misp-circl-feed/feeds/circl/misp/42e5a5d8-59d6-4075-9c9d-2d334b9d74e1.json

1655 lines
130 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "0",
"date": "2022-09-06",
"extends_uuid": "",
"info": "DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa",
"publish_timestamp": "1666605489",
"published": true,
"threat_level_id": "2",
"timestamp": "1662644030",
"uuid": "42e5a5d8-59d6-4075-9c9d-2d334b9d74e1",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
"name": "misp-galaxy:country=\"cameroon\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:country=\"ivory coast\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:country=\"morocco\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:country=\"senegal\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:country=\"togo\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1193\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:threat-actor=\"DangerousSavanna\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "afbf6959-77a6-44b6-8fd4-29e231b496eb",
"value": "020ea21556b56229bb9714e721d893df"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "f6d22b5d-f7ba-4c62-bef4-12bdcb17467f",
"value": "0789e52f16f5fc4ac2dbebadf53d44ec"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "257e59dd-95ef-46c1-930c-38098a3c982f",
"value": "0b1d7c043be8c696d53d63fc0c834195"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "5273643b-d90b-43d9-bfca-aa77d568d932",
"value": "16157cdfd7b0ea98c44df15fb2fcb417"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "8e81a2fe-5ecb-4db2-9720-79423ba974c7",
"value": "1818f84f7f51be74a408f5e193ba5908"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "629d9702-f77f-42bc-b259-efcf0c05209e",
"value": "18889d70d5546b861c6fa4ec11126942"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "ed9d6044-6c12-4df7-a0bb-c3fd6c66acbc",
"value": "192b70891de0d54af6fa46bd35a5fd87"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "cde93ce0-b1b2-4e8f-a441-1183b3f5eb95",
"value": "1ccd2ce1e827b598207cc65e16686b7b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "2d130f09-3f8b-4ae2-a2bd-fd14abed47f3",
"value": "1eb29f64f19e07d42d9ad8f6597424b8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "5c07b7ac-c4d8-4c69-b940-3e7cebf3a904",
"value": "1eed3153b1afae1676ebd0db99ac5802"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "80aebdc6-eb78-4263-a2ec-9771297165b8",
"value": "1f4f537e550e4299a945a97c1f8a0441"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625483",
"to_ids": true,
"type": "md5",
"uuid": "aab885df-1413-45af-b1d4-faa9c49e5b58",
"value": "28165bb98959e7e7d9be67f0d248b31d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "8acf2ac7-aa07-40b8-a25a-221aec2e563d",
"value": "2c95e83759487d78070b56e40843c543"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "59a0e78e-6397-447a-a9ee-0802997210d4",
"value": "2e7c90c45b3cd8db15cd22e0caacfd40"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "a08f3873-5223-4dca-b23a-2f64377092a3",
"value": "31515f871cb12d538d53e730e5ddd406"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "471e2d0b-74b3-4ef4-8009-3ed130ac6f0e",
"value": "3227c8a45ce4ccf8c475a51b331720c1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "f38f93f1-0fd5-4d8f-a2f2-119e99e7cc29",
"value": "3c70bc09d1f8033e57323879d50ca3ce"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "ea6feeb5-098c-4d01-b0b8-83f1d472fcb1",
"value": "40ec0d84272f1f2394b4a3b74dafbf70"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "587b6f4a-b086-4edb-b18f-a1ad3bb51325",
"value": "46058baa3ef1bdf553d89439cacf0675"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "d9bfe8f6-5bb3-4142-8b77-5ab70241f8b3",
"value": "46a0071b7e5ea442580a2f80d2fcef42"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "d6c74368-80e3-498e-b39d-2003011c06a5",
"value": "47c68680c9a00b117764114668357e23"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "613a147b-8291-4c6b-815b-17f5402755b6",
"value": "47cf9fda04b2abef75f1eca9804aaebe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "50bfa7db-1771-4b51-8717-e8c4e3772a6f",
"value": "496f2a2f14bda410b5f3dcff40bf56c3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "ebe3308e-3c72-4b47-8d41-2489375fdf34",
"value": "4f52ca22d2d28e1ecdb9fba92e4cdde3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "2c483127-d6ae-4b3d-bbbe-ea2cf0ff4da9",
"value": "4fb7503dd8b21396bf9643e0dce70fcf"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "5fb21d24-21dd-4731-ae47-f141bdaa7403",
"value": "4ffd8ae803d7498e2d5a7a7a3a1268f8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "1aa44ae8-f334-43d7-bba6-caeb16e92927",
"value": "5038e5cd4888adb3661d9958f04a1ec1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "c9c0a25b-2bae-4dd7-9d58-5c81bf2c0d8e",
"value": "505724eac0faf0eb32e4ad25ab5cddfe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "05d36b6d-e23d-4526-9659-3825207516b5",
"value": "518a533d6ff1d86afc0f7d94c0a1be7c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "b476eef6-0686-4863-92dc-801c6d78bea6",
"value": "565a87ba8e79f5e081ea937068082afd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "236c61bb-e294-49b5-8722-1e53c6049005",
"value": "57511cb12fb5f505b3330dfec18f3432"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "4624ca82-3fb0-4f2e-8a28-07b30481e680",
"value": "65cbaec27b51d54dc0bceeef298719a8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "5f04538c-3a76-41ba-b18b-75d3339f0f4f",
"value": "66ac99b3501846a6c18f2671dbf31873"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "4526005c-3efa-4c5e-b521-723f71067581",
"value": "6702f0057c401cf390adc28d201118f8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "ce76af0c-fa57-493a-9c18-072837a6a7c1",
"value": "6b14a4d6212087fe8d88ad012dbc8598"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "dbd22033-2475-47c1-bac6-6e61b960e02c",
"value": "6b781c1082014a0177f42e918adb35de"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "96a53625-fe51-4139-950d-58d21de91e74",
"value": "6c737910247e3122fe810df6a63581f7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "a9139ef1-e005-4071-9647-ad27d769cddd",
"value": "6c7846d955bb5f3842bb7c35fae1569a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "95d609a3-5dbb-48f8-8007-ea0e388c5e9c",
"value": "725489b29e7afbc045b2814dff5474a6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "aecf34f9-409d-44d9-aa74-81b85bf40152",
"value": "72ca000f40335d771936d077d4cabefb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "d263fe47-f8ad-4670-8778-9243a7d5420e",
"value": "75931e00c81274b1c279d23dfdb0bbad"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "2220da81-abf3-470b-b701-2c54459f17ef",
"value": "76a8391c77723b06587f648dcbde07e9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "95866c6f-db9e-40f1-95be-e6a49cbe71b7",
"value": "775c0666a7a482ce664c72ed9195f120"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "6b0fa3b2-591d-4b75-bbdb-463f8d8eeacd",
"value": "7a4927e1a2aad1bc8ccef956130df0c0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "55f7d093-abd6-493d-babd-66bf54762e4d",
"value": "7b8d0b4e718bc543de4a049e23672d79"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "917168f9-1528-471b-a9fd-867da62aa665",
"value": "7b91f06584afdc4a2aa6edd9d04198b7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "a7fa7688-9984-4d16-8b16-094e93cbcb11",
"value": "853403bd5feea1ecf83e812759e1ccc7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "254369dd-0307-482a-92af-8a76477554e0",
"value": "8690ccd36c9d63b63e8d0278f0449e3b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "144e0dc2-9e85-45f4-a430-0e51c272a973",
"value": "886a8ded2ea2f35ee009088d2c24dd32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "c44aae78-7d61-4a69-ae69-88f0401c72f9",
"value": "889e8b93ec0c16ffac62ced220ed8e30"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "089e6102-9ce8-4eac-b3ef-cd7032e9089b",
"value": "8f4392f839152c9614699048ee4fea11"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "0b6c987c-0fde-4255-bef9-917de3899c07",
"value": "953d5a3d8e00bbd2dba08579d95c61dc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "c4897277-405a-434e-a939-e607c736895e",
"value": "98bf46542e3e9daa280ef0b395a7dabd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "88d60c23-a955-4d79-b788-26ab8f00d1e1",
"value": "9a57a80692012878fcb463f41ce6dcfa"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "4bba9aa3-502f-48ff-8dfc-67dde1396bb4",
"value": "9d50143836d41726b6564a524453b868"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "f1b5bc35-f06c-4fa1-bfb0-cf515970eb5f",
"value": "9d9da1992f63776e135c1c1215ee1741"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "f220890c-3da5-4049-8ff6-1919dbd9e1aa",
"value": "a027a4f65e0b0a83eccb56d9047347bd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "41c2d23a-8616-4dc9-9d1d-e1f30323013b",
"value": "a5fd946bc7e8b12cdfd207790216b4b1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "d7e1e016-6900-40c2-980d-28de5c0185f1",
"value": "a6d8cc18af5a983b4c1a7f4838780b01"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "5ab60ada-72f6-4ee6-8c70-448ba52953e1",
"value": "aa3f386f10864f46a09610d0e03a26b5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "4110eb3c-7151-4af7-9455-1ad78326c690",
"value": "aeee6b71690a1df75792fcd3d11b8ede"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "f346c00e-6fde-4248-91fa-a9a67b37de17",
"value": "af8de58e3538fcb40334109bcd571939"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "5ed77582-dcda-4684-9ef7-01109aa12589",
"value": "b397383ba85fc726b424aac26b42f6ae"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "2f595a12-a02e-4039-a0bd-dbeab14ef291",
"value": "b651f7dcfeb3e304f7eb636000a6b935"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "d6e96feb-2a30-4639-ac31-8f78e70bc216",
"value": "b895d34958be7565888c15a51e0c73c7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "63568403-a73a-4c87-82f0-950ee3ede427",
"value": "b95ba7fb130f95ccae13c54312a69d36"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "2b6a7b7a-fd60-48ae-8bf0-ea278cbef19b",
"value": "bac7be7eebb8670ae624a0179a366148"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "fd8d86cf-23a7-4838-b1bc-1559b8f516b8",
"value": "be82532aa428dc5f30107ccfa08da8c6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "c9dc5a95-d3e0-41e0-a945-cc607e4cd0cd",
"value": "c43c50baa3271b375298847bf6a7fc13"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "7ad4a34e-2a37-46f4-84ce-90976c4cb400",
"value": "c4ee082a4ce704dcb3145e2cfd47ef6f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "ba332311-bf05-4304-9617-33013ae14b19",
"value": "c7beb386813580a4c4812de3ee1aa429"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "7f9731b3-65fd-4e43-9848-479fad69a55f",
"value": "c8ed3353ae9c8b84ea7a9e81d2828193"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "39f12b09-de32-4286-a719-357820210485",
"value": "c9c001c45b2eecaee9704fb21e731ac7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "98aa575a-c55f-4537-913a-f1a1675d4087",
"value": "ca09b19b6975e090fb4eda6ced1847b1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "39050e34-8126-411b-95ed-8d992a52b4fd",
"value": "cced9e8b1a99b9000f4b958f13b164a5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "f9433089-0d22-45ca-916f-361208019432",
"value": "d32e387d60a18fd90c4854f167b4df4b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "203192db-94aa-4b42-9dbd-f35c6097d6d4",
"value": "d43e6ae895039108cf68a36140190b0f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "08913795-2bfa-4725-88f4-2e5a5cbf8ce1",
"value": "daa6ce148e2b8e5fd694183338db6ec9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "7001f3f8-4f2c-43fb-90ab-12c5f7682ec7",
"value": "e166ee1de912bf17453d2da1dc06fc6d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "b9e39258-11e1-4551-bbac-fc1a037a51d6",
"value": "e2c3a6bcb015e2e5137d4a46881d38b6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "e4db7983-bb01-4b32-a0f0-048bae836fc4",
"value": "f0960552876da5ef74b8ece55116929e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "777c4b13-23b9-4769-8f66-ace2ca05e733",
"value": "f2afcfd2ecfb3ea3261855ce1a4747b7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "b3a17b16-0a0c-4f47-9466-eb6b32a1b9bb",
"value": "f4a8605fa09e447108eb714eccad57d0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662625484",
"to_ids": true,
"type": "md5",
"uuid": "996583d3-6fc0-4590-9660-a78005c17c5b",
"value": "fae63014d33efe844a25f2606de900b6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626074",
"to_ids": true,
"type": "url",
"uuid": "9833203a-742c-457c-a0af-2c0ec40b8a86",
"value": "iplogger.org/2zaEa6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626074",
"to_ids": true,
"type": "url",
"uuid": "2ef39360-f4cf-4f9a-bd28-d31eecec3e55",
"value": "bit.ly/PDF_MicrosoftOnline"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626074",
"to_ids": true,
"type": "url",
"uuid": "f9280570-9b96-4d97-828b-89e219e1dd4e",
"value": "cdn.filesend.jp/private/hTsvHkbWaUSEZ7ilocBGMTgumxqFmSrVgF-9Ht5LL6YCf4A7Eu28rIxdbo-ND_F9/Chimers.gif"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626074",
"to_ids": true,
"type": "url",
"uuid": "e23100e0-193f-4a6b-83f3-8ef60f18cd5e",
"value": "4sync.com/web/directDownload/QHZsERS6/rHb0lMWD.f2e6a9154ab6cd29b337d6b555367580"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "b127c26f-b5df-4796-b55a-246fb7b798a4",
"value": "4sync.com/web/directDownload/rE33SDmE/iNXXJkWJ.4bf28df12d9e7d99bc902edb6d23c6e2"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "78d55a9c-e532-4cc8-85b3-ee6073192cf3",
"value": "raw.githubusercontent.com/R3mEm/vox/main/vox.ps1"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "0464f6f2-8364-4e44-afd6-c6e54c9845f9",
"value": "paste.c-net.org/CookiesEstrogen"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "5fb34be4-6d6b-41c3-aa0a-4808df1f97b3",
"value": "paste.c-net.org/ExportDeposit"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "e44aa48d-4234-4069-9693-44e256292f3e",
"value": "paste.c-net.org/OrientalAntonio"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "92cef6d2-0787-4b0b-b253-13f4364cc4cf",
"value": "paste.c-net.org/ShaveDavie"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "20853983-889a-40bf-9101-08a3e6f3e0e4",
"value": "paste.c-net.org/SidingFatigue"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "8bdc0c71-7905-48f6-a50e-2f47a90d92cf",
"value": "paste.c-net.org/HearingsGuided"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "4d58fb8d-8178-4d21-bc43-1a62c90c0b44",
"value": "paste.c-net.org/SelvesGangster"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "a632f7b6-0424-4205-8bda-8076497d8456",
"value": "paste.c-net.org/StaceConcerns"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "42dc3e4e-b77a-4125-b6b2-a8957c0c77a6",
"value": "paste.c-net.org/BogeyUglier"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "fb58970a-3ecf-468d-abbd-967eee1f0a86",
"value": "paste.c-net.org/MuggingFunny"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "d7bd3aa2-858b-4b17-998d-8dbb6674bd01",
"value": "paste.c-net.org/NelsonTasteful"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "01d771b1-31e2-495f-a0d4-140a03ed4134",
"value": "paste.c-net.org/ShaveDie"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "db0999b0-7dc9-404a-aeb8-3b8ff5ef120e",
"value": "paste.c-net.org/GiovanniKismet"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "be82520c-0e2e-4c67-bbef-898eaac24def",
"value": "paste.c-net.org/TreatsGlamour"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "969196a1-47ec-4094-ab9d-21b41d2f0b38",
"value": "paste.c-net.org/NeedlessHorton"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "5ec38f89-5c2c-474b-a25b-9ae6b3549e37",
"value": "paste.c-net.org/KillingsSucked"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "d8bd94f2-c6c1-419e-aa67-b3af2e8cc8b9",
"value": "paste.c-net.org/PuckerStake"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "68222d21-ef47-4ca4-8351-5ca71c19f3aa",
"value": "paste.c-net.org/AliacesLorean"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "fc4c38ab-32cd-4691-a113-bf9ba6d26ff2",
"value": "paste.c-net.org/HazelMagnets"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "url",
"uuid": "6a6b0bad-44af-4abc-8c31-cedffef0b8cb",
"value": "paste.c-net.org/AliasesKorean"
},
{
"category": "Network activity",
"comment": "masquerading as fintech solutions provider Inexa)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662644030",
"to_ids": true,
"type": "hostname",
"uuid": "993bad72-cfa9-48ef-b0a0-a8ee93f3f59d",
"value": "paste.inexa-group.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "hostname",
"uuid": "17156707-a88c-4348-a3e1-6bbf194765e2",
"value": "press.giize.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "domain",
"uuid": "76777c96-1efd-4fac-a887-944a31ef954c",
"value": "tf-bank.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "domain",
"uuid": "6f7a23e8-beaf-428f-aa38-167c0e78d6bd",
"value": "aeternam.me"
},
{
"category": "Network activity",
"comment": "masquerading as NED bank",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662644003",
"to_ids": true,
"type": "hostname",
"uuid": "24cf75f7-912b-4c62-bca0-fb51af08bd33",
"value": "nedbank.za.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "hostname",
"uuid": "2f5a1bf3-5f23-46fe-b6c4-f11e54d0c196",
"value": "nedbankplc.4nmn.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "hostname",
"uuid": "0e867c18-06df-4ee2-9e36-6bc5d5b74676",
"value": "secure.graviom.fr"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662626075",
"to_ids": true,
"type": "domain",
"uuid": "dff5c507-9d47-4b43-9268-2ff54e4b729c",
"value": "i-development.one"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "8e8c8838-3e91-43ca-89ef-79ffd907a1a5",
"value": "15.236.51.204"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "c785bb4c-51b2-4c48-a227-ac66b231663e",
"value": "3.8.126.182"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "6002f131-eafa-477d-a8fd-2fa464db9717",
"value": "35.181.50.113"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "658a2368-3f38-4bfe-b626-3db211c8e6d5",
"value": "13.37.250.144"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "0636f5d3-80bc-43d9-8f24-9ff08f9c83bb",
"value": "13.38.90.3"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "53a38b52-2461-4dc8-b256-65af11c54a61",
"value": "137.116.142.70"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "42b439ae-5ed3-44e2-9231-d7a3af92626a",
"value": "170.130.172.46"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "7e1615a8-5256-4fb1-a68f-58b6b5a65c2b",
"value": "192.18.141.199"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "a45adb82-512e-437d-a581-1df773f04833",
"value": "20.70.163.11"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "efee8a4f-c51a-4fb5-a1dc-205f24814df9",
"value": "192.9.244.42"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662627325",
"to_ids": true,
"type": "ip-dst",
"uuid": "389d51c6-6c1e-4012-a28f-e7b33b5f5e12",
"value": "20.194.195.96"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662636914",
"to_ids": true,
"type": "filename",
"uuid": "29f79d2e-316f-47e3-93bd-3e2f8387093b",
"value": "IMPORTANT_2022.lnk"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662643862",
"to_ids": true,
"type": "url",
"uuid": "c4c41f6b-3abe-4375-a04b-15dd97f7347c",
"value": "https://3.8.126.182/minom.txt"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1662643862",
"to_ids": true,
"type": "filename",
"uuid": "6ab11ae2-1157-4586-bc2b-731b488966c8",
"value": "%USERPROFILE%\\source\\repos\\Billang\\Billang\\obj\\Release\\Billang.pdb"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Metadata used to generate an executive level report",
"meta-category": "misc",
"name": "report",
"template_uuid": "70a68471-df22-4e3f-aa1a-5a3be19f82df",
"template_version": "7",
"timestamp": "1662542302",
"uuid": "93db2254-c80a-4d20-9470-32be06567c8e",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1662542302",
"to_ids": false,
"type": "link",
"uuid": "61ac2b94-bd26-4b06-8e52-361c0db63f27",
"value": "https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Email object describing an email with meta-information",
"meta-category": "network",
"name": "email",
"template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552",
"template_version": "18",
"timestamp": "1662552527",
"uuid": "f9642ff6-c0c2-4ba3-841f-bdd86b4ec7cb",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"data": "UklGRhzxAABXRUJQVlA4TA/xAAAvHEOVABFHbttIEuzuWeX6/4P3qsHcI/o/AbQTcizENpNuVl5KdA2kBSTUob7mMjDaaU8hsWJy7sQ5SdsWilQCn6nz+Qm6PkhSg7MOR+4G2wY3ifvYGOOuEIKwUbNoO7rmcJ/Ydim2BSZcpdi2XI/UYlZCjAoQQ64lj2onQkKCwHXK+UiWfRjt66Tz/wWjIcNkQ4CElRv69nkLl/nveHaZOgkkCSSEeg3IAVy/yxu/oGDs12uRkE3TfjNs7A1WywNuLxO1lrJqIlm1bdWOBsEvcffsWFlrEw7V0v//EneX3r3PNqQPu7Vt1crA3d1X3hdWAP0X4g4nLxu3mxfJjiQpkhWnOT2Y5VYpFfLlPT2Gxfj8x8z86jEzo/o/AQJCSEBX519jcmx9n59d+TMsGk4nG6oqCICO+dWldEKbixwulsVmf0GgKISEIdH0BEEQELbI5qJVX14l8HtxwWJ//8b8LvMfbIKF9WkfTv4Vb88v/d5cOlxkdXnkXo/oakAAznkXTOLz4XbX9zSAaepRdwcoYNh06ztLXQ37I05d2TSJEIKwtLq6hBBjNF1BABAgjJm+6bgaTN90dfMznY/tWMtHM37Snzw0XBlvWkIztjjNQmv83mR3EkClBRYQQkJAKATC68vtR236wfN0aGh+di1waPLZYz27bRCogQRUPgD1EOIeGWS90v1ICOE1lwihE0K4xQU64QzhDo8JnU4Ij3lO6IRO5yUfCSGEO4QQOhe4RgjP6fReQfaxzgrrhBDWOcA6m4SfY9B7bNJ5MMSRUdwidDQxN3hJCH9Jn2tcI/znJZ3wkU4n3OIcVwghPKZzjnCKTgjhHp2XjMkYhPCYjMslMilPCeECGaSTcQhXeE0nvCWEl6gq4RYhnOIEpwghnCtTn32IsAchUgohnpLhSvcnjGFRCG3S7ABgE5sABAAIAQBCCBAAQpsE0wsI3TrBwt9DP/rx/0McWs+orFFWZVVWpZORnc1OaqzKYCer0uukCAQCgp6DMcZZRmWFgBAIiLEYQyFBmAuB+VgcmI+znOX5OKuyqgYgBACor8aM0fhPn2enExYQQtGNwigQHBwc/Pms0CaynFX91iqrWmuttaw2d9rQ9DeBUFAguB8KHSLLWc5yr7VqrbXWWmuttbv+0NoQk7MzQGggqxBaTC2mFuOsyqqsyqqsltXCgGYZQIAGMUIIUYhCFEKIoQfTQmpxHElu3Aww+UcNkgIhH9+ImABqsI6pQBJRoLAtBs0JBBCcxsVFNKJ2sey4C8RsQmV0pDGe7+g9W299wgAUBFREUVBEtQiooMpQ6XShj1ydK0hVVFRUQEUB1ROQU3kqyNIjVAQHbgSVDQNzyXCV4fLfZ87yhaCsYMPtTJLq2Mxk+i4HM1+zuU9qz0VUp72RE/P/7++2cgrPYW+HpEiRogolmhRFihJFWRYtmZIsW5YsW+727b1N732Wvffu3rvkoiuZlkRJliyRJkWqUqIo9t47efri+///D3kkayQS9/IVwAKY4gE06T7T5XRP4cICPAHMdE85KVO+6WcKB/BZ3Mb0IyBM0UIpU7SQAXMxxUoRMgLCxSEQpYeLO0WL6TO/FA1gA5k+o8UxYC1802XgpMjANDl9ypmiBZ0uAUyRgTQamMYLMEULTboN6F7ABNJsYJoImEAswOkRUy5gpkeLs7AWShGCaQbuL2WKJ30KBzAXU67SrSAnRUCYHg2gC8xJv//0exZM0QCaReMUIuBNV3o0AB1EA2gWNnCmj1KmGTgbBZimC3QD/ykKYKVLgFJ80mlgqoE5KQLklAtYA+gCIjDN02cMDFO0mD7iQhe4Sr/TO1O00MKz4GKKnR4HYIoWaVpMn/mnCIFuugagFzQwjYu0KSfFAZQeXmAa0zO9M0UDOIspTNEF5HR54UfbbtW2LUn6/7+13sdc+zKjsVXAamAls0KYaJJJ9phkqpnIJDGpzHhxjtFbaz8d27ZV20qfa58r575vuJORuYekVId6UAciakHuELq7Ozw7950VE4A3//93ctx8Z2bHm53Z2VnvDXYB7C68997dwgqH28P5gz0cPHjgeQN3/u7BOfjz8O4c4Q2BtTCH9TBc7/3Oejs7wX92dhcyAIbuUwkzuVAVuEgNKPTeSyE6UQfKWYRauFyuAETsRbEasCFDZa4GhmIPyhmrBkVekWI9jNjHpWqCzcjVdC3IpfR9yKsF1cIqFFKxHhXhmmCmFpgyY8oOLrtHqRpgLlPAFUGXsgxFV4g//v8NN/7/737OeOJMnKapna73+Vzv623btq3//J9tvGzb3n1q/Vz3WbdJk8aZaHTmYOD//3Dsat//f5zMZGJtslaPVRzWbq9ZXNu2rcfPtW3Wbu/W7mnXyConGyeTTDLJ4B8ToIv+/3V3K+X5P7p9Z++dvZNtcXdP2iRt06Rymso5tVRPp2eqc9zd3d3qPS6106ZTP21O29STtHHdcdtJtj/78efiSdKejGYH+Vz0XAR3y1qDuwYp7g4b548/yEg37vLHOcGtwyK4O+QgXWvjrsFzx/ojI+fBXR5kDNex4u5Q3O0ZHxxGsLAWIxv3kY27Q4fl7owEp5ds3OXg8Mfd3d21rOUOQUbKZXCCuzt/3B2KBHcp7sWDdC5wKHcbdy594+5OcOushbvbxt2d4HKnnYsMbldZC3cP7u78cXcnuDuMz+B+grtDcHfnf4E7viVJUm3bti0zj6ytD1jMjG9r4/9/BTPz3pN5jd5ryXA/km27tm1JUmt9rL3PuecZBlWwepmRxhqFMTbejAXu5TNs795z9pqjxwRog/9/vdy6OecsM/NqVyytLAstmWRLsi2Zma/DzMzJQ2a8aFvXFlqMllbkFbMsrWB3JS0zn91z9uzZs7vnnAfnrCywA1v6hJVhZuZE5dqjiR6F+VGn/3IYVG7IU2ZmbsPM6EplZmbPnHJ1GlQbVMoMD7l9FH5Urlxm2EeeXih5bphJbcCjUpgZNWFOisFioLRlJpWtgsrMzMx3JsyJpiqpXJWZ2WfyqMwYKnNDj8oYTpzhLf9L7lwoM3M9c8flNuSZssrMDTM9YnDKzMwMN2VuVW7DvmWGM1clbZkvlJk5nDxrBsvMzMxtONENPKAAAAAro3q3l9tnnlE07BWVsjKTL6O9++30f0bxf6Ulyae9f0sU0SBFwid7lXX3kVDOnXPnhrtz5+Z7JymSJEmS1GJIDJF5Xbv8QaXHBDgAVfz/gPNMDbM6CxgRKmkrBbO60EBllvmjupDjL74Von3jRLA5EUqcIST8yn9CgR/Ogl0ughkmwRoEBxPMFsFcsxAOhPIi2Ach2hyFfPhJKP1DQvTPzUKuZysMmEchAg6CeS5oQPXqOUq1gBDlGzcE60MwA8EEQyg7hGpC+LMV7EAwX4tghiGUOf8JDliFiLkK5iCUfIZgvUqIVLcJET4fwerHhLivo5D3Idgtle6YQo8IYAY2UB76Obkw8mFgIIgF9tDPs3tLz/jgVfmBzyDwOjwBFCU8DA6jQDzwqcygRgJwRrtPyyQwDISFygmUGq/DE52V/mFoiAROiHCEgbCvcM5zOLrieVSa1HIAcMaRPjHgd6vhdMK8h4Lo0B1H+zzXuFCtcoEaD04FrBYHIkNlAj7RwLNCEBE+pVflAYExgQrq81y3qzxgux4VhgY7+VQWYAlUYCUqVB7wBSoUG1Qe0KOCNag8ILCCVVOciJ4Vss+FYIlZiCqCBh4jtSwwlFGHIQwqtecj5PQQBgYhJwgRYxWKnZ3wfwj2cSWEWwTTmoUC+EsYqCYhlyK8DuFqgir82kIi32QIfD+jmLYYthhiqFFn5KDMMOVJhjyuHw15QYho54xK/j9BFtFPIKhKhTID5jxNtXK+92f8bjyc9tSqJsNb3H8rRybaTjGqYZuLOfsmMczBkgwGhApU7ffrMWdEheQkK1aSjTzXVwkeCq43GNumeke/nPiy/zDn2tkt03kRixkLVFds/qHIXX8/8wDNoE7yw5XtgXq321mPHCEVx1f+55+qAvU4JGw35wPBzdY7vkElv6GZMyaHyIZHaO
"deleted": false,
"disable_correlation": true,
"object_relation": "screenshot",
"timestamp": "1662552527",
"to_ids": false,
"type": "attachment",
"uuid": "7f2adf01-b1b5-4fe4-a70a-6f5834581efd",
"value": "image2.webp"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "subject",
"timestamp": "1662552527",
"to_ids": false,
"type": "email-subject",
"uuid": "ddc3df83-1df8-4441-93e4-ec3bd12390f0",
"value": "\u00c9change Professionnel - Discussion"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "email-body",
"timestamp": "1662552527",
"to_ids": false,
"type": "email-body",
"uuid": "a08a3537-0acf-477f-8dd6-47ec934ca00e",
"value": "Bonjour <full name>\r\n\r\nNous avons vu votre profil LinkedInm et celui-ci a attir\u00e9 notre attention. Nous avons donc d\u00e9cid\u00e9 d'echanger avec vous dans l'optique de vous voir int\u00e9grer l'une de nos de succursales qui sera tr\u00e8s bient\u00f4t install\u00e9e dans ce pays.\r\n\r\nDans l'attente d'une suite favorable a notre proposition, recevez nos diff\u00e9rentes propositions conr\u00e8tes en annexe.\r\n\r\nPassez une excellente journ\u00e9e\r\n\r\n\r\nBien cordialement"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "attachment",
"timestamp": "1662552527",
"to_ids": true,
"type": "email-attachment",
"uuid": "6a40c44a-12ec-4ef4-899f-32a7b71be18d",
"value": "TF_RH02022022.doc"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An HTTP cookie (web cookie, browser cookie) is a small piece of data that a server sends to the user's web browser. The browser may store it and send it back with the next request to the same server. Typically, it's used to tell if two requests came from the same browser \u2014 keeping a user logged-in, for example. It remembers stateful information for the stateless HTTP protocol. (as defined by the Mozilla foundation.",
"meta-category": "network",
"name": "cookie",
"template_uuid": "7755ad19-55c7-4da4-805e-197cf81bbcb8",
"template_version": "4",
"timestamp": "1662636982",
"uuid": "e1a08480-f874-40fe-ad5a-fd023f1abad3",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "cookie",
"timestamp": "1662636982",
"to_ids": false,
"type": "cookie",
"uuid": "1964b807-7fd1-486c-bf23-ecce189eae75",
"value": "SessionID\r\n\"$env:userdomain;$u;$env:computername;$env:PROCESSOR_ARCHITECTURE;$pid;$procname;1\""
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "cookie-name",
"timestamp": "1662636982",
"to_ids": false,
"type": "text",
"uuid": "0f43041a-6d74-4eee-9b52-4de525392ddb",
"value": "SessionID"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "cookie-value",
"timestamp": "1662636982",
"to_ids": false,
"type": "text",
"uuid": "2ac2346c-826e-433a-8840-01e56b28aa12",
"value": "\"$env:userdomain;$u;$env:computername;$env:PROCESSOR_ARCHITECTURE;$pid;$procname;1\""
}
]
}
]
}
}