adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5e4b486e-9968-4af1-87dc-4ff4950d210f.json

758 lines
1.2 MiB
JSON
Raw Permalink Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2020-02-18",
"extends_uuid": "",
"info": "Trickbot and AdFind Recon",
"publish_timestamp": "1582857378",
"published": true,
"threat_level_id": "3",
"timestamp": "1582857280",
"uuid": "5e4b486e-9968-4af1-87dc-4ff4950d210f",
"Orgc": {
"name": "wilbursecurity.com",
"uuid": "5e16d2bc-5c68-4ef1-bc80-47f5950d210f"
},
"Tag": [
{
"colour": "#cdce6a",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "Banker: TrickBot",
"relationship_type": ""
},
{
"colour": "#33FF00",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:green",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "enter.exe which loads Trickbot",
"deleted": false,
"disable_correlation": false,
"timestamp": "1581993514",
"to_ids": true,
"type": "url",
"uuid": "5e4b4dfe-0ce8-4566-8a57-4131950d210f",
"value": "http://support-it.online/upl/data/enter.exe"
},
{
"category": "External analysis",
"comment": "Any.Run sandbox run of enter.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1581993496",
"to_ids": false,
"type": "link",
"uuid": "5e4b4e18-84d4-4868-bee8-40a9950d210f",
"value": "https://app.any.run/tasks/dc8771c7-04fd-47f5-b273-c8d433862c2e/"
},
{
"category": "Network activity",
"comment": "Login from this IP minutes before activity started",
"deleted": false,
"disable_correlation": false,
"timestamp": "1581993689",
"to_ids": false,
"type": "ip-src",
"uuid": "5e4b4ed9-8a4c-4ab4-8d04-413c950d210f",
"value": "216.170.123.19"
},
{
"category": "Network activity",
"comment": "Trickbot C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1581993826",
"to_ids": true,
"type": "ip-dst",
"uuid": "5e4b4f62-a104-444e-b2f8-440a950d210f",
"value": "195.133.145.31"
},
{
"category": "External analysis",
"comment": "Blog write-up",
"deleted": false,
"disable_correlation": false,
"timestamp": "1581994683",
"to_ids": false,
"type": "link",
"uuid": "5e4b52bb-7008-4580-85a5-499c950d210f",
"value": "https://www.wilbursecurity.com/2020/02/trickbot-and-adfind-recon/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161536",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-4068-4086-a0b5-48d6950d210f",
"value": "http://support-it.online/upl/data/socks.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161507",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-c9ac-4244-a140-4992950d210f",
"value": "http://support-it.online/upl/data/addUser.bat"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161512",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-2228-4a95-a45a-4bc4950d210f",
"value": "http://support-it.online/upl/data/adf.bat"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161566",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-460c-454a-84e6-4613950d210f",
"value": "http://support-it.online/upl/data/AdFind.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161521",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-16bc-4b12-9577-4f30950d210f",
"value": "http://support-it.online/upl/data/test_64.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1582161525",
"to_ids": true,
"type": "url",
"uuid": "5e4dde50-95c8-4fc5-bf9d-4688950d210f",
"value": "http://support-it.online/upl/data/test_32.exe"
}
],
"Object": [
{
"comment": "socks.exe",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992125",
"uuid": "5e4b48bd-3bc8-44fd-b151-4c63950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAO0RUlDz2wjfl/gAAAAgAgAgABwAOWVmYjRhNDY1OTQyZGMwOTRhNWE1N2UwNTVmZDYwOGFVVAkAA71IS169SEtedXgLAAEEIQAAAAQhAAAACmzIlIse136X83fsxmq9QuBaeGFL+HjojCY9x2JbPtWVcZs40Iwjc7I7RpM3TLdRB4KUILQbFf5GHXj2fQ/yy1EHghlEs8eBp2DxR2ltwINrUAhbZn8qeOeAd3UGT+bHQSGR/6Dl5CZoRGy3EXeteaGKOfNuoTWUNHrsoQ09OLOHTjs5T0moxYjJFdV+WpAez36z9ARFJnkKGoxaAkpp4dfHD3Cn7cPbWw507epLIbkasrI3af7bEQxDj7ryUJv7hgI2zDALDWnOIVWIMyHqLDM0rNY+NSHL+ti2sH/xVP5i+GabwjiEBJz037g3aQORYcal1Dm0i77BWEyKHbFqLguln/SZckhRpAwS/SrLOdeiZSmamwYVLK1qWCxJQg/KIeGQgJLbpwJcYcwy62grdMKq8DeMTV4OLv6Bq2Q1Madc5NjWAKkW46P2iUFNC9thiYnkbKh4eplH4pVviwz+Fk/Q3ifASFyMoqZ50sjik4Po9Yrm2Hy2/Yc4MIIrIomlqhJ18GBZIHRwuCrVULy0pQoGOD9dgHyD4Z4xuQl5+DGjjTf7HkHs7gn1zh3cH3qhw/y7602RHxfnXuueP5g5+fRPJhfeIOY4Y30/pNU0mIfeBj3eDKyyTom1NDQ5RDp78r9F/QDXjtirwhkhfVPwK0M3nmpkpb2LD60er0Yk+v+xa6RVnENNBAHaCm2xixpRlPJ21rASUF1YB1ogN53U0WhDObx8hYP/MBTGFdVZuPJwoUrjKidhVVi/6MsF13e3v1TWL4fhac/jNZRFTEJhBh50w9z2/t2Hn7gOccwgg92D9D5btEXv7/ora2Yr+y2u20XavtQsfRrI5oG4ZD+OT6afHsWVLeuF/HQanKOjsTqrbdsNcC6aiugxJAwP6+MYGY6H9+u1KR8TEbkKEQB/KkvV/rcwLdT0XXg0yi7xBGJHPw2u3xoLhDQaAMCuF3FXQ6efoIH5kY5ME/fwIqDZiW1uH0OY46ITznq1lG5N1hZ+/LuQ9+1D4ruIai6O2vfPwWDSDB35JruvoCDGJIROW++1xsixQcfDHAvzEz0KtPAcTwgBv7KTuiWUKVd9UAWcrkPeVH/08VZAAOkZ1KU/t1J4Y1g9FCusgiHLwR/LbLAyxBU9zmRlpLfj1iFRThMLKs8J1D2ivcEwtnQLUmOYzEVaJ+5aEt1EFrW/HNATcK9X4qdaPvrWjdYwW+2zOygslkpWjSthkk31+SxAItQRbB06majTUzNMM14ZEF/dThGJsCLOR1rsuUPhkN67h1KrkxwQa58mCvDM1Ve6sL+uDgCklvL1EjKZSt63831Nkn4+v9fEG18AOvzgrqXS4Q0NL/BFAPcPISgco8g858G6q3kZ5Q2ALINxOMk7N9qdAGw8HkuZUVRybU8HhD8JdpCSVy2zME9y5mWESs+8DmAQJoKkylildv50ylR2/7UQh5kxlIcaqRphYDAVOAax7GuyxxXwCFwWW1ZuH5ZIzPZdTDHE+DDQHQHyztSor5WHgxYd89oVy9qltpYQrS4CGcUwnUd4N8gndkqofrglr507WYXZ1Rghu/WGkHNHpsYlsFeVI8sxue6MK/RG+3EaiWJh8YPfCwvxqwc+8CUXmKGt6iItIZjN+xGH6wseUihVuvhXi02TPr08Eymu78UNkDb4VI5vYdw4Jfcksw8IBhsvKcZY0WNcJ+BV/TOtOjV/ibqliBLB+MGemykmWgAhhjbHugDmzks41LBO5maEAZ1wPJxHHzXrNksJaR+GkzjzkhQSyLM0bVXXkeQMAds3a4WRyyfIUrga/cz8IuoHLeAiWI1amKL2bNKKXweSwkTuURcskpwI3Qi/kweyKs7r4MMIYHz6RsQ29af0zYg2nfJW0/D+otYyJXJ7SvfUE/t3Ar/RWO0JwKCF50F4khx1mPPYjtCrzXeas2wrNHULNofPxSxGey+Z0dlUPps6JbmCfTGjtd3Rf2hEr4ve2SnavDnummUGJiqabSgubgmyE983eNtPyKkGSzCKBaOoqGa/FlWFC7o0fCRf/MlG8h9f/kNkhpHS8CJ/zV9aAAzGzMXVijJCzwQY/Nj1/q/w6FQKcqzJa9+OKgoKql7B7CCZlMOM2czspp+P1WcjpMxYwhup7lwyYseF2I4jkS9u+OpR+8PbmeqEViT7JcvjjbbexvvxI1jncHFqHNiNNsqGH33TZdkXgOYmsKTS676y4wafHjs1Y20168dVh3EWTi+Xf9tLMsbtriGPwgKmFqFNdmbl5JzL3DFlCZbfyWrxDt5C9sutHXtFNn1TFhKYweFRxcbZ8vzd58+N3RbEpZVSnUG+sxubM6UcS0+2uv9eSi3KLT8oz7cTaRTZ+kEcyL9rYCzFtIcSC2CTmrud+QuDts3wKNVzUEVnLaqUtxT8NhMi8uwwNb1Vy6jqCbnqnsrd/w+wo4kZVyuiR5MqMFo/FlOYc4vsGxkLqaxdlbxnIx44AwllKMH6R0RxsjlPh+HT5NFxpIG9NpQfEcM1aGPUj+TJTKt5LrflQpb96FRFZZFbUBHEZuX39h9mzaBpNw8dTveej7kHEi1m/FwQg+IO9YD2u+Uf8mcO6y77vFRdG07PRZDoomiq9n8W+7/bZpAsW6qQHefxIR3xfUonvJKnpL1JpRMRv0SLUZf0a3q8rhH5yeubJ8i09ymQHhWjfKTK+AWSdfA+0n/TI5afVEbJNClP1Rab3dTn5h3nrBn+5cfdPKfQMl6EzzG8sPxOvJw7NoN0jVEcVx6xuaXhBbyrd3HgpDEVi6GLrVQKpE11/iWC4Zw6jg9hlMSttqAp24EcoPYrNbP8/Pznt9lt4+HGVmf3CaAxeAlbCEtyVafxfFPRohB4S7FfxTTMqMQa5zj70pWju7rZhp+WBUE4S321ptVa4IKJ+K/5K5vox1/YtgQ4EfDdsbRSRxwqVUHVU72F9RnA99B6lSVYf/HELDiyyn9KpIg53smBeUIYXVJ1HH1Ho2OvZnFoJV7UAH+o+8rYR7I3+dRqHvvwc/XoUvuN+3HPkw1IcmmEY4t7EEsT3nddSav8fwf1lUbYgfSN/bWc2wCU2oLX4DBJ9WWwfTZoPhXzu/Dl+c3RK4W/drFNG4bbwBk569bLfqlw1m4IOWKyCG7A1mavKQfHd435USJptILJvBcP9UWOi332CG5MEPNbWjMnkQPUYCr/xCJfwhvmJ/nJ203/Ng27oWGQtHx4wcT51Q4kWM7yOpQTInjKUDQNDWHTFeLeu2CYZ7xjdlJca02b88U4BeQ2eLRZfCQjWp+ssEsbeIw7PKw+8SZ2lm82VMicQkRc8/4+0GBCYTq6QxHG8JXCPNA8a6wglu3ljWFugjW1dgBhAyDSuWdvEeAVDekEHiUUyNIf4+lvls9KwghLTmMnGY898bD22eHn7j0CbRkLICsEH8rR+zWqK1HHPDzddf8/jQkJFIKGLkwSUQyZ6g0KE/n+xoeh/rpu9uEw7O8iPixnUytfI2XW9+ylwTMB2iAN+McJ/RCfSj08qtskrBQzw7xLsiUmI9560D31ikvX19fld18HPDjAcv1cgDZ0VxJLvzgpev/vFMuEH6FjFHL5Tc3eJ+ePaRBKR9DAPVnXVhqt4s3D6s+cOjIGrRstzXx73QTejRT6qFsju6/w76bU8nrHloDQgWLs/WLHpQJ98doLfS47v9TvVOxBZ//gt20lEpQCw2U2ZJYL6yn+H5zyMkicLhncW39ak+i6C0S5NRTlBpoUc34egcDoFLN6rhNbIm329SYl4Tj8ImHD0TAxl9dRhIjne4W8DsDS79iz/yPT/CBhu6fraJDkZ7XVdX9DUdPOfUctvL+9XzHRxceskSygJhbiFEi3LesTYUVwhjdqJ61TW/9Z356mm9Ua2KuYXSLfhie5Wc0xWjcyTDQL9SCkRC8lrv8/6D3YI6UOYonnRM919Q8+8FTYRYqM2d0m/4
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992126",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b48be-1858-4848-8f34-4bf3950d210f",
"value": "socks.exe|9efb4a465942dc094a5a57e055fd608a"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992126",
"to_ids": false,
"type": "filename",
"uuid": "5e4b48be-58d0-42f4-8546-4242950d210f",
"value": "socks.exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992126",
"to_ids": true,
"type": "md5",
"uuid": "5e4b48be-3918-40b0-8c32-410e950d210f",
"value": "9efb4a465942dc094a5a57e055fd608a"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992126",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b48be-4a34-421c-b215-4d10950d210f",
"value": "e1348386da5af1903766352d4a224d859933e941"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992126",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b48be-5240-45bf-a688-4a7a950d210f",
"value": "c93a357ea1772eb376ec4528d7a6bf8cfac31d9b9b4fc5455dbc369d6bde3583"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992126",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b48be-02e8-4d6a-9369-4c89950d210f",
"value": "139264"
}
]
},
{
"comment": "test_32.exe",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992144",
"uuid": "5e4b48d0-666c-4b87-b405-4428950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAPYRUlA6LmgyWbIAAADgAQAgABwANTM4YTlmN2U5N2M2YjAyZTNlY2ZjOWY4MzFjZTYwMGJVVAkAA9BIS17QSEtedXgLAAEEIQAAAAQhAAAA97fJhSJEvm++mOiOwOxD/DXUIN7SHpE+p8CgZro9Ao8IEyRHsa5UoSt7GwUcAE6SI2HaOByV6w1orXkHkJYIaQ4dy9xTnaGr8TUvRMapGNoq8ScHLiYMTIui2Xp4Qr3e7eHEsTMkz/Yf/1tr8DMU0lZojFvc/HF1pMfr1TeTwo8fCkR1GJ5wccpWlRO7mIQoMf+eCZTDvv/C93usnCEipQAml+uTeA3NN9VV5nWIRz+elUxJpeM8uzr5FFqfh7grg1dLL2gbId7O79VKZkehtv634gmnB6hFko+Gl7I2v3Ve0Yu5F7PJp/uXzUfgTiVDMK7N1VVKOHn0m3ZhCVVYrT3qrQZVVbaj6SFy/KzSRWgR+1jDALl+3Zwt7lCdePmO7gCbJcJvh4jV+IHxOETEl0hnD2ChC+es41ED+LGO0L70a+7pthooNnkT/ohGYrizuB46NLHtX6NcJsbaBG9+VRaUrpMO7SNn8uSdGbTX65qEru7KnXqyl0ptdfZbD4faWFH9HbDdmz3mvThNulSiFqcji5/wD5YmKw1pr0JiDmRzyqjhuH0ZryU24XPi3jqF2+ARFnyiJ2d+xDFDAQhhePknFftD7QHH8ClGyigZIxMNVaZZ4O9BNbqNv8WRUv5ofBIo0HbNdxoywtc+2gTXbvkVrXPrf15CN4UFCQ3OCOObc+0SfE2WYInyHSxpqXz7yEE6EW+ZntAnc+6oBwO9tUmf/K/GtliH+23+Scwl6nAo2CcHJIBmTtsq72nb0uaXzznF3FrsPc8csdsZjo93+pGiaTu9YsOpy9YLxHfIErV+8gNm3nFIHwWKuGZrWfzbqB0iT72zNSpcXiE/ML3vaUcmlv/4QstIYrtLbI6EZDwOyCfMIL4aCjaZxQwwszAAUbqRM+YcSSRDxtMAmtzDL5X9iBPL5+LY/WuAbfrdgXFPz4+KVIwORX7NNmMA/c/YGN3Zy8PAi0ifsZ/+gXxh8z6ctvU7hdWZEkvX02Bisk/jfTYWKmHmkeUCUsSFHFP81KQAeKinjhAT7JvEaNFPDD9uGj9kcwqw//ACTsOQtHEmtCrPbNp6FaJBvyymMvU1y+1EAzMi0nKRjvz55A0eaXVmyh8vPNnwcMMa5dV6s/vHhZT4vovJBpEkspLCopTdj8j58WzNjklPDsqObXzVQ6PlvxfZPEAwufDX8o/w6Rkb+i/9CUyy4gV+kYUKKzhsEEASjDepCedEbQpcRfmAjf58776ky/vUdXw/WOf6T/L0hfZ3zzornAyLbldUznVBOcCjNbmnVweYgu2isu/E1txcrdp9jC6Pn78vKS5bh9MMA0jEDk5S6rNbY+KsDES+qRORT+uHi3b7kJqvzKSwAzdovXdnh3IDSW4/7WiS0kjPKE+IaXqf8rhHSgxBEAb1k+hiKSK3R++2I0aLmpktuJ3ouVGEKQwhia8mCNUXQ2Dq5obPnOP0yh9bzNqPzbWrIgcJ+3ZOtaQpG7nStJKsVN/oRQ33Qge5QeMRtA4ggiwfUbHTXVJxXNvbJbZzTQyI7VJcHYJwQbXncMRDxUAepD3EL0FGTTZ12vKc5XOPBWpeTzd06xHIqAHWWVoD4eEkpCwd5FRYzpNihmr1mZvEanuOU0uOZgJxCRKLKvib7ihxKU3AgZCWWhcxMxQHgFHBq30XRkwyU/i9nldHcMlaEFs80yxel1PlEgOavJTtBzFeJw3TPOb+nMOQgFumA5TqWWn8PMR+VbSrbdlr2eXA4lJ18FmF3AcNHeGxfvn9vgMQwoYqSB/s2L/zLGxNxGIAfhOclRrEkCy1oA7t46kLMcS0w/5OsSwUhx/FPTAdA8aHXOISLbnBEleZe/o4e1VQG8Uu7eUOXIAhnQI9NsTK0Z/Qbs1MAhdGk3ZJ0CLlPFVz/pf66Ebe5qdXeG6BBEIhM0Y9FZi6R/vuksbfcMSauPRxIGJajau5SKfDiirmEWPEQNFo20l1U9g0PruZe9eAh+S9xr07bu/0y1bsHIus1FVJ5VyOOtOA6qlDr8to46skGkSAbI9XbyLvrKDmpm2yAbVa9xO7DuINfiDfLcgl7NDp5jtheZQJr+0kSUVKnsXXZD12/zgekTHtfB4UPjPdUBrKotALb/dmnwWZ/x8/dQ6sqFWcBBjubq5K1jDa04tjGEMyeTLYRckLGUKKqVKRW/xop4/RKypZLRSFxbX5LGXom24Y91Sf6P6Bmt6MMp2ZyCyPZ9Ap9P1Q6OOMx7RDj9bL9fE5DuoD+DAUZQmKvAT7cI5Tb5SfZpsGH4z2f0BdqlDNX9EFLKMZvPJ2Az3kVPqXZdrSQPGlwJaEadBgHIv4qtvhEsr68zQzRaESsrCybRxovSXul4tFl4z1ytNq8u2JkQGELmhvsZn6+AA1mQ18LPsxUoPhe1Gwi1q0Ul+15r09KiVHBs7KnbFLRcbBA+vQL28yGov1B0kkLmi/BRPNb9xHPU9AVcBoXXNwLmvFl+p+QyXVIEdN8ls19T3N6tUs2BNseFHAiup7DyW3u44C1qoKZ8ZTIjBM8c6zeusV9rTKKmcKEKhkyAbH7zUUs+JCu72NJUv7jh/K9nbznaoEuZL0PVy+6LnTJu2V0lZBUN837edUHEfamm9Iz8PpxytGHr4YxEcmUJ3c7yT405FPAF01+KVpTvEi53GWHmGJxQYlT1z7tfsKBK7ZFIqzrvnjhUoDkGEWHuln4oeFJOWYhJKoddBV/DeHBt5t4ezmg9ZbwW2E/9jz5WG3TfbYrCTq20yG0GYKjbz32xVyDO1zo/ZCNH3tsQ1RBQsoqLadkA5yWMOmlOBcWAIPCiS3mNAScUHrkDU+MSJCF0YrxGAfAZkXi6j9gF49wzbKLpp/wyXrTqkohfdSHG1xKPWVeUewwNU1NNYUMtnpS0NuVyO7P7G8RbaDKffSBRVSEPE6UZwND1f/7cGJFvJR1dq966g4l0/1BM3tQ7GaSigR73J+jtl5Lln85vO2VchF3/5djfv7bBD2TWCOr+pFOcW4iIJ1Q0URfnKyrBTPbKHURIrbV9s/eP6msornngKaKK1RqDrK/rz7uG+j8vM9paIdPFEVYrUpAkzd6WN28KepAvv0wlEn2gPlKyWKpZ20sVkYP1kdChVKAXYEBzzmOzwQHN0mNEWbcFQSrFY3pu67Mtpq8aQgN74rGqopfwWkQUUOzwwRtTjnUUIVskCCcO+MSgxWRNjBJQCk5GuQEJyupY7/b1YuSWWmhHLRc5bplMKhSypkGCmNrEf+sWCp0emaLqaCjSgHEFYxprYnWkbxs4KWEI8C9z17aKwVbqKDAljC2+FEwL1uZXZYl7GrYN6urt51aRz+2OsZ+y0cGjuqApCU/iHt1MzH995mZvquVmuiCeB8S9GYjitDseEjScSfxSWnL9TGuAyz5Zz5zLI//b4re8QXb10WCH6E11PBmsjZY0BjooCGnYhxEtUC+tkOQ4QAYKc+yP7msTp+ZLNqYzqInEecXa9pKq3TPlPZNobD4DykQ+xAOMXxzaxlb7S2R3Ma9v04I7Dls4MGhodvsvKtMHP5IabW2q/OgJtpHltcN36pTaSP80ws0vXTHHXge77+kwyeYxYwXMSsYLTMKH7bsgziTw1djzQt0c8eimjHmGJcEn9FWlUCpkpO0TSRVGp3UWMgBuGLElGC0Z9Fb2kRovzW9yvfPtF9MQjHgGso2bVhDsLuSY5sxQhsYQ9EKJtdGR/PAX8kvovglYv3eZTK5C7/nbnS2f4D7w5RCCFFV2+k/DlvIlN4rCVf8NRZ/Xd/BgQW3bpqSqA0Vv8Kh3Wn1kU9XKdOcVSUl+IAILW5RdMiDZnhF1CT8GhW3RyvI8JuzLo8EtQvk2lNPDzEEwMYRTcv9pKgVeFZCO+nlrRfSwqN1spaMhTrZzsxaU5ms0/yR7axqhUJHyKKtxlF67uxhcEUSk1FR3ZsoU8ujdRGygt6Ah
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992144",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b48d0-4744-4851-b816-4e3a950d210f",
"value": "test_32.exe|538a9f7e97c6b02e3ecfc9f831ce600b"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992145",
"to_ids": false,
"type": "filename",
"uuid": "5e4b48d1-b738-4092-bea3-42db950d210f",
"value": "test_32.exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992145",
"to_ids": true,
"type": "md5",
"uuid": "5e4b48d1-222c-49e3-95f6-4f2a950d210f",
"value": "538a9f7e97c6b02e3ecfc9f831ce600b"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992145",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b48d1-2c9c-450b-9b1d-453b950d210f",
"value": "3a5d3069e607b2da534964e8b6ceb698357ebba6"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992145",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b48d1-ae1c-4711-b245-47c1950d210f",
"value": "5c9b25611b59d453b9b1ae2e88ffd83a87a4546ea7e6b61bf4e079701ee729b2"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992145",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b48d1-bc38-4a9f-b1d3-4b91950d210f",
"value": "122880"
}
]
},
{
"comment": "Trickbot",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992167",
"uuid": "5e4b48e7-14dc-4faf-aea6-4a6f950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAAQSUlBxnalVpIwDAACwBAAgABwAMzY5NDQzMmZmMjgzYjZkOTI4ZmM5ZDk3ZTE4ZGVlOTJVVAkAA+dIS17nSEtedXgLAAEEIQAAAAQhAAAAUx6+4vIbWrCSs+c50b4w2lLOV0qUHXIzKuoNoBXpnnvFv130vtG97hwAkgR64VmfoAjQcW9R9LSK2kXJuBUo6VwPCPduuy5c8tJRHKJJ1MDzFqFOC9rvjPDTiRBLgrT2vwwc4X46lgGOZFgMlqhihm98QAya7vFP7bdVQxboOWGZkRaGd0lG+v0OCXzUoS0JEXOncgIQUwUCU4kOc6c0cxzxFGBJpzah8cy+GjQ1f74X0+ukuSbPxlQgiCiZdOr516gDsiUSBODONJPly1xirG4hjKdwPnyJXOANv5S7mq1jQxY7gHYvZF7ul37XTwAGqJyi7mMrY6nJxGleNRMeOEsgyjnvTSSKBYLhKy/tD9+7xq6ta1RF4Noryu/0qp3cIseXbazQqNYwkLnOp1JM5AqDqE9k9sV4vXKLGrtQ4l6tjU3xex54XdRC5YW2gkEuQkEmgsv5Dl4GPVYr3wREGcHZOEvuqooC8eI/tnYdtAb22kIxBg/dyLGJ8dYG7ow+FRjZb+FDLt65taiQC5HZ/u3alFxdP3Hw2Do89nRK5ErgVoGjRx/4/IpDWc/U9VV3p1d39l5LbGVKAUjnHC4FczNz04iqAjPn2M06T5UphooGGzRxpNJmb/yoBze1VziJOur2pntk2YnStDQt0IHkQoSZXVCaIpW+5RBeoe+WKl9OmpDux61qe785cWmmVWXOf3PeH4t+/sFgTTNTnewYhFKTSwSBw676QG5v7y6JJfJMw8x4b1cRK7hi8DCRDPINsZQW29GqJjY6eRgAOSvW2CB9WbNSB8FI5zGbdxTGx/xVF5ot8hsvtYcpEW7aM3bmmc8Uvpe1sKJDlWc/xcqvIBcKlZblsgCQfywZhv7nBDqZVYlod/CnH2mSD3o7o5iWyFLsFCpsDuczZBBEjvtEfttjo7SCnmYYS2p6QBp2rwZAInyrf6D0hTZ72C7zSJcynY5bbD4Yq0UNbb95T7IFKJKG1cuhmf/wXo/U65XK16bbIQMscCO8jFM3X/Ar6LhtzxnIsdMMszzT7UuaUCavvdlzm7Ya4pzF9Slju5Xr4E33NwGdBJ0jdmSyP2aTnDaL2vUfxolbDUAFRIYG1p+nHP7OKl7N8amy6b5XwJqM1oENl7dCE6O+JDa40tRZfPZU2xV+UIvoV5eaXzvK9/peXagR8JXT62k0gTC/x+YXkTBSbpOdCA6PpxzeLZKkAG6RjV1mcQdSdspyycIZpYkiqET+DCW0x/vXw85IQQe3qy+qE4v0H2+3wC+b3YHLcOSOz6MwciR0mFMRK4ukLDBCqupd7QjFrkf9+nR2Cvx6kbzUE7A2W+9CcURhg8TxszdPiJ1T8km/eJkeU4GeVdsualBck2bxxoz9pG82oUIKsxo3698S0PywDEJZIH3pI5++DcFyy/plwF8oC8Lu/pu0eO/Y3BVxctwBufAzsBjqOvP0n9g5/ajhmzbBJe2HeDll0NMGKxS0qAgs+0i9AqWTi6375FpjtkwFNSQ8/QTBLAA6erodY4ktXDIxowixwaxhl8BDiaifYq3Wx0nSc2p7rBLoBYzyaclOZqjQNCbBAT/Z0NiBLXxQJB55UIvSmmbhX7Bs89JcCidTAeFLbYq2KOfVjqxQmQU4kq1xPRNQxgsBrc71kCwLbGSVAyNrBXhwKqklTvoNw/o7D6YgsJj3xGa8YlGM9WYbLpb8UYPOMxTbkqk/m+XAfA6J4yRAxycTGHNP7n7IZumXgrlWgILI6FHeT9rdHPOrBvqfuk2YKbOLL6JYfvsMQpf3fP4QkKvykwE0s5Dp5WEJa8hYJVKrhAVHZVAb7kKi/CjoMDahutYpbVyw0XZ1TOyf6x1Jp7axsCezIptnBDcHklpDIZ5wVRDuX8ZeDAfajtO2hyNaOLFoOzwATxrSQOODK9GqkOlCE5Svkx22B4+JROdcOlvwJAeG6qquN+cGZkgdgd6oXuz1zIp5RJJoOJvJzEgr5xWGXh1/2yadJ2sOKzUQWwQQP7VkWvKh6rLotMgAuSgwFo6muiI37XARSYlmht3bweHP5a5bl4hpL+0uaWQNcHJQIIXhGCHRGotxn6MbHdMerUWAnih8pzEGnyojvqToFqLZL9CaqoGDUnGBdnNlG0iDdJUdI9xkfw2ZreRytshnXBqqbrGv0B68sQXLaj8LZrLciG7QaS0fR58YLutmqa3aYJgtTFFshHS+ubxxH3HId7rq6FQ0JTcXq8YumPqVd9UvQ3+DvdUxB5d86/O4EYiYZNCwdAvaPU1lUS1SyXmCyUEqSZzPdWwKP36GZODl3VxMKt7fAAZ6y5eEbyiyNlTvVTe5hI44cD6Tm17miagD4LZubta/xzslBbPpgYPsTKe+lQus3X0dETKowqnBF5oPEkoApbB0vu9l/n3ixzh9DsFwff2n/Q/Yke72VgSZw/HvZwRiPpgpfKsz7xhgxbqhDWnEOEVyN7v+7KgHD/Lq3P4iMC3rf1POQf/qkueRuYAnURHCIejQ8F0VaHpdtkYzcFyNsNw0a7AdrYL0M6q/2f0UMgZCAGVBmoLcg46KYMu/ajUhPkLse15qz9oSXzozE4gOGIZcLA35Gf4UnLgS4WMn4WKvvKcsNJua/4Syqv45W84VW8D4r37QyGFaN23jYv1ze/aY1PvAkLCkCafHoZz+35woE24DSSsITfbKEbLIBj9Hm6X1XfLYhgR1f8dFtvN17MutbdZliTGH5Rcw/uJcQUMWvA6kVYjyBaRQ/6vczcdgZbI+FaIGPIZ2EHrysnv9YCInNi8jzvx5zWfNZhrgA90c4jn6YtkPxwYM8Zl0RxRbNgwsZkwHNCo/AxQYecrT0KYJvhspQo39PNk2P15EHiQ5vTY8qt12SwW4Pggig6xwA2ejbFu3+Z5lQF15ilUwAFgtz024lQDj4UNU3lcmzEaiKFkr8gWWUIs9WG4fLauPtZVMHFUlpBXhS2Ma0Aa9w6VYld3+W7JzX8y+OOOfzB9ci+Rr2mvv6u9m3jCt54yAnKTMqpVqhQ77YPnWrYuHfE3sglSRMC/7CCtuhHCHAUq4KvXqZH/fD2xs5f5hMQ6jGtq/b74S7iRtzzMX/optxk2ZVoggYXRtYBVPN5lj7GmIW7toD5nwgAdyv9M6s6Duv9E4SM7hweWn946QjDfcJmB2KvEQU8wQ/SxAqPG8kY0eugLmVTEiwOFUR7AM3t4/XmPUf0pRvnIDSviTcXPLHDRPH5dwVVug/Tt3O5LpL7NkPdBmH3vAaS8Jo++PxGOKIbzDJ95WB1AkagxSECCDB4nipmxv5NplHkm47Ldt3NGuad0Ql6pueAt1ckHxJw4gBkVPMjeNO8bSidqNXgCpH11iNJfvKjxAHP/w66aoswxqC++Bb+I+oR1TcSzhOOYDM7XlJMo1RMOQnVmAPs8NtpJiW8IYM1LRIw1YLd+SF2dI/Dm7jvzBw3cVU8zac/5OV7hd8tZG5YTincetPUt5aNuBAcO8Cle56Hcva9DWWr7SM+3fCVO1304fDyCuyKNy+l0HqNcg4z4TvMAnASKuejf8GK0arbK4J7AX2HrwS9E2aoPSG8Pq5J2w2ATZjI/Fw/ehmKaQLZL3EzwmgMCjQPl6Ii9gk+7JRuFl6RXYGaWGmNx0vwoSmt0eRtyDM/DSuz3NKgwkSIh/Bd4cjO2pH1Z7H8r79/kk3qiEOEgHas966p2a1rq3u7oEyPcjtmIajnrfDBaUASu0dm2er6/daHdrHKW0sEDcHydy0r/JlI79Cgf7vicfqjFJ3HR7mERGMxpKWuYLpYlaUNtoD5LSsPWee03Bbf3BhQ3VVyxKWN58sodxBeZKYl4K6e7nCXRr+8swEYJwAok3ZagR4WeLSKk4kOCrhqihUx8b/EOHYM71FhrxWEDnTCLkhht7ArMijyKDjgshvw6pQqZTmbRe5ymWtyz/dqeX3B0/Gl3ZoGdn4G
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992168",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b48e8-d198-4294-848e-4e79950d210f",
"value": ".exe|3694432ff283b6d928fc9d97e18dee92"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992168",
"to_ids": false,
"type": "filename",
"uuid": "5e4b48e8-0770-442f-aeb4-4edf950d210f",
"value": ".exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992168",
"to_ids": true,
"type": "md5",
"uuid": "5e4b48e8-1428-4f58-81db-46ba950d210f",
"value": "3694432ff283b6d928fc9d97e18dee92"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992168",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b48e8-ed48-4e37-85c7-4242950d210f",
"value": "2baff313b0db9363816a799f4d2f14b69b420421"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992168",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b48e8-8468-4a16-891c-47ae950d210f",
"value": "e5591269b1ead7a5bb8d50f6a465e479f3010a611aae1b33caa78a4f7ec16922"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992168",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b48e8-aad0-40ad-8865-4d74950d210f",
"value": "307200"
}
]
},
{
"comment": "AdFind",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992198",
"uuid": "5e4b4906-c264-4880-8c75-4c2a950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIABMSUlAdLeYOTaoHAABGFQAgABwAOWIwMmRkMmExYTE1ZTk0OTIyYmUzZjg1MTI5MDgzYWNVVAkAAwZJS14GSUtedXgLAAEEIQAAAAQhAAAAyOwmtiVEMexKKCl3jjtS0qphwiyEyr8Z+y+UHVKLmrvQfbIDej//PkwqNd6QmftQZbzKZMDr4HBOh5ObZyhxyk002469zyXA7K3Cp9YFeGUDBZTVxBhhmcf4+hBTOtaxjClfN4J6SyyuprmDQocHPHFaPcbRZVfC9XuGFHFc/qNBffol7VNkEhYruMVJJ1dNolBep972/omw/Tie45qKIFxOrfj+XHMndfcd5RHtsWi+1eQbVN3BWZbmHNB1vp8A2m76emApb/VWFATT8tzunyrKof0wvf+MvLmF0g/aFuZ0+3rOk5UqB72zyWEqEVdbMmMU5PdtTDWXbqLWt+RGZ4rirecOS28dWPTrvCo0WSzz/K9lUgDs3TSQKjRAHRKC7V10sjfjbgfggHDoEYtXj5jfZB7ahjy/UFiwEtwORhnF4zXclOBKdw4agy43LzsjF1H6Z6SffvsqgUiB6Uo7PUZ9c5GZcVAlKm0aonejuVwFrg7liOPhpz2Y3m/+OPxQOhamzBJZAiwWOrEg9c/+kFR2zJnhqm84KSZMNMHRzSKi0S798jBQLGhiygzGunWnVgj9BeJQZN9flh7ayd1ruUNmLxPUBC3OGui38aOYxHKG4X9U1g94kgtyfdJXAW8Fb9AO09W7NJRRazYBScbj9+3dBIvyJXXdtp8Nq/iPHb4ibpJxCNs+wTGWl/QB2GLcsY5H8ToY0FUZoOyl75r8ZvZgoql/Sx9u0G7Wrsu/4Ynlm1mM6D+q7+IYYF4xcfnuXar/qHjJqA9R1mYf+QJvNiWhftWjGGU3DS5jpMT/Lg75SQDn+/rHZgHeUe6kVEOtjtt0Bc2XVlTUO499R0mrYWH0A7xvbQ6hJG1xR46W3hlJOtXZBZApGJ1a90RNG9brERZuWqZdOCRSdGrTozzjLWXATSMdxChuslKs+JFDVTmVMWG9j1008G2rkBzQ99U2JtXo7HyoRtZU1OeUzY6Y7z08EuuBMaud9aqPV7Ufqga5xRIdw/5jtQrNAloL6+hgjpZHKQXP+AMFKdEli7Z7ri95eIE/H23zzT2xZBRO6rje/S2Oz4v3CYcc3Oexk+ulO130OSVZN9LMEjazHXErDH5GJr/iA7YNMxJucdoCHg8bY/jIjCT6xOPRq6tZM8r7orXly2Jb5y559VKErVgSsKKOC9Gz6vS4TkJ1vmUQAP0qYhX2lO8DrzIrsw7tOAmfW7SuHzYrnd756wdZlHfX0hoIsHwSRymFyvZJh04chL5+4A/7CB8O20XvpNledH7IjZ/bSv/LlJnx/2OLTOa5G7QRC/+ZkBuG3FoTqIk14QAS5mK0prlVdQVC1RfXl1tNMT/bzh3MQ6N2QYcQFfnqNfgKrIGKNEZvU5dqxRFtbYHrJgG6iimpRrbRvzUEcu1hpcskyk3NzoagjhwdwCmB4z219XTWmv1TOrbTFvWbTLGFxG4MipAeXXEyR98ysQGdYO7j866RHOXWKVGDgBYif0Ob1Zp4vJzLvyQV7jt1OSgnAL1Z5lJp648s17opzO+enE3eA3h4iD1gebxNZMLH9A+aSBJbiXjVGhCfvRVtPIkoObjMs4vVJc1xFjOQDCUGQDX0oURqc8/GkTdCwU9dK8McxXEDMLe6KMPuqA5S3WyD7g2ncicYulwxPKtYbaUjnxJnsT7P3cTFTM2ZP0g/mAaWYurf5sHV6obRYgW4YPz0VfTjlYjs8lQ9CXfDYjaJMzEfk0caW7hU0ig/AJyMWz6Kyh+wR0KjazOzMuSs6amrs5BzUNmuaOOapNC6rMeyddWoY8aq1+0jw0fPtvFY4MdpC3a4fwyadBRh7hNOQGz8rkguQBdXszY39jJgQtsFONUXFLjnrAR+gr2EoA2ln7168WOUAmWByGg+eLHADz7tFxU9mJ3q0ULHeSsDSL117mWl3xKSGPMwp7/0gPMdI2KIYlMvDCnNRpxQz/wGaASngqWG+JHgJaKcbao++WSmaqUIhjJSI11nFuxDnx6nthbHBGVD4jHpUKZ0bRZIInM/tLrIZd3Rr+oWCvNqoNkPqbKSePOzXidOe03nbehiNWOoHF+70vEkiW7T5Q8ZWesB+6eSDdpQULNJtcRza7EGSgfXf7RDtAk/Mily7uzQOIbojg2E5tvAPBGcASAraPnCOmTnxYGUpstiOaEjIcMexjV0WhBulHqpRLJch2R5Q07M2sk/QW2iiD4elnhIxOSHx8rcchBNHNzNBH+ty2Y3JYfQa8FctZeLlxjnuh9Y1vmtWs7GGAmpol1bL7zyL8TcYMQrdX1KthBpcFjmEERyfC1Q/LtYHAstaUfa9ngGSMlTQt0DwiQ4JfusZW9b6G3SN19zjSMZ38iieh4pAXr5IKcamby4nZC+HaZMlURk34r4/Pljwq0mPyBDbVyTvJX0u6732/Gij4hh5mgM+WhcndoGt1PV6Vg4wd4VUWxDRnVLHQJjQjV5uRye+p0oN0vURIJi9O6S/KKnO2idZLZ04HdTQDAHCUxfHlzJPGITqolwFAkkDRy42XeDChf3UrI/VCd5IlVuYMg0Ku+bWDCnr5wDzt4VBB8qYWREY/DhB9XIvGh0herd7K9v1giEdffemJOWDsmpFE5jh0ORKYv81FAhyrPG04d2a/SpqggWP11t02D8tWKi/HgXwRgXEeTpAMGK/qzmhsqx4dYSWEOe/j8QMsk1AffNMSc0uRUIf7ksbPWvj3mS7fPdERXvnrICIxpg5qjXfpj+Nmm/KUVhJMG8fjAttNMFF0TWEFvENoLh26e1sZnbmePp+pNt6BXmFHhz3DJ3CS+K2xXEG77xu/4iKSvyW1UnG0unb2I27584F7vzofVIIHTwvDYshfml3oIMWewyTstm7i6YUA4RXET53PUha8znv1ezQFFyI34hcZz2HHmyQND3KK9/RelP05urmVzJZ1gAtLWqtg5zyJ3WjfgUkws9d45fsi0u8mc2wR+7cveKcjPcXpLzCQLswfbvlKbbavmED1umQSCkqvxZbCrhkHa88DZhDBLVxhuGwoUvP85psP9fTo+0n3DoDQeUBJ3tvuZMBTOQRb4nQXqOilcgW0iiNIO8fX3PntS0shgt5okYYWxOGJmFxEWubLe+48F51p0N6tM5Gud+sALiKrqV81z0ZetatGGzEqmQKJNecWEomOOcGb0al3EjCMR7HjWOTcLR0QMP1dYVs0/GV/E7DN4EaqvbSbEjen7APXczFBPtvnoz52DnowhG0Bs6rR+sevePy3p/a7F0Z4n55rE3LzxptqpOdHp0hbVqLxkkCNlam5jLiejAl2fYdGzsmTVean9DAVB/PZ3vRjVfF2LHHhEclS6P78iOznK7uOZrYT9pT9yo8Ke5P4/4gZ3V7NOv7xiFoGhtKhIna4zfIHRph5BOMlPCfpyvZTw4U4EgPXBRIv3/V1vL2JveCdCdbg8tPHGzBqWn+AXIwIGrnLMl6RU0tdOGHumPfzmNJKbwCGMdlW3349uvZ2yO6/q9gJFSxtI5Utn80e5wCzb/KMat7oGkOK2btWD7lgHc8K8IG48jPlYivbxbK4j6oBu7+sZ9c20VKDngQJocd5atPllBGPiZjL06Yt3Xkw13pBPftv4fqPSZ1ASuSVCvqXLMbTz5wpsQro6rfPZpkwyc+gdR0B3hfRO3d+wtDs9SKKmorTmSXVNDsFtwi27SIuBcXuh1N/0AWO6feKSGOoVWPv57oRQCrz4DB7+S7W2XeUgspZUQMsgMWWmVoayGooLfpzMads9Rv0D2FiqwhvAD11HnQv5KSAOm5R3XdiwZO4VoMYuQ82Qx0P25li7yngcfLwNfdLjrBZQVslKf0hJaVig68roODRgURfdge49EBxVWuPO50W4f/uAYZtRByQFHooTzGnL15eAZz7+ZAbIoVDOyN8Qujqi2fY76JYzvYd635CBDmLkfC/8ROt0/88nm3U
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992199",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b4907-fdcc-47af-ad1b-4510950d210f",
"value": "AdFind.exe|9b02dd2a1a15e94922be3f85129083ac"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992199",
"to_ids": false,
"type": "filename",
"uuid": "5e4b4907-37b4-4bc0-ac80-4520950d210f",
"value": "AdFind.exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992199",
"to_ids": true,
"type": "md5",
"uuid": "5e4b4907-5440-434f-8264-4267950d210f",
"value": "9b02dd2a1a15e94922be3f85129083ac"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992199",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b4907-844c-4c6a-97f4-49af950d210f",
"value": "2cb6ff75b38a3f24f3b60a2742b6f4d6027f0f2a"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992199",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b4907-2494-4666-876e-4259950d210f",
"value": "b1102ed4bca6dae6f2f498ade2f73f76af527fa803f0e0b46e100d4cf5150682"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992199",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b4907-9970-4093-b6e5-451d950d210f",
"value": "1394176"
}
]
},
{
"comment": "AdFind Recon Script",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992288",
"uuid": "5e4b4960-5bbc-4e05-aee6-4127950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAEQSUlDk2jvG6wAAAO0BAAAgABwAZGJiZGI1YWE0YTAzM2ZjYWUzYjY5OWUxNjk3MDZiZmRVVAkAA2BJS15gSUtedXgLAAEEIQAAAAQhAAAAJPSdiGn3gE6webJKL98fJFkqBKM+q4nHsGaPyMLGZfwO0ds9rEE6OxFpjbd7w0O3B49qYD7ENp9DC6rgrCLLNncIcCKKuYbP48+NUcVl7jGrfuM6aQJV4gOJSWHgDGhy2qO2/IJsgYMFpA5O4Dkiy/Tx+n/GAo8Z7Av59cea8LQ7pnpPDxEN6C9vTC9ecbNslXYke1VFOFdvTrcT+huiCuiYEqFJ+PSrEA3QXq2+I4EyOO1ZiBbZp8XtHoHFh0pJ93xSP7/OzBodFyiTyiqscq1BzHnaZy5sq1VJ5fLxOAPJ/RLOUqicnbVbRFBLBwjk2jvG6wAAAO0BAABQSwMECgAJAAAARBJSUA5/ihUTAAAABwAAAC0AHABkYmJkYjVhYTRhMDMzZmNhZTNiNjk5ZTE2OTcwNmJmZC5maWxlbmFtZS50eHRVVAkAA2BJS15gSUtedXgLAAEEIQAAAAQhAAAA+M6RjWLOVY8s6LnDd9+lgrFBpFBLBwgOf4oVEwAAAAcAAABQSwECHgMUAAkACABEElJQ5No7xusAAADtAQAAIAAYAAAAAAABAAAApIEAAAAAZGJiZGI1YWE0YTAzM2ZjYWUzYjY5OWUxNjk3MDZiZmRVVAUAA2BJS151eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAABEElJQDn+KFRMAAAAHAAAALQAYAAAAAAABAAAApIFVAQAAZGJiZGI1YWE0YTAzM2ZjYWUzYjY5OWUxNjk3MDZiZmQuZmlsZW5hbWUudHh0VVQFAANgSUtedXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAN8BAAAAAA==",
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992288",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b4960-2e54-46ba-a835-4a71950d210f",
"value": "adf.bat|dbbdb5aa4a033fcae3b699e169706bfd"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992288",
"to_ids": false,
"type": "filename",
"uuid": "5e4b4960-44b8-4291-8ceb-43ed950d210f",
"value": "adf.bat"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992288",
"to_ids": true,
"type": "md5",
"uuid": "5e4b4960-75f0-4bf6-b9e5-4101950d210f",
"value": "dbbdb5aa4a033fcae3b699e169706bfd"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992288",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b4960-9858-47a8-bf36-4e8a950d210f",
"value": "73c0b77442e5aa91fdefcfedf0e43efa7b7cac04"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992288",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b4960-36b0-48ba-b47f-4a58950d210f",
"value": "2f49676e70ad99b0136132183e197cbd88eb294d3ed4048da7f607f2c21f6df9"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992288",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b4960-6f64-4014-8055-46cd950d210f",
"value": "493"
}
]
},
{
"comment": "Add User Script",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992305",
"uuid": "5e4b4971-e698-46cc-81fc-418b950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAE0SUlAJZzkExAIAAPkGAAAgABwAYzg3MmZmZDIwNTc1M2I3MzMxZTE4Yzk2ZTUyNzQzOTNVVAkAA3FJS15xSUtedXgLAAEEIQAAAAQhAAAACSzUVQf3Mp8l2K1QC8MTKQ5e9WueVCj6SecupIe/iE6pOsHxvz9NvQq+4FAwUfQnLNcARTfwyVrUBepKc5AS6OITBPMWfreuv6H/iQ1cZ+SVgkzOhIaIh2VJQ4rQEVvFq8WfJS233QCttQuA1tc7rbk24II06G7AoIkxp9AKGo7eXw0vUiI3sg/2YMIBKJ2cvwBOLVG7AqaLqu3qW55MbIsS4aEJTGSGYadgKHgEgH0q5F79um8Vot4T4FOj9KXsReUJ5bxpJAVZ28ibDKMWDoX1ZjJKEwv71t600fk/MTLlhELUTLmpFwNLoHPO7SaXsNa1FF1x4O/so+LcwsjEYfgWsZMk0dSJu6JD+p3sXw1cuewJPhFwntmF9vJp//BPHcLJqGPiXxVnEnJn1kaXMWiTlhKWSUXgL/pJDhN+8ySOxvxY+5f9yjzH5S62o9xGGmUwsMQ0BxB1c/Q6N3671lRhzR8+C3lTAR5W/K3qo4MBuvT4Z0LjPHKgIwv5lkjssqAvSUWMN4BXLV0XwhB3OKIuJyPMjxtuQbHzy2xgCRPZjds4IjJwVhFeYZtdczAVnYlJviAWr+3BZPl3729tS3uu3J5GRGjXL/egTC5eTTjo6mwMYZNQluHojhXBhTw/BAwsO6X17FTLwnjfixWgY1Uz002lVdSj5zB8lnvflucSnfc288Z6S1uBSe8ScqwPQ0vBnzNWpH6KURdEc6o8uEVcwPCu7UxZbYrvYahqd75r6biBoF+UW5dpcihGbmzKPedwjs497Y5ExrC8o/xK/p7aZt3k8h6abG9vFGqsxM2yfHsc+pxsTOzQ3Eyqf33edZDC+BiWsM6LQWdN9kIIuVzy9N9FADnpMoQgBUBmqdVoSxhPDCIKthlNU23hdL6vU/166Pb781MoXxAt7yFytDF8YZ81oxVC4cF6PnFDHmNDwm89UEsHCAlnOQTEAgAA+QYAAFBLAwQKAAkAAABNElJQZL4DGBcAAAALAAAALQAcAGM4NzJmZmQyMDU3NTNiNzMzMWUxOGM5NmU1Mjc0MzkzLmZpbGVuYW1lLnR4dFVUCQADcUlLXnFJS151eAsAAQQhAAAABCEAAACD8EuCTdDWROcP20nJysedbs6/aLqUUVBLBwhkvgMYFwAAAAsAAABQSwECHgMUAAkACABNElJQCWc5BMQCAAD5BgAAIAAYAAAAAAABAAAApIEAAAAAYzg3MmZmZDIwNTc1M2I3MzMxZTE4Yzk2ZTUyNzQzOTNVVAUAA3FJS151eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAABNElJQZL4DGBcAAAALAAAALQAYAAAAAAABAAAApIEuAwAAYzg3MmZmZDIwNTc1M2I3MzMxZTE4Yzk2ZTUyNzQzOTMuZmlsZW5hbWUudHh0VVQFAANxSUtedXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAALwDAAAAAA==",
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992310",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b4976-8d74-4302-8af6-4fcc950d210f",
"value": "addUser.bat|c872ffd205753b7331e18c96e5274393"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992316",
"to_ids": false,
"type": "filename",
"uuid": "5e4b497c-5f6c-4df0-bb42-4d20950d210f",
"value": "addUser.bat"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992316",
"to_ids": true,
"type": "md5",
"uuid": "5e4b497c-cf94-40a9-9a9f-4429950d210f",
"value": "c872ffd205753b7331e18c96e5274393"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992317",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b497d-2874-4374-958d-49e2950d210f",
"value": "6529f55f28cc1411af98db6586a965df49479573"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992317",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b497d-9eec-48cd-a4f4-43f0950d210f",
"value": "77aebf8c0fc3caa445c5b8130cf69a988e625ccf45d89118cd30d90021a58436"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992317",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b497d-5280-47ff-b014-4305950d210f",
"value": "1785"
}
]
},
{
"comment": "Trickbot",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "19",
"timestamp": "1581992354",
"uuid": "5e4b49a2-40d8-4a64-93de-440d950d210f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAGcSUlDz2wjfl/gAAAAgAgAgABwAOWVmYjRhNDY1OTQyZGMwOTRhNWE1N2UwNTVmZDYwOGFVVAkAA6JJS16iSUtedXgLAAEEIQAAAAQhAAAAvUcfk4N/hmIqwAKLQ2MJupY64PaVVek3UZX/hh7FrO3ntsdGIniVqpMSvuAsRxYBTefT7C9MKvxnR2RkT8SrkwQ4aoe3hW76ltttisv6+asL4uoP/GBc3X5QjO5iLU76Y2Lxa+i8MibdrIsseLRa7ogyJWu0xpZEPklz15FAtJZU3pMYvU8AXClLqKvQff4dJID8ud3XFbF33ar7HsBXrC/vEDZnYvPAHV+jf7lTbrgSIAjcggRXAgrCF2v1d+TLBTFlLsMNtxZcUXLbDs/ZSwyrROWQ8heQt2jraj0yCMcupaL/bwdNZ32R3lNmKIDNkAfIL+XP9gxh/Fgr2b1QbAfdFahAkvBGFCbBfp+OzacAjqosyFH450lD5CMQtRiHjsIhzJgFRJbZ1mPFuq9msJBqGPVLk9erycV5qV58XX4qPPprqh2HXk37mMccq9FWeEbqzH901kV6uZhI35KXg+/OAUCCcpMT/fqJG1GdWJh0UkqTp0NHmIo1Pne5iCCmkLFkP/omTfp8YRVebxaaImG4VrOExya55yhEaAjzJNajopdtRKdJoBO+Kq24Ehl0qt5R6IqsFll1w3yq9qdAPNc+mQDk18W6u4g/wKmWwBaoLCMRkdHfmIp9PhafIpkq43IwGx7SR/FJy/GFpaw01HZSSYcA3jz0q3ZF6txkrZpklT0t7kXRDtJbFITE9hCjFPHovua48z8okHs8hw6TdR/zN60HDEMp38jDFS6kMMYneRZ4vuJhQMz8ei2rSWGrwfyd/cTGT5ggWd0mNljb5aIf8vhdvsxU/TmzBsAOMKECgjkp6+Gj6j2VtrBqvwgGLzMbrAcrErqqd/oojiQF7AoY3XvltxdtvyIWD0HpMh/tJVGuX76lYGr3T9lsPWr+nIRenyi/XSW0rBMG+V+sN4DJrnBna/SnQWvFXweB4p2uScfu/oYT1N4PICGuaztZKFWFlYzxj+3Wi+tYjDG42TRTazK4t8bO6Y8xen6u2OrV6Hm6Tc6dOu+NGr8JfUlK3rku2zPkUyT4qkl2ByOYnbiC5aWRyJ7UQQNY9fXJ5Mc7UIOD6BLs/FBrS1dNp8yElYgm7CAa40wOy6eSLnR5eNRmboHheoVmafQTEyfqLNw211B6D9qJ0edfTTIF8EJCDWailYmTaNZH4qnszl8INiFadrRVcYiaJ1GmL2P9HbO4Bd8UXKm73aGqbZe6J+9MrRZ/tVOD/9BeNGv60tFBPwtnq4dxTHTuEQzqtjJJifgXJKkEtsR+tMYlk4HBS3Duha6ClH3ys0GvexRVDZYJ17nIijT7n/PnvJDjfjSfScpNfXq3bqEBxH9SaIuAvGo74lBmTjs/WdW1pEOzy7r0ixssfKlYS9uIN/t2jvSHDq4oq0Ywmf8aHyUl150rOcdREFPTfEN4nAuIIz9wSVcB2zR/QAZax0/voZ922FJw6u0K8onKcCju8LJWaa9kGjTXFRWhXMXzamzlKaZsf4Hs/krWjjgyXf/vUkfk3+tMCTGl5KwijvezmzQ7OALA5n8R9Z3UYxqfGYc+KTMxHmTLd/GoT14tL/ZOxuUjdeXiHYfSFRO+NfwX24De2XXFY52ROc9KJmUM1ZctIY8Vr2k+ps3YpTDHbokPoXANP4aUMF1g4lK8IFv7x0kCoVuYv6YnM4oHmwP6PzbN21kseNzgcQ7ry+cMENiMugpsWCn+u3LQ/En8DFhw/tkbVmUp8yZlMA8BgxyJ7nnTV8KA1rw/fIzaEBKW8JqvmEx6A9yDHfRcGOWmQgrzdEJpwflH03nkLTIRIfD+QLXvkh9QkrJsxX6fxkFpRIx08VsTG+Ir6cCaL/D43ZAaZPxm+cKJy+Q3bAGvB2SFrY35pEOPcN9pOKyWYv8MNw4/6cP1tncyhN3CKK9qm5YC/eqwb7tvSmy7HK/Z0IObXePisDPU4+dBbygaERJEtqKSw+5+/IEEtYnYfY/vbmIjBNgbNAmRe6DwOixhhV3VDLykdOCLczj59rzVEiK2tw0jnuzJZ9hhx8deLHNcy0vfbKbIhn4VtQMgJSJmTIxhh0OURSWuGlHEJ17a1wHJ84iyj8rMd3IEKzO7wO6UPnXxICr78mBLoT//ZpIlwl7t+xovM5v/1RWeq++SietImNlxHwUM13YP4J2FfQvDItkwSntkKwFzYqhOL6tSuyMK9tF/eiXRaATYzqgsCTptNfJ4+TlyDCIJQPykX9iMz8/0242+oRIBYrV7Z+PYJXhj8Xwvtz5Xz3qCj5L5QEQS8gXJmFtenxqo0wNgDKQYF/GUlLmgVNKSI/jseAQ+nMwfbl0v2byADZteboUyCHR5lIDkE/5NfAYcS4jJaoYdnXTbiY6LTekKQYk2MO2e8FO2hVHAoOihSFOVA+3zpdJ9rrjrdScBuLfHEVF0mrjXC+3enSNUz+BhgISV1hiHCqeIqmitv6zEOnc8docmoimvcZJiFw2ClbRc8KIK6OAYq6IU3S2cWH1iM0au1sdXunmv27WQiIFyYDQDFKNHenx7p6H+ktlou0GvY0GNrkYT1aQAfSIHLlrnbHY72OAQf/TxEjRZkDoc2jvfZhxmMqVGS5SVUOJNcgDACs1AgIb1yzcZ45KO35gpFoB8bu6ltfR88sGwQ/MDPANE/szB4zA/tmXusgcxqudd7Tx57gXthX4x5rMJfiMwzc1LHIXVKFbE5DpwjKDMSEGyGvd7il6Y6RBlk7KRiwlbnOoItJGujVfam3+HRZ09N7Jla4tQTscV4FNS9na+YVan91XoQLuot4fGYwItUbPHaOBZXDKH+597WV2vGYwm0X3CiqI7eO9/X6GdCx/ARL4+pSscJs2FyHEgULJD2+yEzJpVNrlANuO3HrFviZh++tK2usgwSA5NG6td1pIZdqLHpu+PRd1FIt+SQ/M1nyqqBEruauJkQwit6I9kVWPr2tQ1sVryOvSlp67RW5K4YelFkSLFvROBV69zvH//TQl1GWb7YvFy1974tsMgRwy8flGmoQ9Kt2CvCsnCDwdml9SYc69V3FA92Sa2qGswtvcqDmxf3il7d+BbtKZVaze6uouFQrHL8Tap9oFvJS/iQTOGNtEaCtvYXeJp3dSMvFe7zCyvwJFlT8hoQQB6OFIr/WxJi6388iqRMEAlbV74PscyhRslTyu2NuBuKzD9AC9nTY/9ssHeT++MCfArlaDx6WfFrwQaeYnlasHZ6Xc+1wgxcl9UO+Apbh5Vn7IYCjON1oDW1u6xaMTHoS5K19/PL7cRfuM0b/umflsBokbbZYhDbOACP5cHQqfbkXkgzywawKTYjZhb4fl93zHgfGmhr/iVfjqndDPNhxL4EG4k0ECtBzdr3v2vBktqpQdT3DjV4WST28bNFOVh8/0TxedZ1SFF8XUcssML+7HkrlhfONMnL2aVj8WHYj303VELtJ/kgN2doWxICVmbWf1fLjNYO//eplWujf9iH5x0S/++aVFFWSFwEetGq4mbiEvD+FuEFJR9OOtOLOFUrAvNSMOjxnm4DEL6H+qMrjOMR3vOgTWMNv9O9YX1+lrbNaqRv8qV9HEvUAnW8TWv6NU0YeicDSperqD7ilnZB10c77tza1F8OqyJMOIZaGYHvC7yVJSB/Ak5aIr95ETFUaRkfiRjxYk3VxDqEyayBZ0eFxusn/Mg4330jFqTfTuBQSOj9IC/s0/NN2Ho4F6XbGOmrRKfpnTJnyk5hd2RyW9J/eH13FImow6n3JnNfvQ3xa1t00SiFUpu2L4HABZM5yM1CTinGTT70UwniFIvV9JG9VzYokfJaLu1gLTXUW8Yf59jfqr2JG4+Ba1BFb9d/dBtX4ZmwYXkaO0h7IWndgUHixx6UMmRqR2JVMAXl7gpRfsxgPEcwCWeSu/0YSIqkqHIMX44VjU6EYDrmwE98dEiyiC14KuqwAiChfUDaqYxE0a14siqaHJHlr0kj/
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1581992354",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e4b49a2-e8d8-4322-b463-469e950d210f",
"value": "dxgmtdk.exe|9efb4a465942dc094a5a57e055fd608a"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1581992354",
"to_ids": false,
"type": "filename",
"uuid": "5e4b49a2-0500-45ab-80ee-4ba5950d210f",
"value": "dxgmtdk.exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1581992354",
"to_ids": true,
"type": "md5",
"uuid": "5e4b49a2-c394-467b-8abb-44c1950d210f",
"value": "9efb4a465942dc094a5a57e055fd608a"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1581992354",
"to_ids": true,
"type": "sha1",
"uuid": "5e4b49a2-3ff0-43a8-b53c-42c8950d210f",
"value": "e1348386da5af1903766352d4a224d859933e941"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1581992354",
"to_ids": true,
"type": "sha256",
"uuid": "5e4b49a2-4a18-4806-adda-4a70950d210f",
"value": "c93a357ea1772eb376ec4528d7a6bf8cfac31d9b9b4fc5455dbc369d6bde3583"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1581992354",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e4b49a2-b7b8-447e-83c9-4d96950d210f",
"value": "139264"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink