misp-circl-feed/feeds/circl/misp/f33a2168-bea2-4b71-82ab-5e766c0a9227.json

{
  "Event": {
    "analysis": "2",
    "date": "2023-08-28",
    "extends_uuid": "",
    "info": "Pandora analysis (INV0027378237.7z) - Malicious attachment",
    "publish_timestamp": "1693208742",
    "published": true,
    "threat_level_id": "3",
    "timestamp": "1693208729",
    "uuid": "f33a2168-bea2-4b71-82ab-5e766c0a9227",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#004646",
        "local": "1",
        "name": "type:OSINT",
        "relationship_type": ""
      },
      {
        "colour": "#0071c3",
        "local": "1",
        "name": "osint:lifetime=\"perpetual\"",
        "relationship_type": ""
      },
      {
        "colour": "#0087e8",
        "local": "1",
        "name": "osint:certainty=\"50\"",
        "relationship_type": ""
      },
      {
        "colour": "#ffffff",
        "local": "1",
        "name": "tlp:white",
        "relationship_type": ""
      },
      {
        "colour": "#ffffff",
        "local": "1",
        "name": "tlp:clear",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": "0",
        "name": "misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": "0",
        "name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\"",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1693208501",
        "to_ids": true,
        "type": "hostname",
        "uuid": "8c7ff5bc-468a-45de-a2fd-f75b9c193763",
        "value": "rex1010.duckdns.org"
      }
    ],
    "Object": [
      {
        "comment": "",
        "deleted": false,
        "description": "File object describing a file with meta-information",
        "meta-category": "file",
        "name": "file",
        "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
        "template_version": "24",
        "timestamp": "1693208159",
        "uuid": "36bafd04-5fd8-4339-ac39-329f9a3a7081",
        "Attribute": [
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "filename",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "filename",
            "uuid": "07e59717-d67c-4e6d-8b52-e9c427ef61ef",
            "value": "INV0027378237.7z"
          },
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "size-in-bytes",
            "timestamp": "1693208159",
            "to_ids": false,
            "type": "size-in-bytes",
            "uuid": "36bc2dd1-e15a-434a-9a4a-0451041c9bf7",
            "value": "581791"
          },
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "entropy",
            "timestamp": "1693208159",
            "to_ids": false,
            "type": "float",
            "uuid": "601375d3-06ef-4900-b3f3-b45bd78946bb",
            "value": "7.99916572661"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "md5",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "md5",
            "uuid": "849b0688-55ef-46c2-8e6f-ce53e71b2e5b",
            "value": "a86cc9672c8c4fdf34fba38b7c63562b"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "sha1",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "sha1",
            "uuid": "a1076d3a-a530-4f02-927c-b27b28ce595b",
            "value": "1b254621918e9f35783c870d045e6bc0ed66696a"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "sha256",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "sha256",
            "uuid": "64a711b0-8dfb-4ccb-962b-12164a6c4712",
            "value": "e8cdb541ecfffd85cd71fe64b08ed06728b7c14c4079a51b85b0032178338617"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "sha512",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "sha512",
            "uuid": "99ac94e8-26b6-40c6-b7b9-c598ebda8efa",
            "value": "bc43460df406c322ffa65d30eded395a278316c53e2892b870dca3db62f5f91bf30b0b3e54d0084eaa8e4f770a96ca9a547ea84568eb209fbfa9f26ec8ece75e"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "data": "UEsDBBQACQAIAIA8HFfHwMx+BeEIAJ/gCAAgABwAYTg2Y2M5NjcyYzhjNGZkZjM0ZmJhMzhiN2M2MzU2MmJVVAkAA19O7GRfTuxkdXgLAAEEIQAAAAQhAAAAhcDf5laGsEuN7CfuDTFmQxugxqq7mFt1Kk75FRL1OFYxXP7l+20u3lflqf0oam6x1aA7Dp7rsll/uFrt6lF9I2LoMN8ctztXqvMBelTmsWZy4bYD/mg6b6Zd4PvyiqOQOX4X7w7VLEEiCZ13bHrr3eHyrm42z+NA3gUyil8h57styA8KBElR5HMpF8Jc0AZMYvNW392OUzmNyuykJW/FOo6dWfnc8T/hy/ZEB1XY5F+kt+7xA03lzL3tlpHE5HvoqUDVeIsqQfO79U8L4y9TLFelg2l2K/UyjOXayXa8KIk4CEGF5lkghCj1fKyVQpWV+sEMKxR4XvSJP5SFmriydtYD7Ur+ODqYak/NKMTUkt5M10evd4o9CU2UFvofKg/h8WZlzvZGiHp8XJKNqLgcoOAjB+xtl9tfyt0SoGYUNGC7noHQgm59GBeVLwLSCniL0spfLwPTuDiTm3E9kZSWe9mf+fKWbdTvarbLrQkNt8YruHkBBiurNCNH32Q7n88oUWiDDnmCrdH29JwJP6kGvRcVyCD3hJWQRQB5cRemMXX3QFgRBzRnpQhH1KjM1ms4Hw+uz7PfEygUS1IUZNWB/jGGUbP3ACEvpiFbv2aRBp85u9Xi1yZsS8dmFZieWreEmppcSAbtEZllw2VOgKepQfk15TSYb31Fx1844muPOo6HO326GqOPCQCfXSskEN7Z/zHMUahLXPvsjDZCnwhfIwOyx+9Ua8/TT7xxWL7XVlQ/hUCy9flrErzewdjKL8WWsoNyzercsxJY+BP/1RQ3DTzjh/Fe1aM8MC2letdHx9vzpe7HIA+bFbhql+hAh4+qgOfrIbMRyIgrmTM/stL4AxoDLP0zceL9Dj1/fNud0xGeD2+jiY9/QlOfVXCa7cbPlYVtNstA7tO0k+5pk6xTs51foAA04R+o8R4KNQPq7Oc4BZdcgdnafZl/cmK/eWltMXoeWNnQKpHANgAXqY2KMCVVXRiHzovhRtNZNVohzJ2fTK7AD1zTr+fQ4sjNoW+HzYJnFFcdMiFDa9u5hIBie6qk+TeZn6jGlYFRs8PwN9teLaEdcGni5vrT4sPyyV63wwc1H+TXJOopq8L3g+PnptcbXljwwn2P5rq5+YUd9PLqe6PC44w3p1QbbAkefsV6IMECJ7xW2taWSXhnRiIH6WTwsvqtJbH7icxOkAwOEZ7CshTB5fGYdCQRz16dRgecr+QPT6yxJuRThuekdbyi3DRTi5yltoWHCAaHqxxIn91a/t+a4AVXgMeh+rJsvNiiM+ZqJQ42LOqL/Bzg2JMwsvTFXbBxYtL4R3/d9STPEjnSN6s6flwxD7FUdJLFNa7FW++rentD6VZoPyH5b3gapIr1xG6/3ifnQVIlYhPQ3GF2aR/VXRq3HvG3o1SKI5zNgt4f+LqeOOxAriKgcv9O2TpABC34zsZ0FS9gk9RgNMM6h54T5G4aDT2gi/4RhvUahviExJ+k8K5iRvJcWj96m6wIqL37+ZyFnEeo/qjTDq1UxEiCsbHu2PCYoKo7qZkgw9jPQpHpGPnzS8fmvivU7OkF0YZhYAwS/xp3vT+cF9hb8ew471hg8uh4VDCpaGzumz8H91ONMXXcfw24KdbVgEaQ1ORn3qRjjUnnV7zCDVnuFhX9/ykal7iIA1YemZjeFHrohdhEBmJwc4NiHqH8e52fm5GXYoSTbq/ZEvch1xAqbBWggwWGqhOkvZ3p2WeIjlJwo9fjIoxILM+6aLqk9lOgPlyx1vPAK8uiyL+OWImfnrmnL1CGwrEnUHsuaW+IY50LpTdReS/aPmmQN1oGqDkcPrN/RdgSHRvHDcUFWoCbYn41Ihtj6AT4IREaGdn5oJnBa1DEN3sThTL5FVh0AM+k5qDZjxJ44ZqnBhenmKL70dJYp/MDpUXvJ1DQeNaRvBvwgFD51QNn/sfhHyhpMa1j0k8zAIpZTzPOIqU2OydAsO4LPSJgYvi1T7Ycl7psCHrrZ4+hQsW5iyISDUl0ReF+cmQ1iBM+9bdaxksrRdMTlTCkWlCq+dBQsSoHwXptwyYt+qA9mPBRdlomG3A4L0Hb+ikEc/YrxtKSVEKqfqdGHAS3PeqbaPEUK1n20onpNErFiL4aOweQZdDKgWWoBGRIB4pxW6rdPGwPga5rUmO6ZNvHYzbNrMiTanypwxb7gBNiK3Yz83e+ME2l8AdXvydu7h82jxMRCc/llO5NBQ35V/7syGxdzg1LJe/JlExY1y6IhNYh903evN7j1sYxnFJVWHqgQY2eFxTpwzxuzuXYd6jb43foO41ktZW6Z2O7+x0hlErveb3sjPLHipfqkbhtBWZKVKWh28oTkQC8ofOHln2TPNTYOHbgw+0bfXc5yt+Z5MoqU/AD9H8NoUbRfCikEZBqek7Bec7MhxFrWQDOeJMw+chDsbkudYVygT2cESgkhZoprpRr0Z/OSpdo58rMrglJGSzYjBzobQdipYCikXE5p31gUA9yPe5QEiRLpn7FfvpLD4+T2EmB6HmynhX6GBKUHACj7e1X5SjdjfyHa4+r+7Q1BJPgJqm8mtoCa4yxvO8BJDdrcWOEn4sQepNqqJjGDZbJWVGbVIbcyd1V9/uDxCSL+UN1180LCkREG7CxzaEnKHT5iEPSCRzuXGw1OnVzRAiHgnxE5Opm9qyZKaykwIT4Hgh1NGiM/KO50qvgTrV4pL5DhKVTT3u0q8ozNlAHsFPq5I4+E9Mz3VuMx9JkhdoI4FcnLfIYMjUatXu7hkRarLAAccYKkT0Zz3H9aGqgUhXyz68JwRVcT8DUQfVMuMAyZ1OOMPEuACX2U5Y+bmxHR/IP+KqOhNO+4nvNPwUfH3fEIfZrKPtJYfVkkUDBDI7MAoIs1uMT/2AHoWyV19ZirrwZ53jlrQCaYPFT7rHtTcHhM4xpgezgoY312VTrs07knE94EQ8b0nSwA8/eEBWoTBSP27W6imZIjVaBhN4hjX7r8PtJLxEtDMza1t6vvi48lnF+gXwFprbAiX9G+hUYRST2vPJiKSw//VPlMjTnKFkkRT6joG3dCRfwfJc0NQjHFIyMLKmeR4A/5XZzx6OG1Kl8jcyG/WRbscfsjOSrNpjpRtryquTIi+u7OrPaNP0jUxljQiX2QXy+qvTIyj48QFmcCnpKaQ4H6A5iDgMhKQvugEXjboQ20ljfYwzXDHXxJLB1LDwcxWrKrab57NgA4fmytM2MCqvhdpoj+29v2HT7AExYOY8mK7sLYLaEe2SNo6vXxIhiYQW1NkkN2Ooa9aaEGpp+hg/+iWxMeuaC2/V1/TeyBQQLTAOkNX0rngbV0epuvj1s85WD0IZac5wO+LOjC2jmva1kXpOLc979FoNpDua7rx//bw3x8HctoTDgEbWQSWWzNWGy+yRIm3z/o8EiORTopYc2fzTTE/87MOi/yEl8LbyWNWGcgnKGmTyxs2BLo6ttREb6COMW1t3KNZJqOBqF7Uc498nhFbHRtppR40rldkLIKsMV5g5RIzNRFNKtq2X+GDdF21aIqzIO0M9OLTUV4GgADmKlfKpGnRA9NQQKuuu1SaicVmQeXDaGdPUVqVUavQT51F33D6UfU7GMxlYK9kXuKkt1gPq+l9k1hSrj8tDR2sOpuikAeaKaI3ZfjLkNBXHS96TJcd4UaqxLHTF6idaNo1yGf7dbTfeHjg685zdvGYujbcZwu/yDeK6qYCEx4WeqNLf2/ekDAs5oZv/Pd36Pk8w015OGUHXbp6G/68ye3T+JuRxuu7W1wMoJZzUdp00fiFTiekuDLlLuOZUja7wD3G/R6h4IRmh2XLFzebXmb2S/jVnGKLwXU4/BA1QrtANu4Q1FgrMXOfnv/HicjBrUjv3iiwMF+9ftxZiVLOxHrWL1fuIJ6b5bLx3ndQxJ3gWbrDjgCBbs8f5apH0mff0MVukB2Yv4j00aoXTbFI3WvNt6HLjejI
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "malware-sample",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "malware-sample",
            "uuid": "8ce9ee8f-37d6-4158-b628-4b7c99820446",
            "value": "INV0027378237.7z|a86cc9672c8c4fdf34fba38b7c63562b"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "mimetype",
            "timestamp": "1693208159",
            "to_ids": false,
            "type": "mime-type",
            "uuid": "95fa1f9e-d3d0-41c7-9122-99f7aeff1165",
            "value": "application/x-rar"
          },
          {
            "category": "Payload delivery",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "ssdeep",
            "timestamp": "1693208159",
            "to_ids": true,
            "type": "ssdeep",
            "uuid": "b9e6ced1-94ea-41dd-bf22-bd05b7158ff0",
            "value": "12288:AnTypEagRPxTZO6ce2gNTb0TjxEH1vfV6ZO2tdXpViQn/l:AnTsIFO6ce22TgTjGVvtH2tJn/l"
          }
        ]
      },
      {
        "comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",
        "deleted": false,
        "description": "VirusTotal report",
        "meta-category": "misc",
        "name": "virustotal-report",
        "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
        "template_version": "4",
        "timestamp": "1693208436",
        "uuid": "d860e45d-45c4-4cc6-853a-a4919ef1c06b",
        "Attribute": [
          {
            "category": "External analysis",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "permalink",
            "timestamp": "1693208436",
            "to_ids": false,
            "type": "link",
            "uuid": "b853e550-4918-40e3-bb39-571acc853087",
            "value": "https://www.virustotal.com/gui/file/e8cdb541ecfffd85cd71fe64b08ed06728b7c14c4079a51b85b0032178338617"
          },
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "detection-ratio",
            "timestamp": "1693208436",
            "to_ids": false,
            "type": "text",
            "uuid": "1e8f7783-19db-4356-853e-d23973c22573",
            "value": "31/56"
          }
        ]
      },
      {
        "comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",
        "deleted": false,
        "description": "VirusTotal report",
        "meta-category": "misc",
        "name": "virustotal-report",
        "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
        "template_version": "4",
        "timestamp": "1693208436",
        "uuid": "e531372c-3160-47dc-91dc-5f87dad65f8b",
        "Attribute": [
          {
            "category": "External analysis",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "permalink",
            "timestamp": "1693208436",
            "to_ids": false,
            "type": "link",
            "uuid": "fcab2487-2cf9-4116-8ae5-f43b25ce567a",
            "value": "https://www.virustotal.com/gui/ip_address/89.117.55.98"
          },
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "detection-ratio",
            "timestamp": "1693208436",
            "to_ids": false,
            "type": "text",
            "uuid": "7fe503fe-22c9-4c01-a320-bf8b2602bb3f",
            "value": "4/88"
          }
        ]
      },
      {
        "comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",
        "deleted": false,
        "description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",
        "meta-category": "network",
        "name": "domain-ip",
        "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
        "template_version": "11",
        "timestamp": "1693208436",
        "uuid": "ddf4454a-6f31-4e1d-8493-c61a53a966ad",
        "Attribute": [
          {
            "category": "Network activity",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "ip",
            "timestamp": "1693208436",
            "to_ids": true,
            "type": "ip-dst",
            "uuid": "b283ed46-153f-4a06-bfea-7e3cb71dc566",
            "value": "89.117.55.98"
          }
        ]
      }
    ]
  }
}
chg: [feeder] updated 2023-12-14 13:47:04 +00:00			`{`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`"Event": {`
			`"analysis": "2",`
			`"date": "2023-08-28",`
			`"extends_uuid": "",`
			`"info": "Pandora analysis (INV0027378237.7z) - Malicious attachment",`
			`"publish_timestamp": "1693208742",`
			`"published": true,`
			`"threat_level_id": "3",`
			`"timestamp": "1693208729",`
			`"uuid": "f33a2168-bea2-4b71-82ab-5e766c0a9227",`
			`"Orgc": {`
			`"name": "CIRCL",`
			`"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"`
			`},`
			`"Tag": [`
			`{`
			`"colour": "#004646",`
			`"local": "1",`
			`"name": "type:OSINT",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#0071c3",`
			`"local": "1",`
			`"name": "osint:lifetime=\"perpetual\"",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#0087e8",`
			`"local": "1",`
			`"name": "osint:certainty=\"50\"",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#ffffff",`
			`"local": "1",`
			`"name": "tlp:white",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#ffffff",`
			`"local": "1",`
			`"name": "tlp:clear",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#0088cc",`
			`"local": "0",`
			`"name": "misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#0088cc",`
			`"local": "0",`
			`"name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\"",`
			`"relationship_type": ""`
			`}`
			`],`
			`"Attribute": [`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1693208501",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "8c7ff5bc-468a-45de-a2fd-f75b9c193763",`
			`"value": "rex1010.duckdns.org"`
			`}`
			`],`
			`"Object": [`
			`{`
			`"comment": "",`
			`"deleted": false,`
			`"description": "File object describing a file with meta-information",`
			`"meta-category": "file",`
			`"name": "file",`
			`"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",`
			`"template_version": "24",`
			`"timestamp": "1693208159",`
			`"uuid": "36bafd04-5fd8-4339-ac39-329f9a3a7081",`
			`"Attribute": [`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "filename",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "filename",`
			`"uuid": "07e59717-d67c-4e6d-8b52-e9c427ef61ef",`
			`"value": "INV0027378237.7z"`
			`},`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "size-in-bytes",`
			`"timestamp": "1693208159",`
			`"to_ids": false,`
			`"type": "size-in-bytes",`
			`"uuid": "36bc2dd1-e15a-434a-9a4a-0451041c9bf7",`
			`"value": "581791"`
			`},`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "entropy",`
			`"timestamp": "1693208159",`
			`"to_ids": false,`
			`"type": "float",`
			`"uuid": "601375d3-06ef-4900-b3f3-b45bd78946bb",`
			`"value": "7.99916572661"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "md5",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "md5",`
			`"uuid": "849b0688-55ef-46c2-8e6f-ce53e71b2e5b",`
			`"value": "a86cc9672c8c4fdf34fba38b7c63562b"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "sha1",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "sha1",`
			`"uuid": "a1076d3a-a530-4f02-927c-b27b28ce595b",`
			`"value": "1b254621918e9f35783c870d045e6bc0ed66696a"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "sha256",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "sha256",`
			`"uuid": "64a711b0-8dfb-4ccb-962b-12164a6c4712",`
			`"value": "e8cdb541ecfffd85cd71fe64b08ed06728b7c14c4079a51b85b0032178338617"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "sha512",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "sha512",`
			`"uuid": "99ac94e8-26b6-40c6-b7b9-c598ebda8efa",`
			`"value": "bc43460df406c322ffa65d30eded395a278316c53e2892b870dca3db62f5f91bf30b0b3e54d0084eaa8e4f770a96ca9a547ea84568eb209fbfa9f26ec8ece75e"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			"data": "UEsDBBQACQAIAIA8HFfHwMx+BeEIAJ/gCAAgABwAYTg2Y2M5NjcyYzhjNGZkZjM0ZmJhMzhiN2M2MzU2MmJVVAkAA19O7GRfTuxkdXgLAAEEIQAAAAQhAAAAhcDf5laGsEuN7CfuDTFmQxugxqq7mFt1Kk75FRL1OFYxXP7l+20u3lflqf0oam6x1aA7Dp7rsll/uFrt6lF9I2LoMN8ctztXqvMBelTmsWZy4bYD/mg6b6Zd4PvyiqOQOX4X7w7VLEEiCZ13bHrr3eHyrm42z+NA3gUyil8h57styA8KBElR5HMpF8Jc0AZMYvNW392OUzmNyuykJW/FOo6dWfnc8T/hy/ZEB1XY5F+kt+7xA03lzL3tlpHE5HvoqUDVeIsqQfO79U8L4y9TLFelg2l2K/UyjOXayXa8KIk4CEGF5lkghCj1fKyVQpWV+sEMKxR4XvSJP5SFmriydtYD7Ur+ODqYak/NKMTUkt5M10evd4o9CU2UFvofKg/h8WZlzvZGiHp8XJKNqLgcoOAjB+xtl9tfyt0SoGYUNGC7noHQgm59GBeVLwLSCniL0spfLwPTuDiTm3E9kZSWe9mf+fKWbdTvarbLrQkNt8YruHkBBiurNCNH32Q7n88oUWiDDnmCrdH29JwJP6kGvRcVyCD3hJWQRQB5cRemMXX3QFgRBzRnpQhH1KjM1ms4Hw+uz7PfEygUS1IUZNWB/jGGUbP3ACEvpiFbv2aRBp85u9Xi1yZsS8dmFZieWreEmppcSAbtEZllw2VOgKepQfk15TSYb31Fx1844muPOo6HO326GqOPCQCfXSskEN7Z/zHMUahLXPvsjDZCnwhfIwOyx+9Ua8/TT7xxWL7XVlQ/hUCy9flrErzewdjKL8WWsoNyzercsxJY+BP/1RQ3DTzjh/Fe1aM8MC2letdHx9vzpe7HIA+bFbhql+hAh4+qgOfrIbMRyIgrmTM/stL4AxoDLP0zceL9Dj1/fNud0xGeD2+jiY9/QlOfVXCa7cbPlYVtNstA7tO0k+5pk6xTs51foAA04R+o8R4KNQPq7Oc4BZdcgdnafZl/cmK/eWltMXoeWNnQKpHANgAXqY2KMCVVXRiHzovhRtNZNVohzJ2fTK7AD1zTr+fQ4sjNoW+HzYJnFFcdMiFDa9u5hIBie6qk+TeZn6jGlYFRs8PwN9teLaEdcGni5vrT4sPyyV63wwc1H+TXJOopq8L3g+PnptcbXljwwn2P5rq5+YUd9PLqe6PC44w3p1QbbAkefsV6IMECJ7xW2taWSXhnRiIH6WTwsvqtJbH7icxOkAwOEZ7CshTB5fGYdCQRz16dRgecr+QPT6yxJuRThuekdbyi3DRTi5yltoWHCAaHqxxIn91a/t+a4AVXgMeh+rJsvNiiM+ZqJQ42LOqL/Bzg2JMwsvTFXbBxYtL4R3/d9STPEjnSN6s6flwxD7FUdJLFNa7FW++rentD6VZoPyH5b3gapIr1xG6/3ifnQVIlYhPQ3GF2aR/VXRq3HvG3o1SKI5zNgt4f+LqeOOxAriKgcv9O2TpABC34zsZ0FS9gk9RgNMM6h54T5G4aDT2gi/4RhvUahviExJ+k8K5iRvJcWj96m6wIqL37+ZyFnEeo/qjTDq1UxEiCsbHu2PCYoKo7qZkgw9jPQpHpGPnzS8fmvivU7OkF0YZhYAwS/xp3vT+cF9hb8ew471hg8uh4VDCpaGzumz8H91ONMXXcfw24KdbVgEaQ1ORn3qRjjUnnV7zCDVnuFhX9/ykal7iIA1YemZjeFHrohdhEBmJwc4NiHqH8e52fm5GXYoSTbq/ZEvch1xAqbBWggwWGqhOkvZ3p2WeIjlJwo9fjIoxILM+6aLqk9lOgPlyx1vPAK8uiyL+OWImfnrmnL1CGwrEnUHsuaW+IY50LpTdReS/aPmmQN1oGqDkcPrN/RdgSHRvHDcUFWoCbYn41Ihtj6AT4IREaGdn5oJnBa1DEN3sThTL5FVh0AM+k5qDZjxJ44ZqnBhenmKL70dJYp/MDpUXvJ1DQeNaRvBvwgFD51QNn/sfhHyhpMa1j0k8zAIpZTzPOIqU2OydAsO4LPSJgYvi1T7Ycl7psCHrrZ4+hQsW5iyISDUl0ReF+cmQ1iBM+9bdaxksrRdMTlTCkWlCq+dBQsSoHwXptwyYt+qA9mPBRdlomG3A4L0Hb+ikEc/YrxtKSVEKqfqdGHAS3PeqbaPEUK1n20onpNErFiL4aOweQZdDKgWWoBGRIB4pxW6rdPGwPga5rUmO6ZNvHYzbNrMiTanypwxb7gBNiK3Yz83e+ME2l8AdXvydu7h82jxMRCc/llO5NBQ35V/7syGxdzg1LJe/JlExY1y6IhNYh903evN7j1sYxnFJVWHqgQY2eFxTpwzxuzuXYd6jb43foO41ktZW6Z2O7+x0hlErveb3sjPLHipfqkbhtBWZKVKWh28oTkQC8ofOHln2TPNTYOHbgw+0bfXc5yt+Z5MoqU/AD9H8NoUbRfCikEZBqek7Bec7MhxFrWQDOeJMw+chDsbkudYVygT2cESgkhZoprpRr0Z/OSpdo58rMrglJGSzYjBzobQdipYCikXE5p31gUA9yPe5QEiRLpn7FfvpLD4+T2EmB6HmynhX6GBKUHACj7e1X5SjdjfyHa4+r+7Q1BJPgJqm8mtoCa4yxvO8BJDdrcWOEn4sQepNqqJjGDZbJWVGbVIbcyd1V9/uDxCSL+UN1180LCkREG7CxzaEnKHT5iEPSCRzuXGw1OnVzRAiHgnxE5Opm9qyZKaykwIT4Hgh1NGiM/KO50qvgTrV4pL5DhKVTT3u0q8ozNlAHsFPq5I4+E9Mz3VuMx9JkhdoI4FcnLfIYMjUatXu7hkRarLAAccYKkT0Zz3H9aGqgUhXyz68JwRVcT8DUQfVMuMAyZ1OOMPEuACX2U5Y+bmxHR/IP+KqOhNO+4nvNPwUfH3fEIfZrKPtJYfVkkUDBDI7MAoIs1uMT/2AHoWyV19ZirrwZ53jlrQCaYPFT7rHtTcHhM4xpgezgoY312VTrs07knE94EQ8b0nSwA8/eEBWoTBSP27W6imZIjVaBhN4hjX7r8PtJLxEtDMza1t6vvi48lnF+gXwFprbAiX9G+hUYRST2vPJiKSw//VPlMjTnKFkkRT6joG3dCRfwfJc0NQjHFIyMLKmeR4A/5XZzx6OG1Kl8jcyG/WRbscfsjOSrNpjpRtryquTIi+u7OrPaNP0jUxljQiX2QXy+qvTIyj48QFmcCnpKaQ4H6A5iDgMhKQvugEXjboQ20ljfYwzXDHXxJLB1LDwcxWrKrab57NgA4fmytM2MCqvhdpoj+29v2HT7AExYOY8mK7sLYLaEe2SNo6vXxIhiYQW1NkkN2Ooa9aaEGpp+hg/+iWxMeuaC2/V1/TeyBQQLTAOkNX0rngbV0epuvj1s85WD0IZac5wO+LOjC2jmva1kXpOLc979FoNpDua7rx//bw3x8HctoTDgEbWQSWWzNWGy+yRIm3z/o8EiORTopYc2fzTTE/87MOi/yEl8LbyWNWGcgnKGmTyxs2BLo6ttREb6COMW1t3KNZJqOBqF7Uc498nhFbHRtppR40rldkLIKsMV5g5RIzNRFNKtq2X+GDdF21aIqzIO0M9OLTUV4GgADmKlfKpGnRA9NQQKuuu1SaicVmQeXDaGdPUVqVUavQT51F33D6UfU7GMxlYK9kXuKkt1gPq+l9k1hSrj8tDR2sOpuikAeaKaI3ZfjLkNBXHS96TJcd4UaqxLHTF6idaNo1yGf7dbTfeHjg685zdvGYujbcZwu/yDeK6qYCEx4WeqNLf2/ekDAs5oZv/Pd36Pk8w015OGUHXbp6G/68ye3T+JuRxuu7W1wMoJZzUdp00fiFTiekuDLlLuOZUja7wD3G/R6h4IRmh2XLFzebXmb2S/jVnGKLwXU4/BA1QrtANu4Q1FgrMXOfnv/HicjBrUjv3iiwMF+9ftxZiVLOxHrWL1fuIJ6b5bLx3ndQxJ3gWbrDjgCBbs8f5apH0mff0MVukB2Yv4j00aoXTbFI3WvNt6HLjejI
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "malware-sample",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "malware-sample",`
			`"uuid": "8ce9ee8f-37d6-4158-b628-4b7c99820446",`
			`"value": "INV0027378237.7z\|a86cc9672c8c4fdf34fba38b7c63562b"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "mimetype",`
			`"timestamp": "1693208159",`
			`"to_ids": false,`
			`"type": "mime-type",`
			`"uuid": "95fa1f9e-d3d0-41c7-9122-99f7aeff1165",`
			`"value": "application/x-rar"`
			`},`
			`{`
			`"category": "Payload delivery",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "ssdeep",`
			`"timestamp": "1693208159",`
			`"to_ids": true,`
			`"type": "ssdeep",`
			`"uuid": "b9e6ced1-94ea-41dd-bf22-bd05b7158ff0",`
			`"value": "12288:AnTypEagRPxTZO6ce2gNTb0TjxEH1vfV6ZO2tdXpViQn/l:AnTsIFO6ce22TgTjGVvtH2tJn/l"`
			`}`
			`]`
			`},`
			`{`
			`"comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",`
			`"deleted": false,`
			`"description": "VirusTotal report",`
			`"meta-category": "misc",`
			`"name": "virustotal-report",`
			`"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",`
			`"template_version": "4",`
			`"timestamp": "1693208436",`
			`"uuid": "d860e45d-45c4-4cc6-853a-a4919ef1c06b",`
			`"Attribute": [`
			`{`
			`"category": "External analysis",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "permalink",`
			`"timestamp": "1693208436",`
			`"to_ids": false,`
			`"type": "link",`
			`"uuid": "b853e550-4918-40e3-bb39-571acc853087",`
			`"value": "https://www.virustotal.com/gui/file/e8cdb541ecfffd85cd71fe64b08ed06728b7c14c4079a51b85b0032178338617"`
			`},`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "detection-ratio",`
			`"timestamp": "1693208436",`
			`"to_ids": false,`
			`"type": "text",`
			`"uuid": "1e8f7783-19db-4356-853e-d23973c22573",`
			`"value": "31/56"`
			`}`
			`]`
			`},`
			`{`
			`"comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",`
			`"deleted": false,`
			`"description": "VirusTotal report",`
			`"meta-category": "misc",`
			`"name": "virustotal-report",`
			`"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",`
			`"template_version": "4",`
			`"timestamp": "1693208436",`
			`"uuid": "e531372c-3160-47dc-91dc-5f87dad65f8b",`
			`"Attribute": [`
			`{`
			`"category": "External analysis",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "permalink",`
			`"timestamp": "1693208436",`
			`"to_ids": false,`
			`"type": "link",`
			`"uuid": "fcab2487-2cf9-4116-8ae5-f43b25ce567a",`
			`"value": "https://www.virustotal.com/gui/ip_address/89.117.55.98"`
			`},`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "detection-ratio",`
			`"timestamp": "1693208436",`
			`"to_ids": false,`
			`"type": "text",`
			`"uuid": "7fe503fe-22c9-4c01-a320-bf8b2602bb3f",`
			`"value": "4/88"`
			`}`
			`]`
			`},`
			`{`
			`"comment": "1b254621918e9f35783c870d045e6bc0ed66696a: Enriched via the virustotal module",`
			`"deleted": false,`
			`"description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",`
			`"meta-category": "network",`
			`"name": "domain-ip",`
			`"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",`
			`"template_version": "11",`
			`"timestamp": "1693208436",`
			`"uuid": "ddf4454a-6f31-4e1d-8493-c61a53a966ad",`
			`"Attribute": [`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "ip",`
			`"timestamp": "1693208436",`
			`"to_ids": true,`
			`"type": "ip-dst",`
			`"uuid": "b283ed46-153f-4a06-bfea-7e3cb71dc566",`
			`"value": "89.117.55.98"`
			`}`
			`]`
			`}`
chg: [feeder] updated 2023-12-14 13:47:04 +00:00			`]`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`}`
chg: [feeder] updated 2023-12-14 13:47:04 +00:00			`}`