misp-circl-feed/feeds/circl/misp/59f6f4a5-0e10-4c36-9c71-5690c25ed030.json

733 lines
27 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2017-10-30",
"extends_uuid": "",
"info": "Evasive Sage 2.2 Ransomware",
"publish_timestamp": "1570571105",
"published": true,
"threat_level_id": "3",
"timestamp": "1569244530",
"uuid": "59f6f4a5-0e10-4c36-9c71-5690c25ed030",
"Orgc": {
"name": "CERT-RLP",
"uuid": "593798b3-3924-4c43-9742-0d9fc25ed030"
},
"Tag": [
{
"colour": "#ffffff",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "tlp:white",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#002b4a",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:source-type=\"technical-report\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#004646",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#2c4f00",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "malware_classification:malware-category=\"Ransomware\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0088cc",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "misp-galaxy:ransomware=\"Sage 2.2\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060614",
"to_ids": false,
"type": "link",
"uuid": "59f6f515-043c-4947-8052-568dc25ed030",
"value": "http://blog.fortinet.com/2017/10/29/evasive-sage-2-2-ransomware-variant-targets-more-countries"
},
{
"category": "Network activity",
"comment": "download URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "url",
"uuid": "5a002e66-0924-4cc1-ba34-4d2c950d210f",
"value": "http://sutranjsdf.info/1"
},
{
"category": "Network activity",
"comment": "download URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "url",
"uuid": "5a002e66-2624-4b10-9db5-420a950d210f",
"value": "http://xxxkeyoplw.top/2"
},
{
"category": "Network activity",
"comment": "download URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "url",
"uuid": "5a002e66-874c-4c64-a1a3-4d2d950d210f",
"value": "http://johnmoplan.top/1.txt"
},
{
"category": "Network activity",
"comment": "download URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "url",
"uuid": "5a002e66-e384-4470-9a48-49d5950d210f",
"value": "http://indiasoujapa.info/7"
},
{
"category": "Network activity",
"comment": "download URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "url",
"uuid": "5a002e66-935c-4180-8284-4b63950d210f",
"value": "http://mondayyesha.info/7"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-0bf4-4910-8082-48b5950d210f",
"value": "00f1e3b698488519bb6e5f723854ee89eb9f98bdfa4a7fe5137804f79829838e"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-3040-4e33-bc00-4530950d210f",
"value": "0eb72241462c8bfda3ece4e6ebbde88778a33d8c69ce1e22153a3ed8cf47cc17"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-635c-4359-a94d-4c28950d210f",
"value": "2b0b7c732177a0dd8f4e9c153b1975bbc29eef673c8d1b4665312b8f1b3fb114"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-6610-4fa9-8f2a-41bc950d210f",
"value": "43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-681c-4eb7-9d01-4499950d210f",
"value": "47a67a6fb50097491fd5ebad5e81b19bda303ececc6a83281eddbd6bd508b783"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-a3f8-450d-ac12-4783950d210f",
"value": "5b7d2b261f29ddef9fda21061362729a9417b8ef2874cc9a2a3495181fc466d0"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-f914-4587-a4c7-407d950d210f",
"value": "a14ee6e8d2baa577a181cd0bb0e5c2c833a4de972f2679ca3a9e410d5de97d7e"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-da2c-4cd1-9d67-4bec950d210f",
"value": "b381d871fcb6c16317a068be01a7cb147960419995e8068db4e9b11ea2087457"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-a744-4583-b461-462d950d210f",
"value": "bbc0e8981bfca4891d99eab5195cc1f158471b90b21d1a3f1abc0ee05bf60e93"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-9798-4245-a328-4f08950d210f",
"value": "cb6b6941ec104ab125a7d42cfe560cd9946ca4d5b1d1a8d5beb6b6ceb083bb29"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-8a44-4657-844e-4ff3950d210f",
"value": "df64fcde1c38aa2a0696fc11eb6ca7489aa861d64bbe4e59e44d83ff92734005"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-0888-4dc2-995f-461a950d210f",
"value": "eff34c229bc82823a8d31af8fc0b3baac4ebe626d15511dcd0832e455bed1765"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-db50-4692-aa75-41b2950d210f",
"value": "f5f875061c9aa07a7d55c37f28b34d84e49d5d97bd66de48f74869cb984bcb61"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-8064-4962-8e89-4248950d210f",
"value": "f93c77fd1c3ee16a28ef390d71f2c0af95f5bfc8ec4fe98b1d1352aeb77323e7"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.DMBP!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-4e7c-4224-9ae2-4219950d210f",
"value": "903b0e894ec0583ada12e647ac3bcb3433d37dc440e7613e141c03f545fd0ddd"
},
{
"category": "Payload delivery",
"comment": "W32/GenKryptik.AZLB!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-b67c-4fc0-930c-4b88950d210f",
"value": "c4e208618d13f11d4a9ed6efb805943debe3bee0581eeebe22254a2b3a259b29"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha256",
"uuid": "5a002f24-5310-4e69-9e0c-45a4950d210f",
"value": "e0a9b6d54ab277e6d4b411d776b130624eac7f7a40affb67c544cc1414e22b19"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: e0a9b6d54ab277e6d4b411d776b130624eac7f7a40affb67c544cc1414e22b19",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-4698-4534-994b-0d3302de0b81",
"value": "b93039baa64a21ed90457a80a636a9e5c56f1a00"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: e0a9b6d54ab277e6d4b411d776b130624eac7f7a40affb67c544cc1414e22b19",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-e2bc-4bc2-8db6-0d3302de0b81",
"value": "42550d2c763c023869aebe866ede77e9"
},
{
"category": "External analysis",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: e0a9b6d54ab277e6d4b411d776b130624eac7f7a40affb67c544cc1414e22b19",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-4c64-4243-aed8-0d3302de0b81",
"value": "https://www.virustotal.com/file/e0a9b6d54ab277e6d4b411d776b130624eac7f7a40affb67c544cc1414e22b19/analysis/1510019719/"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.DMBP!tr - Xchecked via VT: 903b0e894ec0583ada12e647ac3bcb3433d37dc440e7613e141c03f545fd0ddd",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-56f4-4ce5-a856-0d3302de0b81",
"value": "ee88d90a47dc738ea2e505b3e226e129c70c939a"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.DMBP!tr - Xchecked via VT: 903b0e894ec0583ada12e647ac3bcb3433d37dc440e7613e141c03f545fd0ddd",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-5750-42d7-b685-0d3302de0b81",
"value": "b3a5732c4a3bfe4781a2a5d93111b99d"
},
{
"category": "External analysis",
"comment": "W32/Kryptik.DMBP!tr - Xchecked via VT: 903b0e894ec0583ada12e647ac3bcb3433d37dc440e7613e141c03f545fd0ddd",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-bd24-4446-83c4-0d3302de0b81",
"value": "https://www.virustotal.com/file/903b0e894ec0583ada12e647ac3bcb3433d37dc440e7613e141c03f545fd0ddd/analysis/1509780134/"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: f93c77fd1c3ee16a28ef390d71f2c0af95f5bfc8ec4fe98b1d1352aeb77323e7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-2b64-4301-a912-0d3302de0b81",
"value": "feeae3fddb606fa45cbcf6b0b2c12fd4cf785113"
},
{
"category": "Payload delivery",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: f93c77fd1c3ee16a28ef390d71f2c0af95f5bfc8ec4fe98b1d1352aeb77323e7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-6eac-4ad9-9ed4-0d3302de0b81",
"value": "f7432080c1f41af950a86655a6af6833"
},
{
"category": "External analysis",
"comment": "W32/Kryptik.FXNL!tr - Xchecked via VT: f93c77fd1c3ee16a28ef390d71f2c0af95f5bfc8ec4fe98b1d1352aeb77323e7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-d9a8-4623-8093-0d3302de0b81",
"value": "https://www.virustotal.com/file/f93c77fd1c3ee16a28ef390d71f2c0af95f5bfc8ec4fe98b1d1352aeb77323e7/analysis/1510020302/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: f5f875061c9aa07a7d55c37f28b34d84e49d5d97bd66de48f74869cb984bcb61",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-6314-4f76-966e-0d3302de0b81",
"value": "2a5035826371551552287ee2713906dba65ce3d3"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: f5f875061c9aa07a7d55c37f28b34d84e49d5d97bd66de48f74869cb984bcb61",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-0fd4-43c8-8b1c-0d3302de0b81",
"value": "5cb7852dff9d0a6ffae7be5097ec14fd"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: f5f875061c9aa07a7d55c37f28b34d84e49d5d97bd66de48f74869cb984bcb61",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-fa04-4911-8b0e-0d3302de0b81",
"value": "https://www.virustotal.com/file/f5f875061c9aa07a7d55c37f28b34d84e49d5d97bd66de48f74869cb984bcb61/analysis/1510019822/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: eff34c229bc82823a8d31af8fc0b3baac4ebe626d15511dcd0832e455bed1765",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-ad70-4630-b11f-0d3302de0b81",
"value": "377dc00f646b7c871c62efa7b84d0fbb54095e93"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: eff34c229bc82823a8d31af8fc0b3baac4ebe626d15511dcd0832e455bed1765",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-f12c-45af-aa87-0d3302de0b81",
"value": "cf707cb91b8e6a3fd076c3ac0fbe7b89"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: eff34c229bc82823a8d31af8fc0b3baac4ebe626d15511dcd0832e455bed1765",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-8ad0-4725-921c-0d3302de0b81",
"value": "https://www.virustotal.com/file/eff34c229bc82823a8d31af8fc0b3baac4ebe626d15511dcd0832e455bed1765/analysis/1510020158/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: df64fcde1c38aa2a0696fc11eb6ca7489aa861d64bbe4e59e44d83ff92734005",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-12d4-49cd-abad-0d3302de0b81",
"value": "ec046b0d74e2b245f1d2ae4cce5e4a4a47263c31"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: df64fcde1c38aa2a0696fc11eb6ca7489aa861d64bbe4e59e44d83ff92734005",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-e968-4459-b1ab-0d3302de0b81",
"value": "6916c7e84a54c0d6960d716b8e8bffd2"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: df64fcde1c38aa2a0696fc11eb6ca7489aa861d64bbe4e59e44d83ff92734005",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-2180-4c50-a3a3-0d3302de0b81",
"value": "https://www.virustotal.com/file/df64fcde1c38aa2a0696fc11eb6ca7489aa861d64bbe4e59e44d83ff92734005/analysis/1510019848/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: cb6b6941ec104ab125a7d42cfe560cd9946ca4d5b1d1a8d5beb6b6ceb083bb29",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-ae84-4c02-bbb3-0d3302de0b81",
"value": "640aeed9a8d88f35affd46c23374620edaa58e3e"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: cb6b6941ec104ab125a7d42cfe560cd9946ca4d5b1d1a8d5beb6b6ceb083bb29",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-30d4-471b-ac42-0d3302de0b81",
"value": "35c73da756c08dbcfba4cecb1bf93830"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: cb6b6941ec104ab125a7d42cfe560cd9946ca4d5b1d1a8d5beb6b6ceb083bb29",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-4d0c-47f9-a482-0d3302de0b81",
"value": "https://www.virustotal.com/file/cb6b6941ec104ab125a7d42cfe560cd9946ca4d5b1d1a8d5beb6b6ceb083bb29/analysis/1509779839/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: b381d871fcb6c16317a068be01a7cb147960419995e8068db4e9b11ea2087457",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-875c-474a-acec-0d3302de0b81",
"value": "d2200be3ec8510dd529531058e2e24e164809e72"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: b381d871fcb6c16317a068be01a7cb147960419995e8068db4e9b11ea2087457",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-355c-49e7-a274-0d3302de0b81",
"value": "4d8a0e28d39d34a97bc8f0470a26073f"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: b381d871fcb6c16317a068be01a7cb147960419995e8068db4e9b11ea2087457",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-a468-4fdd-83f6-0d3302de0b81",
"value": "https://www.virustotal.com/file/b381d871fcb6c16317a068be01a7cb147960419995e8068db4e9b11ea2087457/analysis/1510019749/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: a14ee6e8d2baa577a181cd0bb0e5c2c833a4de972f2679ca3a9e410d5de97d7e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-8118-44b5-bae8-0d3302de0b81",
"value": "c8a6ce85af6442b8d7202abd1023a90e24f782f9"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: a14ee6e8d2baa577a181cd0bb0e5c2c833a4de972f2679ca3a9e410d5de97d7e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-78fc-48d5-822c-0d3302de0b81",
"value": "9b224075f4a4366beb66cabbc18b7137"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: a14ee6e8d2baa577a181cd0bb0e5c2c833a4de972f2679ca3a9e410d5de97d7e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-bb2c-41fe-9282-0d3302de0b81",
"value": "https://www.virustotal.com/file/a14ee6e8d2baa577a181cd0bb0e5c2c833a4de972f2679ca3a9e410d5de97d7e/analysis/1510020027/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 5b7d2b261f29ddef9fda21061362729a9417b8ef2874cc9a2a3495181fc466d0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-73c0-47c4-b479-0d3302de0b81",
"value": "87a1603e8f9a1f5193932fd3f74a4a740b2e68e3"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 5b7d2b261f29ddef9fda21061362729a9417b8ef2874cc9a2a3495181fc466d0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b247-9c80-40b2-a921-0d3302de0b81",
"value": "aedd0bf1d7b94b163827aec2f4c64d15"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 5b7d2b261f29ddef9fda21061362729a9417b8ef2874cc9a2a3495181fc466d0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": false,
"type": "link",
"uuid": "5a01b247-6cf8-4d12-aae2-0d3302de0b81",
"value": "https://www.virustotal.com/file/5b7d2b261f29ddef9fda21061362729a9417b8ef2874cc9a2a3495181fc466d0/analysis/1509779516/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b247-adac-4729-a3ff-0d3302de0b81",
"value": "b8dd2eb66f33c895883ec2d20e411d3287ba8e33"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060615",
"to_ids": true,
"type": "md5",
"uuid": "5a01b248-59d0-49ca-a977-0d3302de0b81",
"value": "568f85f776c9cd061f56b7f4393b2eb5"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": false,
"type": "link",
"uuid": "5a01b248-4658-4e34-bfe5-0d3302de0b81",
"value": "https://www.virustotal.com/file/43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83/analysis/1509779455/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 2b0b7c732177a0dd8f4e9c153b1975bbc29eef673c8d1b4665312b8f1b3fb114",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b248-4870-4f78-8a6d-0d3302de0b81",
"value": "12c96f09d25cd6349d6e2395699dcae9be80401a"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 2b0b7c732177a0dd8f4e9c153b1975bbc29eef673c8d1b4665312b8f1b3fb114",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": true,
"type": "md5",
"uuid": "5a01b248-3460-44db-917b-0d3302de0b81",
"value": "94f37e6331d1d9172034fbdc27b447a6"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 2b0b7c732177a0dd8f4e9c153b1975bbc29eef673c8d1b4665312b8f1b3fb114",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": false,
"type": "link",
"uuid": "5a01b248-8b0c-4301-9503-0d3302de0b81",
"value": "https://www.virustotal.com/file/2b0b7c732177a0dd8f4e9c153b1975bbc29eef673c8d1b4665312b8f1b3fb114/analysis/1510019973/"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 0eb72241462c8bfda3ece4e6ebbde88778a33d8c69ce1e22153a3ed8cf47cc17",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": true,
"type": "sha1",
"uuid": "5a01b248-76b0-48e0-9e28-0d3302de0b81",
"value": "d103a0032b7847a405f65d98af0a6c56c1622f67"
},
{
"category": "Payload delivery",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 0eb72241462c8bfda3ece4e6ebbde88778a33d8c69ce1e22153a3ed8cf47cc17",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": true,
"type": "md5",
"uuid": "5a01b248-08d4-44de-97f1-0d3302de0b81",
"value": "ce9b4fe0e4053369f1a172a9838ad8b8"
},
{
"category": "External analysis",
"comment": "W32/Sage.KAD!tr - Xchecked via VT: 0eb72241462c8bfda3ece4e6ebbde88778a33d8c69ce1e22153a3ed8cf47cc17",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510060616",
"to_ids": false,
"type": "link",
"uuid": "5a01b248-7488-419b-bd1d-0d3302de0b81",
"value": "https://www.virustotal.com/file/0eb72241462c8bfda3ece4e6ebbde88778a33d8c69ce1e22153a3ed8cf47cc17/analysis/1510020155/"
}
]
}
}