2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
"analysis": "0",
|
|
|
|
"date": "2022-01-13",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "CYBERCOM_Malware_Alert - MuddyWater has been seen using a variety of techniques to maintain access to victim networks.",
|
|
|
|
"publish_timestamp": "1642082232",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "2",
|
|
|
|
"timestamp": "1642082225",
|
|
|
|
"uuid": "ed46f822-41e6-4dca-a1c5-ad768306bfe9",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#004646",
|
|
|
|
"local": "0",
|
|
|
|
"name": "type:OSINT",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0071c3",
|
|
|
|
"local": "0",
|
|
|
|
"name": "osint:lifetime=\"perpetual\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0087e8",
|
|
|
|
"local": "0",
|
|
|
|
"name": "osint:certainty=\"50\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"MuddyWater - G0069\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:mitre-intrusion-set=\"MuddyWater - G0069\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:threat-actor=\"MuddyWater\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0088cc",
|
|
|
|
"local": "0",
|
|
|
|
"name": "misp-galaxy:country=\"iran\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "dc27e79d-43bc-42fd-986f-9b5420b73fc3",
|
|
|
|
"value": "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "7363ccc3-6a4e-44fc-a0f8-619fa264cb8a",
|
|
|
|
"value": "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "b37525af-c696-4d69-aead-e3be0aca9e2d",
|
|
|
|
"value": "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "076573dc-8454-478d-89b0-ca6cf97411b8",
|
|
|
|
"value": "255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "0f9cfe78-1225-45c4-ba1a-e09f556f359f",
|
|
|
|
"value": "e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "418272e0-5405-47a7-91d5-a059ea41fbec",
|
|
|
|
"value": "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "2315d783-9a27-439e-977d-30358f994275",
|
|
|
|
"value": "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "8250e2c6-7463-45a2-ba9f-77dc3eeadbf7",
|
|
|
|
"value": "b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "b97f4525-148f-4c25-ad95-ab04ddd3638c",
|
|
|
|
"value": "9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "074d4b72-f0f8-4787-9638-cf0028fe2b8f",
|
|
|
|
"value": "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "a759108a-98d2-45d0-8bb0-28825e63c671",
|
|
|
|
"value": "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "6f2a3e83-fd7f-46cc-8ac1-b160a301253f",
|
|
|
|
"value": "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "e9fc0696-04ae-406b-a0cb-dca1251d03b0",
|
|
|
|
"value": "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "8edb6149-7401-4088-86ed-29427a0a2956",
|
|
|
|
"value": "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "0501eade-9a37-4a03-8ce8-99bc7f201a22",
|
|
|
|
"value": "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "7fe60b0e-b337-4de4-8d83-5c5d9e6cabd7",
|
|
|
|
"value": "ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "54e6d8c5-541d-4fd6-bb40-30eb257795d6",
|
|
|
|
"value": "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Object": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "bf4b82ac-341f-4ebc-af6d-134e6afde90b",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "bf4b82ac-341f-4ebc-af6d-134e6afde90b",
|
|
|
|
"referenced_uuid": "cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "5d516719-6657-4266-8b8f-f3b7621678af"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "4b02880e-9b58-4738-bbb2-71a2e3c3fa85",
|
|
|
|
"value": "a0421312705e847a1c8073001fd8499c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "a6021696-5d5c-4e10-9289-df75f02d2520",
|
|
|
|
"value": "3204447f54adeffb339ed3e00649ae428544eca3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "4ba19f03-3508-4446-89ce-4dffdfaeb158",
|
|
|
|
"value": "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "dbd79864-48d0-4f8c-9df6-b038db7d1925",
|
|
|
|
"value": "2022-01-13T12:41:30+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "f54bb404-0b1a-4321-8cdd-55cc2f9c06c8",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7/detection/f-9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7-1642077690"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "12587aeb-8930-45f3-8ac6-fec9c82a7285",
|
|
|
|
"value": "8/57"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "845692ad-8bc9-4847-9863-7a4a7946d5c7",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "845692ad-8bc9-4847-9863-7a4a7946d5c7",
|
|
|
|
"referenced_uuid": "ff69de23-80e4-46dc-8144-f165d4d8ac5e",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "433cd7ad-fee6-44f0-8881-c5eaefc3b080"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "7abf98af-5bf6-4620-b4ec-950670807002",
|
|
|
|
"value": "4a022ea1fd2bf5e8c0d8b2343a230070"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "1cf0d003-cd32-418d-8927-048ab169d056",
|
|
|
|
"value": "89df0feca9a447465d41ac87cb45a6f3c02c574d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "ae84908e-e117-4655-b1e3-8dd91fb650dd",
|
|
|
|
"value": "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "ff69de23-80e4-46dc-8144-f165d4d8ac5e",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "532b79c0-ce85-4d35-ad3e-5c35f8dc2858",
|
|
|
|
"value": "2022-01-13T04:17:48+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "755472d3-c174-450a-a5df-eece9c895c43",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13/detection/f-e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13-1642047468"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "c9f6cd8b-ee18-4a3b-a6e3-f0bae3d0c164",
|
|
|
|
"value": "12/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "6875f800-1889-47a9-a960-4a02c4626aa5",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "6875f800-1889-47a9-a960-4a02c4626aa5",
|
|
|
|
"referenced_uuid": "4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "18c9a341-3d9b-4e8b-97d5-d824c0025baf"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "4dae8618-645e-42bb-86c0-253979a2d66d",
|
|
|
|
"value": "52299ffc8373f58b62543ec754732e55"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "8698c417-45f8-4ec9-bbd8-00552a992bc2",
|
|
|
|
"value": "ca97ac295b2cd57501517c0efd67b6f8a7d1fbdf"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "bad10dc1-9db6-4af2-adb3-0e89cd9af723",
|
|
|
|
"value": "ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "94932aa2-ffc3-4db4-af55-9d852bea217e",
|
|
|
|
"value": "2022-01-13T09:17:23+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "51425635-b388-450d-a67c-10edc7050d85",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9/detection/f-ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9-1642065443"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "f9074c2e-e1d1-4aa9-832b-12e187c35214",
|
|
|
|
"value": "0/57"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "54be5c62-37af-42f1-abed-845d03dc8b10",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "54be5c62-37af-42f1-abed-845d03dc8b10",
|
|
|
|
"referenced_uuid": "8bcc658f-253b-4933-bf35-231ae29169bd",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "3464b5de-6d66-4136-90a9-0b9e6a8f31fd"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "1e9b47ec-aa65-420c-af25-d48936eed968",
|
|
|
|
"value": "37fa9e6b9be7242984a39a024cade2d5"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "0f14430c-3d49-4300-a8d6-272a8c02f77f",
|
|
|
|
"value": "0211569091b96cffab6918e18ccc97f4b24d88d4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "6cd1b693-0020-4fde-b808-7b1d9de128df",
|
|
|
|
"value": "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "8bcc658f-253b-4933-bf35-231ae29169bd",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "810778a7-cc9b-4efd-93ff-ee182af8ebbf",
|
|
|
|
"value": "2022-01-13T13:07:07+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "e9ebfae1-f588-447e-b5dd-6886db000324",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986/detection/f-42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986-1642079227"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "301cefd5-18ac-4eaa-a28e-627561f9ba7a",
|
|
|
|
"value": "15/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "dabb966a-e286-4ffb-b646-62d19d1fd749",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "dabb966a-e286-4ffb-b646-62d19d1fd749",
|
|
|
|
"referenced_uuid": "3fe360a9-06a8-4534-8551-8d79b4460ff3",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "c5f46f4b-f8b6-4609-9af8-3d89ce61b6ab"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "44a1f3e4-3f12-4e6c-b916-aafc73dd3ad6",
|
|
|
|
"value": "c0c2cd5cc018e575816c08b36969c4a6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "7a816f8b-1e19-451b-a06c-3e8ca33ccc69",
|
|
|
|
"value": "47a4e0d466bb20cec5d354e56a9aa3f07cec816a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "e6c39ccf-1fba-4e97-a908-2e8b2a2b833b",
|
|
|
|
"value": "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "3fe360a9-06a8-4534-8551-8d79b4460ff3",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "cb1d4788-dcd1-44f2-af2b-bfe789458d68",
|
|
|
|
"value": "2022-01-13T09:15:56+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "e711af33-4db5-420c-bd67-a0c27e96d215",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c/detection/f-b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c-1642065356"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "62533080-84ba-40ee-ac62-319ce7f9303a",
|
|
|
|
"value": "7/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "e4790ff8-5364-48dd-a3cf-34a6e33c35f7",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "e4790ff8-5364-48dd-a3cf-34a6e33c35f7",
|
|
|
|
"referenced_uuid": "eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "38efe424-672d-459d-bfcd-b0d8882955fc"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "d064de00-ccbc-47b0-9c37-da4407eab0ce",
|
|
|
|
"value": "b6b0edf0b31bc95a042e13f3768a65c3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "bb152bd8-97fb-446a-a958-649a3b70817c",
|
|
|
|
"value": "5168a8880abe8eb2d28f10787820185fe318859e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "7dd2c4ac-f8e5-42fa-be8e-a35760b5b88b",
|
|
|
|
"value": "b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "6dd52732-ac86-42c0-b1fa-62e204a3d045",
|
|
|
|
"value": "2022-01-13T07:08:21+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "82a8f036-ba82-4b07-8732-d7d227168eba",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a/detection/f-b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a-1642057701"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "c06382b8-0ef0-4432-9b20-089b543365c4",
|
|
|
|
"value": "0/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "cc1bd483-9916-4f34-85c8-f3203118e5ee",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "cc1bd483-9916-4f34-85c8-f3203118e5ee",
|
|
|
|
"referenced_uuid": "8f209c3f-5b2b-4f51-8dc9-17899c3c00e7",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "0ec7ef7f-34fc-4603-ad1d-f289f56b6327"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "9b676948-8369-44ab-b85e-d52aa461cba6",
|
|
|
|
"value": "0431445d6d6e5802c207c8bc6a6402ea"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "81e84604-f741-4060-a217-20b86b27e581",
|
|
|
|
"value": "3765c1ad8a1d936aad88255aef5d6d4ce24f94e8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "f540c1f5-90b9-4734-a9d4-1b2fa535e166",
|
|
|
|
"value": "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "8f209c3f-5b2b-4f51-8dc9-17899c3c00e7",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "2267b90d-2227-4674-8493-eecf58c0b446",
|
|
|
|
"value": "2022-01-13T13:04:20+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "827ccd61-11c9-411d-9c29-db03ecebcf2a",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8/detection/f-3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8-1642079060"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "d7c0aa81-b795-4621-a148-f2cb42b62429",
|
|
|
|
"value": "26/63"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "f504a81b-6b1a-47f3-8e9e-b5bae30df31d",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "f504a81b-6b1a-47f3-8e9e-b5bae30df31d",
|
|
|
|
"referenced_uuid": "396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "11cad524-5c04-4dff-8949-e5d57213afae"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "33fdeea5-1341-479e-9a7f-a10996223391",
|
|
|
|
"value": "a65696d6b65f7159c9ffcd4119f60195"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "74407ba4-49d9-44fa-bd43-7553ca869914",
|
|
|
|
"value": "570f7272412ff8257ed6868d90727a459e3b179e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "def8794a-2587-4d8f-82df-9b0adc491c21",
|
|
|
|
"value": "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "1c8c0732-1e0a-43eb-8c3f-13ad55c90c53",
|
|
|
|
"value": "2022-01-13T08:14:02+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "6d2fb689-54c3-4922-9ed5-5fa84b44f4e5",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504/detection/f-b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504-1642061642"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "d868fce4-a491-4159-9707-cc2a430bb790",
|
|
|
|
"value": "12/57"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "299673ae-0490-48be-a1cf-f6a0f3389d5f",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "299673ae-0490-48be-a1cf-f6a0f3389d5f",
|
|
|
|
"referenced_uuid": "72a0257a-ec8c-4950-83c6-0ecae8fe5933",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "49b37ce5-5e18-46af-a109-a97bbbc8f3ff"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e58883b1-df8a-4689-bb89-3f1f56371cb2",
|
|
|
|
"value": "51bc53a388fce06487743eadc64c4356"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "e9549b1f-c050-40b0-bc31-98a0e6776f2b",
|
|
|
|
"value": "b9e6fc51fa3940fb632a68907b8513634d76e5a0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "ac932a84-9579-4230-98bb-ed3e4482a73e",
|
|
|
|
"value": "9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082168",
|
|
|
|
"uuid": "72a0257a-ec8c-4950-83c6-0ecae8fe5933",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "1a8aeafa-553d-4d56-82e5-9a9215942b55",
|
|
|
|
"value": "2022-01-13T12:41:47+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5a802be0-a8ec-4a72-b333-ec7031a2f3a4",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2/detection/f-9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2-1642077707"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "d8736b39-7035-42aa-b738-0d9c40c17e18",
|
|
|
|
"value": "1/57"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "3e3a6056-fda9-44f1-bff0-b418d06c9849",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "3e3a6056-fda9-44f1-bff0-b418d06c9849",
|
|
|
|
"referenced_uuid": "89708647-d6e5-4c8c-8907-6eb59207df20",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "f8b9f39d-285a-4d87-a234-5517cfd01e32"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "f9efdba2-d390-4752-bcd9-0293f892d429",
|
|
|
|
"value": "0ac499496fb48de0727bbef858dadbee"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "8ed732fe-ee71-40d2-af06-4b863257207a",
|
|
|
|
"value": "483cd5c9dd887367793261730d59178c19fe13f3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "059fd6f5-ba66-4296-b863-8cbabe122acf",
|
|
|
|
"value": "255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "89708647-d6e5-4c8c-8907-6eb59207df20",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "58c55ff1-fde0-4fad-b294-327791aa1a48",
|
|
|
|
"value": "2022-01-13T04:15:36+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "e41ba8f5-d5d4-48c6-994b-244d0e52bb64",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a/detection/f-255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a-1642047336"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "5d9e7bf3-c0c9-48f5-a1a2-1098fad5fde9",
|
|
|
|
"value": "0/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "b9c26a84-7625-44a9-b8ad-25ce88733b1a",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "b9c26a84-7625-44a9-b8ad-25ce88733b1a",
|
|
|
|
"referenced_uuid": "79aa754b-5175-4116-b980-fdf39533c0c4",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "2482eab9-732a-43f5-b6d6-bbe99858ddfa"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e7071884-ccf0-4d6f-abb9-c688ba12041f",
|
|
|
|
"value": "860f5c2345e8f5c268c9746337ade8b7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "d1a3712e-1f09-4b97-b821-117887b6a63b",
|
|
|
|
"value": "6c55d3acdc2d8d331f0d13024f736bc28ef5a7e1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "f3455dbb-fd2c-424b-999f-709d71e7e0a0",
|
|
|
|
"value": "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "79aa754b-5175-4116-b980-fdf39533c0c4",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "a42e8172-c533-45bb-9429-93480bd2b922",
|
|
|
|
"value": "2022-01-13T06:21:14+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "68815cb5-f218-4794-96c6-725a62d24e3c",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051/detection/f-9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051-1642054874"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "516d4060-0566-4321-89a1-83a0c48fe74b",
|
|
|
|
"value": "20/66"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "77408d3b-8618-407a-ba96-b6769c8c402c",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "77408d3b-8618-407a-ba96-b6769c8c402c",
|
|
|
|
"referenced_uuid": "ea7079f4-838d-4b42-91ae-ca7e0555856c",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "8943a589-5645-4350-9128-ef767573ecaf"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "91282ac1-2a04-42cd-96e1-53754b3c392c",
|
|
|
|
"value": "d68f5417f1d4fc022067bf0313a3867d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "7f429715-c6f0-4f06-8680-ae9576d171da",
|
|
|
|
"value": "2f6dd6d11e28bf8b4d7ceec8753d15c7568fb22e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "dd24df0a-264c-413a-8493-081be0933e22",
|
|
|
|
"value": "e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "ea7079f4-838d-4b42-91ae-ca7e0555856c",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "9aa9cfc5-f9a9-485f-aa52-a0d4b8626af9",
|
|
|
|
"value": "2022-01-13T12:26:10+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "6d97cb57-cd3b-4fa8-9d86-4d006b3b6f20",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca/detection/f-e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca-1642076770"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "0de63566-fb1f-4aab-952f-9df4ea53c476",
|
|
|
|
"value": "0/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "ecd22b18-d365-479b-be89-123c3c1091c2",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "ecd22b18-d365-479b-be89-123c3c1091c2",
|
|
|
|
"referenced_uuid": "2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "5115449a-0580-41d4-bcd5-92838e63551b"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "111794f4-6f41-4aa1-a291-7c5b6187c87f",
|
|
|
|
"value": "6c084c8f5a61c6bec5eb5573a2d51ffb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "4efbf8df-6cda-4f54-a57a-7e6f1f4283cc",
|
|
|
|
"value": "61608ed1de56d0e4fe6af07ecba0bd0a69d825b8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "2b3ef390-058c-40c5-bbb1-02d5f1aad959",
|
|
|
|
"value": "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "f54e82ce-5c4d-4c33-8027-cde791a82c00",
|
|
|
|
"value": "2022-01-13T07:05:59+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "859c1ba8-9e46-4c8a-97d0-e11d708a1351",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4/detection/f-7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4-1642057559"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "50488f21-2ffe-41a8-8c02-4bb8e08a5745",
|
|
|
|
"value": "42/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "a7233c05-4d98-4069-9286-52bd8cc11931",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "a7233c05-4d98-4069-9286-52bd8cc11931",
|
|
|
|
"referenced_uuid": "67975639-a318-4d96-b0e2-fdd8b5442a0a",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "938db5b9-6e84-4eae-9812-b2ab1f5e43a2"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "67ee7235-df54-45da-99bc-1aa0376d050d",
|
|
|
|
"value": "218d4151b39e4ece13d3bf5ff4d1121b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "709f6dff-529b-4579-a2fd-f8cf45a6b502",
|
|
|
|
"value": "28e799d9769bb7e936d1768d498a0d2c7a0d53fb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "31f0fd85-3c66-4877-ba19-2769df958340",
|
|
|
|
"value": "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "67975639-a318-4d96-b0e2-fdd8b5442a0a",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "4ad9540f-582a-4120-b243-44663cbadb03",
|
|
|
|
"value": "2022-01-13T08:47:01+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "7cdf243d-12d4-40c3-bad7-aec0a4a7b606",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82/detection/f-2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82-1642063621"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "753fbc92-eacd-4898-a037-6d398a0f5790",
|
|
|
|
"value": "11/54"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "49b57792-93e9-4adc-bebd-911bfc742df8",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "49b57792-93e9-4adc-bebd-911bfc742df8",
|
|
|
|
"referenced_uuid": "681dc734-5d4c-41bf-b184-2da2932f6add",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "3db89cd4-cbdc-4fc2-9d8c-9eddadb738d0"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "a88fdc58-3c7c-4386-8951-f56600a805ce",
|
|
|
|
"value": "a27655d14b0aabec8db70ae08a623317"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "d22399e2-7c58-4175-8d09-c0a71ee272b2",
|
|
|
|
"value": "8344f2c1096687ed83c2bbad0e6e549a71b0c0b1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "e6158472-6304-4be6-a7ee-4171c3331db1",
|
|
|
|
"value": "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "681dc734-5d4c-41bf-b184-2da2932f6add",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "bd9d83c2-0731-45cc-9b2a-3b85061dbf58",
|
|
|
|
"value": "2022-01-13T13:53:27+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "f3d51526-d5c2-46e4-a6c5-d9b6b2e0e07d",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa/detection/f-12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa-1642082007"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "c7e45954-c1b6-47a9-ac67-29fa8286be4e",
|
|
|
|
"value": "24/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "d388643a-dac1-4aa6-901f-1cf15369d346",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "d388643a-dac1-4aa6-901f-1cf15369d346",
|
|
|
|
"referenced_uuid": "157baa15-cb30-4e83-aefd-fd79cedc4a98",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "1d6baffd-69fd-447c-9dc0-4914e636a184"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "dec8a269-3d4c-4014-8444-69df978fc177",
|
|
|
|
"value": "cec48bcdedebc962ce45b63e201c0624"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "2197cf5f-b832-47e8-a97b-b2d4bd8ef6eb",
|
|
|
|
"value": "81f46998c92427032378e5dead48bdfc9128b225"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "79ca985b-93eb-4f4b-ab2d-e852f0c25637",
|
|
|
|
"value": "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "157baa15-cb30-4e83-aefd-fd79cedc4a98",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "f26d1632-f93f-4762-b5d1-f38792f256f2",
|
|
|
|
"value": "2022-01-13T03:08:18+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "f49690f5-29d8-4559-8786-23f3d6785ecd",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92/detection/f-dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92-1642043298"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "79bf7c86-d42c-4396-a719-302a7e70d8e3",
|
|
|
|
"value": "35/66"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "24",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "46e303de-38b8-47bc-aac2-0cb397cc0241",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "46e303de-38b8-47bc-aac2-0cb397cc0241",
|
|
|
|
"referenced_uuid": "5c17d9f3-e780-4fc0-83be-1a9c2506859d",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-12-14 14:30:15 +00:00
|
|
|
"timestamp": "1642082170",
|
|
|
|
"uuid": "6b8c1680-20d1-4812-8b28-ef8e1f94de7b"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e9a1b94d-25b3-4059-9cd3-db1edd02c49a",
|
|
|
|
"value": "a16f4f0c00ca43d5b20f7bc30a3f3559"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "37254754-367d-4697-bb42-94ef63510cd7",
|
|
|
|
"value": "94e26fb2738e49bb70b445315c0d63a5d364c71b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "b1d82782-7f34-4f45-a954-6ef9c505a5b7",
|
|
|
|
"value": "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "4",
|
|
|
|
"timestamp": "1642082169",
|
|
|
|
"uuid": "5c17d9f3-e780-4fc0-83be-1a9c2506859d",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "2567c638-6844-4459-a860-5f9db3171381",
|
|
|
|
"value": "2022-01-13T02:57:46+00:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "6c3d7d26-b448-491b-926f-da6bc3b380b1",
|
|
|
|
"value": "https://www.virustotal.com/gui/file/5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f/detection/f-5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f-1642042666"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1642082062",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "bf7889f9-c620-4a4a-a87a-86d3f1ebf06b",
|
|
|
|
"value": "3/56"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|