2023-04-21 13:25:09 +00:00
{
"Event" : {
"analysis" : "2" ,
"date" : "2022-08-18" ,
"extends_uuid" : "" ,
"info" : "OSINT - Reservations Requested: TA558 Targets Hospitality and Travel" ,
"publish_timestamp" : "1661327199" ,
"published" : true ,
"threat_level_id" : "2" ,
"timestamp" : "1661327170" ,
"uuid" : "e7ba6328-3c18-4578-a7c2-96a151170246" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#004646" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "type:OSINT" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0071c3" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "osint:lifetime=\"perpetual\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0087e8" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "osint:certainty=\"50\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#ffffff" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "tlp:white" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0088cc" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:region=\"005 - South America\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0088cc" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:target-information=\"Mexico\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0088cc" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:threat-actor=\"TA558\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
}
] ,
"Attribute" : [
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "4008c754-2dc9-43e1-9270-91d20eff4eed" ,
"value" : "warzonecdt.duckdns.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "b64ed2cf-929c-454b-b78f-4394e6224d02" ,
"value" : "system11.sslblindado.com"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "c1cf733a-b313-4eaf-a6c8-7c6943cb0cb7" ,
"value" : "successfully.hopto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5f91f381-5018-4ece-8714-c5262aa45d34" ,
"value" : "success20.hopto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "dc1cb63b-e198-4a98-a538-0db4257acfd0" ,
"value" : "quedabesouro.ddns.net"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "80a5abf2-985c-427f-9303-7a576c98f5b3" ,
"value" : "queda212.duckdns.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "b8c2bfbf-d9fe-4b8e-8559-9db5fde85160" ,
"value" : "passagensv.sslblindado.com"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "621b1550-a05b-46fb-a8ef-24f602d8b2b2" ,
"value" : "msin.hopto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "dd383eb5-4b43-4e56-883c-ab6a759b82ab" ,
"value" : "microsofft.sslblindado.com"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "9120e461-179d-437a-9ad7-c20c3a893619" ,
"value" : "googledrives.ddns.net"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "368fe61d-d39d-4dd9-b1a9-51214d7d68c2" ,
"value" : "firefoxsystem.sytes.net"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "100cdf20-c229-43e1-a55b-5074d5cb90aa" ,
"value" : "cdtpitbull.hopto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "628b8bd9-ea2f-4c0c-810a-35269746dfc9" ,
"value" : "cdt2021.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "679581be-827b-4ddd-ba3b-0582bb9fdca1" ,
"value" : "4success.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "c92bb92b-136d-42f7-baa9-04730fb29b3e" ,
"value" : "3030pp.hopto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "e229e6bb-fb66-4682-80fe-f6988858c55b" ,
"value" : "111234cdt.ddns.net"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "40a458f9-235c-4589-858e-401a7ff8e8f0" ,
"value" : "quickbooks@unimed-corporated.com"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "3f682801-330f-4561-91e6-406ba24048e0" ,
"value" : "maringa.turismo@system11.com.br"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "d956761d-c690-4ba0-985e-f0681df99701" ,
"value" : "financeiro@unimed-corporated.com"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "736ae39c-2800-45cd-b998-6b1a15fb5d57" ,
"value" : "contato@155hotel.com.br"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "e20ff3b6-870b-43d0-8ba4-42e7f3859178" ,
"value" : "http://maringareservas.com.br/seila.rtf"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "23fee22b-8f6a-4d73-b101-9097a98c87e0" ,
"value" : "http://hypemediardf.com.pl/css/css.doc"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "6342d829-3ce8-48c3-b100-c5600260b82d" ,
"value" : "http://corporated.com/tur/turismo.jpg"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "129297ea-88a4-47cd-a071-39895efede47" ,
"value" : "http://corporated.com/microsoft.txt"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "b3ed619c-782e-47ce-8ca1-5dbefad1e733" ,
"value" : "http://cdtmaster.com.br/DadosDaReserva.doc"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "7a6586bf-59bd-444f-81d8-26229926b154" ,
"value" : "38.132.101.45"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "ce4d7592-d674-4d07-b393-0fa36cedfc3a" ,
"value" : "c2b817b02e56624c8ed7944e76a3896556dc2b7482f747f4be88f95e232f9207"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "60860d22-7a36-48ce-ba4a-613ecb58691a" ,
"value" : "b57a9f7321216c3410ebcc9d4b09e73a652dee9e750f96b2f6d7d1e39e2923d6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "c2d832d4-fa8e-41f4-8234-4081996997e5" ,
"value" : "7dc70d023b2ee5a941edd925999bb6864343b11758c7dc18309416f2947ddb6e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "51a5665b-fbef-4e5c-b5e7-6ffde7bf1045" ,
"value" : "796c02729c9cd5d37976ddae205226e6339b64859e9980d56cbfc5f461d00910"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "136f1cf5-3bd3-48c9-9b05-7493129f9134" ,
"value" : "2f0f99cbac828092c0ec23e12ecb44cbf53f5a671a80842a2447e6114e4f6979"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "6ba96613-4864-4184-aa28-54f665d2c2c5" ,
"value" : "c396cfb2744bf92575274b277a6c47fe9566dbff"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "20256053-3a6d-401a-802c-540740505140" ,
"value" : "070950303d80db5d2eb93e21aad77d04"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : false ,
"type" : "vulnerability" ,
"uuid" : "ca630b95-9955-4e4b-b461-cee4a9bd7d9a" ,
"value" : "CVE-2017-8570"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1660894060" ,
"to_ids" : false ,
"type" : "vulnerability" ,
"uuid" : "00d589c3-2ab7-4587-8f08-77dd869ca869" ,
"value" : "CVE-2017-11882"
}
] ,
"Object" : [
{
"comment" : "" ,
"deleted" : false ,
"description" : "Metadata used to generate an executive level report" ,
"meta-category" : "misc" ,
"name" : "report" ,
"template_uuid" : "70a68471-df22-4e3f-aa1a-5a3be19f82df" ,
"template_version" : "7" ,
"timestamp" : "1660892888" ,
"uuid" : "ba5cbf43-23db-4b15-84f9-f6ea0376e95d" ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "link" ,
"timestamp" : "1660892888" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "c0eaa5d0-e310-402e-90fb-61bbee5a0749" ,
"value" : "https://www.proofpoint.com/us/blog/threat-insight/reservations-requested-ta558-targets-hospitality-and-travel"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1660892888" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "8de3129e-f920-4607-8cd2-0fe04b1a8c3b" ,
"value" : "Key Findings:\r\n\r\n TA558 is a likely financially motivated small crime threat actor targeting hospitality, hotel, and travel organizations.\r\n Since 2018, this group has used consistent tactics, techniques, and procedures to attempt to install a variety of malware including Loda RAT, Vjw0rm, and Revenge RAT.\r\n TA558\u2019s targeting focus is mainly on Portuguese and Spanish speakers, typically located in the Latin America region, with additional targeting observed in Western Europe and North America.\r\n TA558 increased operational tempo in 2022 to a higher average than previously observed. \r\n Like other threat actors in 2022, TA558 pivoted away from using macro-enabled documents in campaigns and adopted new tactics, techniques, and procedures."
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "type" ,
"timestamp" : "1660892888" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4b432ccd-99e2-4bf5-b619-2c4fe09068f7" ,
"value" : "Blog"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Metadata used to generate an executive level report" ,
"meta-category" : "misc" ,
"name" : "report" ,
"template_uuid" : "70a68471-df22-4e3f-aa1a-5a3be19f82df" ,
"template_version" : "7" ,
"timestamp" : "1660893407" ,
"uuid" : "de7a3de5-9870-48e3-9d3d-8a02af97a3c8" ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "link" ,
"timestamp" : "1660893407" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "7d50063e-e8ec-4fbe-9bb0-625fadb0bb47" ,
"value" : "https://otx.alienvault.com/pulse/62fe1e074b82e798cd731a70/"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Email object describing an email with meta-information" ,
"meta-category" : "network" ,
"name" : "email" ,
"template_uuid" : "a0c666e0-fc65-4be8-b48f-3423d788b552" ,
"template_version" : "18" ,
"timestamp" : "1660911109" ,
"uuid" : "9c9a982c-a37e-4e24-85f6-0bb85d0365cf" ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A t Q A A A K S C A Y A A A D y L E y B A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q n + j Y 1 f H q n t u 9 v z r t O 5 / d t 7 z / 6 I H J g 3 s P 9 R + 2 P d J + 1 N K l 0 X X z s d r j p i c q T x q 7 l b t v P F V + e u O Z y r P G H t W e 5 l 713 l t 9 W n 2 t / b r 97 c + N n j / 4 y / y v J w M 2 A 32 D z o N D L 7 x e j A 35 D 828 D H u 5 M B w 3 v P J q / w h 6 J P s 14 + v C U e 7 R 8 j c S b + r H V M b u j B u N d 791 f P t q g j z x 8 V 30 u 9 X J 9 C m 6 q c J p v u m a G Y W Z l v c m 73 s / e H 6 Y / B j 5 c W U 24 x P T p 1 O f x T 9 f n 9 O b 6553 m 59 c o C 6 s f 8 n 9 y v G 16 p v S t 45 F u 8 X R p f C l l e / Z P z h + V P
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "screenshot" ,
"timestamp" : "1660911109" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "45b86eeb-9e57-4f79-98f2-ce23f5ae2c69" ,
"value" : "Screen Shot 2022-08-16 at 11.54.40 AM.png"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "subject" ,
"timestamp" : "1660911109" ,
"to_ids" : false ,
"type" : "email-subject" ,
"uuid" : "69d60167-3d1b-4f8c-897a-302d96e9946e" ,
"value" : "Corrigir data da reserva para o dia 03"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "attachment" ,
"timestamp" : "1660911109" ,
"to_ids" : true ,
"type" : "email-attachment" ,
"uuid" : "5e89e5f8-2760-487c-a918-0d0b6de256d0" ,
"value" : "Booking - Dados da Reserva.docx"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1660911335" ,
"uuid" : "8809def6-57c4-40fb-b31c-db538af6bad6" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "8809def6-57c4-40fb-b31c-db538af6bad6" ,
"referenced_uuid" : "9c9a982c-a37e-4e24-85f6-0bb85d0365cf" ,
"relationship_type" : "contained-within" ,
"timestamp" : "1660911335" ,
"uuid" : "fb423122-e7ac-42d7-a1bc-cf8e861119ba"
}
] ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1660911276" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "0cad5bc2-e4df-4e41-95b2-0875f3947acf" ,
"value" : "Author\u201d: C.D.T Original"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1660911276" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "5e2c51cf-8007-49b0-ac6d-5938811e8f9e" ,
"value" : "796c02729c9cd5d37976ddae205226e6339b64859e9980d56cbfc5f461d00910"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1660911276" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "c65fb712-197d-47f6-8958-c3c81d7a6adb" ,
"value" : "Booking - Dados da Reserva.docx"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1661171267" ,
"uuid" : "20c2cfc4-4abe-42e5-ac49-5759447323a8" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "20c2cfc4-4abe-42e5-ac49-5759447323a8" ,
"referenced_uuid" : "dfac55b4-672a-45b3-aaa6-0e60dbdbaf96" ,
"relationship_type" : "contained-within" ,
"timestamp" : "1661171267" ,
"uuid" : "626e1483-32c7-45ee-a481-2d71e94c7d1f"
}
] ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "text" ,
"timestamp" : "1661170240" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5f28d374-5ff0-4ba5-b497-a1d7117dc2bf" ,
"value" : "Attachment \u201cAuthor\u201d: msword\r\n\r\nAttachment \u201cLast Saved By\u201d: Richard"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1661170240" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "51a99aba-7af6-41ee-9267-d2fc8869b07c" ,
"value" : "7dc70d023b2ee5a941edd925999bb6864343b11758c7dc18309416f2947ddb6e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1661170240" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "d4a28b03-375d-4fa9-9609-36444b0268b8" ,
"value" : "RESERVA.docx"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Email object describing an email with meta-information" ,
"meta-category" : "network" ,
"name" : "email" ,
"template_uuid" : "a0c666e0-fc65-4be8-b48f-3423d788b552" ,
"template_version" : "18" ,
"timestamp" : "1661170571" ,
"uuid" : "dfac55b4-672a-45b3-aaa6-0e60dbdbaf96" ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A 58 A A A H v C A Y A A A D T r G u U A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q n + j Y 1 f H q n t u 9 v z r t O 5 / d t 7 z / 6 I H J g 3 s P 9 R + 2 P d J + 1 N K l 0 X X z s d r j p i c q T x q 7 l b t v P F V + e u O Z y r P G H t W e 5 l 713 l t 9 W n 2 t / b r 97 c + N n j / 4 y / y v J w M 2 A 32 D z o N D L 7 x e j A 35 D 828 D H u 5 M B w 3 v P J q / w h 6 J P s 14 + v C U e 7 R 8 j c S b + r H V M b u j B u N d 791 f P t q g j z x 8 V 30 u 9 X J 9 C m 6 q c J p v u m a G Y W Z l v c m 73 s / e H 6 Y / B j 5 c W U 24 x P T p 1 O f x T 9 f n 9 O b 6553 m 59 c o C 6 s f 8 n 9 y v G 16 p v S t 45 F u 8 X R p f C l l e / Z P z h + V P
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "screenshot" ,
"timestamp" : "1661170571" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "28729bfe-effc-44bb-9a29-b16e10fcb4d6" ,
"value" : "Screen Shot 2022-08-16 at 11.54.57 AM.png"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "subject" ,
"timestamp" : "1661170571" ,
"to_ids" : false ,
"type" : "email-subject" ,
"uuid" : "7a5f80ad-2e7d-4766-8777-09e8e3cf9ca2" ,
"value" : "RESERVA"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "attachment" ,
"timestamp" : "1661170571" ,
"to_ids" : true ,
"type" : "email-attachment" ,
"uuid" : "f3bd0654-e46a-4dab-8c03-eef6d45039ef" ,
"value" : "RESERVA.docx"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1661174273" ,
"uuid" : "ccc9024a-2748-4e43-bba0-df53f0332f5e" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "ccc9024a-2748-4e43-bba0-df53f0332f5e" ,
"referenced_uuid" : "46cbebab-5fb3-4286-beac-500e45976ff0" ,
"relationship_type" : "contained-within" ,
"timestamp" : "1661174273" ,
"uuid" : "0215a3c7-754c-4cd8-88c8-f4c7722edfe4"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1661173129" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "22fbf0a2-30d6-4803-b76a-a14ad4a32091" ,
"value" : "c2b817b02e56624c8ed7944e76a3896556dc2b7482f747f4be88f95e232f9207"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1661173129" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "e5ef1ff3-b7e5-4b67-915d-32896965f371" ,
"value" : "reserva.ppa"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Email object describing an email with meta-information" ,
"meta-category" : "network" ,
"name" : "email" ,
"template_uuid" : "a0c666e0-fc65-4be8-b48f-3423d788b552" ,
"template_version" : "18" ,
"timestamp" : "1661173959" ,
"uuid" : "46cbebab-5fb3-4286-beac-500e45976ff0" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "subject" ,
"timestamp" : "1661173959" ,
"to_ids" : false ,
"type" : "email-subject" ,
"uuid" : "b45ed2bf-0867-4c72-ab01-dbcd4b0d300d" ,
"value" : "Or\u00e7amento Conferencistas - 515449939"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "from-display-name" ,
"timestamp" : "1661173959" ,
"to_ids" : false ,
"type" : "email-src-display-name" ,
"uuid" : "ab01f74c-0890-4b38-ae52-cc252ba7c699" ,
"value" : "Oab Brasil"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "from" ,
"timestamp" : "1661173959" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "9c2a9596-95d3-4e1f-9baf-490071b66d92" ,
"value" : "fernando1540@bol[.]com[.]br"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "attachment" ,
"timestamp" : "1661173959" ,
"to_ids" : true ,
"type" : "email-attachment" ,
"uuid" : "61581e3d-4806-42d8-b965-bf584dc994d6" ,
"value" : "reserva.ppa"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A 7 U A A A I d C A Y A A A D i Y V o C A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q n + j Y 1 f H q n t u 9 v z r t O 5 / d t 7 z / 6 I H J g 3 s P 9 R + 2 P d J + 1 N K l 0 X X z s d r j p i c q T x q 7 l b t v P F V + e u O Z y r P G H t W e 5 l 713 l t 9 W n 2 t / b r 97 c + N n j / 4 y / y v J w M 2 A 32 D z o N D L 7 x e j A 35 D 828 D H u 5 M B w 3 v P J q / w h 6 J P s 14 + v C U e 7 R 8 j c S b + r H V M b u j B u N d 791 f P t q g j z x 8 V 30 u 9 X J 9 C m 6 q c J p v u m a G Y W Z l v c m 73 s / e H 6 Y / B j 5 c W U 24 x P T p 1 O f x T 9 f n 9 O b 6553 m 59 c o C 6 s f 8 n 9 y v G 16 p v S t 45 F u 8 X R p f C l l e / Z P z h + V P
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "screenshot" ,
"timestamp" : "1661173959" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "fa9f4e47-a874-43b6-9622-f1fb83854cef" ,
"value" : "Screen Shot 2022-08-16 at 11.55.35 AM.png"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "Email object describing an email with meta-information" ,
"meta-category" : "network" ,
"name" : "email" ,
"template_uuid" : "a0c666e0-fc65-4be8-b48f-3423d788b552" ,
"template_version" : "18" ,
"timestamp" : "1661176848" ,
"uuid" : "3c167f94-5bac-465c-9765-b48cab0fddf5" ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "reply-to" ,
"timestamp" : "1661176848" ,
"to_ids" : false ,
"type" : "email-reply-to" ,
"uuid" : "04f5efd4-1db2-4c71-8a2b-d4cf4fdda962" ,
"value" : "cdt[name]cdt@gmail[.]com"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "subject" ,
"timestamp" : "1661176848" ,
"to_ids" : false ,
"type" : "email-subject" ,
"uuid" : "dd0394d0-3832-45fe-bdf7-8b77bfaff6a7" ,
"value" : "Reserva"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "from-display-name" ,
"timestamp" : "1661176848" ,
"to_ids" : false ,
"type" : "email-src-display-name" ,
"uuid" : "3c7c8bd0-0021-4540-a92b-9c2d1c26c066" ,
"value" : "Financeiro UNIMED"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "from" ,
"timestamp" : "1661176848" ,
"to_ids" : true ,
"type" : "email-src" ,
"uuid" : "88f0384e-5aff-4d6b-b129-924a22601ca0" ,
"value" : "financeiro@unimed-corporated[.]com"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B C I A A A J F C A Y A A A A I 8 F a L A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q n + j Y 1 f H q n t u 9 v z r t O 5 / d t 7 z / 6 I H J g 3 s P 9 R + 2 P d J + 1 N K l 0 X X z s d r j p i c q T x q 7 l b t v P F V + e u O Z y r P G H t W e 5 l 713 l t 9 W n 2 t / b r 97 c + N n j / 4 y / y v J w M 2 A 32 D z o N D L 7 x e j A 35 D 828 D H u 5 M B w 3 v P J q / w h 6 J P s 14 + v C U e 7 R 8 j c S b + r H V M b u j B u N d 791 f P t q g j z x 8 V 30 u 9 X J 9 C m 6 q c J p v u m a G Y W Z l v c m 73 s / e H 6 Y / B j 5 c W U 24 x P T p 1 O f x T 9 f n 9 O b 6553 m 59 c o C 6 s f 8 n 9 y v G 16 p v S t 45 F u 8 X R p f C l l e / Z P z h + V P
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "screenshot" ,
"timestamp" : "1661176848" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "dbfcf35f-8af5-4b0a-9fb4-8df9ef2864e2" ,
"value" : "Screen Shot 2022-08-16 at 11.56.23 AM.png"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "attachment" ,
"timestamp" : "1661176848" ,
"to_ids" : true ,
"type" : "email-attachment" ,
"uuid" : "37efae0c-d320-403a-a0ce-ef02dcf9c513" ,
"value" : "OficioCircularencaminhadoaoSetorFinanceiroUNIMED.docx"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "24" ,
"timestamp" : "1661176898" ,
"uuid" : "aba989e1-7952-4225-8f27-be5a626323db" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "aba989e1-7952-4225-8f27-be5a626323db" ,
"referenced_uuid" : "3c167f94-5bac-465c-9765-b48cab0fddf5" ,
"relationship_type" : "contained-within" ,
"timestamp" : "1661176898" ,
"uuid" : "699322da-f736-4c84-96bf-36afb109f43a"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1661176873" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "2b3c2c55-20ce-4495-beb0-f52d1df0a9bc" ,
"value" : "2f0f99cbac828092c0ec23e12ecb44cbf53f5a671a80842a2447e6114e4f6979"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "filename" ,
"timestamp" : "1661176873" ,
"to_ids" : true ,
"type" : "filename" ,
"uuid" : "27b17f46-2457-4f2a-8d67-93cb88ceefc0" ,
"value" : "OficioCircularencaminhadoaoSetorFinanceiroUNIMED.docx"
}
]
}
]
}
}
