2023-04-21 13:25:09 +00:00
|
|
|
{
|
|
|
|
"Event": {
|
|
|
|
"analysis": "2",
|
|
|
|
"date": "2016-12-16",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "OSINT - PROMETHIUM and NEODYMIUM: Parallel zeroday attacks targeting individuals in Europe",
|
|
|
|
"publish_timestamp": "1481965187",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1481965172",
|
|
|
|
"uuid": "58539031-aa78-4da1-9289-487102de0b81",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:threat-actor=\"PROMETHIUM\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:threat-actor=\"NEODYMIUM\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#006262",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "ecsirt:malicious-code=\"malware\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#002b4a",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "osint:source-type=\"technical-report\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#00223b",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:microsoft-activity-group=\"PROMETHIUM\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:microsoft-activity-group=\"NEODYMIUM\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871453",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "vulnerability",
|
|
|
|
"uuid": "5853905d-4928-46d4-b210-41c102de0b81",
|
|
|
|
"value": "CVE-2016-4117"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871489",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "58539081-8128-43ed-8788-416002de0b81",
|
|
|
|
"value": "21a3862dfe21d6b216359c6baa3d3c2beb50c7a3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871489",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "58539081-56ac-408a-8216-4a0902de0b81",
|
|
|
|
"value": "0b16135d008f6952df0caca104449c33d736e5fc"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871490",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "58539082-1e00-49f3-abf3-411702de0b81",
|
|
|
|
"value": "0852aa6b8df78069d75fa2f09b53d4476cdd252b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871524",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a4-ef50-4aad-8ed4-443102de0b81",
|
|
|
|
"value": "05dbe59a7690e28ca295e0f939a0c1213cb42eb0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871524",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a4-1c90-412f-abbe-46dc02de0b81",
|
|
|
|
"value": "3c2c7ac8fddbc3ee25ce0f73f01e668855ccdb80"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871524",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a4-72d8-4ce8-80fe-41d902de0b81",
|
|
|
|
"value": "211a111586cb5914876adb929ccae736928d8363"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871525",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a5-0688-4cb5-be33-4a0702de0b81",
|
|
|
|
"value": "c972bf5751438c99fe3e02ecacf6fa759388c40e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871525",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a5-6f74-4410-847c-4fc302de0b81",
|
|
|
|
"value": "72722073f0adba1919dc31ffa26638555ad5867f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871525",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a5-24b0-4f30-9ca9-4f3b02de0b81",
|
|
|
|
"value": "2fb49455d65ad8baf18e3c604cd1b992b7ebbefa"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871525",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a5-5e24-4734-92f7-406d02de0b81",
|
|
|
|
"value": "f41b999f41312f2a0fe4eaf08e90824f73e0e186"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871526",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a6-4578-49fc-a09b-42e302de0b81",
|
|
|
|
"value": "d8d54574a082162220c3c2f3d3f4c1b1bd4d6255"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871526",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a6-c264-48a7-9321-4db202de0b81",
|
|
|
|
"value": "86580603f5e1d817af87e8bf3ba4dc4ea9e3069d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871526",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a6-fa5c-45f4-a560-494f02de0b81",
|
|
|
|
"value": "cb5d0d1d557a1266f77357a951358c78196e97ff"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871526",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a6-2c98-457d-a40b-42c402de0b81",
|
|
|
|
"value": "d75d12d250e7a36f9ef1173d630a0059b8ea5349"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871527",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a7-6588-493d-b875-4b4202de0b81",
|
|
|
|
"value": "a77db6e89d604eabf29a6114a30345a705b05107"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871527",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a7-7e3c-4018-a3e6-4ed502de0b81",
|
|
|
|
"value": "b32b0d52fff7c09c60bb64bc396dc7522a457399"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871527",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a7-3e68-43ef-b491-485e02de0b81",
|
|
|
|
"value": "ade19bde9716770bef84ce4414a45c0462c2eba2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871527",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a7-a39c-4b48-ac55-473302de0b81",
|
|
|
|
"value": "e4d82ab117b86fd44c02ff3289976d15a9d9ced4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871528",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a8-18e0-40c6-b563-4d4002de0b81",
|
|
|
|
"value": "88cb78d99fa0275db8123c17a2bd3b3d58f541da"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871528",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a8-9ecc-468c-b2ca-41ac02de0b81",
|
|
|
|
"value": "a248f9ad5d757d589a06a253dc46637f4128eea9"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871528",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390a8-5388-4043-80cb-4a1c02de0b81",
|
|
|
|
"value": "532b0d52fff7c09c60bb64bc396dc7522a457399"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871543",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390b7-1340-4e40-9d74-4df502de0b81",
|
|
|
|
"value": "srv601.ddns.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Wingbird",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871543",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390b7-9150-4e98-b4b4-44f902de0b81",
|
|
|
|
"value": "srv602.ddns.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871566",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390ce-a3ac-4c9e-8782-4aaf02de0b81",
|
|
|
|
"value": "980d96d83f0bae8132fd13eb7d0e799999141492"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871566",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390ce-e2c8-4feb-a41c-430c02de0b81",
|
|
|
|
"value": "7ab2d32b2603c2b12e814264230572584e157d42"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871566",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390ce-1428-49f4-ad6e-4efa02de0b81",
|
|
|
|
"value": "a4f72ee3d337e5a0db78f33fd31958b41e9e9d4f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871567",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390cf-8664-47c7-bf36-4d8202de0b81",
|
|
|
|
"value": "6de50cf42cd3ff8429a405e9c62d38c11fb2edd6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871567",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390cf-c15c-4c84-9bc5-45ce02de0b81",
|
|
|
|
"value": "8d847ea0ffa06b8d48bbd9c943c50b05b23d310b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871567",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390cf-f728-4204-bf18-4f3802de0b81",
|
|
|
|
"value": "7047ed9ae510377f4625db256e52af02694ef153"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871568",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "585390d0-6a08-4853-8df0-498902de0b81",
|
|
|
|
"value": "bb66c7d655021234ede01bc59e808c6b8f3fa91b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871599",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390ef-3858-4e86-b0c0-4cff02de0b81",
|
|
|
|
"value": "www.updatesync.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871599",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390ef-4a30-4d0f-a2a6-400502de0b81",
|
|
|
|
"value": "www.svnservices.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871599",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390ef-0774-45c4-befe-4fb202de0b81",
|
|
|
|
"value": "ftp.mynetenergy.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871600",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390f0-d98c-4528-a053-4bfc02de0b81",
|
|
|
|
"value": "www.windriversupport.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871600",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390f0-de28-4da3-84a0-4fb102de0b81",
|
|
|
|
"value": "www.truecrypte.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Truvasys",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871601",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"uuid": "585390f1-17d0-45c1-92a3-4a4402de0b81",
|
|
|
|
"value": "www.edicupd002.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: bb66c7d655021234ede01bc59e808c6b8f3fa91b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871622",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "58539106-92a8-4745-9c0a-4a5602de0b81",
|
|
|
|
"value": "15ededb19ec5ab6f03db1106d2ccdeeacacdb8cd708518d065cacb1b0d7e955d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: bb66c7d655021234ede01bc59e808c6b8f3fa91b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871622",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "58539106-8824-4570-b6c9-448502de0b81",
|
|
|
|
"value": "f680654dd3421941cd46d6875bd501a6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: bb66c7d655021234ede01bc59e808c6b8f3fa91b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871623",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "58539107-9978-4652-9132-46dc02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/15ededb19ec5ab6f03db1106d2ccdeeacacdb8cd708518d065cacb1b0d7e955d/analysis/1481869936/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7047ed9ae510377f4625db256e52af02694ef153",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871623",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "58539107-fac4-4b1e-b260-4ce402de0b81",
|
|
|
|
"value": "2f98ac11c78ad1b4c5c5c10a88857baf7af43acb9162e8077709db9d563bcf02"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7047ed9ae510377f4625db256e52af02694ef153",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871623",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "58539107-e068-4fdb-a005-405202de0b81",
|
|
|
|
"value": "2041cc8de9dab93b44434d7f748c63ad"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7047ed9ae510377f4625db256e52af02694ef153",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871623",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "58539107-e354-4d13-92a8-461202de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/2f98ac11c78ad1b4c5c5c10a88857baf7af43acb9162e8077709db9d563bcf02/analysis/1476225590/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 8d847ea0ffa06b8d48bbd9c943c50b05b23d310b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871624",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "58539108-4fa0-4c24-9d14-4f6b02de0b81",
|
|
|
|
"value": "e12031da58c0b08e8b610c3786ca2b66fcfea8ddc9ac558d08a29fd27e95a3e7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 8d847ea0ffa06b8d48bbd9c943c50b05b23d310b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871624",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "58539108-5080-48ac-9474-4ac802de0b81",
|
|
|
|
"value": "b31ea9acb9d35d9631e316a93a723ec6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 8d847ea0ffa06b8d48bbd9c943c50b05b23d310b",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871624",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "58539108-9f40-41a0-a730-406502de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/e12031da58c0b08e8b610c3786ca2b66fcfea8ddc9ac558d08a29fd27e95a3e7/analysis/1481869015/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 6de50cf42cd3ff8429a405e9c62d38c11fb2edd6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871624",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "58539108-2aa4-424f-8ac9-4eae02de0b81",
|
|
|
|
"value": "dbd8cbbaf59d19cf7566042945e36409cd090bc711e339d3f2ec652bc26d6a03"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 6de50cf42cd3ff8429a405e9c62d38c11fb2edd6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871624",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "58539108-22bc-497d-8cd2-433102de0b81",
|
|
|
|
"value": "c43accf1c69c3020583aa587924ac9a5"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 6de50cf42cd3ff8429a405e9c62d38c11fb2edd6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871625",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "58539109-f4c0-442a-8cbe-401502de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/dbd8cbbaf59d19cf7566042945e36409cd090bc711e339d3f2ec652bc26d6a03/analysis/1481833653/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: a4f72ee3d337e5a0db78f33fd31958b41e9e9d4f",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871625",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "58539109-0c7c-4505-bd31-43e902de0b81",
|
|
|
|
"value": "a8b7e3edaa18c6127e98741503c3a2a66b7720d2abd967c94b8a5f2e99575ac5"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: a4f72ee3d337e5a0db78f33fd31958b41e9e9d4f",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871625",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "58539109-0218-4b25-a54f-42e802de0b81",
|
|
|
|
"value": "9a313b0c9f9fe6636826d57eed48f9af"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: a4f72ee3d337e5a0db78f33fd31958b41e9e9d4f",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871625",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "58539109-dfa8-4107-ac61-4ea802de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/a8b7e3edaa18c6127e98741503c3a2a66b7720d2abd967c94b8a5f2e99575ac5/analysis/1481807924/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7ab2d32b2603c2b12e814264230572584e157d42",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871626",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5853910a-af4c-4b6e-aa08-42fc02de0b81",
|
|
|
|
"value": "1aef507c385a234e8b10db12852ad1bd66a04730451547b2dcb26f7fae16e01f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7ab2d32b2603c2b12e814264230572584e157d42",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871626",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5853910a-6c60-4379-9dc3-4ce302de0b81",
|
|
|
|
"value": "85b60957872f7e03089ef7c758020e61"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Truvasys - Xchecked via VT: 7ab2d32b2603c2b12e814264230572584e157d42",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871626",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5853910a-7d90-48b9-bee5-41c902de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/1aef507c385a234e8b10db12852ad1bd66a04730451547b2dcb26f7fae16e01f/analysis/1468402677/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 0b16135d008f6952df0caca104449c33d736e5fc",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871626",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5853910a-36b0-4240-8fff-4d0902de0b81",
|
|
|
|
"value": "3ce407b441b324142e9f2cd2a5aad8eab1a73f772df0155f362d9ba9f5cb1da8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 0b16135d008f6952df0caca104449c33d736e5fc",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871627",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5853910b-3f30-4146-bbc8-4e5902de0b81",
|
|
|
|
"value": "aaf90c9cf2a35fa1f56e0d0338173d2b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 0b16135d008f6952df0caca104449c33d736e5fc",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871627",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5853910b-20b8-46f6-9bb7-4c9202de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/3ce407b441b324142e9f2cd2a5aad8eab1a73f772df0155f362d9ba9f5cb1da8/analysis/1481807923/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 21a3862dfe21d6b216359c6baa3d3c2beb50c7a3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871627",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5853910b-f2e0-475a-9799-4ead02de0b81",
|
|
|
|
"value": "b488eea412b121d77b5d27d51888485bb640f8c61da8fa3140bd734b315d6ad2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 21a3862dfe21d6b216359c6baa3d3c2beb50c7a3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871627",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5853910b-bf10-4200-8856-4b6602de0b81",
|
|
|
|
"value": "50f77cd868f6804e9a3bd1b0745ba36c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Malicious document - Xchecked via VT: 21a3862dfe21d6b216359c6baa3d3c2beb50c7a3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871627",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5853910b-3d00-4dcf-a1b6-4c4202de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/b488eea412b121d77b5d27d51888485bb640f8c61da8fa3140bd734b315d6ad2/analysis/1481806086/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"data": "JVBERi0xLjUNCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFIvTGFuZyhlbi1VUykgL1N0cnVjdFRyZWVSb290IDEzMTggMCBSL091dGxpbmVzIDEyMjQgMCBSL01hcmtJbmZvPDwvTWFya2VkIHRydWU+Pi9NZXRhZGF0YSAxMTQ2MiAwIFIvVmlld2VyUHJlZmVyZW5jZXMgMTE0NjMgMCBSPj4NCmVuZG9iag0KMiAwIG9iag0KPDwvVHlwZS9QYWdlcy9Db3VudCAxODAvS2lkc1sgMyAwIFIgMTMgMCBSIDE0IDAgUiAyMyAwIFIgMzEgMCBSIDM0IDAgUiAzNSAwIFIgNDEgMCBSIDQzIDAgUiA0NCAwIFIgNDUgMCBSIDQ3IDAgUiA0OCAwIFIgNTIgMCBSIDUzIDAgUiA1NCAwIFIgNTUgMCBSIDU3IDAgUiA1OCAwIFIgNTkgMCBSIDYwIDAgUiA2MiAwIFIgNjMgMCBSIDY0IDAgUiA2NSAwIFIgNjYgMCBSIDY3IDAgUiA2OCAwIFIgNjkgMCBSIDcwIDAgUiA3MiAwIFIgNzUgMCBSIDc3IDAgUiA3OSAwIFIgODAgMCBSIDgxIDAgUiA4MiAwIFIgODMgMCBSIDg0IDAgUiA4NiAwIFIgODcgMCBSIDg4IDAgUiA5MSAwIFIgOTIgMCBSIDkzIDAgUiA5NiAwIFIgOTcgMCBSIDk4IDAgUiA5OSAwIFIgMTAwIDAgUiAxMDEgMCBSIDEwMyAwIFIgMTA0IDAgUiAxMDcgMCBSIDEwOSAwIFIgMTEwIDAgUiAxMTIgMCBSIDExNCAwIFIgMTE1IDAgUiAxMTggMCBSIDExOSAwIFIgMTIxIDAgUiAxMjIgMCBSIDEyNCAwIFIgMTI2IDAgUiAxMjcgMCBSIDEyOCAwIFIgMTMxIDAgUiAxMzIgMCBSIDEzNCAwIFIgMTM1IDAgUiAxMzcgMCBSIDEzOSAwIFIgMTQwIDAgUiAxNDIgMCBSIDE0NCAwIFIgMTQ2IDAgUiAxNDcgMCBSIDE0OCAwIFIgMTQ5IDAgUiAxNTAgMCBSIDE1MiAwIFIgMTUzIDAgUiAxNTYgMCBSIDE1NyAwIFIgMTU4IDAgUiAxNTkgMCBSIDE2MCAwIFIgMTYxIDAgUiAxNjIgMCBSIDE2MyAwIFIgMTY1IDAgUiAxNjYgMCBSIDE2NyAwIFIgMTY4IDAgUiAxNzAgMCBSIDE3MSAwIFIgMTcyIDAgUiAxNzMgMCBSIDE3NCAwIFIgMTc1IDAgUiAxNzYgMCBSIDE3OCAwIFIgMTc5IDAgUiAxODAgMCBSIDE4MSAwIFIgMTgyIDAgUiAxODQgMCBSIDE4NSAwIFIgMTg2IDAgUiAxODcgMCBSIDE4OSAwIFIgMTkwIDAgUiAxOTEgMCBSIDE5MyAwIFIgMTk0IDAgUiAxOTUgMCBSIDE5NiAwIFIgMTk3IDAgUiAxOTkgMCBSIDIwMCAwIFIgMjAyIDAgUiAyMDQgMCBSIDIwNSAwIFIgMjA2IDAgUiAyMDcgMCBSIDIwOSAwIFIgMjEwIDAgUiAyMTEgMCBSIDIxMyAwIFIgMjE0IDAgUiAyMTUgMCBSIDIxNyAwIFIgMjIwIDAgUiAyMjIgMCBSIDIyMyAwIFIgMjI0IDAgUiAyMjYgMCBSIDIyNyAwIFIgMjI5IDAgUiAyMzAgMCBSIDIzMSAwIFIgMjMyIDAgUiAyMzQgMCBSIDIzNSAwIFIgMjM3IDAgUiAyMzggMCBSIDI0MCAwIFIgMjQxIDAgUiAyNDIgMCBSIDI0NCAwIFIgMjQ1IDAgUiAyNDYgMCBSIDI0NyAwIFIgMjQ4IDAgUiAyNTAgMCBSIDI1MSAwIFIgMjUyIDAgUiAyNTMgMCBSIDI1NCAwIFIgMjU1IDAgUiAyNTYgMCBSIDI1NyAwIFIgMjU4IDAgUiAyNTkgMCBSIDI2MSAwIFIgMjYyIDAgUiAyNjMgMCBSIDI2NCAwIFIgMjY1IDAgUiAyNjYgMCBSIDI2NyAwIFIgMTIwOSAwIFIgMTIxMSAwIFIgMTIxMyAwIFIgMTIxNSAwIFIgMTIxNyAwIFIgMTIxOSAwIFIgMTIyMSAwIFIgMTIyMiAwIFJdID4+DQplbmRvYmoNCjMgMCBvYmoNCjw8L1R5cGUvUGFnZS9QYXJlbnQgMiAwIFIvUmVzb3VyY2VzPDwvWE9iamVjdDw8L0ltYWdlNSA1IDAgUi9NZXRhNyA3IDAgUj4+L0V4dEdTdGF0ZTw8L0dTNiA2IDAgUi9HUzEwIDEwIDAgUj4+L0ZvbnQ8PC9GMSA4IDAgUi9GMiAxMSAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4vTWVkaWFCb3hbIDAgMCA2MTIgNzkyXSAvQ29udGVudHMgNCAwIFIvR3JvdXA8PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+L1RhYnMvUy9TdHJ1Y3RQYXJlbnRzIDA+Pg0KZW5kb2JqDQo0IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDU5Nz4+DQpzdHJlYW0NCnicrZRNT9tAEIbvlvwf5mijZr2zO7Z3JYTEd4kUCUrUHhAHN2xCJGJTszkg9ceza4eS4rioJDlF4/E+zzs7CSSXsL+fjI4vToAfHMDRyTEk59cZzJ7C4FcYcOCMc45KIkKGAnItoDZh8GMPyjDwFdfSVF9bheA5TBZhkFwsiplJ4aSCqzCA09ExwBoON+H8Ce5DJNvTBBHSBrBgHLVs2JyR0CoDkq5JakZpSx8ZW+Qr+B9GY5Ec1nY+LSbWuxxaW0zuzR3cJOPq8TYZPz+a5LKYzcvCzqsyuV7+tL701RR3pl45v6nqZgJdwaOxo54hIDJOMJ6GATa2CIMsZ2kGueJMZjBe+KOkCzlrNJE3nm3pPAxuIohvYTwMg1N34tX6lPrQVx/EPKqsrRb9Sc+qyn4iqXofVLsXBYF0E1CrnEja52y/bJdufZXEmuy/96Z5rMkpujtAqL0MENdMN82oNJNp0z/d28ySO1iB1WRyrjor0H/xHRPanUmmJUvVf5k4akpAqFmqQWrl54Y5d4N8467bpm+2H77X+gog9ZdshkxA6n/ieaOKXhNbxdF8UldP1dTCtZks67l97izWZ7GE7t9G9oG7C7xVPMqJ5bpDuSiteXiYz0w5MfDNPFa13V0+oT2yh/zRFmafuFek93vYZpfC7VzH4Hv1EKfRchEPRGRiikDEA4oQYhX9hmFRLgtXrLe4764O+llQn9AWV74JlTOt+lA2Rh7d19Vydr9TqhA5y3QfdbgsY0Q37IGMvsTST5wijtlODVTGqNfgXdjXxXsBm6jGTQ0KZW5kc3RyZWFtDQplbmRvYmoNCjUgMCBvYmoNCjw8L1R5cGUvWE9iamVjdC9TdWJ0eXBlL0ltYWdlL1dpZHRoIDgxNi9IZWlnaHQgMTA1Ni9Db2xvclNwYWNlL0RldmljZVJHQi9CaXRzUGVyQ29tcG9uZW50IDgvRmlsdGVyL0RDVERlY29kZS9JbnRlcnBvbGF0ZSB0cnVlL0xlbmd0aCA3NTczODA+Pg0Kc3RyZWFtDQr/2P/gABBKRklGAAEBAQBgAGAAAP/hBYRFeGlmAABNTQAqAAAACAATAP4ABAAAAAEAAAAAAQAAAwAAAAEJNwAAAQEAAwAAAAEOEAAAAQIAAwAAAAQAAADyAQMAAwAAAAEABQAAAQYAAwAAAAEABQAAAQ8AAgAAAAYAAAD6ARAAAgAAABYAAAEAAREABAAAAIYAAAEWARUAAwAAAAEABAAAARYAAwAAAAEAGwAAARcABAAAAIYAAAMuARoABQAAAAEAAAVGARsABQAAAAEAAAVOARwAAwAAAAEAAQAAASgAAwAAAAEAAgAAATEAAgAAABEAAAVWATIAAgAAABQAAAVoAT0AAwAAAAEAAgAAAAAAAA
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481871719",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "attachment",
|
|
|
|
"uuid": "58539167-e790-4e4c-9363-4cce02de0b81",
|
|
|
|
"value": "Microsoft_Security_Intelligence_Report_Volume_21_English.pdf"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1481965172",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5854fe74-7f0c-4b2a-b258-4a0b950d210f",
|
|
|
|
"value": "https://blogs.technet.microsoft.com/mmpc/2016/12/14/twin-zero-day-attacks-promethium-and-neodymium-target-individuals-in-europe/"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|