2023-04-21 13:25:09 +00:00
|
|
|
{
|
|
|
|
"Event": {
|
|
|
|
"analysis": "0",
|
|
|
|
"date": "2016-03-08",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "TeslaCrypt (2016-03-08)",
|
|
|
|
"publish_timestamp": "1457428352",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1457428298",
|
|
|
|
"uuid": "56de9384-a9ac-42fe-9b69-49d1950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#3b7500",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "circl:incident-classification=\"malware\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#2c4f00",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "malware_classification:malware-category=\"Ransomware\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAApHaEjMAs3P7gYAAAMOAAAgABwAODI3ZGExMTkxNjllYmVkMmUwZWIwMjA5N2Q2ZTFlYzRVVAkAA7OT3lazk95WdXgLAAEEIQAAAAQhAAAAe4PWF3mr7QoPZP5LOhwPxbRjIcJPZqdTyQHMc/e+r0jo7gxS+8JgShKLG2aucVlsXuwfXsCcoYfsbvT9tOVNiSw5+DnvSt8J0ksdXhk+W10Oga5JNjjF6b6eBECO4dX8XX1mQFcStN3oQ1d91YIY++ttfrgDvM0/g7GNqefeUf3mEQ3/ER5nSDCnb6ra8d7XmBgTGuD+FrxoA5mUxcyQJ0sYPQ/hF2e7XPDcXs4KEmkGdT4Cx5rHDs2Ex+uY0OwQws2n80Mr01A2gxzgsapErGirwIiLVb8GwnLa5AA0ULBgOyhkKuyJHlmq9byuDMlK2hbGB0hGXcb+nhs5xf08kykSpy4De2/tUv37h1OWMBI3Gqh9gBwUduF6+uU5aNffvJ1UMiOR7TJI93WNUV9aPd4rw7EbqaaEaB2EAhnzG8lUsPjcaQcktHaIFQtV5iGw+OnUZ/vc7GrzA0EHlyMfdb57sZsoNXShClQguuscCQIa9W7D6FGZr2uzGCzbUP4NBuOoy47M29Q4Ws1wilGUGYowUZZEllt2/jNJwzeXacMD1hriBVDtLJLg8Bcm81xuA+lMl1vgt2rFBoRtcD/b1k6GmQxlWohjZ0ZWKDqsa8rdx1EQfYNbBeuscHy40jRfyrVHa9yqxfchHRh9xTrv42qaPksAmDSf4dB/2s0B9ojgUTYJtYD/eamq1byaH+Uzr8yTPXF+EyXHEX0zqEeCWjVNBoggRyg9U7GHtIipohsmeqkHC8aQBUJIuarAIsL9tgE5LL2wqtyhsa/Nb8Ovel/lUQZhRvmfFvK2WOr0peVd9lmSkHQ5Hy/D7r8NkchTHqeUhjref2M8G+ZcKvKFOV3sGUdIuwYIMKCprlsOV6JEoz5fQgX7pVbhrPFjRcwEEMwitgPdPXrRz7TJpIMXanwqoliqDq0wvi5OdNKP/1WVtgk4YVYtPt3RvE3TGMinNYnnVg6Ofd2S2ZLhLu8Cbi8mmTBRHeLLrN+iD7BALF3Z7x9KPcJYSl82c1MFM+G2l6neIBNp5MgnABjFU2DLn7wyEyeinkmXADfMrr6sPlF1AQCaUco2u6/gZxYKHVEyhQqCMgY9ouCYwDAZQx+KbzQBOtl/VtPWvHyY+l8q+lJQzToeybxdY/3E1hyKPlhgx6fDK7sPSkrePlcFMYEOEWCVD3Mu5OTfSMnze/JCha2rqaM/de7XJG/tSjpSN00qz0Gzfp7wgfz/U57WfC5muWf5/WSCDfsM8eEj+iaG4e1DpigHdKbY0ywBsgA95S/nYHYfhKOgefimyQfYsz+1BtY0wIAiz/7pyfmKz1XqR2C9EnY6xnl9COtugJKRmKhR1esf1rqolSeXjcZ6MUYPo0AujO2xAkYFqpfcomSKBhfzgarH1lxtzbDniDza0w02cbpWTY9jQuhYRIfjrxRv3Y8FKU+9jILCMU1KNHO66pfrCboCmz3/XL+lFjb55pq6/AQrCR5IFzIejCNuurNkU9LVV/bJTLkZmpdMlnnDx2/Hf30ZSP+2TH9256NKnFkRtIZLgVaFTtgdod+NJueAJtrRk168wfAaeieWygOEQ+Wl2r+q/A0ZBuu0T/5s4coXThIZBouhvMVfSS1TZX+K1Ld37JlIzP6C/Ms9rmTFN2iS/RwYWKVF7vv7pL+vlpRmRVE1gAc49ptPqglO6fkRW3hm1g0X7Ir54VjHs1XefcM+dxBCtAqZN7hCEVwcOGVXjyYpjrXn1V7UOh5oRGb2vQIRHTcEdGwcya57E3FpoOM6e/MGm+Bi4zOs61hX7NZUQkchvwl1HcZi5pq6Z3R5AaBrOAKbgGmYS6AbnVoehKJfzIIXGyWmUu6WUOc6VdaDZNHX0jcr+FA1DhHerAGQoYk+dRr579++CpSzlWSjsgOX11t2LlKUQ5/zJalwhqUNZeoQ2UWd3Gf1wowev5PEqF7tj912FunH/uAxfDwERd37bfS5FCrpYDPNaXgYaZNgfzz7TfzBlUjZtLLgPhG0UQd3spIg1At+xUttyEkJ4Dxtee/leQwtWv2BzLcjNLX9lgFOZtn90Iulk/K6J6A9DUPA8oeRbZkVd5LhTS8D/R7+qZbCglLB3SHV/AAJqUjjMUosTiWKLfFa25kilG16bcFqvEp1SxuEjJWsAoSEzpwQBvqsxUJXF+XijjuJ7PmK4s2L/pRFD7MVPLds3Lm5TqosYwpJJhcAgyv78qPGblMkoNM2ALDZt1kgZtFwIwccUEhqjnQ4Fkl3RwnnLWY6ta3hG4mf29pgPJWaQwRTYJkCJGw0r+YwNVvqIEbR3HD1oYHm8arkpVmpTs/DdurKe6rxKYzly7vcn1w/ksBKiRPTDTV5NBMihV20gKVfIFBLBwjMAs3P7gYAAAMOAABQSwMECgAJAAAACkdoSB9ei0MiAAAAFgAAAC0AHAA4MjdkYTExOTE2OWViZWQyZTBlYjAyMDk3ZDZlMWVjNC5maWxlbmFtZS50eHRVVAkAA7OT3lazk95WdXgLAAEEIQAAAAQhAAAAhwH8GmIWWcA+/2wNezx4/065Dj3LAn8rz8GUZfvRN2kN6lBLBwgfXotDIgAAABYAAABQSwECHgMUAAkACAAKR2hIzALNz+4GAAADDgAAIAAYAAAAAAABAAAApIEAAAAAODI3ZGExMTkxNjllYmVkMmUwZWIwMjA5N2Q2ZTFlYzRVVAUAA7OT3lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAAKR2hIH16LQyIAAAAWAAAALQAYAAAAAAABAAAApIFYBwAAODI3ZGExMTkxNjllYmVkMmUwZWIwMjA5N2Q2ZTFlYzQuZmlsZW5hbWUudHh0VVQFAAOzk95WdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAPEHAAAAAA==",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427379",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93b3-ca08-4846-9f10-413e950d210f",
|
|
|
|
"value": "invoice_copy_ndxafk.js|827da119169ebed2e0eb02097d6e1ec4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427379",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93b3-81dc-4c70-b7df-4434950d210f",
|
|
|
|
"value": "invoice_copy_ndxafk.js|b103db98c8f6f60dff4800fc6a913e8ac3435f68"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427380",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93b4-3390-461a-a186-4521950d210f",
|
|
|
|
"value": "invoice_copy_ndxafk.js|7c0ea0629ab795ce38f1f7260c0de24a50f3654dfe883b4c701777a016a7963e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAAtHaEie2ZDr5gYAAAIOAAAgABwAOTc0YWM4MTI2MDRmYTFlMzdlMzNjNmEzZTI1MDI0MTRVVAkAA7WT3la1k95WdXgLAAEEIQAAAAQhAAAAxx7mWdRw1pUCgT31Mjl+mVcJK/GUnNsosQWFzYHucbLvYlr8SNh6/131LO6Kap7rO7laipSLm8RH8YVbDqqialvueFhWR4XKB5Lz6xnX115Katf3H6TrohR/afkAqc74DTVxRLOHO12VtGA2h2sRo/ZctY35uAs84M1y4vIr4NGFtyX89EQtBWt02a0St5IpVqDNmnU9//Pp9F2m0kUQ6PH4IX830a8A1mknk3LYFyLVSp79a0sVcUx6cibCOeh70QEYgaM+odDytIl/9YKyZ9Vlmsr6zNXv3MYMiEJ7aU2Z22hErV0poUZYd/LLBW6bdrHd02aZFIaKObHh7DAAKX1tLhKglwACBFWRU4cYelnGy3IINHDR1yKpPLvLzYGBLtYfriTWzhmY5YYVwnIeG6sZ4DPceVrJ3hzD9v7yBIVCCYsrUHATzXMf9qut2ZNjHtE/qrAFkf+BZdwfZGDqRekns/FQM7t4KxSdTwT3fqLygH5FXGafZbzo0xPirGpDwZlT8MaSON8XwkXWQC2MUE8gher0w1Huj8tRfTPr5pweAo1auvshSqoLzoyHg27F8qxGV1n+S16GAW2Q3HPThwNqcclvgh+l+l0lwvQ/oSE8Ro6DF9SPW+/hKHBhc5lHgNl35+4PH4nw0wSPkKuiGh2WkkW4HZbWeKAQ47w6IXcvXJkDrXNdlcRLTIu66Tuw6+6/vaTRd1TJe0kTWZp/hgXHdrHul9DwoPRJ4MDNhbAHEpixAY8D1T2QeBWmuGQe2FR+MMbPW79Bgq5IbNL5ZeQwfYWDWJesFTEz4N4rO4UJZ/fKVbZ43ByROn5uNbJ5QvENZz98zaHmD8ibwlTj8h/X1eOonA2JEysVcFjK4zUHIiW6s4TNwuhqVmANorQ5AUnvrXuQWwYM6jiFnuKnuaBCZzDEDgtkuOGDJIgLY22qZmVK/YokoHK8mgF9yk5ILeedtVNZDIMqu2EXE4LTiIk7h49ECDffe572cLBO4FveLhrsckq+xJzKklZD8xmc/dp8vCL/3Q/OZ74j5RhVvTTqmunai1T5Bvwce/5lZ/uIyjkmBN1cv1ET+sI2nLKZG3Vz7mBVclnJKeq24ZOGitM/RfrnVZlZcB5yHrYS1lFw+wfpIgyh1y7ptk3RJBZSoLPlYapuwGN2BTIzfNgFjtuYlQVfqpEs6qNHF7+QYUBGSe0goTwQtCWcjGjQkrOQHcUb1kGQYGMut7tIAPg+rzQWVe1y1Z9L0D6S0QNJjKKT85M0/2uJO3e3EKsMYBYl73EKMLFrRYVnj38COWgbcNRUAfK/b4J92vt1nLM+LdNhOcbmlTnxQB964tRcn1AoLRGDVnN0fTsqEWS9d33mmX7Bkz/18vG4Xcu59/8qShF643Vq/HtG3HChwvlwrXAU2hpgoy2f8A9D3EdFHRt3KARbCxynk3GabhYB55WtC7eBDPU/B+nm+km1I2Z4IqCjW2GUXUQ6Qq7elignOZbPBpwsuJDxQqKdLTNbWNlCZWKronv0z0zXrmF8NPjq9E+nEm00/VHzdnM75KOYlp1UgJ5RFowONfDf00KgWU6lu3PaTouNmM3WuJYT8U2rWuBMH2nmAV3HohG4HStublACtuOIpjPF4Zt3ceLGL8St9hH+puOiXHzJSe7RgArvznth/6jUpf5TsRjCFjOaDqkted7lysQlNcXDpmDHBoBd+wj6Eskf8W8sNV8VsunrSXOz6UxO78y9U+VEwk7/QvbSaNkqqNuBUtjnnErwlPJc29w8fEL/JzpLMlcNUFwV550fNDyRGWpIoYF9GSDN2JfGjHNBFHahBzQ7B9W4AHOJ2VdWHBd4THg5L7tqDY9jFhEvNF0EqUmUr5ZgMwrwbryGEs8f/VPDiOmGpNBtMZLvLEvRFPgMusaeBMjUN97HSEYv87V9gS85NoJ05P666avMM5misTfMdojR/6TkBDx44r4YY0vSUM9govuHhXdf3lhve4er4RepzhCJrO5wXW1/DTP2keEDSj/ShzJmTuAiKjQchgQEjTxydHfTq+RU68aKrfVVH9g7EqU0yg8gvgvly3a6IUULsBEgKUTHcwPwVzN6icNOJXpV/EeJLgka/4lu/yT8btRpW4tdfIle/+EWvDT6TayC5chTd14rVy9bsaKhfM+YEmB8+4Fig1sK3kIVDqGcOy13rHU3TrqJP3iGE+sYogK5Je0lyd8V+QM2NAHyVLFh7KHtOI0O/65IX06l3V5/AAsCgdmi+h6ucA7lZBErjzi2pDUurKw43LQB0UEeSh8mqcfw0vUtd3wEwreK+kgSs2SYsnVJgWdeNemSN4/3mSxP4ZavMy8BxDLvr1EebgHTBqlQSwcIntmQ6+YGAAACDgAAUEsDBAoACQAAAAtHaEgOKgTVIgAAABYAAAAtABwAOTc0YWM4MTI2MDRmYTFlMzdlMzNjNmEzZTI1MDI0MTQuZmlsZW5hbWUudHh0VVQJAAO1k95WtZPeVnV4CwABBCEAAAAEIQAAAJqQ5gC20DO/njwkeHGN8QXCEfIPLfmnFVgVrxzwppa7SgJQSwcIDioE1SIAAAAWAAAAUEsBAh4DFAAJAAgAC0doSJ7ZkOvmBgAAAg4AACAAGAAAAAAAAQAAAKSBAAAAADk3NGFjODEyNjA0ZmExZTM3ZTMzYzZhM2UyNTAyNDE0VVQFAAO1k95WdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAC0doSA4qBNUiAAAAFgAAAC0AGAAAAAAAAQAAAKSBUAcAADk3NGFjODEyNjA0ZmExZTM3ZTMzYzZhM2UyNTAyNDE0LmZpbGVuYW1lLnR4dFVUBQADtZPeVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADpBwAAAAA=",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427381",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93b5-84f8-4c17-ac06-48e3950d210f",
|
|
|
|
"value": "invoice_copy_SHwPIl.js|974ac812604fa1e37e33c6a3e2502414"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427381",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93b5-78f0-4160-a4d3-491d950d210f",
|
|
|
|
"value": "invoice_copy_SHwPIl.js|97c1dd50f5f9114bc4ac9f33546c82e0d5b7f157"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427382",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93b6-0488-47c3-ae8a-447f950d210f",
|
|
|
|
"value": "invoice_copy_SHwPIl.js|27438a6606e3caff35f77fd890b72b4a3fe72ed64a57786936dc5a8a9763fee9"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAAxHaEhGV17Y5gYAAAMOAAAgABwAYWM4YzYyNDA1YjM4ZTcxZDE4MDU5OWNmZGU0ZTkxNzZVVAkAA7eT3la3k95WdXgLAAEEIQAAAAQhAAAAe4PWF3mr7QoPZPgW7ebifNkmwmZ21Kh88xQ9zabnwTnVQWoxBgVQrVk62pAmwd8MmS6c5QXCpSXcT7iGJraq7AQ8Wn+vSfOEIBompKeeJxXSu0ipH+7NGvsgG+K3UFc0MiHbRYA6+I2Ibj8t5PMWN4OAKmM0omkOYvpGKGMlIXqQLO4FldnVBvPWCDycKo+mbAWoc6nq3RC5CctliIwjPTuJAhHfLs61ShJj4QjQOXcZY8MfP6T5NkflJQPzRQs5CqwS9HR0Yw1KIhUqryQ4Il8u9+c70uEiLeKDMHjmxZMIYQTLJAbByTZZrw9FGdBY8kdZo5Qz7lz0vuinyO35Q1AORJCrqEHFZKwKbw1xvRKLTY4n3Zpis1FxIq/HCeuxb6AEBuvd46luxGXhUg7EUj3BJi+KLjTA9+zH033C1VWTr08NdU3d6FTKLxOn3RrkljseSd5/Dw7aQ5kYl8e5iuAZrFm3A+DpcSyff88P6oMvuw2/Xn2MjEM7POJgcMMfigVYBF8C4PgjUMnBC+xu1QaNmt5T2UBj5sDUU+6TS9wsSoC/FwfBGJbrPD4n81Lw58n7a5jyO8Ct8A5i19uDrlEAcNh8SVO0Sogcis5AJ8Bx62vQcI3H+2NYI/0rt3juanSUe0g5DJjGrVnNIDaWJ4iAkh9cvzBdloyTVB0FQbGuCUGTf8onf8jChhmEuWf6UBaHsFT8VtUaD7g7WWX+BKhFgQGPeORozPEEdPLjAsKkdQP9cacfsIyyRhzfrXkCQP+x6gSxCTgbo6K0PJlK9mJ+PF40m9/e5ze3hxmtpnmLLdURIURIFVfCcn1Y4OBGmFkzjJpbG2GIAsLPUGxsbu/gkBQAYEH81nyNU+IOZM5zIT77kWV58XfMPUTJbXI6aA7gXfg4x//6SFlBTuvHHH0cUvruWVot8xD8VQdXHkuHiF8NOo3DEOmkUiFnWCBIYU4hfFnbkB+c0Qos83SnC4ug9ZaUrmuP4r/vTL7YW3dbP9K0zu/ywzgf90QWhpIOON716aeIpvyjF2EqIVXfBixrmwaGMDi8JQGvDaI4hsZKNw6f3hPhysChSVt47cL/aExC1yQKpgTGbALGqjY0CziE3qUxllEOwKvJehQu1vuPyIweO+mviGfkEYeyQjyofvQD2zX7zgHWCwT5y6MAbJDyE7FAyTd/2tT0jl4Ht/LIB0+fhz/s7sKHK/Uh5lUuqrTubye37BfEzj0BV2VUT3JgSsyTAZNNhpO5DEwq1gPQWPHDro9YI1iPpgOpBeLoSZXTAgYaoUY2KOj1Q0oGCLJ80brh7sS4N5g2nGmauS7j1iJ0DbqcFyoG1YoA6E1lGjffjPHlaTSjxjH21Xogm/IT1DE40oAS4QR8lyZQCsi027IibV83ps+/b1mwD0j/Zc3eL6DgEvE6BbFaN9Xfe58rp+cHzU30CM/shTF+ThRGyosOYwqe466DX4s32tFqokz77o3eWwPtx3AysJKw6xFVFwDY5MdUNZCkRPB3cDm1k661f0c02CEM/y8PqIRfYKfKz5x8GPvJ9qBUnSIaWkuJQlyZx3P+QLgUzkuNJ+xLlcQ6DACcU52N8W42QlVfrFw1KgjqbWLjYS+XCwieInzZFsiybSbOGspVRIVLK/2RuEHkKGp7nZuhtyvJ9H6jwxs9P4XkI2aVYg0L3DuwRN0rR3ids93NWi0Ntm80l7Ixmw+LrJiw6JC6ZOc9xTXHTyaRvclHf1hyTDnelCm3u2wnAa4KUNCJtfeSkMVy6WQ7oHQuxOfmvSh8ThjqezPrBUEEQ0mUtBT0F6CG9valu1cWqSrUGyA598xZ9DE6l/PN5b3ggv3Z9kim8New23LE6yOQiTMGKJVfl2JBu7+q15hXxlMtLXbR6NezVQSsUqVH8SItsmR1DoASqnDJ9Y9fJEvNIYVrKw4jIYzCJ3dD60Gdd2GvQ7ywkQ9HpcsQjBdIAYDC4quC3heUp7Ky90X5aSWDCFMunL2M+3clcRPmfTEzV5JAlrG/MMmWSOBwcwGVlsh+C5Yr1kTI7lbX0/Gt5FbN/h1djlztaj8Fv3e6DvjQN7FEbYTFvg/i/FTu0L94VZZkK92YvUgyvpFXgYwmHjM2T/kp81iu447IDzJhHqnOCe1zet9E4d4u8dVGOWA4+4Y7oYElpJvsKcIjqeko6dr7AlzXV/OQFrLrh8o2HxK53FCnC3dv1mhKPWVUQUX3c2cR9bIZDGbkGKnMwQ7dp0+FvqzKKL5+Xld+E8WksJlxgQcoKE+Z03RqRLxCkUi4x0kd9mOOOhaMUTcERJz3CNfWfKAzKH4yjYGPRnLrLKtd374JM7RmiwBfR3nk5XfNz/R/p9RQSwcIRlde2OYGAAADDgAAUEsDBAoACQAAAAxHaEj6fpQDIgAAABYAAAAtABwAYWM4YzYyNDA1YjM4ZTcxZDE4MDU5OWNmZGU0ZTkxNzYuZmlsZW5hbWUudHh0VVQJAAO3k95Wt5PeVnV4CwABBCEAAAAEIQAAAIcB/BpiFlnAPv9qlR2cCtXaYxBq10Pfu5DTfJbZ01PNqgZQSwcI+n6UAyIAAAAWAAAAUEsBAh4DFAAJAAgADEdoSEZXXtjmBgAAAw4AACAAGAAAAAAAAQAAAKSBAAAAAGFjOGM2MjQwNWIzOGU3MWQxODA1OTljZmRlNGU5MTc2VVQFAAO3k95WdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAADEdoSPp+lAMiAAAAFgAAAC0AGAAAAAAAAQAAAKSBUAcAAGFjOGM2MjQwNWIzOGU3MWQxODA1OTljZmRlNGU5MTc2LmZpbGVuYW1lLnR4dFVUBQADt5PeVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADpBwAAAAA=",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427383",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93b7-b048-434c-a591-4a21950d210f",
|
|
|
|
"value": "invoice_copy_ZHLuVD.js|ac8c62405b38e71d180599cfde4e9176"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427383",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93b7-8180-4732-89dd-42ff950d210f",
|
|
|
|
"value": "invoice_copy_ZHLuVD.js|77aed06e9bef5f9f91a95bfb1c961740ec7e808c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427384",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93b8-b3f4-48c0-b62f-4df9950d210f",
|
|
|
|
"value": "invoice_copy_ZHLuVD.js|fad1ae0dd73a06b8b28f112b3d87103e2b8f10be754eb13d607d2266fca7bd63"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAAxHaEgvgN9V7QYAAAMOAAAgABwAZjIwZmQxOThiMzRkYWE4MmIzZjg4MGNkOTFkZjdhOTRVVAkAA7iT3la4k95WdXgLAAEEIQAAAAQhAAAAo5IvtECb4DptW16oHoD7Ra//eSFr+YDtMUZ2H5zXzuMtAa4wRDfc8hNY38I43daBoGMZQq+wXFyJ9gt4KfG/a1Y1QyR9wgEwymO0cRJqwej23dmo0colGYBU8HRsxWbDup9LghVqCUvs3rkdf0gflGZouqyuzwqN2LdMWMRjFTryMwfXQKweGuegvOtWm9AMYHQnOT8GwGfAXcTCK2xLTN6O6MaeFxPdhLdJLBbuO0u3P0Yo94KLcdzRMPxkDT0aWFyUTK2PkWbDjAJ9/hkxgEhh6KFK1hcraYOr/J1aGFkqjYcP3iTmfKWrx5j3nmEw3/iLZVjdcsUIsYDshYquEw1dqk6ebmSE31ki53adYX495Y7AqN7BqtC8mCGSpsKI/0RBuxhQkCZB8XC0DkeYfd1Hd30X51cjEbDu6BEkMVXYwbq6wQ5Qa3S7n3ulnXlh6rbGCR1atJTLP80jvG7mBgXpiylG9qeCFbSUIHK9BnvdtDnBjPUv7FQ7+qNGz3rK02+HPhlRxazP7ZRGIFGvBDkWCrxS+y8PkPWoiXdcWEO1D0xQaJmFInHQKMYYu/EIPsu5HVCP0q/0VqCR+KDh2LTtNfLA1+WBz2/BPLRf9eM80xOvlwnRuiVE5MovowXtJF8DxVUyRfIWHLf1Qg6gOI+yfU2dPEddq2vszT50PTXArAqagHEOQV9yow147dqrPXxH8JHW8ugTGyGWHA1W/zHD6DTe6UAnmY3paLVYkkwe/94tbIoMaGHKF8t2i7S4OPcOp4/5FkB0uCYu2y5NKM+C6m3ItSKND0ihEkLqbXnER9IgEhGicRQTleyeBfeDAoGoy1mLrmyOLl+3GAPZ9yUjFLiPMWEKfHE3Kx7WfLOqtT9Ej6rWPTSbg6HmCVhtY8Oz+jnw7nrNPAuRoXUY1N6uFrxQuH5EDsc7fq4BnrwaF/4idKkDhAxinHCzWpArtNiVxcJR/upOk0T9KI7cnLQdfiqE7YbiAgC9rq1eUXCaHP/q7k98VCNXT7w6qH9yaSDQJxlYz6UFvEyXF3gHGlqkRw9YgVla+6XOaKOu+NTseFSUetF6WlrFuKO1GrlT/tJ9c+eBRiVlUnQ3hsGAJ7Cclx5UuNlS9/R+XyEo2BzzYbYi4VF9kLPvo0Ngvu1NiT06D+hPXNMCKQmED1gkvfwQ8Cnx3DImfE/7GHpx2KjvHi9dsQ5gpNaLAaozY+H8/JKSVUP5pKLEPmVpAJjIQbQXIOWS8Cmx82w3tSYRSAltPLmsfVwp51yW7ChgSS9Y+j0SWEDfE8bxYP6qg3Pmpn18mJ4k2V4FzhglWQllW81BN9JfvonSmN9ytsz/SvJzwQODNQCnrjHr0ayteWgBx9ooswwSE14hL2DUzDINUIMdn41fPT53ASAvUPyxkOYNKfeGm0fiJNHURRsCtMPzIyedTc1LC9tT8qaJgT59jmmJwoeDlyY0MlfCpJA2i5mGA3pWOWeIQAEV6sOJOG2U4fM6oCbxTqRkEIylFidA8+tCL1L0AQq+DKEWBrlTlAPyrdNAasA1+tnkfG/RgP5/pUu3O0JyolKYDCMQUk8b3Z3V1eQITY8JfqvnmS5DHRrKO0B+6nY2RoJylQHuY5cmPP6xJHLQiMu6V5tziDj7CTIL5NYJtI4rQHVhqxEkLcSBhyCALwWv21DR1bgSYFWrdjCjlqigefo3UzC3O9AknM0YCKXkcq3+GHKWNCdr7RwpjoemGni4wMXmb8UvYVV/r1t8dh7ZianOJvfbEc2Tuo75Uh0y5fDa3R4Qsb+kFy0oqKJVlkTZoAiRu1RJPVc2PgWuVGTDCtAPHwxoReiXr9W8fEd1z3isO+5T5hcuxRh9jvIStU1LHvk5dVgZwm2F9ghGoaVOxbno1TAUY1gtJnOsYoogis1Gyuh9Mm1KaIfZJDGNpUPNRAPkb8otxB+RKM7TFPVB23mHUV1SYuI75mQAaSRRHuQFXZXeOKIo/YCyI7px0S6681TYyas3NRAuRnUQP5ONlfAPmCd911a/0ieXM6dlZiFXrpP/CJK6Qi1+dhSzIgJIUHf9jL/xhBh3F5PuE/AVllLfoznLqxlrylBW8EEXCXR8MT0GaLUFdOjMqYuCWeHoD3NieqSj1vGzfaDh0p9C+0WVYBY6QCKgJXBzIxsKEo+YIrkJjTM+Pj/zF7dEsP1fkAKGHcvEqxK21GJBDKzYsKM4CSXRFCTadQ+pSsb45UabbFxEv/DYMr/uWWkClu1QTeT8YxiltAZFRe1fDcuqTRmPCTS2gOS1T7Mkb4ZdsYpXE+DmHMujj9U9MC5KGBub9rPc6ct31zOCdZ/945L4AQvYAiIG20Oq/tS5LOmNv14nkFaZBeV8UEsHCC+A31XtBgAAAw4AAFBLAwQKAAkAAAAMR2hIL1seLh0AAAARAAAALQAcAGYyMGZkMTk4YjM0ZGFhODJiM2Y4ODBjZDkxZGY3YTk0LmZpbGVuYW1lLnR4dFVUCQADuJPeVriT3lZ1eAsAAQQhAAAABCEAAABc82Q6xhffLm+E+rQ/DBH8jN3YwE+3CdPrbJ0ox1BLBwgvWx4uHQAAABEAAABQSwECHgMUAAkACAAMR2hIL4DfVe0GAAADDgAAIAAYAAAAAAABAAAApIEAAAAAZjIwZmQxOThiMzRkYWE4MmIzZjg4MGNkOTFkZjdhOTRVVAUAA7iT3lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAAMR2hIL1seLh0AAAARAAAALQAYAAAAAAABAAAApIFXBwAAZjIwZmQxOThiMzRkYWE4MmIzZjg4MGNkOTFkZjdhOTQuZmlsZW5hbWUudHh0VVQFAAO4k95WdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAOsHAAAAAA==",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427384",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93b8-c34c-47fe-a5c8-41c0950d210f",
|
|
|
|
"value": "invoice_gSnwbz.js|f20fd198b34daa82b3f880cd91df7a94"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427385",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93b9-96c0-4e8e-bca2-46bc950d210f",
|
|
|
|
"value": "invoice_gSnwbz.js|aa067c89b3639c202a2c470d71d1f316067ded23"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427386",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93ba-36e8-451f-95cd-42db950d210f",
|
|
|
|
"value": "invoice_gSnwbz.js|8a1c5e44bbd75aa50fdb053cb25477be908ff19ce62327b55c65e93c77da47d9"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAA1HaEjSUji75gYAAAIOAAAgABwAMzcxYTk2MWYzZjk1ZjhlNWYwMzVlOTQ0NmJmZTM3MjRVVAkAA7qT3la6k95WdXgLAAEEIQAAAAQhAAAAVf0rz5WCtZCMeb7LWLCCB5CIeJDC3JsAZla4aNQEODKQLWmlqquFwWzM3wF410LEEYGMSUHFe40+qql2mKT+C3EpEJNnU9sHRYxrwc0TFnMnJPmcjIY/AG0rI/yA8x+u5GlhVevS10rv4QCes9ikbEiOd0RXJq0fBO/0Hl1KuVV1QK2kLPiG0qL7+uzizpwpevSYUfdjjtZaH+R2VDeETsdsdkt7KV5ztF03oVxkL6Zlh2+uNUQstc9+eryERMtzy4p+6VuDdRPoSDEBoprPWURINtceVpiuyR2IQcoUOXAXcOwTz60CaH+t48Nn/1j29HGWm4hWZtQB/2eszGTB8rhUavwmf0gGV6z3FC6qH0eg1R0tUHOnOEGLh4vIX6VUA5BMLBKTCOH4dqmWg3xR4IijZez4NNHZEcxbFH+S/oCm41HicNZNOsCzqk6ZCVOLWmmM3vBCWtdIvnstSkXcI8M5vPzpUnvDwm8kbMZwloDhkpoQVq/AEvM6MNPR/BmYsEErqqW6WX67/wYOvWA7g4p9bOZyndkewUPTe1PJUVNf4qTqWQSXd5wqgvvA6qFGcuTilv5k2MNvnEzi8sCB+W5PLaFpnpY6B3Ag+46VAnzkrSleRzUHFxOM3MVOZJqaWg9fWWYY9JREv2ghOtQHcheKfFRGvVn9LdgwjuzDYt9n9qIOuhxkXIijgh0BJhDQ3RChwdk6xFt15O64HrzTosGXSV52uuRonXMn91KEZQLiLAWyimirWyXAoEC/DGOIO7BoW5MozgaLTuOxmuFU5ta8PP/OzOwEtzAZW4ALr9KxzxqkIZZlPgWtC3H2dopQeRbmyiQCQ5CALkeqTTsmbZaN1CzrRtFPjaVWBSLReZGjKdbbqzgQYiV15cvsCzMYik1TwiQKn6/qaqFFVGeZYXQeFOVV4XYC2ZgdlxJDrPu6kT7PjSbxn4mA+jkxSPcMPAHFhu1NRRkS37IffpYO0/MoM19smuL7Fgkm25R3LvenBd87q7L9/3ptTdL9vb78iTORjxZ32iNqSjWjk171VN1O3OGHOByep/49jbZWsvFDUpLM/P6I6j6k6LNiQGhnIwvXcAtYMW/64qiFE52rvfqWJ2Nh87Jdc1c3C3Uk+XLBKE29kwrZFvUPwNvlCunZCTj+kqRzcf3VYF+ZUjaOepdxJu1Upk/pNbts0VRKd52ZbpotmcKWCFv9wstHYbQQoqrPACl6VXRhOhqGWfds9jWK8b4PHVGi5MGnhkQhgrhnRAIynwqOkSfl4hMR4OfjRmn0VgvedbBSoGWfyFHiMD1YhBBKH0Ynif8lOOvGi/ZHG6Y/51PgSd9obMFmsOURGziynWMCdmWPNfoqfDzrXsPL1DTCzBreeGkpFPntWgDcyqMKQ5GcAHBe7gphCqWfKdwyKNyP3yuuaNXZMCQDX27SYa+zgr53t5gu/9xb7qgAnobh2p19ECmNC9mW2Hz5w9aD+Lw191mac8QiHuTKCRw0rxM62TWurxA4ZAyPFg5CixtiMsRaSneWr56BS87NVXschtbIvr0xKUl/gCCC5/udS2H3tXS7dAuE36FI0Re7oNqCY2HzKTcaK/bvl9OIBPV0V/eF5IwTQidKn/6zspPwv50rqibq915LM+rZ/w5W3Xji0cF4iTDmtvtcgWU61CyQs5235S2K7LYEnytvwYCwWLE8evvn7SuMo4xhY55dyb2U+u5mYRupP79YQLW96nRn10vq3Q7NirpsOPXvVeNZdAA8IZdh1txYV4O1AgGAGULrBQILgWTAzuplvbTAXZyE8dns76oRHfRZFh0uNUwvhKbffc7Pq3whpvb1ET4tRF04jOImVrS+TdI2UAAJ9lW4WjUOAGqw28+RGAID5T5oeAtBWhuAV34vvLJf7LUYkAptCLbAyQ7HW0ZJA2eUft2QLwBBiE3HfOXX1lxE9ZyPAMNqIuRP8qEUwoeNCsFULn+kSmZwi5pXjfH3f5vyaUaRAk8AwC56up2o54TUjJozA11C6a86kx7KdvHKc0iiGNFU8QhzV9Hy0NmuwQbC6mAHWtBh7YEW/6+OpTve866ahSKBzMV6aWPmqgIB5cvVLaDohQu3d+8K2viwmSz3PGMJ48Ifcwojg4NVtUt9yFOrCopzxs0VOUOcHDagak4uWP4bRMBDSzAdbbXa3nSKG/GFZt2EaWhlIgOL7BeaD/fxMPkW1x9JrYqphAT9ozaRZkN35e9o1yHCFvrcG+iDES6tPIzj2AkNMC+laAZkaQ0bNC4Wrq2jh8/ozYfXXaevdX+CpIvFbCsLqw4QYhODgFEE4k82ZiepNMS7ziSEXYc3c5wLOPxC+esPrp+Zzjgx986s9BNQSwcI0lI4u+YGAAACDgAAUEsDBAoACQAAAA1HaEg+ZkVRHQAAABEAAAAtABwAMzcxYTk2MWYzZjk1ZjhlNWYwMzVlOTQ0NmJmZTM3MjQuZmlsZW5hbWUudHh0VVQJAAO6k95WupPeVnV4CwABBCEAAAAEIQAAAHPSTvWeLlwpUYe6OeGBowYxlgVrHzc0IQHoRbTBUEsHCD5mRVEdAAAAEQAAAFBLAQIeAxQACQAIAA1HaEjSUji75gYAAAIOAAAgABgAAAAAAAEAAACkgQAAAAAzNzFhOTYxZjNmOTVmOGU1ZjAzNWU5NDQ2YmZlMzcyNFVUBQADupPeVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAA1HaEg+ZkVRHQAAABEAAAAtABgAAAAAAAEAAACkgVAHAAAzNzFhOTYxZjNmOTVmOGU1ZjAzNWU5NDQ2YmZlMzcyNC5maWxlbmFtZS50eHRVVAUAA7qT3lZ1eAsAAQQhAAAABCEAAABQSwUGAAAAAAIAAgDZAAAA5AcAAAAA",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427386",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93ba-3bfc-4040-9586-404c950d210f",
|
|
|
|
"value": "invoice_oGXAzl.js|371a961f3f95f8e5f035e9446bfe3724"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427387",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93bb-ee30-4eec-adae-4a35950d210f",
|
|
|
|
"value": "invoice_oGXAzl.js|f07ccd57faa8f071923bc87f3c8a5615008515bf"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427388",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93bc-8800-4c81-b8fc-41bf950d210f",
|
|
|
|
"value": "invoice_oGXAzl.js|ed2089dcedc5e1fc2393fc1f6ab119e3ab39c50ef7424f12b2d71e9e9ff076a3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAA5HaEiqSvMK6AYAAAIOAAAgABwAZTQwYTExMDE4ODgxZDI2N2NmMjUzOWEyOTQ5OTRlNDNVVAkAA7yT3la8k95WdXgLAAEEIQAAAAQhAAAAsgZI7ZWNprbfsdrZV/YAfRpJzVpyVXy742LKu9jVrMK/4dEWo3tmNfdX7b28/0bH/aHDKrsigw7OZwk7KoTSpu0TbQNiQG3xnEFupVM+gGHNVoiv8p4qs4RGBk10w0Gpj2xjorFG7vhU3ubb74Hfxdc+ajEgJq64EPGCI88tucaFILOZZbKPuPa08cW2oZ/plBJE5bjmV+Wto8lO1fmu9M3//jbZTN//85YEVSOFISGijj/du5ALsyCP22ojHiNRIMOU336lB1WVUr/GGGPqnPAfHQP8yfdJuFCGm9ZBFNNAxswmLcLJawv6vMtNs0L5NMJkk48CgirUVrR7AXnwU2lHQH1g6aYArxH6wkVKDzar/TUHo63/dN36t7M6TS/Cuc2r72ybfsrpIFbVY24QABADvo9cEwUAyCbH1JD3o2Y20jqDrWjCdtjwvZMJIps0rCs4ugMSCDJ7Sgax1FDzvglbcw5DLWdjm3Xn0TPld8VeCYRSz8hDJgZoBJRR1lId+iYirUDyF55tPujcAZxM1ym+jZQiSxH338mAPBBPCZ29F3JhRRqNsoa6KPTIALCldA5bY2ok/AWJHxrX7NVRBacagKGzHjZI83lvonz4c56R5HeLhzHCYJw2lNMtCMpizw5TgnMsm/o9LWeygrkENrYpfAlnG2LXFzVXV8fydb4P1jIfWh2StlOdFYNokKmSE1UyUqghL88L49ZLa+Np+By530ullEencRO5EIC3frd509aMf1rBnQl5QoQZS4fJmgOkZN/gWVFxfDnLdabKgq00Gz31IImNtmLDV0lcuNy4fkBrPac4OEkf9lbS0+rEWZ3ajNfUHkGpmxj+Uz5EsbGsHqHd0+gOeMIoJLDLHNbVNFu96dgzrRbu1fcLYKC2WmhXPb2nRojon7rfgjPfMXrM2bL8upjnppvFcIDjIVWFFyXLRzle2eQ5P6O4Z3LJbujYzd5SUztC8J5vPm4WbJeTpwGOQXRx4OqZjvzKTT6UoH5vGTkRkbW6WBOvIEWTf6U8lBIjtE2hXineQbkM0UNAN4gQmdNCmLbo7Ol/poPhgL+CJcMzjCvY6ZpHLh6PRQlpMRx2UlT3NanlRu4wg1Nx2uJ3HiO2y/DDehs9uiN0nrJCpqeu+6icadFb1q3ujWIajjn4JygT9WxzEz2kttknmKY5zEAIRFWdDEBOYyIjHe0LW+3hK+Lb8lezuqrzCc+52dkrDHmA3eWjwU4Fnb+FP/Q0B8HLOXQw6MN0zkDZnV0vg2virVQVlvssyT0cRmyMwzDjVxKFEDZGDKYOzB3tHs1Zdc2UjeKsIFp8yjqswCweudsFFPVD5hVL2MmQ8HeC1EuHMdeVqfqImirfRw9kCKoHtvv0gur/JZhXS72SS47f7vusmzsCvFc1sLVjlcDARgPQ4lppU8DF0Ul58FrK0NxfwNCiEO+1iIrZ8W8ZlBYFe5RZ8wL0P2CIBc+iMbYt4k107jAjdKUtnwde1KlKTJICQLDP0+tIZJLLZ98CLG3rFvLz7Pl+KUM1HACH5VnQgYzQ/JQLjxT/uHpM4dHTURWEJ6CFYk4u4QnzflCfLA3LgFIUZyFXsszzCjLd538/3IA6q3Sh0p+EBIRfBTzfveRl86sXWxaoXAo8/zWPI2boakbIftLCjBiFTTpTSphlyd4l7CZTY3QfneP6OnJGVW70k7L+I13+JECSaRleBlfsF08fcl9eAVMKPLHfpn8lqFh+goX3TKRntNKj+LuIKjvmZgpP2miAkQWZrMarjhnraqS89v3ZwPQ3OyPz7YCvKqscAlUqbE4RrQxIf4FddILko0Wyb8XUJcsIZgkkyC3uOjNvkhsPcV3Tox6h43KzbS8DcuZnkeYZgV/sOac9gGxRqqAQwH7qwZma8WGsy68/hCxoyFia1f5ZbZt5Sb6cxooppbasV5bVqk5i5D+x23he8kJFdXXM7mIfPxJePlvREyqrjmCjEDNo2Svxv29aVOD2uPGAh1gutswH3Du5A1PZ3nHZvVP7x/zWVjV68iyPgMzlmw4yNnZv+6jM0bwAitXlfmdFYVEEmMeoGlLZrPOUPLDs55QeXOFFp0JI109zJKTmDfaPiPOKHy17EI9sbO1usFjNZm/ndXmqSE9kdDVj7G36lMFoRG71uUMj4yTm7jDm+mmig/jvf1voTCGfqb5B18XujkOQ15WUWZQkwrbKytElBlhe3ZEbM3yhPryyKiJQ/7PsnjKLvYvWpHzfT+q57lnTDD4edfSW/uc+3JYkuIC3BrvaT0M8g2zglxBoSV+pP3A36ovqAnvejG7eT4GF8TrhQ6R0d8yTs6PpfsesV0rB6u8wcixQhzCIswwKndgLrlBLBwiqSvMK6AYAAAIOAABQSwMECgAJAAAADkdoSGXJQYUdAAAAEQAAAC0AHABlNDBhMTEwMTg4ODFkMjY3Y2YyNTM5YTI5NDk5NGU0My5maWxlbmFtZS50eHRVVAkAA7yT3la8k95WdXgLAAEEIQAAAAQhAAAA5Dpo+qiQEOEgQLF4hgCoGdRdGXt+Rhrd7j4aJ7VQSwcIZclBhR0AAAARAAAAUEsBAh4DFAAJAAgADkdoSKpK8wroBgAAAg4AACAAGAAAAAAAAQAAAKSBAAAAAGU0MGExMTAxODg4MWQyNjdjZjI1MzlhMjk0OTk0ZTQzVVQFAAO8k95WdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAADkdoSGXJQYUdAAAAEQAAAC0AGAAAAAAAAQAAAKSBUgcAAGU0MGExMTAxODg4MWQyNjdjZjI1MzlhMjk0OTk0ZTQzLmZpbGVuYW1lLnR4dFVUBQADvJPeVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADmBwAAAAA=",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427388",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93bc-d518-40cd-b696-4828950d210f",
|
|
|
|
"value": "invoice_oOaDsy.js|e40a11018881d267cf2539a294994e43"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427389",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93bd-5128-4748-b994-4dc7950d210f",
|
|
|
|
"value": "invoice_oOaDsy.js|31ef871bbb4c5e023fe0573117dc7f9d9b2c3467"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427389",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93bd-711c-416d-90ed-49c5950d210f",
|
|
|
|
"value": "invoice_oOaDsy.js|722a2dcca37a1d33c48a69bef17d2d39d88706a16d9dd641fcb1b839e14b9e6f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIAA9HaEiNSBB68gYAAAMOAAAgABwANWJlNDI5YjdhM2RjNzg4NTBmMzAyNGMzYTIyMjUzZDBVVAkAA76T3la+k95WdXgLAAEEIQAAAAQhAAAAVf0rz5WCtZCMebyIQ5VSeEQ+jXuXOlcyxiCaP17Y1OpOUYVp4geFy5IvRIEsgK796W6tidngHhIYXi5nuMFomoQpgUJgxCDIKs7ZOMfU071PkxnPz6VZFjBRLaveOgR+SmGBuZnAa+Mc01t3q2zbgXd3Pm/WwgC7egT49Abvx+JHMJUoPzZ2oBvNHpRi4bqp6oV2ZyO1qsuxH/Rf8uqq3JZwJwczZBn2VyNUrGBFjeNaovxgqoTuuAwc9rncJHACb73u77Z5Oux5B6gBAMQHkqN5SBhN2ZHu6XoHIiezFVDDlSd4tzE9J9fFSVVepXKSZQlNLncEL5MzEQjXDifxEUlPhGpNJ3ubL+l/xRfE0mInVOoI7HcUW+30kJdUZSN644sRTyyycK1S9MbLIg3VeJ2k5tdJMP9r+neoODoJ463Kd3+W+ZEoJAXkBIgTB+aJx4GO0ZRw3TfnGhQvOPEOYDn9QCbgrxfZuGxebtyxD81j89rOQepTwipGoBzHhTkuTryHASnge9RGOIvY8pBmfoEbsXdnvkQiDmDzOblrGyAx9ed5qvFDiU5wS6jzixPh0j6Asg+PvkO2EQnZiOgxd2sPQ4oGn83+hNgB4iqcmNSEcVEyE1+jpxSqnLttM+A598hyrIU04IAMIleL8aNJNrU4E1OZ9czHpJdwbg1s2boQtJu1R6OKO+9cBwwD2bJ809PevNF9VyezfMGEv7W0EQShyhfKpHBLjJkxRtBC8x71wtiSVRGZiWsiwTsbDGudJc4JvsgXs5vrsk2JlCM1u8ZTzRvdzZITZgXessuKFgoA0PLfpcQNqNaLgtaVEMeljn/jZLa3wtbxbiAgKcctfiBkVXBspQn/qwcy0wv6ohurGf5onVD7/Po9rWaNX3xUpc0mWwV1AlMhnV0HXbEQ4Wao6B7lVQeZiqJIwrlvb3qWx0YTH0hxCPUpIDG4CRoSw+UG0CAS/f7lutGzUHa0D0SmEpaAa0nicYmBFEE8aFyuOMIiRFt/2J6Pj2KZRWrVHaCuosmZG9h89P/w7dviNX0XjkHyAl65IzW92xz4GiZPdLJ9Iwflm/lLI5nPBXaXet7S1wJtDjv4OLYu4YnYkM8JJ7ggoXsIZ5Rxz76Dq9fxtdjF9o1dl26dBM5EiMVGBWt2D7z35OPO0nhvwyk7aYDVnwGIU3NmizkzofaOgvKCVPyFcnJ3R0afkABm3vTsf2qMgocimguhIZxDhf/NRivrJ8j7WukEMNeqT99O2rbyt5qXaeE4lCYYUG8Nap9yqy4hiBH8dpw8Li+0uRpr7fh0SHRUH4cTYL8mdKDA9YLIBFR72ftbIFW+JuYiMeY/nBwnbzzNVnC8R3YhQ9JnkpvtST9lxtWwvafYS9tuRGhfIf+UGb9OFDoAhpgxVQD6TLqDHmKO5jtu/lOMMQhSfP0WObou2p5GRAWbnk8puYYQqHNEMNFQYhEgIDYRgR0oCDyIYZPNWpQ011Rt+4W02SVEZZBJLwG6+hhcmhRRyf/koTPNlt9enGQdOa557l07w+D2WqdgqmUMfyBWE7LhYdPQs/Qq7zzQbnE5JvYCnlm7/wTvmliA3YPzBsyk0j+Wu/OlDDkzkeaS5QNhsZn4Gim5aufyeITQFjZLCV8RRSPPL5Am0MMhcXUZIajzUB/+o+n8+7bQlyQXw9GZL9qzdJTc2y29xgShWibbhqls1DG5+8GCy/UABOGg3R80CIPf3NCVR60Fq1qQtNenxKXTB2ttw8I/1fjNojSJ0fb1LAP5qvKfwzOaW/x4I7nPg5WTpsPL19go10VoXiYzIxjhSEgDpK1f7fKgznN4MyhxMheHEoK8w5EUXnUAyawk4DC/cnxtvlNimmWhwGNaTPVqMNVzJanABI/VxazdVzGlp3s6oPXU+qZcMngNvV+T2OpD7zrxeLUu9el4CGk+Vygw75tX6hTJSFPMVUbyNMvYrkAFWXrbdUCrydbyM4wVYvUQjWr55+4/h0nZkqz6J5E3In3XESf0uf2DXfMN7THMljCuVWRSSLTtt/tmzkuTSxiAFglEgAQJjrAcSLXauVt/yuwXdM1bqmXeolL5M9irbLCi3ZFG6pXg5nUETvJ0h9iBnEZY0BQE9e4EKN8sqF0FpajhH8s91Um1prbz2T2LhVtBB3+aUT2Fqh7wi7yQxng03huLCnCn1+rA5Is0K7kPVLMIzeAhS5jdjajH3Natp22mKHjpGE7V/j5u7StlyJTP2nsPYE510xtyUMMn82fMp22pFMyTWoYgvfnQTz5/RTId+irZVmZo8K6gTqzt8fRhreXyTL7oTdHdtI366j6dquF+zoBNwMQ45cW54SstogCWu9Q7SvfoJWE/aLY3SR9govVQSwcIjUgQevIGAAADDgAAUEsDBAoACQAAAA9HaEgPqYepIgAAABYAAAAtABwANWJlNDI5YjdhM2RjNzg4NTBmMzAyNGMzYTIyMjUzZDAuZmlsZW5hbWUudHh0VVQJAAO+k95WvpPeVnV4CwABBCEAAAAEIQAAAHPSTvWeLlwpUYe4VZcdszKG4zdNVhgF+y9BMGEKmbtX+P5QSwcID6mHqSIAAAAWAAAAUEsBAh4DFAAJAAgAD0doSI1IEHryBgAAAw4AACAAGAAAAAAAAQAAAKSBAAAAADViZTQyOWI3YTNkYzc4ODUwZjMwMjRjM2EyMjI1M2QwVVQFAAO+k95WdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAD0doSA+ph6kiAAAAFgAAAC0AGAAAAAAAAQAAAKSBXAcAADViZTQyOWI3YTNkYzc4ODUwZjMwMjRjM2EyMjI1M2QwLmZpbGVuYW1lLnR4dFVUBQADvpPeVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAAD1BwAAAAA=",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427390",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93be-6e44-4d72-872d-45e3950d210f",
|
|
|
|
"value": "invoice_SCAN_dVOhXe.js|5be429b7a3dc78850f3024c3a22253d0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427391",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93bf-88fc-4215-a346-4b56950d210f",
|
|
|
|
"value": "invoice_SCAN_dVOhXe.js|6cc8045321ecdde68f608b82c7eeb2cf380bb898"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427391",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93bf-8d08-4993-b872-44a3950d210f",
|
|
|
|
"value": "invoice_SCAN_dVOhXe.js|5ea724a0bffc3b1cc7e9f33440aa94e2008c30ee204c6dc3c9c27c5f6e2f3110"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIABBHaEgc3Z6h7QYAAAQOAAAgABwAMWU4Y2I0YmJlNDI3ZjFmOTI4N2M3MzM2ZWEzNjdlMGVVVAkAA8CT3lbAk95WdXgLAAEEIQAAAAQhAAAAETKxAoDOltA91YgAoCBay4l9aWjZ1/Kf3KboYJi2K+tHDkg+yDZjHlgZofHr+QJCmnUafV0bZeRS8JG4fiN9f7ALdEA93dFVk4PORfJ7fMWEHkITQzRN41UB5hiRJA82lWDZ1Dtix9oBR803kUW7Y9Hu1mui9TH5HcAinLqCRJPVubzBx07SZRx9aXALteY8duMOZOQeTsHgSzNmbfF9RK2aHkYiEopMp+8WcbYb/g4vXDKlAE47KKn15s0JFLtcQYbahkVRRQL5Lcg7fv39/rUBi8K2t71JCf1soXBFvbdwhuyFVdVLHJfn4gnsVR9In6yHNvQNd4ZD1IpIllvdm5WObXxfhMSg2Md5TPMeBR7HIIqvh7pHgb8oEHjHlACsh8MbDgcNp3L95apC8yYkl6EFPJ+mAXB8dRGRfiS1uwhji98Y6e+l/neIuzTMyD72GjtxaeOK9CgSJ1Sxqm6Oy9iODfYsjxki2yNHvKbv4WywadvxzO6BcYsGzmBjOzSyRHhiwdD5oX9itzW8uPST3p9H1PnY6ognLXUVwjOc7rSQ6nbFJpdS0CJg6qLZq3c6wjAjhTOPAZ4oSKQYGGTXfIPzOiClZD2Gxmx8qtNGO5mvtOwknMxvE3NNxM5XefcRmEw0NQ0AzIV1SnpM+0xShI7rj6Cz/GqiTA7fpqiSfkXOolhJlZeKw4vTKwMepnefC7nDqljUdeu4VxNGWZJ378IHsI3023qAfQ6Sb8ShZ8gZEpAVsk/L0ZbT4Y/9Y9YDsPYqJcjejSlxIOM4nkYxVE4aixG9VUq0ryCJnxlgLWdxzRKgKOUTljia5yf9xu/nnzC38dxaDMYiYxQSzSgojjHiYeegu9Jv3F/tkTvNWgnsYGJZ0Q8IiWXtT1TeP5QvGdrZK/45CpOJ6CXVN3L9JL1xUX4yGSBSMPFQfys+vCoA65oNZqpYokbVckzdnlrnwE3Ek1X+lCJbgb/tatI3Ze3w8DeBvuZjIXBDp0lX6aoTnEFafhIkbXNXW7MjCctmL/eRrt8veruMH47rGGd7Wd/gyjL873EhE3kWIyhME8x6qI0keVKJULDTyTUJhVMXzFBlm3c73UrzbRFYjV1BG1SZFon45+rx6LMuHyktjOktmg47zakdfzR2bzVyPl3uxoS+H5gRs8tC4L2mO91P+zpTTTd3LJofBCWlpxFDllBDrdCjZ2cz/gkaj8i09+s49E7b4/Pa4Z+uH1AD2dYFvkrnv1/rOVeecsEnrl9xYForqgNC7EZpuDRzFFyKjsnyzUT+IBYm/OoRCnoKskyGLbpFMBQsXopiTeA9OrzNB59JTzDLG+Mk+rhR5ylix/abWgyKZhvY8HlIND5AhR1N1j7nxgkROYNzTVxwYI5Q9biUUgQ93knCRuxRc6sk4RWMXnntFMIZ+YHMcMcaRUuV3IKTw6pD66dngmMJIU+bq5dfHb+S2kqbmu05XtT6UJOW7k/ec/QETfF2Kk/IMZf+XWoY6j1jFfGK1TkSrjPSZP7qIoFBinweck5PNxXRZu5rmRe5HANydObsq2Kj0f5uYZI3HRpqL0uJhJIU/X/hJDAIfOEyhGiM5l5RoxefS12v25cgv9COwfHSH/Zrw1/3jyIv++8K9LMnIrXabvokd/+K506oXt8Njd1StgPG1sSdCYrqBHUosRN4B6No1/7FBuV9PvWbq4ik91Rk9vm4wD5WXX3NLeAig4CcOqLD0f6Y71D1HVx6uhaS4EXI2lYMIPTrRzkO+lFm6ob5RyBC8auKm++szsiIK2vX+s45e4pm4pgGgDAWgsjpRVKrGPvj9f/XUEFfC2dRJaWoRw7+DzPHJ9xS1gEd6/0bA8BjB17W5fc/250FTWyyg1fRWd5SfENhkJV0IzooXMDUW4wl7qXb86j9mNIbjMkwQzcWdRSNkPfMmF8rA5J54xUWH+F9ZPepdGckVp4XDO3SFuwGnYwKgavQkL4tCo6KUwZ6cR46dvoUCOSssUidcm/0DMvxCSF9r7fPPAfyQiKjIP7opJf2truPq+ez7W4DPlDjRcANuur2jlAjZiwZxArw762r7u8NL1QGOmodYa/m0torc7NevLPG6rVyCuI/QQILDiwSLZxZTWcoO7fjgng35kHE5D9MTl5SfjtBC3N+XHWRW9VUjaMkYjIYknC/MUHKUeN6YLU+Ll0lSnoeCPUQM75pGjxDAqp3L9JZXxTu/k72wGpPaetvYVJ06kfwcEL2KBZ/X+cnQaWQF+1diD5QzJZuXObylp7hr6US10ON/4hKvFKhkvO4GZTi9uuaGHejm3LpIXz3LNqZiJsRu5/ZozVwWOKXrU6z+NSB3SChNtiQjrG4DqfcEc6I5HRNT1qzUEsHCBzdnqHtBgAABA4AAFBLAwQKAAkAAAAQR2hID9BuTh0AAAARAAAALQAcADFlOGNiNGJiZTQyN2YxZjkyODdjNzMzNmVhMzY3ZTBlLmZpbGVuYW1lLnR4dFVUCQADwJPeVsCT3lZ1eAsAAQQhAAAABCEAAACqQH04endcgrTC6rnL+jygWGFI2mUZN0dOXfdyVFBLBwgP0G5OHQAAABEAAABQSwECHgMUAAkACAAQR2hIHN2eoe0GAAAEDgAAIAAYAAAAAAABAAAApIEAAAAAMWU4Y2I0YmJlNDI3ZjFmOTI4N2M3MzM2ZWEzNjdlMGVVVAUAA8CT3lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAAQR2hID9BuTh0AAAARAAAALQAYAAAAAAABAAAApIFXBwAAMWU4Y2I0YmJlNDI3ZjFmOTI4N2M3MzM2ZWEzNjdlMGUuZmlsZW5hbWUudHh0VVQFAAPAk95WdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAOsHAAAAAA==",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427392",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93c0-1bac-43e7-b4e0-4630950d210f",
|
|
|
|
"value": "invoice_SNeoKL.js|1e8cb4bbe427f1f9287c7336ea367e0e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427392",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de93c0-dd20-4e00-b4ef-491a950d210f",
|
|
|
|
"value": "invoice_SNeoKL.js|d48493fd881d5676dfed73b7316b8eecb684d43d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427393",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de93c1-f580-4f8a-8d7f-4ec2950d210f",
|
|
|
|
"value": "invoice_SNeoKL.js|ff92eab905b6bedb42f587692623472f5ebe53e94150e609537bb736a398c8cd"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIADJHaEhuuN3YvK0DAABeBgAgABwAYWJkOWRlMDQ2MDg3MTZhNmM5ZGFmYWNlMDUzNWI3ODhVVAkAA/+T3lb/k95WdXgLAAEEIQAAAAQhAAAA/4lWIXIrsK/NEBtl4uau9BRPwyDAU9QyTuV/Dwgly4qhq2uzWsb/jxdlHveX7TX8ZqcDoOTOFqMC14XwzkVd90hp9kFBstt6ParHHRl6lbTT0md1du5WFZkNOedQ6YVAQs20tM1jByULuW6ti5/DcK7qqRdKSLy3mbGebLB0a6KFFoL2Kp9SILD3YqAt4T+P4YRQnMxdcp8leLxR9DA3Mapg41Nh36rnalHBiCpmy6+w/YTxuZPhZn9xNtFBzasRixI/P/tGPZERqFnlBpdXueuGE/cVuMthEuQkbpmCJA4tGsGYqjnrkmYd5SvyObqUVpNGOVyawdtpirGjdrYqlhr/zTHIXkVam/FInj4TkoBygirY+gNwZ3xN29ldzh0hGkzcWo0t2s9sJv57Y3u9Cp5JfQYXEl4MXpKmvkPzwSYlFObDcUf6tH1Jt/dqXNf+31EzyXI32bYpJwlXKhVB67+Vh3PZ4W13XT3+fxbVmz8vUsLIB5M7vHXs0L+2ZUEJATyKVNk0HqCdYCYp73CZwntk9BkbSuGyzbL4/0msRl4lME9v2g4HyQOWG4sagnwRPE64lj7MrAmnMsitSSapgtK4BLxhc5JSxjUGPXHDxKb7FHcO2uV8mftv+6M/S/Ca+dLfTyAzfhNloUFt95wplnsERz4Bsdc19EAUEddNFGuVascB3EgFAgPrrl9Gn0oeoYP3Y0AT3L6NAmPQQ5QTKDSy+TRyxicC4OLW5CnHIcd1oJEE2pg9gytDxcrXveOhLt82lHW+Ex83TjwOZbx30B/3q0RdXYLxu/61yhm0scVHRvNjTK7A4UFW63c8/yqLBwsPJgz0Ftl6LaVkYY2TH6zexs+3mFjWzKn9Kp8sGUrr0IbhsVWGhHqRyLi6czkjr1nT6FEdNX5iQz/zcefoCnd9BUFcotEBof4t3yjQnvDIoD5zKN86L/928evF+RRzjs3/NCekbItNe69X1SRyJ2FsUqUyqCIcpptxK3sCTeGRkMRGjsmvZXYr1gNSYokE12do2o+IIVjUVZNJO9i6C8bo8+Qk9Pv0ehwVK5EFtpjhs8GhXfMuTDcng+vmbPD4cyVjcOTm+eGcOE8MgEECQWpGe5CE0StTe0za/aIgr6EL6+mNzt+zfCS5bMP0+nOV4XTNcH7akbaUuC3TE7ibOdRNfVZsJUi3QUDEcDql+GVOsrs/bt31xECYCcr5K2FUJYGsg5fpDnTyRbVUY6H1gLep1C+hEvRWKLIUVE0EDacWM8Uc7bwEyrXo6y59s/TFE5tO4JviDWv3AmK/B33nrehwpJXJ2bFe7S5Y7ZW9wKU34FYTjpVj/4CjjwTYgVuoyCJWTbVpVBDohBXzy5x7rkk9hncjPAuW6fYiUEqjfl8y/4hrw5l33IWV1zFJ4+k8Wjh2C1R/bnjxkb2NJ3bWDb9RbrSu1akuemJVGJvc4gPrt4jDk+EL1TET9r8lEXtLkryUN+2B80l+mfqZwPTP098ktuZzufzkEhZ+HFQ7fYRUioylSwep5Us0H320V/xGITtJjAfFngPRxYcrwZvps6RzKK+sfjKGbGXMdRPt+eV09X1oGPXkDRvwTLYMVJv+LndFhj7WfRD/PYWZOt7FFdgppiZsurMXh9fhzKp3r5SV1AGwsXJvD080b5TtpCBc3pXt8E/Z7rSnXbNKO8yKtFG+eodFeJvgM1dIQYLFUM1+Lq09Gj2jnTXgfIXAuRjZci9iwQxS6gYaJDVsIk/WsV7EB/osgAEeDlHBROXT22B3dvvNH+8YM/ZnyZcDzHxPFGGh4RvHiEeezhyQTTFwNGOx8Qnr7ZSizXa2+lxFhti1W7vqJpZcuRnN3fbynSEMw0SsGT2p9L5EfICrwpzrmrsisqc602iszpSJsu6dED5S1WHEtEdwhxHJB5ByEuWj/KMpLpWzja21otyU9CzFSi8hHhnLzPW1ZMEYCByCGGF840uBdo6g6ezDVHeeqSMxxmg+G3YpB9UsmC7SkCbFFZjjk0rUVqarZI6QfKj3duLgQRich2WrmL4hDu1NLtEFegOWR/UrKd8sF5lAQIzEKjWpxsPTYIfO5sIr1Hsr7Hjg9fxu9ZbS1yVL4LFn4jcUXpLbTSlSvlDbE3gVS0kKMzsySfvtlXMS8JwhMKd4HXjg4UjWhqFe0ufr9OqNIpf8SdukXymF69RlCubQBPCUtY3Zrg8b9cXDwU3+iDE1UyX/+AoO+OviFFQUDqZquOeYEE6/Pf3qVsDzYLr7cKKokc3KGAioNlAlN0PfTSbBgD+DanZWjqWHKJENXNx4ZuSlDwKuZ1mctAiztQBUjkTpC9dwokAgqfEkNSyLn+BorprrlQ9WZAmwa32r/UxkTgfYDaitDmI6ILaLZxZnc5bWy6wNi4tPmJCwSA/5nq4hYmqPVOC5y72eZEWCVlFmCoBWOwmgjFVhYRolfyrT5CFSVbk7gAk8XDqxCUYAD9fuaWkVclxfKNuuxcjU5siG6rtpIft5atsinkZ4ILCf2wDAkTTAgctSZmJw/cSZtf+bPBGw+QBKWmdyyhtv/mqYQKxzJDm5pCcOVe0iSjKaVfrzeJojUecT8DubaMXTW6A0nDFutY7eTOeO3vx0PNXrJNfgPUskeDA1awH9sarU669SpSqI9DtIMOZgm4yv1bhX/MTBwCdnKMbx+KxF20GvrJAcxCrtGjCjnscJ7lHB2OJsuz9yfOJbyEUD40ae1sN7aLuNPpWQZo2uT57pZN57dNT5+jBhszRzgj1az50jiVwBlCPAnSSej8Vc2R8wnf612nY1QS0/gkJA8qrogllNepClqwj66dR+l4zG9uMg4mkqYqDmhLkoeUeYMDWynaHJAjnP/PqPdHbzLfjQhy1BFYLO+DMik4y6l7okbRrtPSW9W8bTg3xD2EFY3WQqpUnuWWvFe5nzUC5/iSqq8fCFPhDI30Kq1VAKwPtKSneoipO1Ea7U5mCC98kmbwzow3XZAgtzWZ5pbUfApLDKXyGSrOfJJBg1TRjWpejWqCn9EipnfFa8P9mQQK8GBgwksRMk0YnLAS+yqWmexolK+uZswK9C+Dc19PNE3sWdwyMKbQbedW6NUTJVhOnAJZDtxZrqyZ/dDCPeTpf3ivzj/oesjGkcd58HWGpk753QEFlWYIXZAoEz9Bql9RmrqzrY37YEO/CLgNzaD9NcZWPRY7rf9S520u5Fgtzgi9KnNPQ6gHMa3cgEIMemIqgTNGentRhnCxJy4Gy0EZuGZoYEKY0EAOK7tQKrvwtBRrKr+z2tpx7vSacMMMq9AKDWiOMTuieAZAJUWJS/TJmEK72qIl54bJci8Yqwfsu91JNMXmI7bmxC7yVnZpHpx6sUoJMKP6ZdYvkBhW320NlMM/JOGc4W5eOImzw0mClVlsM090KVItkjBY3wz7R/F3MZsIK+3XdeW3xIjxFOczzG9ngesFk8gCBbwdaX9mFIh8fZcXlSLJx/UGH+WAjuLK8KdJ1upn1g/JPqrcVDs8qjR5uu8rW8PBg1+bHKDrUk7Zq9BQA+fuVzN/y6OIslpSb31x1LxX+gkbQZgGvfw3NQ/yeS6jTPvehlVdEzN1YljqvESUGcy4TUDK5Wf2aMnSKon0bucMnboQr8aU0HUzR7TI1jkrjltOXnPPgDkGfsgDxvB0WEkjKIbdCqODriqxDVgUSPe2Dhy7TNKiSN/o3/PU5S8y0Djj+NfcnnpBw+BiRu4FTrZQJrE8N5QSn09iOYUmUtXbMDqqBIrgSsD3jomQ6ZhhpH096f9QUoU4cKg2pIcTfUA1DEkJyZyHzGmUeu2jn+rurBiyf1cuZx2Fr08LV1JAPlSq2+uMhW3A6iUMATEx86kEqPPIST48kTWT3PGHEEVAhwPilFlGy3vGXqcUW3XzW/bP+VqBd0crxnsFApb191dtHihv5AMshMrs0bhLHiCmywsamSkue396evgA
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427455",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de93ff-3f74-4243-ae54-4bd9950d210f",
|
|
|
|
"value": "69.exe|abd9de04608716a6c9daface0535b788"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427456",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de9400-cf94-42a0-a0c4-4cd4950d210f",
|
|
|
|
"value": "69.exe|4f512da8ffba26271901e98009516321919d3f14"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427457",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de9401-7238-441a-aa88-4c70950d210f",
|
|
|
|
"value": "69.exe|7071874792a75eb165305abda81f20fd91beb9e8df5ee1b685da86ef0b73b2a7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"data": "UEsDBBQACQAIADNHaEg0DKY+u60DAABeBgAgABwAMTIwYWRkM2VkMGFkYWRhNTg1MWZiNzI0NDQyZmYyYjBVVAkAAwKU3lYClN5WdXgLAAEEIQAAAAQhAAAARvrWevdOOyX8A4FjgpfU9AnXHAyJPAoPnPAADxNvWq0mssdNySA87DURmxSSEaqKtpgYDyMgLosnln2GIJ3DTKWPggRC940Mf0kSZRUrE/SSpYqCoe3ueuD2hpW1/iofLaMU3PVPnKqzv+FZo5wyq4OCkaY234alouxurhkonWzCoLJTlnM2dqKSkQ90tNfyviCdff7fbh8dWoP4OY8lPLrknWDxZyPe6lulu4GVBdrJXj9nYHpg1RQx/JC26GnSfe+9Y0KP+r9KbMzoXoA2DGg0IBWEnAQ51mijk8GFa8gPxqSrivpid/VGE9eYYMpOc1z38Im/gssefm8hCt8dEds2O+s2I4QQvN4A2ym8yqoUcoPtsJx8EBipHLazRUnhcDrbOevz5//RKotmjpXUKXx5BjBweQxdgP/BUqwYeV4oXGSqi5MrZwk1qmtMbNuSofsAyykdwCesWocAhUoameTfQ7xuXvIgym8Ean5Pf20YE8/KMSRUuIfBsAKOOnl0d/Y3I6SiC3ytf1wmObCm3aKr8saPnj5GPRDG8SWrnxyImsSWBiG/hBKY+HJffOyydF7ndFS5SD9axNS6M2Ai7q832oYkcXJX81YBz/q8Tb2yUoPC0GMBLMPenPFmW6H9qWPy0BTPIF5D/EFEd1/pvqquUZ3gQRSi5tvbWEkM+vuWKW0kdA6z+G4OBVNKU7LtQXCbhjq6UbJnn/eiNXq2JlT5Sfah19lHCQQjCmIPua3/cr0CBb7fnqKh1BoRQShUVSEAY+/9/vrfnNApsI2ebd6cND3+Q/u41sxzaWvta4e4eBYDqdORZdhvZ88ZTYtokv3RseADNONrQvOcqaSdkx9b6zWkutCRrrVrYME/9Cs0FOaItlIoJhLehgKndqpJm9pgJUAZdFy1wQiMJVBt8mzU2Xs6jyC/My7QuiSEjE05dQgKtFKv3soWOZMTWemlKHHDhBy4gqLMfr+DzPt3LVMqzRuXdzyK2xlP6xzdlxi4t5nTRZCy3I0Xl8oQlWq4VsBYlPMYY9JhU19VdaPbPJaSaBuzwX1upMIn2PnZxHOYyF9SeB0ynXZ6+6wOP52HWMVUg/WXKOYX0FsYutSpgTPDRjaI/+JN7DoahtFQx86dbYHbNdYWhJttYJH8pE3BYgHNf1fE/aWInBlXZecJ98I4htGb2RpqXnku4bqOsEG+/9+ysEo1UT23CfbU7nfZzolDciOxxrmZEG0GowjcmZPS2kHZjynOsfQkavPJ0r1wPhwqTenr2riPTNR5gbBEuDYvQhouuvF6PEuaS2iDaOW6Ahvw3l9COUvk7P1vENszWY4c5chVZX4qjgjxrKJ6wRKylKC5PFwLlkSwt5KUPy7qcxOctihPyrYtgLoGRHNvF+q8gRHhqAPVvu98wTshZx3zrTf1gknNzWNwAPUT8ASC15va97K2eHv+aM1HuSp6+JIjl9hMkojylNG8EfnIdCHb84xkxbRO74pJOyqBLHgi7awua78e5LFVbL9Omuh9InhLxnS+UDkC9cYLrebqmVPMXDuIRfPSfFiWeEQOR8Evco1L32WX2zDArXP8wexneaeh33RzneIKLqP/TUx9DGV8VRK9Apn/ZD3CMvkQsXhGncGi53HaHGg1+l6w8cY0SmBSflxf+zjFRQFZd+QcfcalBTKldCodxA9Lc7kHr6IXycaYCWupqCtpwIi0zD2T/B89OeoWSqkg1Fw+cVUoJyyp+2F0z4nBVaz4eqS+URw3KCCjy4uKOYxQaokWz7FjBHyFYdbLpln79KDczS+d6N+soC6vtEN3HBRkhHYu12zCzgaM2bWpGYQArt4QsYkCyJP5Ih3qZU5iVi7WkSx7hg8Q4OpJMQzamSfBWMFZiicChn1wCBF15zA9oGb8PP5bYGD8BIB+rxfz3AxU1gUEohWgul2OccvduvvJH4jG4KNZHWzfA6b30Dn/HKn6wVfgFcVlquCN1/y4xm/5oz0bNwU27zUHJhqo5E42ydyZ4lpHUhm8WoKLplydkWQFlmuyFXM4Ye+sA7vAOsYfb6jzNH61kvudGvkWQdOydf5rVnmkJpmKIq7YR8pwDP4GxUqS5KtPnEME5SldFohCjVCiSWef8wetYeTEeKeW0OiX0/vRRcBp9cCn3xm2q3+1JgEi0GxGIILMdzGlUT5SHH9SDISOV7j4Nn94TqAlXrfFfzF+0sMTG1Z3Dk6W4qcxHsWnUtyiFifhyaMZI/bb8wPPHiSBScg7N4LTixpAhJTV+q3JgrAnb6DO3lDK3EJfOd38lM2fraq0IfyQ+lJL36ZyAjuqydp6ofMaJCM+r29/tyghXWPNM7WG5rM96tSpGkbMANBMCnIvb9jPcVTZwoahTSEe3V6PUx29/1Ub/Vg8JSKANNJ3mA7MsKcGCJ/wQIYufCWF0SOHPN8e6Hlit+FCE6G8BsTNAAHO3IeqMHGhMmB6XPblk6UDT9wAXUM0s/PGFiQYQymLGytYdd9PKzplV2ybnGRG7l6mRvyeQERYWaM4aSC1vZlWFwUJ6yVwIwKyU0DUMbnZtqSFE1eaMROb18xV6W/aOUl69skHzZ3vOupgkEK7hoQgHfAnzkfJ5S4kky9R5CrA3JadRFOHORDUq6OKEFo3soW4EeSTbLxFveOAgynIVkaNSXKQ4jDohw5G5q+QPiFGQShQcqCmLTjr+7Yuo4fi1gDYPxgC/XCdX20eA9U/98QZZhNyxBtj8MEWVW2NjGBka098ZkmSMvtfWE89OW8vi3yaNDEK0W6ASvUghs228vCu5uerGWzzg54eKp8k9UoBPLGMY7Nj5h3ilDRi3/PzxAbBqULRDt7qldMpFmKcihnZa8J5iR6vTu1EYSLNMRW9PEJ49VJGqwBiN541OOfjqKhznW5tIJZaTWs9Q35l2wCjJNx/3zwl+bHUmUYzd13MRXUDo1R76f5oWFiCelAsEo8Mlk+AY1sT/+j3mi1BD6t962HNiTC2YmrfxGmDrF4sVoJHgBsYa/0/0/C/AFXCfs7LgYaZGFDN021vsxIvj4GtAk8cFzj4chjLr3MBdqz/1zyr2Us5rllpqUHtfXmx0sbYFi2B0DQbEjYvv0HJQ/MMbmoOCbcROcUZ3Z7aQRNvUWdU5/SVdbnMo4Z2M36fjjBOvDOC/hWq5R543Olr+AT/XUvcz/1DV6x3Yom/fZKalbja1eb1OyYs7yN8QrsbUfiDYoByI1iUTZVFbJfqVYPqje+HKSXEKmapn0hhlrMc/X6OmHfnjXcZUOqbBq4jxnmNWtzOtxHlgbWcTE6+uUOLy5OQeR9qX1P1K162gvpAbY/kNpaepg6iIJl4v72M3axLlKDKJpIVGP8Jei9XZ8ZDkivYIhDUwiFuOj7GD8MRNTOkFjHiy6EvmbfeH+lcghtCY8Or6VIYaCKNjdAhTTCqIBKej9LjjQKhJDkV9wSBUcaqCOMHnHDG9VSHlUzadKcXOUwxSYYiBFCk9PWDugTPgArSk3a6VCdQKxHYnHvt2HEuXghMcNYZ1ePE2w6OSLUEQTeqr2cn/ZJtTLD92ZeJi5ylsAp0tymXIe4mhRlj0kIonKTo/LhaIxClsUR4R4iKkD96M0zejnCvngHM0dH6lriIL7v9ArL1T4r2W5IKraFQeC0dxf38WXCAroaLNldtCRheKV68ysT+1qD57rEmWKJbtMShtljHGaabg+4RELaNRv7mKdpqhQdAsDFOQjnGKwniIuCct3z/hFOd/GvQppB9bFcqvzF/E2EN+7A0TidijwPCwIjzUhkfq4VqvXa2zwK/K7x/1J70RvQrQVY+Dtw0PDjr9NTmt+VywmfE+dKbSbaAK6MuD6Gr2TCR/LYb1Dl4UCkHrbxEBQIZTUNqR4JkMt5SEk+PBrm15cYQzgG1AH1KC0A9MACVBHliNfKyju4SEbNioOPlDl1ZrTFM3izzdYfNVuSEGqU5O0Xo33
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427458",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "malware-sample",
|
|
|
|
"uuid": "56de9402-d2e4-42d7-887e-47b2950d210f",
|
|
|
|
"value": "80.exe|120add3ed0adada5851fb724442ff2b0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427458",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha1",
|
|
|
|
"uuid": "56de9402-93b4-4a0e-89c7-489f950d210f",
|
|
|
|
"value": "80.exe|fd87ca954e5feda6871ba1de8f9d5b73c43e0514"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427459",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|sha256",
|
|
|
|
"uuid": "56de9403-3b20-4dfb-ae3d-40a2950d210f",
|
|
|
|
"value": "80.exe|ffdf1e3927216c883ce298c02caf7e33960362a2a88268222431a0a8e5bd247f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427531",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56de944b-ea6c-45a0-bcf4-410d950d210f",
|
|
|
|
"value": "http://greetingsjamajcaff.com/80.exe?1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427532",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "56de944c-f9b0-42f5-b09e-41a6950d210f",
|
|
|
|
"value": "greetingsjamajcaff.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427532",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56de944c-6818-4355-ad25-40db950d210f",
|
|
|
|
"value": "http://greetingsjamajcaff.com/69.exe?1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427532",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "56de944c-3e78-4a48-a515-4346950d210f",
|
|
|
|
"value": "74.117.183.252"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427533",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "56de944d-843c-4d49-ae32-47f8950d210f",
|
|
|
|
"value": "104.168.62.235"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427533",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56de944d-6428-4f5b-961b-4318950d210f",
|
|
|
|
"value": "http://hellomisterbiznesqq.com/80.exe?1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427534",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "56de944e-7b2c-444f-97f7-4cc4950d210f",
|
|
|
|
"value": "hellomisterbiznesqq.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427534",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "56de944e-72c4-4a22-a91a-4c5e950d210f",
|
|
|
|
"value": "173.82.74.197"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Download location",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427534",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56de944e-415c-4250-a147-4d90950d210f",
|
|
|
|
"value": "http://hellomisterbiznesqq.com/69.exe?1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427741",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951d-b948-4c64-b07f-456302de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/ffdf1e3927216c883ce298c02caf7e33960362a2a88268222431a0a8e5bd247f/analysis/1457426001/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427741",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951d-71c8-431b-88a9-4ba202de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/7071874792a75eb165305abda81f20fd91beb9e8df5ee1b685da86ef0b73b2a7/analysis/1457423632/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427742",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951e-f954-4ff8-ab90-44e602de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/ff92eab905b6bedb42f587692623472f5ebe53e94150e609537bb736a398c8cd/analysis/1457389228/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427742",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951e-7a00-4143-a89c-4bd502de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/5ea724a0bffc3b1cc7e9f33440aa94e2008c30ee204c6dc3c9c27c5f6e2f3110/analysis/1457386741/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427742",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951e-f59c-48e8-b512-41b002de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/722a2dcca37a1d33c48a69bef17d2d39d88706a16d9dd641fcb1b839e14b9e6f/analysis/1457388298/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427743",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951f-5118-4c58-a81a-4ace02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/ed2089dcedc5e1fc2393fc1f6ab119e3ab39c50ef7424f12b2d71e9e9ff076a3/analysis/1457389743/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427743",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de951f-c738-4210-be8b-481e02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/8a1c5e44bbd75aa50fdb053cb25477be908ff19ce62327b55c65e93c77da47d9/analysis/1457393737/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427744",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de9520-5994-48c8-bc7b-4a2002de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/fad1ae0dd73a06b8b28f112b3d87103e2b8f10be754eb13d607d2266fca7bd63/analysis/1457395046/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427744",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de9520-cb68-4536-95a2-4a5902de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/27438a6606e3caff35f77fd890b72b4a3fe72ed64a57786936dc5a8a9763fee9/analysis/1457406093/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457427744",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56de9520-22ac-49ae-9050-438302de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/7c0ea0629ab795ce38f1f7260c0de24a50f3654dfe883b4c701777a016a7963e/analysis/1457404757/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "C&C",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457428297",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56de9749-5688-4031-b872-4505950d210f",
|
|
|
|
"value": "http://drcordoba.com/components/bstr.php"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "C&C",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457428297",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "56de9749-f670-439f-bdb8-4820950d210f",
|
|
|
|
"value": "drcordoba.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "C&C",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457428297",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "56de9749-c9fc-4a18-8a45-46fa950d210f",
|
|
|
|
"value": "50.62.125.1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Automatically added (via 80.exe|fd87ca954e5feda6871ba1de8f9d5b73c43e0514)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457428182",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|md5",
|
|
|
|
"uuid": "56de96d6-ca74-4c7c-be45-4713950d210f",
|
|
|
|
"value": "80.exe|120add3ed0adada5851fb724442ff2b0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Automatically added (via 69.exe|4f512da8ffba26271901e98009516321919d3f14)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457428176",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "filename|md5",
|
|
|
|
"uuid": "56de96d0-0078-419a-a752-40cc950d210f",
|
|
|
|
"value": "69.exe|abd9de04608716a6c9daface0535b788"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|