adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/abc51826-68fd-4cef-9a06-86ec17e66ef1.json

899 lines
409 KiB
JSON
Raw Permalink Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2023-03-14",
"extends_uuid": "",
"info": "Pandora analysis (Ilnas-04570323.exe) - malicious files included in an email",
"publish_timestamp": "1678791749",
"published": true,
"threat_level_id": "3",
"timestamp": "1678791723",
"uuid": "abc51826-68fd-4cef-9a06-86ec17e66ef1",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:clear",
"relationship_type": ""
},
{
"colour": "#004646",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1678791396",
"uuid": "67b8d93b-d243-4f88-8efb-728093442afb",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "9600290c-8952-4172-b019-bba585a93379",
"value": ".text"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "4ae10ffb-cc98-415c-9fbb-6e9255043ac6",
"value": "26624"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1678791396",
"to_ids": false,
"type": "float",
"uuid": "2ceda395-122a-4059-9b93-088d4381d0d9",
"value": "6.4722766230246"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1678791396",
"to_ids": true,
"type": "md5",
"uuid": "e1f523e3-448c-48b4-a0a6-47dd77b53867",
"value": "0c41c917e7453e236c00cdcdc2ae3799"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha1",
"uuid": "f0d1dfd3-0ec5-42a9-9664-c5139499b050",
"value": "77015f6b2420831328e4a1d66ab2955072d70b12"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha256",
"uuid": "5e99f98f-5644-4da2-8b7b-9c2da3605d92",
"value": "6421606108c45bde6cb2c4251818d2c7498c4e5cf1d07a6d158db0f5581d07c2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha512",
"uuid": "5e6cb371-9dfd-476e-b880-bb5e8954c94a",
"value": "e555f8ca08565aa6584ac4e6fbf6765ec4b2faccb84b2157ed7baf0f5c3d2d759e91b04a2d875ff8d2630c98c351ae30bce7e763df293ce8b089df3ad410549c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1678791396",
"to_ids": true,
"type": "ssdeep",
"uuid": "be6546b7-51be-4f56-ab1f-8aa783f9a72a",
"value": "768:TXWsAYF0UQj0TU9a+IWNu9B1MxlthhMLWI02L:TmsAYBdTU9fEAIS2L"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1678791396",
"uuid": "9c0bf704-01c8-4446-9bba-1304997a3a31",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "353881bb-2ab4-4117-8b77-110146524476",
"value": ".rdata"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "584a30b9-4e3a-4dd8-ab6a-fecab4f4434e",
"value": "5120"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1678791396",
"to_ids": false,
"type": "float",
"uuid": "7621d06e-e524-4935-a1a1-433de25c532d",
"value": "5.2097955685559"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1678791396",
"to_ids": true,
"type": "md5",
"uuid": "12dce1e4-fa83-48c8-9fe5-b440dbbd6c0a",
"value": "aa8a9071e074b05a85b53f165792b649"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha1",
"uuid": "99d71efe-2b22-47b3-b29f-c5618947be27",
"value": "1b14074680926c8b5b7471df62a5f86a7262596c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha256",
"uuid": "99669350-f284-4766-892d-3f70fc9f983a",
"value": "4e281c639a6ab044696895106e2af7e7783426b78da0b471cb31978e4dc74a3d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha512",
"uuid": "20a9c44e-3a78-4e64-86d8-689c49766ace",
"value": "cb501b663a4d272463c992b0b5fe4ff0bb5b4740e117d2a425251ade765485c910e4004906ffb09e608ed1bc61cd9f7cc0bcece41d6be2e9e52320ca9b9f8fe8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1678791396",
"to_ids": true,
"type": "ssdeep",
"uuid": "dc18e4c5-41c5-4e1e-9568-7c2f30d4a384",
"value": "96:hqGrMl8xCavqvIdvqEJdlTnDPhxyPYPkcmkJqiy0BjKwrYQ:lrLDdzFnDLyPYyk8UjKGB"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1678791396",
"uuid": "07743820-a48b-4770-b916-2964442e527e",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "ea621ba2-c96e-4430-a5a1-49830d57db07",
"value": ".data"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "fea574bb-0225-498b-b76e-4b13ddfaf602",
"value": "1536"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1678791396",
"to_ids": false,
"type": "float",
"uuid": "7fd28358-b300-4022-8911-a7bbc8e8efb2",
"value": "4.1105821276542"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1678791396",
"to_ids": true,
"type": "md5",
"uuid": "d66493c9-b383-4402-bea2-dc91d0f314cb",
"value": "4b2421975c21b032f7ea000f5e7f9fbf"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha1",
"uuid": "7e7da7aa-659c-4e5d-8dee-39a3c4b446ed",
"value": "f45486287d474fdcafc99c24e37c4eb61bf613b3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha256",
"uuid": "584c9e6e-f0c0-4130-9318-0b1c1c93b7c2",
"value": "f05daf3c91cc357d04794a740f21eaaeb870f250877e3a6dc498c5c3046cb414"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha512",
"uuid": "2a7aa27c-7d5a-42d7-b87a-8e330ff880ee",
"value": "45b9cc616c42014c0429c4b66e47f186d707cf9319ae7afeb824f71a52014a2fe63ae33ad8299b4a9be04ab00a5fe53353edb44485bc6eeefbe01f67037269c1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1678791396",
"to_ids": true,
"type": "ssdeep",
"uuid": "c56aeb83-2a0a-4710-ad0e-a017c73c02dc",
"value": "24:E2k68GXOn+C+ldL6KvtNxLyVA132BtfRtuuxOApcAmgLl:Hk9Gen+C+lwwNNyVDtbuuzpcZg"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1678791396",
"uuid": "9bb6e5bb-6eaa-4d7a-9bc7-f645b7cc062e",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "72f54867-ceff-431f-abea-ad2e51314655",
"value": ".ndata"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "1dafe2a7-5dcf-4854-a1eb-fa990e35f65f",
"value": "0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1678791396",
"uuid": "701f0ec3-123a-4ea1-955c-ab1f01dc2073",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "1904b87a-6e5a-42b3-b9b6-27f1ff65a416",
"value": ".rsrc"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "05203d87-61d2-480b-9da8-cdb572b0bd9a",
"value": "3584"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1678791396",
"to_ids": false,
"type": "float",
"uuid": "633bb984-1e71-4e65-982e-f185a0393541",
"value": "4.5011372937164"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1678791396",
"to_ids": true,
"type": "md5",
"uuid": "51ec3a68-fbe5-436c-8bb3-6ff2c5de7b45",
"value": "d7b4c49f480f78834fdfb3fd909bd202"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha1",
"uuid": "5735b4a1-cf2d-46ce-9867-7c36f29b34a8",
"value": "4593d427db96956aa2efa5ff8c2ee2efa0dcc2e8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha256",
"uuid": "9f6dc94b-0561-4fdb-aa27-3de2aa4bc973",
"value": "9c0ce1dc62b139aa0fd73d61eb904fc072a3ce721e41f62724d37bfb9c7d6dc7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha512",
"uuid": "1d213fa0-fd3c-487c-852c-d77d06afde3f",
"value": "5553d2383e151ecde7a0971a4f4a911edd744eb2325292446001b5c1d67e6adbb61b238f528f846f8a33f1119ee01b3dc94bb8c138b66396a57cea99f1088d28"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "ssdeep",
"timestamp": "1678791396",
"to_ids": false,
"type": "ssdeep",
"uuid": "5709d6f1-d620-4b65-a874-4af43d08446c",
"value": "48:iHy4yMXAQI/S0qK7/3zl63kMNngN4x5eO4orLz:iLAQrfO4xoOz/z"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a Portable Executable",
"meta-category": "file",
"name": "pe",
"template_uuid": "cf7adecc-d4f0-4e88-9d90-f978ee151a07",
"template_version": "7",
"timestamp": "1678791396",
"uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"ObjectReference": [
{
"comment": "Section 0 of PE",
"object_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"referenced_uuid": "67b8d93b-d243-4f88-8efb-728093442afb",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "4b81a0f4-99fd-45fa-83d7-aee17264e258"
},
{
"comment": "Section 1 of PE",
"object_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"referenced_uuid": "9c0bf704-01c8-4446-9bba-1304997a3a31",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "1faf6291-a179-4139-8575-63d85e6014c0"
},
{
"comment": "Section 2 of PE",
"object_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"referenced_uuid": "07743820-a48b-4770-b916-2964442e527e",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "17e91454-e154-46ac-ae7d-c282ce122b89"
},
{
"comment": "Section 3 of PE",
"object_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"referenced_uuid": "9bb6e5bb-6eaa-4d7a-9bc7-f645b7cc062e",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "dbfce35c-49b1-4d1b-b91a-99dac6b094c3"
},
{
"comment": "Section 4 of PE",
"object_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"referenced_uuid": "701f0ec3-123a-4ea1-955c-ab1f01dc2073",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "d5d78325-6bf9-4234-8180-a8e8fffb573d"
}
],
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "0fa4e677-13c4-40e4-91f9-e202a5d85cfb",
"value": "exe"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entrypoint-address",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "ddff0c05-3426-4b8e-bdaa-4b1e5f8d4578",
"value": "4208192"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "compilation-timestamp",
"timestamp": "1678791396",
"to_ids": false,
"type": "datetime",
"uuid": "49591d5c-01fd-489e-acd9-12ae58629bf1",
"value": "2021-09-25T21:56:47+00:00"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "imphash",
"timestamp": "1678791396",
"to_ids": true,
"type": "imphash",
"uuid": "d6d41656-0982-450e-a817-a970a54d147d",
"value": "61259b55b8912888e90f516ca08dc514"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "authentihash",
"timestamp": "1678791396",
"to_ids": true,
"type": "authentihash",
"uuid": "25e830c7-11bf-4f80-bd58-33338feca7ce",
"value": "897465623f825e3311d9c0947f25c142d570e2958eab6406348dc7f8317d59ac"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "file-description",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "deb1cb5d-5872-470f-8230-218816902029",
"value": "completely"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "file-version",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "c57f6d21-9a82-4f3c-a32c-00a9910cd8a0",
"value": "96.60.17.30"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "lang-id",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "95ba9d9d-19d8-4fc5-a597-8cc02f74864e",
"value": "040904b0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "product-name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "cdac20eb-f81b-4a22-90fa-03c5f538b899",
"value": "96.60.17.30"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "company-name",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "8539853a-4733-4a62-9777-869a9b8ea9fd",
"value": "phlebostasis"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "legal-copyright",
"timestamp": "1678791396",
"to_ids": false,
"type": "text",
"uuid": "a8995f34-0fb2-4e60-a3af-653ad9cbe120",
"value": "Copyright hagbuts"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "number-sections",
"timestamp": "1678791396",
"to_ids": false,
"type": "counter",
"uuid": "c8d1ae55-8b3f-4aff-bc02-8a2db59230f5",
"value": "5"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "24",
"timestamp": "1678791396",
"uuid": "c634774e-6f37-417a-806f-f6b393ac087a",
"ObjectReference": [
{
"comment": "PE indicators",
"object_uuid": "c634774e-6f37-417a-806f-f6b393ac087a",
"referenced_uuid": "70beb14a-f0ac-406d-9dbf-0d9302a5ffe2",
"relationship_type": "includes",
"timestamp": "1678791397",
"uuid": "90da24b1-79e0-4ece-bb0d-16da821a0ea2"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1678791396",
"to_ids": true,
"type": "filename",
"uuid": "807f62e9-fb33-4dbd-a7db-6f622016dba0",
"value": "Ilnas-04570323.exe"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1678791396",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "e3852546-896c-4894-9c0c-7d8707da9054",
"value": "304370"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1678791396",
"to_ids": false,
"type": "float",
"uuid": "15c9a08a-f2bc-4467-b459-634387718ac3",
"value": "7.9278231438503"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1678791396",
"to_ids": true,
"type": "md5",
"uuid": "e294a34c-9bda-4f4c-93cf-5b1396fdb2f6",
"value": "e3ed2bf3af00fb89488cba4eb04e3ba0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha1",
"uuid": "ec035a45-717e-4abb-beaa-bf6ca29be2b3",
"value": "98689960e2ac62f3ba796c1464a191d49da27ee6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha256",
"uuid": "1ecefa21-548e-4955-8754-3daa444c490e",
"value": "ac3f949cb6e892238fa6902caacaa5ca64e4181c563af1e3650c9decfa64817a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1678791396",
"to_ids": true,
"type": "sha512",
"uuid": "838205ee-6c04-49b5-83aa-fd7b946d526d",
"value": "c6f9cd18c96cb9369063b6be4da1af3e31800b09de1d781cb6e2aa90874415d903fb7ceb1399531bbba0408aa47ca2f6dac318000d3a6bd6afd679ac36fbe156"
},
{
"category": "Payload delivery",
"comment": "",
"data": "UEsDBBQACQAIABJXblYKO9Enp20EAPKkBAAgABwAZTNlZDJiZjNhZjAwZmI4OTQ4OGNiYTRlYjA0ZTNiYTBVVAkAA+RSEGTkUhBkdXgLAAEEIQAAAAQhAAAAxDsdpr/eK0ZaF2COEvAdoSx9ZZTcsPZjuPIWtIZd/8z/qi76vQEIPAS5SXhXgj9D+7WKPraZSBcMj8dY1nHXMSN82leTBDlPtBN40K61aYFYCHrwNLn5f5gI9WQuHNzUBzVjE/3DS7k5Uy3bYfh/0+lCznV1LK5Rudt0nAbYtc3ykrG6n+5eZAmQEv2SHbzUTUmiXGL+a6OWCyi/dHaj7qkyRpLqsW/pwHI7Jq09oIEiSOXPryS2+dN4Ib6uiMFErElXav1aZdIJ1axbrUs2FKNKXXvMnwVc5PtqV5mXzX/IYzl6Pacfuy+EHS6Iie+UMqQOg+j1Jxk99giA18AeqBiuJ2yY7xPqkCr6HWVuQHqZD0n7kI5He0kgdJPMFrPJgkZhz7zsgWTE0GrTFLHOYGIttziwPhCQeKmZSgVoJovNPUkiG+ns5ZSM7+vIDbajooh84zy0GG1IVcXv3zcYhQ7vrRGPjHHSUODk+zx2pljLx++kEDESGI1YboSbl74CLotTQZI36KD9ShRyGQoNmLSHRr+Wlj9OmMO0UaG418xynk3Wq3mkf/5CKCmka3q2Wzb++U47I7rKtRGMV8na8S78Mk0avsxd9UwXwb8Ob1cJDIfGe1c19j5YwS+y4bmE624q6TBXIptzc9MoA04yGjRn6CfTW8MUuxiMj5NxpCW+VgeW0X3iliRUrTvJzXXPsC1kU/dMg1iQqBJ0IeRPvO/gEAMduvgh1Tul0V8T3RinZFlK3KA9LNTvWhLLFi1IdRWsd4ddD+IC47f3ZGdgG6D1FQO/247IVgbt3R7+0yFO7G0cCrEvKm2+LwB/STKio2asit62vdBhwYPUh8wahMLZ9e/65kWiWk4IyfKxffajJz7lukRK9YN/lVYlZOrzKpC0Vzx8Cpy9qodfhb6MW8BJAtTMSTHmFyu1+E3VOX+y4kD14oQd/XSHE2QnbbMK8OLXOqApTLHqt36HGy52d6kbUSjGJA/68kzYJlmVPX8tjOk9nBaM8Yh7bqSLQwDSE6rIdk1pPBoCfeLO7IbIRtyCJl+bgX8M+kcIKSZGYUR1nLbfygoi1BIaVDWNw0Zer02meF4PqXpuDsu/QGMJFzoDlKRFdgM9UgokJR8Lf7xKw5a9Ge15hnzwIrWkHio+lo+Fo3BGsJMltxm0yisNLonu/LukvFjJTxOD+w/7VxlP9wG3Svxy2MfSAjlLOs+LWM7I++ZozlZU/+BGI5ZEmWMxRHbKap5s0n2nnENAMXI/j6znnHq2AjqzCEb8yrmvVfmITOxAr6BIV+NLfrz2Y9tyqlkZUXW/nN/MuVq+P2G7KJo2NPvdIOyvT7eFoKMbI4FMfKfal6qmk96q+qFnYSWoVVAu+MPPbTzz+ki6fDZpuVOlImcHzj1du1H8AuZa6hv2R+2Y2KFD6WpuGNR2vs4jZP4YzOKwMyBE0a3UXgKDsHUBMOETMqK+M8ghWMzo8uVfm3WkXVxK0FXUZ778PEMRu2iByEQP7J+dUAJ52mSyUml1OEE81FpRYLKO0MIVBOmgyQ8Z0Fncql9Y9OKkIq9JUaZCz1FOJ3KPVYI76N0VNfzNzLMoQvpIx/1gXKTJJ+5RdMAiffdFAHQTpA3gOXvjt4MbwBkpYZ4BEbGgnqto38y2Rucdq2S9Pj7MQ9BXygf0m/f+T1eRmRTBzvY4RfGvg3SCaHb+gUVbI+ZNCjOf+F8L7LFxJVfXtUNSctW7yHSxTKZJLf5LRYCQ4iA2MtvbdhHog1dmhXJ6IOFiMj7BGjEaQBRoz//PRNCKyzY3ak+SPQ9Hd80jOc4L/blocCML3zlM/pHqt3UKEoPho0OPLdYwmxN4AoK+fg/q7ap6NbKaA7bWOwwyJNBIlEZh3n90NBHuzaflddJISfm7OZ8i3WFw6kcgyNU9axH1yfNKFs9w26nUfBb5QuQjKpZaU9yKZPa9S3ElVA7LMx+ssVe7EtzmkcFKSlcOeK4m/HapYd8DyGMsdFk6OfwZMP9Rj7tRFh1cQt5uyMpKbneHQypuagIsrfCszPizExybcc7KzMH0sVnQaAygdHu7G5E2SHM3Wf2aJMJIfKLGQjflJbKYyAM0edSQWMp8FaJ1HfNGQQjji8JoWZ72nk/RGx9+gNu2dFzjXV0bVzXHCrLuCTl+jfEYSixLHtf3fi9mpIqSMBMOmYRGpn7A+8EyyI5LikZygVUfLjIgJF8mAqFgZy2x7XOMTrCINM7kNa4bXnHhb9yxiEvAXiXoeI4Ee4LPikEHz5VbMk3kFps00BcvEmvDb9nFohgM2BcUxq6lxfGieySX7HB0PoK63lNO5lP7GuV8jshD/zcljdc02a7dUQJm981QgTpN8SLXgao+N+GHcpHRM6Vu/65T40zGRH0jb51oQKYyk/v6Py9L7sVokJppwiL8cGDx6bz5G+UbAIvNXKkXMnowDgO17NP/FimX/o8xbUsXknS9npK/g/UWQLKPEfQN3J2LQLBwAm1/oB6lc/7vwNLNrDrMjlBZLhw0lCd02J9u8hVMJ8EhpSf2q/BlswtKsTIQGMoqi8KKlGyK4DpoErwQeaTTytKa31DljCs/G1oIr58rsefw9rQ/kBHNXFyP8VGOy+o2u04xpLTwrlNsTTUy0F/G4kOAAbD+yCLC+ES3xRS1R+iTf5zlpt/y4QOXfoEOESg/2nW9xqtunzkhNNPQt7ovnfyOff4QORLR6+5wsJMPDiDlS1K/WPpwrI/TdxItBk71TYniNmbr8XHeH+qu7wHF94+KMz7dITe3sydj7GUPJ1A5tw/Yu00e8e0zCcLKCG5pU/b/NFmiHz91SxT32/5iHnno3B0jHNH8VgDLTIRXF3BPsvAdUfIlcPiDgNkWZhmLFZWkInk55SFXENCqLx8Aj5HLimXD3MHFzaREFxedvStShrACSvCT/BysdyY+dT5nTUzf/KktlT1Iu2rk3QxspdtncbTciiUr/FFi9jNKPObu6eoL6ClDFFl8eE3M7scpk84Dohyct3HBnhjmywPCvzijOoXxNW/DNEDt75B306lseu+Q6sY5FWL5lazwMarqa24EjHC6RkFcwf6K8EsaTMYAP/WRyJbw16pH4nPNeJH3tRJu0PJMYs8LqLsOXczeQFFXiZNv/Mu6cf2eBYD8S5ypYFHXbAaq4aA2/xml0+HVzsOG/h3c01Q7rIwdN2cHfGBLlPl1a9kIU0rKGR/xcjdlxXhuiLcQYPh5eTOYc2o8GD9Zm3jYg52mK/oepdwZCznDtIE6Nzv/0SF6VrsVCqwQl5QDVkWXXpAOJ19qFmMu5o5QgzTuJAQJSRPN5QkwOXCqKWnGpjvSbPF6fJqN7UPqU/ly05alvdWECH6ojl2C728y+dMTDuCMpIdpMjRTwz1zeytv29YQmzZR2lZ9kZUrhFJDs19I8aOYJmRvcE/tNK2SLHeKZKYdQ2JijRHVit+KjVQzBAsnS5qmhtxX10DYPYDDmibZhCI58CfJZg7vNO7HykliR6Sh5EyIai5dwYgjpFWKRxNSngEn25S/j913DMEOFPBW24NEPUsFTYzhX483Bqdt3b5eidpu5cjLcRhKLXBK3FDBVusUBF1UiwxmOZL8cey59f98wl53zwvmzzPd1nee0MXEdEkh69iBCZ5eWHXZbHFv3tMbrCoOXevdQxKbLYQWVH0RKmNn3h5njah4WbPY4qzR0ehYAcfzmC8ILj2AvNUXLjfC/iHaLzqX/tx39sa4uH0EE4MqNc31pVfFYAp3vlL8q/1RptiDM9Zfal8C22ydtVJEUlGBeNvy7jdD2WZMmmNxHCmqRmDe1gfdwRxdtfx8G6KmiJjiV9KFaCDvr/I/NaW5HPrkGy1HQMuXLgSmBWuFW5E7QLo9d//gpG0qlXEDCgdtWqVWXXAoP7lF6DmR3098PqdhOeaZ3nUW5+iUDZE+ZY5CxgsIH4yKMGecC5rfa4
"deleted": false,
"disable_correlation": true,
"object_relation": "malware-sample",
"timestamp": "1678791396",
"to_ids": true,
"type": "malware-sample",
"uuid": "162092e7-545a-4847-b9da-4dfceed05284",
"value": "Ilnas-04570323.exe|e3ed2bf3af00fb89488cba4eb04e3ba0"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "mimetype",
"timestamp": "1678791396",
"to_ids": false,
"type": "mime-type",
"uuid": "f8f7e510-71f1-410e-9425-d43c9374b5b7",
"value": "application/x-dosexec"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1678791397",
"to_ids": true,
"type": "ssdeep",
"uuid": "d6bc0ff8-314c-4c9a-af4c-37baf6bdcf7c",
"value": "6144:PYa6lNB1e2Ysp0mczE7RWcibwl0Csb+7AjXx+I7jQUOVPBqoHnyrJsqKoAeT8h:PYXNXeypp1cAAjBngU+UAyrlT8h"
}
]
},
{
"comment": "98689960e2ac62f3ba796c1464a191d49da27ee6: Enriched via the virustotal module",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1678791624",
"uuid": "8444a337-9328-4edb-9b70-774272b5baf9",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1678791624",
"to_ids": false,
"type": "link",
"uuid": "053ea788-3d96-4ae6-b15e-96cec6109776",
"value": "https://www.virustotal.com/gui/file/ac3f949cb6e892238fa6902caacaa5ca64e4181c563af1e3650c9decfa64817a"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1678791624",
"to_ids": false,
"type": "text",
"uuid": "cbd09660-1212-4654-a8b7-1f54374191d9",
"value": "33/69"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink