185.183.96.255' is 'abuse@hostsailor.com'\n\ninetnum: 185.183.96.0 - 185.183.96.255\nnetname: EU-HOSTSAILOR\ndescr: HostSailor NL Services\ncountry: NL\nadmin-c: AA31720-RIPE\ntech-c: AA31720-RIPE\nstatus: ASSIGNED PA\nmnt-by: MNT-HS\ncreated: 2016-12-23T09:52:06Z\nlast-modified: 2016-12-23T09:52:06Z\nsource: RIPE\n\nperson: Ali Al-Attiyah\naddress: Suite No: 1605, Churchill Executive Tower, Burf Khalifa Area\naddress: Dubai P.O. Box 98362\naddress: United Arab Emirates\nphone: +971 455 77 845\nnic-hdl: AA31720-RIPE\nmnt-by: MNT-HS\ncreated: 2016-12-21T19:19:26Z\nlast-modified: 2019-03-18T14:07:12Z\nsource: RIPE\n\n% Information related to '185.183.96.0/24AS60117'\n\nroute: 185.183.96.0/24\ndescr: EU-HOSTSAILOR 185.183.96.0/24\norigin: AS60117\nmnt-by: MNT-HS\ncreated: 2016-12-23T09:50:04Z\nlast-modified: 2016-12-23T09:50:04Z\nsource: RIPE"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "80574eb8-7154-4a77-a909-ebd54b6c88ad" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "0c9972ef-5e4d-42b6-9b82-76feb4e59d10" ,
"value" : "d68f5417f1d4fc022067bf0313a3867d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "d32b4dd1-77f2-4c7e-934c-7b38dc9835a6" ,
"value" : "2f6dd6d11e28bf8b4d7ceec8753d15c7568fb22e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "8448d3e0-2e37-40ee-938a-769c73a22e27" ,
"value" : "e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "be389d35-cda2-4b8e-9bce-04f954795033" ,
"value" : "39023583902e616a196357a69ab31371842f3b6119914803b19e62388dc873ab02567ac398148f84c68adac6228a8cb4e83afb0be24bdf1603a618669030bf39"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "43569960-38a4-442c-8d3b-e241a309f389" ,
"value" : "12:B6V3vKH/RRNyzV3vowKzV3voDPMV3v7SzV3vHzvm5V3vWQ52LgxxOWpgVEQgjVoL:sV3E/ozV3pKzV3GPMV3OzV3j4V3OQ4sI"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "46a6f043-0510-4a38-87ad-3c9243266fda" ,
"value" : "HeidieLeone.txt"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "ee61529f-9913-4842-8d7d-684eb855dc9b" ,
"value" : "ASCII text, with very long lines, with no line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "8eb2b77a-a2ac-47ca-95db-fcb10b0b7ed2" ,
"value" : "706"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "23936536-3c7f-4779-a8f0-5493d270e4af" ,
"value" : "5.145602"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "4d21ff7a-35e4-4827-a068-c7aad98223b9" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "b82e7e6f-9e10-4180-8935-09323925f307"
} ,
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "9b17f685-fdaf-41f1-8fd6-6ea69d2d15c6" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "5955af44-503b-4b6a-9328-97092f131e52"
} ,
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "b0d43d87-5c9b-4218-b961-04a92e2d5aee" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "3fba7fa4-0ed4-4964-9896-b9dee1e8bf01"
} ,
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "f76e4c02-dcca-4e21-b920-dcebc84d9968" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "9c390e95-b319-45a6-9f6d-ab637595a8f8"
} ,
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "4d735b97-6406-4b0a-9495-e12f5370b526" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "ecd029d7-d078-4f00-a845-1fd65b68b7dd"
} ,
{
"comment" : "" ,
"object_uuid" : "9464de84-6702-4bf3-9339-61af61690052" ,
"referenced_uuid" : "b1b224e3-f2b0-4595-8620-a0d35f3c5705" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779058" ,
"uuid" : "952925c6-8199-415e-b4ba-d49636a99651"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "c9775a3d-9a15-4bf4-9f40-e385dda719d6" ,
"value" : "c0c2cd5cc018e575816c08b36969c4a6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "de18a7a4-5e5c-4036-b7f8-3ac04a6ceabc" ,
"value" : "47a4e0d466bb20cec5d354e56a9aa3f07cec816a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "ee30fe7b-8809-476f-9518-21c592855652" ,
"value" : "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "915bee10-97bb-4f30-9edf-19d4da2e1fa8" ,
"value" : "4b930da1435a72095badaeca729baca8d6af9ab57607e01bd3dd1216eee75c8f8b7981a92640d475d908c6f22811900133aed8ab8513c38f5bc82b60752bf929"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "bc953776-1a06-4390-a375-7a5bf5dbbb93" ,
"value" : "96:/r9/hIgY/5N8s2Q5bQRWs4uQ5WQRWumVxE1Fq:T9/hILLdpG4Rdmwq"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "0ec4fef3-3524-4550-8dd8-a49fd14cb884" ,
"value" : "note.js"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "8eb9d99e-4aa9-4e5f-8da1-0cf50d9ffc7a" ,
"value" : "ASCII text, with very long lines, with CRLF line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7b7551aa-afd4-4322-bc03-546310a29f51" ,
"value" : "3235"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "1608e5b4-2667-4b29-9556-84eadf847f29" ,
"value" : "5.200319"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779054" ,
"uuid" : "f648e656-3378-43e4-b439-eb070beec392" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "369072b7-1330-42ba-a6b7-d63ca7f6513f" ,
"value" : "Queried whois.ripe.net with \"-B 185.118.164.21\"...\n\n% Information related to '185.118.164.0 - 185.118.165.255'\n\n% Abuse contact for '185.118.164.0 - 185.118.165.255' is 'abuse@profitserver.ru'\n\ninetnum: 185.118.164.0 - 185.118.165.255\nnetname: RU-CHELYABINSK-SIGNAL-20150923\ncountry: RU\nadmin-c: AN29881-RIPE\ntech-c: AN29881-RIPE\nstatus: ASSIGNED PA\nmnt-by: ru-chelyabinsk-signal-1-mnt\ncreated: 2016-10-12T10:22:21Z\nlast-modified: 2016-10-12T10:22:21Z\nsource: RIPE\n\nperson: Alexey Nevolin\naddress: Ordzhonikidze str., 54-B\naddress: 454091\naddress: Chelyabinsk\naddress: RUSSIAN FEDERATION\nphone: +7 3517299971\nnic-hdl: AN29881-RIPE\nmnt-by: ru-chelyabinsk-signal-1-mnt\ncreated: 2015-09-18T15:23:57Z\nlast-modified: 2015-09-18T15:23:58Z\nsource: RIPE\n\n% Information related to '185.118.164.0/24AS44493'\n\nroute: 185.118.164.0/24\ndescr: Chelyabinsk-Signal\norigin: AS44493\nmnt-by: ru-chelyabinsk-signal-1-mnt\ncreated: 2015-11-17T05:53:42Z\nlast-modified: 2015-11-17T05:53:42Z\nsource: RIPE"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "2b4d5563-aa53-41de-a6fa-61cb67211296" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "c797bf22-e48b-4c16-ab95-4a34d4e88cae" ,
"value" : "37fa9e6b9be7242984a39a024cade2d5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "db1e9d57-1073-44ae-92c5-5444137f4c7c" ,
"value" : "0211569091b96cffab6918e18ccc97f4b24d88d4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "4e2a0efd-4122-4199-8147-3b0e6bd9950b" ,
"value" : "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "ddaeaa6a-203d-4ca7-85fd-b52c4df8ea1a" ,
"value" : "889f293af25aa3af14c580000f15ade58e5b6b6000f42ddf38b69fd74a663b4c92cc2a90bfc9804d9de194e1eeee734f0b9e0ea5838afbc09f6fa3bfb3f5891c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "3e2f1f7e-8c43-46f8-ae60-b356f88fe1c6" ,
"value" : "96:ub0werybmdzpcY3EUCGYZoTuEDdEyh8G2ng7qci1yMA1h5+N:ub09ymdzpcY3BOZIDmyh8G2ntci1P856"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "fd76d93a-8517-45ff-94e6-15282512866c" ,
"value" : "rj.js"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "16b17bcc-03ef-40ba-a759-3a7d160eae5f" ,
"value" : "ASCII text, with very long lines"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "cda15a88-1875-4860-ba06-5f9297587c25" ,
"value" : "5257"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "fd56a5d1-aa50-4aed-b04c-ff3640f545bb" ,
"value" : "5.422642"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "70d813a1-7e2a-441d-ad9c-df28b6b27708" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "ea644682-a7e9-4bf2-8750-5916251821ee" ,
"value" : "3.335479"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "203e38cc-99e3-40d8-9974-685a2fceefea" ,
"value" : "fea26576aaf64f90e067892d07fb8f97"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "1d5fdbc2-f33e-41e2-9fc2-4597ea1acdd9" ,
"value" : "1024"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "9f4bf6ae-db4e-435f-942c-cee45507f603" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "25c5511e-6859-44d2-9270-7a62295af9ca" ,
"value" : "11cc597cf11ee87c3a0f76dcecf7556a"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "ba3540b2-8b5d-41f5-8a84-5293ee0e6a20" ,
"value" : "6.42081"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "79791801-1d24-495f-baac-34889de021ca" ,
"value" : ".text"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "4b36c87e-e47e-4a03-b508-c3a26a2e1524" ,
"value" : "468992"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "7ba28cfb-1ef7-4e10-8fca-76302b6e9964" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "4d5f2562-38db-4709-bdfb-e22d2eff5b6a" ,
"value" : "52f5c458bae1ec48fc650d0975663910"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "cc5be4be-a206-4bdd-945f-37f1a88e724a" ,
"value" : "4.843554"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "cb3f429f-0a58-4164-9bc8-57b33f6f5819" ,
"value" : ".rdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "b3f02657-af0c-4f88-b0f6-b99496eac96e" ,
"value" : "167936"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "d9132104-d799-4394-8c33-0f686b447919" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1b8062e3-baa1-43da-9ed0-8645a2e7b942" ,
"value" : "f7a88a7f326a63079052f1884b57e3a8"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "9162d25e-bb75-404d-a0c8-6443ca3da358" ,
"value" : "4.040157"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b23e3ec-c288-40a6-88fb-6091e4c86859" ,
"value" : ".data"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "cc1e4968-2590-4034-ac53-b2473c655ea5" ,
"value" : "11264"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "fa04c2f8-795b-430d-928f-f9288e0cc0aa" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "c053dafa-ff66-4d98-aad3-839a83d42343" ,
"value" : "c2b5de9421b4a0c9b7d4688f4ae051ac"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "2805df85-8a68-4853-aca5-24ee3d5037ed" ,
"value" : "5.777552"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e194ce54-fe6b-4305-b204-c81f64421b46" ,
"value" : ".pdata"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "ddc6bf9c-0c22-4b76-a735-853cf71ff0fe" ,
"value" : "25088"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "0c1c48e9-4c1b-433f-9365-ff737e68888e" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "f29c181c-dc0f-4b1b-af61-24ee32507167" ,
"value" : "1f354d76203061bfdd5a53dae48d5435"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "e150c33b-e442-4e29-93a2-55d16df8ae21" ,
"value" : "0.020393"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "0579b6f8-85e9-4900-8d86-9da411e1da90" ,
"value" : ".tls"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "fc91c3ff-ea92-451f-a4d5-687018f6e30d" ,
"value" : "512"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "1e2076a5-33c1-407c-af66-1ea88aad56d9" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d2e71712-9062-4181-a4b3-ab5a24a4603a" ,
"value" : "37b679e67208f1af8eed89301450017a"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "844e102e-2f97-48ad-b5ef-0d0a9230957f" ,
"value" : "8"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4a672191-bc06-42aa-8381-23bd05cdcc1d" ,
"value" : ".rsrc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "fac252a2-e089-4127-98eb-c2765747052a" ,
"value" : "209716224"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a section of a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe-section" ,
"template_uuid" : "198a17d2-a135-4b25-9a32-5aa4e632014a" ,
"template_version" : "3" ,
"timestamp" : "1645779054" ,
"uuid" : "57e792ad-7ab2-4b68-a21d-573d84adb9d4" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "518d00df-3f01-4188-98cb-e722f66f4846" ,
"value" : "ef43c49686a0f7100f95a3dfa50d84ea"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "d7089435-35e3-4ab6-8fd6-a59bba73bd3d" ,
"value" : "5.322063"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "name" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "c22bc1a9-139b-43e1-9fd6-470f8555ddd2" ,
"value" : ".reloc"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "127c4bed-8981-4278-9f5e-9c023effe778" ,
"value" : "5120"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing a Portable Executable" ,
"meta-category" : "file" ,
"name" : "pe" ,
"template_uuid" : "cf7adecc-d4f0-4e88-9d90-f978ee151a07" ,
"template_version" : "7" ,
"timestamp" : "1645779054" ,
"uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "70d813a1-7e2a-441d-ad9c-df28b6b27708" ,
"relationship_type" : "header-of" ,
"timestamp" : "1645779059" ,
"uuid" : "0e6b8bd7-c583-4192-a63c-f4be67a1217f"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "9f4bf6ae-db4e-435f-942c-cee45507f603" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "5fb0b9c7-8ff0-4864-a5b4-7d51dee31fd6"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "7ba28cfb-1ef7-4e10-8fca-76302b6e9964" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "66f086e0-f2ae-41b0-b969-ba4c357615e0"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "d9132104-d799-4394-8c33-0f686b447919" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "9d1f9d4a-1fe4-48ab-b51b-bfef214ec9ad"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "fa04c2f8-795b-430d-928f-f9288e0cc0aa" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "ada5277d-3765-4adc-b9cb-4176ee3581cf"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "0c1c48e9-4c1b-433f-9365-ff737e68888e" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "7d864e00-082c-451e-baca-710c654e3ccf"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "1e2076a5-33c1-407c-af66-1ea88aad56d9" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "0ea058fb-7a04-43c9-8f4a-69171234e9a8"
} ,
{
"comment" : "" ,
"object_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"referenced_uuid" : "57e792ad-7ab2-4b68-a21d-573d84adb9d4" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "72dcdb1d-1c4e-4f65-92ea-4e13b3d101a7"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "internal-filename" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "e19895b7-614d-4df6-88b2-ef9882f772ae" ,
"value" : "FML.dll"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "original-filename" ,
"timestamp" : "1645779054" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "b83e6442-d640-4237-a8d8-0a477c102bba" ,
"value" : "FML.dll"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "number-sections" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "counter" ,
"uuid" : "dc28a6f3-0f22-48ca-948d-fb36cd685c05" ,
"value" : "8"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"referenced_uuid" : "2db19a7b-65c3-4cd5-8d65-16b8891da95b" ,
"relationship_type" : "includes" ,
"timestamp" : "1645779059" ,
"uuid" : "a1d50735-be60-4bab-a170-d1dd8a895810"
} ,
{
"comment" : "" ,
"object_uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"referenced_uuid" : "b2cd18a6-26c5-4b11-b089-3c6e6ef81e70" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "d71efd90-9869-485e-aeb5-a244384ae253"
} ,
{
"comment" : "" ,
"object_uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"referenced_uuid" : "44690fce-2465-4c06-bdb2-85eace599816" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "abd19b0a-e55e-4b99-8e50-36e8cea16df0"
} ,
{
"comment" : "" ,
"object_uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"referenced_uuid" : "09f9d1a7-d594-4171-82fd-58dbe3176f42" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "56b11472-7edb-4db9-ae9b-1e46f78b23eb"
} ,
{
"comment" : "" ,
"object_uuid" : "a429b41f-ab0f-4867-97ce-07b08dd69195" ,
"referenced_uuid" : "41f40467-acae-470e-a9c6-4f2a25f6ae52" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "593bbc83-96b8-4c2f-af3f-ef802abdbe6b"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "11492c5e-a594-45d6-9604-9ba857a02a30" ,
"value" : "0431445d6d6e5802c207c8bc6a6402ea"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "8170aa21-74ae-4bd3-93a9-9fb0be0963fb" ,
"value" : "3765c1ad8a1d936aad88255aef5d6d4ce24f94e8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "361bc142-4475-4e91-bccb-6e5a73a9091a" ,
"value" : "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "0d8a31ad-4eb6-4cb5-93f5-a19ba0f99168" ,
"value" : "f46d71a66aa615efdcec37ff282201695f6216a8903a83edee874ced321b8a090baf1054e77bd3ed642e5da60522ea245e1741726fc4b49ccbef11203f5790bf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "ef8e256e-4fbd-413e-ad8e-5fd6520aad04" ,
"value" : "3145728:LFiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiQ9FiY:AQyQyQyQyQyQyQyQyQyQyQyQyY"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "d573baaf-daf3-41ab-81f8-d46acd95fe01" ,
"value" : "FML.dll"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "84c31250-f068-4c80-ad82-82f2ff481df6" ,
"value" : "PE32+ executable (DLL) (GUI) x86-64, for MS Windows"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7f692c7c-c27d-4009-9072-4cf0b44ebcc7" ,
"value" : "210397496"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "71efca30-218c-4205-9203-714497553b0a" ,
"value" : "7.999913"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779054" ,
"uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
"referenced_uuid" : "d27c7d2e-7fd9-43db-9440-d3c47acc9d2b" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "c435e60d-680c-4d0e-b8c5-e2fecb860e96"
} ,
{
"comment" : "" ,
"object_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
"referenced_uuid" : "66570214-b92c-413b-b8ca-74d1172a60bc" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "fa414a38-ffba-49a9-85e7-03a09f69483f"
} ,
{
"comment" : "" ,
"object_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
"referenced_uuid" : "4c08be95-9eb9-457f-82f1-63015549124a" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779059" ,
"uuid" : "3a787905-34ab-40e9-9879-68bcda578d1c"
} ,
{
"comment" : "" ,
"object_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
"referenced_uuid" : "78454fee-f7d0-4414-9287-2ab013132efa" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "214e7082-cb8f-4bd0-9fb9-8bdfbc41ab0e"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "ac28dd4a-c2ed-4471-81f0-8a6142c3090c" ,
"value" : "b0ab12a5a4c232c902cdeba421872c37"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779054" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "f30bcfbb-8dbb-4614-b269-d520efe22d98" ,
"value" : "a8e7659942cc19f422678181ee23297efa55fa09"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "6eed8f28-9aa9-46b6-bb18-fadd27c1a79f" ,
"value" : "026868713d60e6790f41dc7046deb4e6795825faa903113d2f22b644f0d21141"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "0cffbcb1-f808-4120-8924-5c790e046128" ,
"value" : "c1ff4c3bd44e66e45cdb66b818a963d641cde6b9ea33ac64374929f182cd09e944d9337a588ba99d3df98190ba979431d015d848aa09c2d93763a1ed795ff304"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "22f08f37-8ea2-4901-9a42-34840e2a97ef" ,
"value" : "6144:Lk3hOdsylKlgryzc4bNhZF+E+W2knAcYi4uU4pVZ8lx+tSeJBWC:5iLZpVZ8lx+tn3WC"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "5a006fe2-7979-4d34-965b-5f5b00e16884" ,
"value" : "Cooperation terms.xls"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "01594ed7-524b-4910-bc28-5503a2a3913f" ,
"value" : "Composite Document File V2 Document, Little Endian, O%WINDIR%\\ Version 10.0, Code page: 1252, Author: pc, Last Saved By: interstellar, Name of Creating Application: Microsoft Excel, Create Time/Date: Wed Sep 29 20:38:56 2021, Last Saved Time/Date: Mon Oct 4 07:32:17 2021, Security: 0"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "1500fc53-e8be-46e3-8869-b827a2159c81" ,
"value" : "252928"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "9d3628e5-1f57-4391-bfc5-2ca5e1ed4c87" ,
"value" : "7.16796"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779055" ,
"uuid" : "d27c7d2e-7fd9-43db-9440-d3c47acc9d2b" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "d27c7d2e-7fd9-43db-9440-d3c47acc9d2b" ,
"referenced_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "d6d7b5c2-ed42-4ab3-84a0-23bdb7f711b4"
} ,
{
"comment" : "" ,
"object_uuid" : "d27c7d2e-7fd9-43db-9440-d3c47acc9d2b" ,
"referenced_uuid" : "f6dd05f8-9c1f-48a7-9bac-0a8d3a43be55" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "f8178387-59eb-4575-aca3-fe81de8e6adc"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "19c13c4d-c770-4d85-aec8-2c4bc2fa257d" ,
"value" : "e182a861616a9f12bc79988e6a4186af"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "6d8391af-7a17-4842-ba29-0ff94b13917f" ,
"value" : "69840d4c4755cdab01527eacbb48577d973f7157"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "cd1343d8-d5b1-4bd2-8dbe-c059e76141d0" ,
"value" : "c2badcdfa9b7ece00f245990bb85fb6645c05b155b77deaf2bb7a2a0aacbe49e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "0cce55c8-8155-4db1-bccb-834993cc63d9" ,
"value" : "0eb88fe297d296569063874bead48c8b2998edc6779f5777f533de241fa49d7cb4aadc189bcdd07783ad2d669ac35344b2385c62859bc5b0c6fbe55e4857002b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "9cfb8029-0b39-4143-824b-2f10ce7060d6" ,
"value" : "192:qK8Lkrc2HWT1jbAaBLGFNN68RNEFQQrrl+lBAlJlgQGtb0UqQYGQrQoGuQgQXPY5:qK82ZWTd/LYNBRNEFl+l2lJlGdPUlcKp"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "2f10e6d1-b9a4-4427-80f4-9fbc125ff01e" ,
"value" : "Outlook.wsf"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "2d209f67-2023-49a9-9393-b24efd0ed3fa" ,
"value" : "HTML document, Little-endian UTF-16 Unicode text, with CRLF line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "88cd347a-7737-4571-a3fb-1416dc47e89e" ,
"value" : "11692"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "6d5b1e02-45b1-4ff8-a960-37c46afb8347" ,
"value" : "4.062618"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779055" ,
"uuid" : "66570214-b92c-413b-b8ca-74d1172a60bc" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "66570214-b92c-413b-b8ca-74d1172a60bc" ,
"referenced_uuid" : "79dc0283-fee3-4b4d-a7d3-ad6e7fd4d500" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "2844e7f1-f487-4f9c-a5ca-716171295d49"
} ,
{
"comment" : "" ,
"object_uuid" : "66570214-b92c-413b-b8ca-74d1172a60bc" ,
"referenced_uuid" : "4b4b197c-c1d0-463a-9ce2-64b3bd31cd0b" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "d7af1d9a-fd27-4cf8-b46c-46f12fcb5410"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "44d780cb-6779-4f2e-9f29-2282263d90bb" ,
"value" : "b3504546810e78304e879df76d4eec46"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "60f4b614-495d-437c-b158-888a578fd9b1" ,
"value" : "d02d93b707ac999fde0545792870a2b82dc3a238"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "dc26b845-d34c-480c-85cb-6317b95dada5" ,
"value" : "f10471e15c6b971092377c524a0622edf4525acee42f4b61e732f342ea7c0df0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "c2f9651b-ac42-4f6f-86ca-48a099fc3bea" ,
"value" : "d7a78259988e17b1487a3cc2a3a8ba7aaa1cae8904b2ee3da79a6a77266822f726a367cda9c1b59aab3cf369ebf5bec1f279e8e6ff036376073f8a20e3053576"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "d1303df4-2d99-4c67-95d6-9d5f04c5ab40" ,
"value" : "384:NaeE4zZlbO1/RW8upzK2Hkq3+LBOuCBSnUosLCFt9tMRYCnFCg+tJCXw2V3:NaeEpu9VEU+LQEsMt9tUl+ta"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "6abfb048-f719-487a-8a3e-31631e67aeab" ,
"value" : "Outlook.wsf"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "d4b504db-e7b3-42ba-b63e-9ece1b0d745a" ,
"value" : "HTML document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "7f375bdc-d228-4aef-92d1-d0ee54adf6cb" ,
"value" : "34242"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "3af0e5c6-a98b-4e7c-ba14-dd8814b258e4" ,
"value" : "3.699753"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779055" ,
"uuid" : "8067bdc0-70c2-47d1-b5d4-d915e4ca2136" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bf771ccf-59b8-4105-a2da-d0444fbf19be" ,
"value" : "Domain Name: bacloud.info\nRegistry Domain ID: 9ae51aee8f3144059e17d8f8fba3095e-DONUTS\nRegistrar WHOIS Server: whois.PublicDomainRegistry.com\nRegistrar URL: http://www.PublicDomainRegistry.com\nUpdated Date: 2021-03-09T06:39:04Z\nCreation Date: 2010-04-22T12:46:58Z\nRegistry Expiry Date: 2022-04-22T12:46:58Z\nRegistrar: PDR Ltd. d/b/a PublicDomainRegistry.com\nRegistrar IANA ID: 303\nRegistrar Abuse Contact Email: abuse@publicdomainregistry.com\nRegistrar Abuse Contact Phone: +91.2230797500\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: REDACTED FOR PRIVACY\nRegistrant Name: REDACTED FOR PRIVACY\nRegistrant Organization: GDPR Masked\nRegistrant Street: REDACTED FOR PRIVACY\nRegistrant City: REDACTED FOR PRIVACY\nRegistrant State/Province: GDPR Masked\nRegistrant Postal Code: REDACTED FOR PRIVACY\nRegistrant Country: US\nRegistrant Phone: REDACTED FOR PRIVACY\nRegistrant Phone Ext: REDACTED FOR PRIVACY\nRegistrant Fax: REDACTED FOR PRIVACY\nRegistrant Fax Ext: REDACTED FOR PRIVACY\nRegistrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.\nRegistry Admin ID: REDACTED FOR PRIVACY\nAdmin Name: REDACTED FOR PRIVACY\nAdmin Organization: REDACTED FOR PRIVACY\nAdmin Street: REDACTED FOR PRIVACY\nAdmin City: REDACTED FOR PRIVACY\nAdmin State/Province: REDACTED FOR PRIVACY\nAdmin Postal Code: REDACTED FOR PRIVACY\nAdmin Country: REDACTED FOR PRIVACY\nAdmin Phone: REDACTED FOR PRIVACY\nAdmin Phone Ext: REDACTED FOR PRIVACY\nAdmin Fax: REDACTED FOR PRIVACY\nAdmin Fax Ext: REDACTED FOR PRIVACY\nAdmin Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.\nRegistry Tech ID: REDACTED FOR PRIVACY\nTech Name: REDACTED FOR PRIVACY\nTech Organization: REDACTED FOR PRIVACY\nTech Street: REDACTED FOR PRIVACY\nTech City: REDACTED FOR PRIVACY\nTech State/Province: REDACTED FOR PRIVACY\nTech Postal Code: REDACTED FOR PRIVACY\nTech Country: REDACTED FOR PRIVACY\nTech Phone: REDACTED FOR PRIVACY\nTech Phone Ext: REDACTED FOR PRIVACY\nTech Fax: REDACTED FOR PRIVACY\nTech Fax Ext: REDACTED FOR PRIVACY\nTech Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.\nName Server: dns1.laisvas.lt\nName Server: ns3.laisvas.lt\nName Server: ns5.laisvas.lt\nDNSSEC: unsigned\nURL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/\n>>> Last update of WHOIS database: 2022-02-01T10:54:20Z <<"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779055" ,
"uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
"referenced_uuid" : "c70cb492-e7e1-4ada-abf6-492b6068bca1" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contains" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "51e1ea98-9da4-47cc-a6e5-f0125dc8ab8a"
} ,
{
"comment" : "" ,
"object_uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
"referenced_uuid" : "3ca94ad4-1aae-487b-a12e-4c4910e9649d" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contains" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "2ee67754-02c8-4bd9-91c2-5115bdf4f59c"
} ,
{
"comment" : "" ,
"object_uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
"referenced_uuid" : "a2d1404b-0175-48f8-96f3-6ad0ec210bed" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "f181f470-ab4f-4b59-8596-ae7b3934554a"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "d3c6f74a-0b24-4c88-bbbe-466a022ee786" ,
"value" : "6cef87a6ffb254bfeb61372d24e1970a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "cd20baf8-88cf-4055-8e26-0f1e21064b08" ,
"value" : "e21d95b648944ad2287c6bc01fcc12b05530e455"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "dd7fd302-02ea-414e-b10f-1437f257d47e" ,
"value" : "4b2862a1665a62706f88304406b071a5c9a6b3093daadc073e174ac6d493f26c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "47b253b4-3301-4614-b0ae-805168c9b50e" ,
"value" : "a99ca0f86da547d2979bd854b29824da77472b16aa2d2dcbc0e5c3eb4b488ae69f9d3006bc326b52b9145076247b64ba55cacfaaf30e417ea8d4f71447d682aa"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "c69c7031-7b2d-4132-8540-96c76e9ce88e" ,
"value" : "6144:8k3hOdsylKlgryzc4bNhZF+E+W2knArYi4uU4pVZ8lx+tSea4awSi:PiLZpVZ8lx+tna4TZ"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "cab2cefc-b5db-410f-ad60-4beb027ab7b2" ,
"value" : "ZaibCb15Ak.xls"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "8a6e0f70-acbe-45a2-8d65-fbda7bfbe191" ,
"value" : "Composite Document File V2 Document, Little Endian, O%WINDIR%\\ Version 10.0, Code page: 1252, Name of Creating Application: Microsoft Excel, Create Time/Date: Mon Nov 1 07:15:30 2021, Last Saved Time/Date: Mon Nov 1 07:17:43 2021, Security: 0"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "d6f108d8-796e-4dc4-98c7-e58ae4b5567c" ,
"value" : "254976"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "badfcb4f-14a6-4493-9995-50af84b7549e" ,
"value" : "7.232043"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779055" ,
"uuid" : "3ca94ad4-1aae-487b-a12e-4c4910e9649d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "3ca94ad4-1aae-487b-a12e-4c4910e9649d" ,
"referenced_uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "30a97b79-cc24-4475-8844-68c8784c8c6e"
} ,
{
"comment" : "" ,
"object_uuid" : "3ca94ad4-1aae-487b-a12e-4c4910e9649d" ,
"referenced_uuid" : "3ed58aa4-c839-4160-9d61-9374e9a95f86" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "5ac7a7dd-c6ed-4dbb-affe-be12a02216f9"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "3533fa5f-3305-4c00-81aa-ed699b7b3251" ,
"value" : "e1f97c819b1d26748ed91777084c828e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "c128a4e9-8059-4659-8fd6-091be8ea2289" ,
"value" : "4209a007fcf4d4913afad323eb1d1ae466f911a6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "d54bc876-7ad8-4cfc-b884-8f4eb589af6b" ,
"value" : "ed988768f50f1bb4cc7fb69f9633d6185714a99ecfd18b7b1b88a42a162b0418"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "8ded61ff-41d6-45f8-8950-926a2e2b1c5a" ,
"value" : "8a98999bc6ff4094b5e1d795e32345aca4e70b8e91ad1e4ba3f6ec6dabcf5591dc5c9740e6c326b23c6120b847611006d86e56dd2590ce30cf76eb076723f477"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "849e7779-5ce8-4c89-ad26-e3ecf7a2b651" ,
"value" : "192:/LsEDuNb8pWGNm91llKk8YwB4o6N8M6sBISa9FE8mJSZbHCExZ9EEFaeYuan:zsquN4K/aHYa42saSstmJSZbxZLK"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "5afddc0d-4a46-4abd-8f6b-f54d79c9be3c" ,
"value" : "Outlook.wsf"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "d3a9e930-2ce1-47d9-afdc-b82759842623" ,
"value" : "HTML document, Little-endian UTF-16 Unicode text, with CRLF line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "823824ba-14d9-46f0-b304-c74a690b7bf8" ,
"value" : "11980"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "353f6db7-4082-4761-98af-5e89fd063b98" ,
"value" : "4.063463"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1645779055" ,
"uuid" : "c70cb492-e7e1-4ada-abf6-492b6068bca1" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "c70cb492-e7e1-4ada-abf6-492b6068bca1" ,
"referenced_uuid" : "1e536dc9-dae5-42c2-919a-c8a1c19d2261" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "ba9b9db6-18ef-43e6-9901-1c3bc6af0c37"
} ,
{
"comment" : "" ,
"object_uuid" : "c70cb492-e7e1-4ada-abf6-492b6068bca1" ,
"referenced_uuid" : "e7baa62a-5fa3-43c7-9883-044cfe6232c4" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "characterized-by" ,
2023-12-14 14:30:15 +00:00
"timestamp" : "1645779060" ,
"uuid" : "52138b58-f317-4d5a-8837-72d8f29d413f"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "md5" ,
"uuid" : "add0bf8c-65f1-4448-9d24-1acb8be9f644" ,
"value" : "cb84c6b5816504c993c33360aeec4705"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha1" ,
"uuid" : "3e363b95-6954-4891-87cb-f4159f59efac" ,
"value" : "9f212961d1de465c20e84f3c4d8ac0302e02ce37"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha256" ,
"uuid" : "60818687-070e-4de7-9ff1-c4c68ff10af0" ,
"value" : "d77e268b746cf1547e7ed662598f8515948562e1d188a7f9ddb8e00f4fd94ef0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha512" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "sha512" ,
"uuid" : "fccc5cc5-6622-4fc2-9e00-d18f1ac7cdbf" ,
"value" : "fec12d5871544bf1d3038baa2c209ceb4b8c8c852b60a222d2e0486b15593cecd26e130bdadcf0927e5f556cca42d3a0bb764fcc00b685a0e464531d36a7c156"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "ssdeep" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "ssdeep" ,
"uuid" : "2b7c9bd7-f1a3-4273-8d3c-c087e8c74639" ,
"value" : "768:Wqy5Dr1BE9cmvcmPcvmzm/mAm6zYAr8LBFMwEVxLa3knrjrSK0rvdRz0nq8Fj:Vy5zE9V1cnHCkn3+vdRz0nqG"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "filename" ,
"uuid" : "76022be5-64ba-4673-ae6e-b2d24846714e" ,
"value" : "Outlook.wsf"
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "mimetype" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "mime-type" ,
"uuid" : "3702ac13-5911-47e6-af26-8c570b9978d0" ,
"value" : "HTML document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "size-in-bytes" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "size-in-bytes" ,
"uuid" : "f4ed436d-0dd0-4871-8727-f7f3eddc96e1" ,
"value" : "40674"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "entropy" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "float" ,
"uuid" : "af8e0c59-3c2f-4ed3-a699-78774053ef4c" ,
"value" : "4.028422"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Whois records information for a domain name or an IP address." ,
"meta-category" : "network" ,
"name" : "whois" ,
"template_uuid" : "429faea1-34ff-47af-8a00-7c62d3be5a6a" ,
"template_version" : "10" ,
"timestamp" : "1645779055" ,
"uuid" : "f95c7534-0b88-458e-b40d-3fee254c5a6a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1645779055" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "d3671dd3-7d75-4524-b399-4d649aae118e" ,
"value" : "Domain Name: SERVDISCOUNT-CUSTOMER.COM\n Registry Domain ID: 1882350046_DOMAIN_COM-VRSN\n Registrar WHOIS Server: whois.psi-usa.info\n Registrar URL: http://www.psi-usa.info\n Updated Date: 2021-10-28T07:05:37Z\n Creation Date: 2014-10-27T07:58:37Z\n Registry Expiry Date: 2022-10-27T07:58:37Z\n Registrar: PSI-USA, Inc. dba Domain Robot\n Registrar IANA ID: 151\n Registrar Abuse Contact Email: domain-abuse@psi-usa.info\n Registrar Abuse Contact Phone: +49.94159559482\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: NS1.NTDNS.DE\n Name Server: NS2.NTDNS.DE\n Name Server: NS3.NTDNS.DE\n DNSSEC: unsigned\n URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/\n>>> Last update of whois database: 2022-01-31T07:23:45Z <<<"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Object describing the original file used to import data in MISP." ,
"meta-category" : "file" ,
"name" : "original-imported-file" ,
"template_uuid" : "4cd560e9-2cfe-40a1-9964-7b2e797ecac5" ,
"template_version" : "2" ,
"timestamp" : "1645779060" ,
"uuid" : "fad5329b-1e6e-453e-a518-adbd3cea0fed" ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " P H N 0 a X g 6 U 1 R J W F 9 Q Y W N r Y W d l I A 0 K C X h t b G 5 z O m N 5 Y m 94 Q 29 t b W 9 u P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N v b W 1 v b i 0 y I g 0 K C X h t b G 5 z O m N 5 Y m 94 P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N 5 Y m 94 L T I i D Q o J e G 1 s b n M 6 Y 3 l i b 3 h W b 2 N h Y n M 9 I m h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M i I N C g l 4 b W x u c z p B Z G R y Z X N z T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j Q W R k c m V z c 0 9 i a m V j d C 0 y I g 0 K C X h t b G 5 z O k F y d G l m Y W N 0 T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j Q X J 0 a W Z h Y 3 R P Y m p l Y 3 Q t M i I N C g l 4 b W x u c z p G a W x l T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j R m l s Z U 9 i a m V j d C 0 y I g 0 K C X h t b G 5 z O k h U V F B T Z X N z a W 9 u T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j S F R U U F N l c 3 N p b 25 P Y m p l Y 3 Q t M i I N C g l 4 b W x u c z p Q b 3 J 0 T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j U G 9 y d E 9 i a m V j d C 0 y I g 0 K C X h t b G 5 z O l V S S U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 V S S U 9 i a m V j d C 0 y I g 0 K C X h t b G 5 z O l d o b 2 l z T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j V 2 h v a X N P Y m p l Y 3 Q t M i I N C g l 4 b W x u c z p X a W 5 F e G V j d X R h Y m x l R m l s Z U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d p b k V 4 Z W N 1 d G F i b G V G a W x l T 2 J q Z W N 0 L T I i D Q o J e G 1 s b n M 6 V 2 l u R m l s Z U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d p b k Z p b G V P Y m p l Y 3 Q t M i I N C g l 4 b W x u c z p t Y X J r a W 5 n P S J o d H R w O i 8 v Z G F 0 Y S 1 t Y X J r a W 5 n L m 1 p d H J l L m 9 y Z y 9 N Y X J r a W 5 n L T E i D Q o J e G 1 s b n M 6 d G x w T W F y a 2 l u Z z 0 i a H R 0 c D o v L 2 R h d G E t b W F y a 2 l u Z y 5 t a X R y Z S 5 v c m c v Z X h 0 Z W 5 z a W 9 u c y 9 N Y X J r a W 5 n U 3 R y d W N 0 d X J l I 1 R M U C 0 x I g 0 K C X h t b G 5 z O l R P V U 1 h c m t p b m c 9 I m h 0 d H A 6 L y 9 k Y X R h L W 1 h c m t p b m c u b W l 0 c m U u b 3 J n L 2 V 4 d G V u c 2 l v b n M v T W F y a 2 l u Z 1 N 0 c n V j d H V y Z S N U Z X J t c 19 P Z l 9 V c 2 U t M S I N C g l 4 b W x u c z p t Y W V j Q n V u Z G x l P S J o d H R w O i 8 v b W F l Y y 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 21 h Z W M t Y n V u Z G x l L T Q i D Q o J e G 1 s b n M 6 b W F l Y 1 B h Y 2 t h Z 2 U 9 I m h 0 d H A 6 L y 9 t Y W V j L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b W F l Y y 1 w Y W N r Y W d l L T I i D Q o J e G 1 s b n M 6 b W F l Y 1 Z v Y 2 F i c z 0 i a H R 0 c D o v L 21 h Z W M u b W l 0 c m U u b 3 J n L 2 R l Z m F 1 b H R f d m 9 j Y W J 1 b G F y a W V z L T E i D Q o J e G 1 s b n M 6 a W 5 j a W R l b n Q 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 J b m N p Z G V u d C 0 x I g 0 K C X h t b G 5 z O m l u Z G l j Y X R v c j 0 i a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 0 l u Z G l j Y X R v c i 0 y I g 0 K C X h t b G 5 z O n R 0 c D 0 i a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 1 R U U C 0 x I g 0 K C X h t b G 5 z O n N 0 a X h D b 21 t b 249 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 j b 21 t b 24 t M S I N C g l 4 b W x u c z p z d G l 4 V m 9 j Y W J z P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M S I N C g l 4 b W x u c z p z d G l 4 L W 1 h Z W M 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h b H d h c m U j T U F F Q z Q u M S 0 x I g 0 K C X h t b G 5 z O n N 0 a X g 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 z d G l 4 L T E i D Q o J e G 1 s b n M 6 T k N D S U M 9 I m h 0 d H A 6 L y 93 d 3 c u Y 2 l z Y S 5 n b 3 Y v I g 0 K C X h t b G 5 z O n h z a T 0 i a H R 0 c D o v L 3 d 3 d y 53 M y 5 v c m c v M j A w M S 9 Y T U x T Y 2 h l b W E t a W 5 z d G F u Y 2 U i D Q o J e H N p O n N j a G V t Y U x v Y 2 F 0 a W 9 u P S I N C g l o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N v b W 1 v b i 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 N v b W 1 v b i 8 y L j E v Y 3 l i b 3 h f Y 29 t b W 9 u L n h z Z A 0 K C W h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Y 3 l i b 3 g t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 j b 3 J l L z I u M S 9 j e W J v e F 9 j b 3 J l L n h z Z A 0 K C W h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 k Z W Z h d W x 0 X 3 Z v Y 2 F i d W x h c m l l c y 8 y L j E v Y 3 l i b 3 h f Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M u e H N k D Q o J a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 F k Z H J l c 3 N P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 0 F k Z H J l c 3 M v M i 4 x L 0 F k Z H J l c 3 N f T 2 J q Z W N 0 L n h z Z A 0 K C W h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v b 2 J q Z W N 0 c y N B c n R p Z m F j d E 9 i a m V j d C 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 29 i a m V j d H M v Q X J 0 a W Z h Y 3 Q v M i 4 x L 0 F y d G l m Y W N 0 X 0 9 i a m V j d C 54 c 2 Q N C g l o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j R m l s Z U 9 i a m V j d C 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 29 i a m V j d H M v R m l s Z S 8 y L j E v R m l s Z V 9 P Y m p l Y 3 Q u e H N k D Q o J a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 h U V F B T Z X N z a W 9 u T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 I V F R Q X 1 N l c 3 N p b 24 v M i 4 x L 0 h U V F B f U 2 V z c 2 l v b l 9 P Y m p l Y 3 Q u e H N k D Q o J a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 B v c n R P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 1 B v c n Q v M i 4 x L 1 B v c n R f T 2 J q Z W N 0 L n h z Z A 0 K C W h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v b 2 J q Z W N 0 c y N V U k l P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 1 V S S S 8 y L j E v V V J J X 0 9 i a m V j d C 54 c 2 Q N C g l o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j V 2 h v a X N P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 1 d o b 2 l z L z I u M S 9 X a G 9 p c 19 P Y m p l Y 3 Q u e H N k D Q o J a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d p b k V 4 Z W N 1 d G F i b G V G a W x l T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 X a W 5 f R X h l Y 3 V 0 Y W J s Z V 9 G a W x l L z I u M S 9 X a W 5 f R X h l Y 3 V 0 Y W J s Z V 9 G a W x l X 0 9 i a m V j d C 54 c 2 Q N C g l o d H R w O i
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "imported-sample" ,
"timestamp" : "1645779060" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "c8fc37d6-7a68-4b14-a27a-1d1150a2d1fa" ,
"value" : "MAR-10369127-1.v1.WHITE_stix.xml"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "format" ,
"timestamp" : "1645779060" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "32f6ebf1-14c7-4929-9b55-67941f5ac525" ,
"value" : "STIX 1.1"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}