2101 lines
62 KiB
JSON
2101 lines
62 KiB
JSON
|
{
|
||
|
"Event": {
|
||
|
"analysis": "1",
|
||
|
"date": "2017-09-12",
|
||
|
"extends_uuid": "",
|
||
|
"info": "M2M - Locky 2017-09-11/11 : Affid=3, \".lukitus\" : \"Bankwest - You have a new eStatement\" - /statement.html links",
|
||
|
"publish_timestamp": "1505225731",
|
||
|
"published": true,
|
||
|
"threat_level_id": "3",
|
||
|
"timestamp": "1505225722",
|
||
|
"uuid": "59b7cd9e-57e4-42c6-b1ce-440d950d210f",
|
||
|
"Orgc": {
|
||
|
"name": "CIRCL",
|
||
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
||
|
},
|
||
|
"Tag": [
|
||
|
{
|
||
|
"colour": "#ffffff",
|
||
|
"name": "tlp:white"
|
||
|
},
|
||
|
{
|
||
|
"colour": "#006c6c",
|
||
|
"name": "ecsirt:malicious-code=\"ransomware\""
|
||
|
},
|
||
|
{
|
||
|
"colour": "#0088cc",
|
||
|
"name": "misp-galaxy:ransomware=\"Locky\""
|
||
|
}
|
||
|
],
|
||
|
"Attribute": [
|
||
|
{
|
||
|
"category": "Artifacts dropped",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "md5",
|
||
|
"uuid": "59b7cd9f-981c-4c2c-8b53-46fb950d210f",
|
||
|
"value": "2518037ef7d7524a631c4bf9086428f8"
|
||
|
},
|
||
|
{
|
||
|
"category": "Artifacts dropped",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "md5",
|
||
|
"uuid": "59b7cd9f-56d4-428f-b365-4303950d210f",
|
||
|
"value": "230606dd8b0d62e2a8a04ef61b2d8707"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda0-1474-48af-ae04-02b8950d210f",
|
||
|
"value": "http://420ent.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda0-8008-44f0-8882-02fa950d210f",
|
||
|
"value": "420ent.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "420ent.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda0-bc48-42cb-bc1d-4079950d210f",
|
||
|
"value": "98.124.251.72"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda0-62b8-4017-857d-4ff8950d210f",
|
||
|
"value": "http://afilhadaemmocambique.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda1-f198-4ba3-81e6-02fc950d210f",
|
||
|
"value": "afilhadaemmocambique.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "afilhadaemmocambique.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda1-9414-48a4-8dd1-4ad4950d210f",
|
||
|
"value": "80.172.241.21"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda1-19d8-42bc-a278-469d950d210f",
|
||
|
"value": "http://beepop.info/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda1-95c4-41f2-90c3-49bd950d210f",
|
||
|
"value": "beepop.info"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "beepop.info",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda2-d150-464f-9460-02b8950d210f",
|
||
|
"value": "217.160.239.66"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda2-595c-482d-9250-02fa950d210f",
|
||
|
"value": "http://bellevuecommunityband.org/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda2-8c30-4fc1-81db-4ea4950d210f",
|
||
|
"value": "bellevuecommunityband.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "bellevuecommunityband.org",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda2-f090-4d88-a586-02fc950d210f",
|
||
|
"value": "64.6.227.247"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda3-83e0-413e-99b6-432c950d210f",
|
||
|
"value": "http://bingleybuilder.co.uk/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda3-8f64-4c01-9fcf-48f8950d210f",
|
||
|
"value": "bingleybuilder.co.uk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "bingleybuilder.co.uk",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
|
||
|
"value": "77.68.14.29"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda3-ac68-4ef5-b5b8-40bb950d210f",
|
||
|
"value": "http://cedricanimation.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda3-af98-4fce-98a9-4edf950d210f",
|
||
|
"value": "cedricanimation.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "cedricanimation.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda4-5e40-42b8-af4d-4b76950d210f",
|
||
|
"value": "92.48.103.161"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda4-31ac-4cfa-9241-02fa950d210f",
|
||
|
"value": "http://chimachinenow.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda4-8620-407e-9298-473e950d210f",
|
||
|
"value": "chimachinenow.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "chimachinenow.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
|
||
|
"value": "199.30.241.139"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda4-68e8-4642-9a56-468a950d210f",
|
||
|
"value": "http://comtechadsl.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda5-a968-4378-8a21-02fc950d210f",
|
||
|
"value": "comtechadsl.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "comtechadsl.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda5-3a70-4eee-87ef-4bc3950d210f",
|
||
|
"value": "77.92.1.3"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda5-ead0-4524-9537-4314950d210f",
|
||
|
"value": "http://conectivaconsultores.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda5-be2c-457f-a257-4318950d210f",
|
||
|
"value": "conectivaconsultores.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "conectivaconsultores.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda6-2984-4acd-810d-4061950d210f",
|
||
|
"value": "84.232.4.8"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda6-01ac-454c-83e0-4128950d210f",
|
||
|
"value": "http://crystalballcruise.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda6-9f18-45c5-9e43-02b8950d210f",
|
||
|
"value": "crystalballcruise.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "crystalballcruise.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda8-493c-4a66-a40b-49bd950d210f",
|
||
|
"value": "173.193.126.154"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda8-3424-4dbb-99e4-4830950d210f",
|
||
|
"value": "http://cutwell.ca/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda8-896c-4b97-b43e-02fc950d210f",
|
||
|
"value": "cutwell.ca"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "cutwell.ca",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda8-81f4-4734-a4a0-4d14950d210f",
|
||
|
"value": "98.124.251.68"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda8-d684-4889-b398-4b14950d210f",
|
||
|
"value": "http://dbatee.gr/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda8-f124-4c1e-89ff-4345950d210f",
|
||
|
"value": "dbatee.gr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "dbatee.gr",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda9-f2d4-45ee-90d9-4a70950d210f",
|
||
|
"value": "62.103.152.100"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cda9-a1a0-4d49-a5ea-4ffe950d210f",
|
||
|
"value": "http://duaneandirisblue.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cda9-1d68-4a52-a8b7-4592950d210f",
|
||
|
"value": "duaneandirisblue.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "duaneandirisblue.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cda9-9ee0-4456-9aba-45e1950d210f",
|
||
|
"value": "68.171.35.126"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdaa-47c4-405a-b804-02b8950d210f",
|
||
|
"value": "http://e-chards.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdaa-fec8-43b9-aeb2-4783950d210f",
|
||
|
"value": "e-chards.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "e-chards.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdaa-13c0-46cf-a002-412e950d210f",
|
||
|
"value": "64.6.253.223"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdaa-1f04-4bf7-9ddc-42c2950d210f",
|
||
|
"value": "http://envi-herzog.de/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdaa-1ee0-4c8a-a900-4c1d950d210f",
|
||
|
"value": "envi-herzog.de"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "envi-herzog.de",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdab-5804-4f89-845b-4697950d210f",
|
||
|
"value": "194.116.187.130"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdab-4ab4-42e7-8030-4511950d210f",
|
||
|
"value": "http://ericweb.co.za/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdab-e008-42d9-835d-489b950d210f",
|
||
|
"value": "ericweb.co.za"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "ericweb.co.za",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdac-90fc-4582-afc9-4bac950d210f",
|
||
|
"value": "196.25.211.127"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdac-25e8-4fb6-9377-460c950d210f",
|
||
|
"value": "http://eternallyclassicjewelry.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdac-de70-4073-b19e-441b950d210f",
|
||
|
"value": "eternallyclassicjewelry.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "eternallyclassicjewelry.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdac-382c-455f-8b9e-49b7950d210f",
|
||
|
"value": "98.124.251.166"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdad-28ac-4ffb-92a5-4eff950d210f",
|
||
|
"value": "http://excel-conduite.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdad-8968-4c43-8902-45cf950d210f",
|
||
|
"value": "excel-conduite.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "excel-conduite.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdad-ef1c-45d4-b95e-4052950d210f",
|
||
|
"value": "193.227.248.241"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdad-6dd4-4803-a972-42de950d210f",
|
||
|
"value": "http://expresspermis.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdad-63a0-4bcd-800c-43c6950d210f",
|
||
|
"value": "expresspermis.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdae-f464-43d0-9dd2-4a5a950d210f",
|
||
|
"value": "http://fexx.co.uk/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdae-5730-46a6-a1ea-4bc6950d210f",
|
||
|
"value": "fexx.co.uk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb5-e28c-4770-bf33-02b8950d210f",
|
||
|
"value": "http://fiore-web.it/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb5-936c-4d3a-a702-4acc950d210f",
|
||
|
"value": "fiore-web.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "fiore-web.it",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdb5-4fc8-4726-84c3-4b54950d210f",
|
||
|
"value": "89.96.90.14"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb5-dc48-429f-a4e1-46db950d210f",
|
||
|
"value": "http://hostprodirect.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb5-31c4-43ea-8cea-42ef950d210f",
|
||
|
"value": "hostprodirect.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "hostprodirect.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdb6-0a30-410c-8d58-4740950d210f",
|
||
|
"value": "209.213.100.202"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb6-1338-4b45-932e-49d0950d210f",
|
||
|
"value": "http://irmak.web.tr/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb6-21a4-4911-9130-4b59950d210f",
|
||
|
"value": "irmak.web.tr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "irmak.web.tr",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
|
||
|
"value": "82.151.132.24"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb7-0ff8-4303-b6ea-4913950d210f",
|
||
|
"value": "http://jenyeong.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb7-c188-4caa-8bf7-459f950d210f",
|
||
|
"value": "jenyeong.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "jenyeong.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdb7-1ccc-4919-babc-40cd950d210f",
|
||
|
"value": "203.74.203.14"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb8-cbb4-4459-8bc0-47ad950d210f",
|
||
|
"value": "http://lakeroadlavender.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb8-29f0-43f1-85be-43bd950d210f",
|
||
|
"value": "lakeroadlavender.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "lakeroadlavender.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdb8-2870-467a-86ce-41a7950d210f",
|
||
|
"value": "66.199.174.108"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdb8-5368-45f8-b85e-4058950d210f",
|
||
|
"value": "http://linksoft.co.nz/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdb9-3724-4010-a5de-41af950d210f",
|
||
|
"value": "linksoft.co.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "linksoft.co.nz",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbb-44f8-4ee4-930f-4181950d210f",
|
||
|
"value": "49.50.240.107"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbb-a3b4-41d9-ad06-4eb2950d210f",
|
||
|
"value": "http://matern-eger.de/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbb-a990-4038-bc74-46a1950d210f",
|
||
|
"value": "matern-eger.de"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "matern-eger.de",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
|
||
|
"value": "87.106.222.105"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbc-56ec-42ab-9e28-445f950d210f",
|
||
|
"value": "http://mysushi.it/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbc-ae8c-4f9d-bb57-48b5950d210f",
|
||
|
"value": "mysushi.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "mysushi.it",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbc-1ad4-454d-97df-4be2950d210f",
|
||
|
"value": "93.174.71.137"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbc-14f4-44ed-8cdf-466d950d210f",
|
||
|
"value": "http://pciholog.ru/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbd-6354-4e39-b860-4387950d210f",
|
||
|
"value": "pciholog.ru"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "pciholog.ru",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbd-d370-4bd1-af60-02fc950d210f",
|
||
|
"value": "89.253.235.118"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbd-d058-4521-8d85-4138950d210f",
|
||
|
"value": "http://phmetreci.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbd-5180-414c-9f01-43f0950d210f",
|
||
|
"value": "phmetreci.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "phmetreci.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbe-6594-4d20-869c-4765950d210f",
|
||
|
"value": "185.150.128.21"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbe-f288-44bd-b7f3-4c33950d210f",
|
||
|
"value": "http://placecomp.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbe-797c-4984-9e7c-02b8950d210f",
|
||
|
"value": "placecomp.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "placecomp.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbe-80dc-487d-8372-45ca950d210f",
|
||
|
"value": "74.208.88.65"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbe-d740-447b-a1b2-4589950d210f",
|
||
|
"value": "http://primitivoconstruction.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbe-d2a0-416f-aff1-4ca2950d210f",
|
||
|
"value": "primitivoconstruction.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "primitivoconstruction.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbf-9888-4cbb-be4e-406c950d210f",
|
||
|
"value": "216.222.197.180"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdbf-6598-40da-a160-430d950d210f",
|
||
|
"value": "http://quadratus.nl/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdbf-b038-4577-8d44-4f77950d210f",
|
||
|
"value": "quadratus.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "quadratus.nl",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdbf-5b9c-44e2-845b-02fc950d210f",
|
||
|
"value": "94.126.70.17"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc0-4f24-4203-b59b-41bc950d210f",
|
||
|
"value": "http://rb.si/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc0-7ed4-4db0-abba-4798950d210f",
|
||
|
"value": "rb.si"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc0-f6a4-404b-84bc-4325950d210f",
|
||
|
"value": "http://redboxcontracting.co.uk/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc1-cfcc-45ac-856a-40a1950d210f",
|
||
|
"value": "redboxcontracting.co.uk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "redboxcontracting.co.uk",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc1-51dc-4114-9d31-02b8950d210f",
|
||
|
"value": "77.240.1.138"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc1-baf8-497d-b726-481f950d210f",
|
||
|
"value": "http://reels.apa-agency.com/~apalibrary/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc1-671c-40c8-adae-42b1950d210f",
|
||
|
"value": "reels.apa-agency.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "reels.apa-agency.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc2-28bc-4155-901a-4e79950d210f",
|
||
|
"value": "97.74.6.140"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc2-ffbc-414b-b8ee-422d950d210f",
|
||
|
"value": "http://sabines-marmeladen.de/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc2-3520-4dc3-87d3-4156950d210f",
|
||
|
"value": "sabines-marmeladen.de"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "sabines-marmeladen.de",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
|
||
|
"value": "178.77.75.180"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc2-1fb4-4151-b933-4ef7950d210f",
|
||
|
"value": "http://schoensigns.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc3-3f54-4b94-bc28-4812950d210f",
|
||
|
"value": "schoensigns.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "schoensigns.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
|
||
|
"value": "184.168.126.30"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc3-0ec0-4b34-ac1f-02fc950d210f",
|
||
|
"value": "http://scouting-bvb.nl/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc3-ef4c-49d8-81c3-4ed7950d210f",
|
||
|
"value": "scouting-bvb.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "scouting-bvb.nl",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc4-2f94-479a-9f10-44ce950d210f",
|
||
|
"value": "46.235.44.76"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc4-7d10-40bc-bb4e-4e81950d210f",
|
||
|
"value": "http://securmailbox.it/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc4-a390-4ee0-a951-46a6950d210f",
|
||
|
"value": "securmailbox.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc4-9ff0-4ef8-b5bc-4d16950d210f",
|
||
|
"value": "http://shanta.de/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc4-3758-4b3b-9597-4b29950d210f",
|
||
|
"value": "shanta.de"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "shanta.de",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
|
||
|
"value": "83.169.1.28"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc5-d3ac-4cf8-9de6-46b8950d210f",
|
||
|
"value": "http://share.be/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc5-d03c-4bb8-a1e2-4a56950d210f",
|
||
|
"value": "share.be"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "share.be",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
|
||
|
"value": "91.183.189.151"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc5-f778-45f3-8fb2-49c5950d210f",
|
||
|
"value": "http://shopsshops.de/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc5-b634-4ab2-87c6-02fc950d210f",
|
||
|
"value": "shopsshops.de"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "shopsshops.de",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc6-5ac4-4134-995f-4892950d210f",
|
||
|
"value": "62.75.132.67"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc6-a1f0-4362-a494-481b950d210f",
|
||
|
"value": "http://studiofashion.it/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc6-9db0-4daa-80d1-4d82950d210f",
|
||
|
"value": "studiofashion.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "studiofashion.it",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
|
||
|
"value": "185.58.7.11"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc6-9a3c-470b-92c2-4b95950d210f",
|
||
|
"value": "http://studioslefteris.gr/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc7-6654-4796-9669-4093950d210f",
|
||
|
"value": "studioslefteris.gr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "studioslefteris.gr",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc7-2db8-43ca-b58f-405a950d210f",
|
||
|
"value": "158.69.151.250"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc7-bc4c-4b49-a1a3-4f85950d210f",
|
||
|
"value": "http://tecnigrafite.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc7-2f20-426e-9284-4ef2950d210f",
|
||
|
"value": "tecnigrafite.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc8-d21c-4fda-ad4d-481f950d210f",
|
||
|
"value": "http://ukraine-consulting.com/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc8-3564-4773-9305-02fc950d210f",
|
||
|
"value": "ukraine-consulting.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "ukraine-consulting.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc8-4b6c-421a-823a-412a950d210f",
|
||
|
"value": "216.55.139.238"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc8-8014-4d09-9daa-452a950d210f",
|
||
|
"value": "http://veigadecompostela.es/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc9-f64c-4538-b966-4fda950d210f",
|
||
|
"value": "veigadecompostela.es"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "veigadecompostela.es",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdc9-d6c4-4854-91fe-4857950d210f",
|
||
|
"value": "185.18.197.109"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdc9-74d0-4c3d-be40-40ca950d210f",
|
||
|
"value": "http://villa-effe.jp/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdc9-fb98-45ea-b9af-41a5950d210f",
|
||
|
"value": "villa-effe.jp"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "villa-effe.jp",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdca-068c-40c5-8efb-41fe950d210f",
|
||
|
"value": "121.119.174.24"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdca-bd48-4e99-9ce4-424d950d210f",
|
||
|
"value": "http://yeserimmatbaa.com.tr/statement.html"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdcb-8390-4f84-952a-4c92950d210f",
|
||
|
"value": "yeserimmatbaa.com.tr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "yeserimmatbaa.com.tr",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdcb-e470-4d29-a3d8-02fc950d210f",
|
||
|
"value": "85.95.237.7"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdcb-dd1c-45f5-b945-438d950d210f",
|
||
|
"value": "http://wittinhohemmo.net/statement.php"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdcb-5288-4b24-9a1b-407c950d210f",
|
||
|
"value": "wittinhohemmo.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "wittinhohemmo.net",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdcf-2978-4f33-ad86-4afe950d210f",
|
||
|
"value": "47.88.55.29"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdcf-70c8-44e6-ab24-4ab4950d210f",
|
||
|
"value": "http://mh-service.ru/canbtcc.exe"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdcf-cc20-4490-b08b-4d4c950d210f",
|
||
|
"value": "mh-service.ru"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdcf-3558-4a72-b8d6-48a7950d210f",
|
||
|
"value": "http://alexkreeger.com/golgers.exe"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdcf-42c0-4397-abc4-4c1a950d210f",
|
||
|
"value": "alexkreeger.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd0-b51c-4cf3-a8a4-47f5950d210f",
|
||
|
"value": "http://mobius-group.com/ueunyli.exe"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd0-93e8-4f02-b0ac-40b8950d210f",
|
||
|
"value": "mobius-group.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "mobius-group.com",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
|
||
|
"value": "176.56.62.143"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd1-0d30-4b2b-93fd-473c950d210f",
|
||
|
"value": "http://185.67.2.156/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdd1-8e08-44b4-9901-47b7950d210f",
|
||
|
"value": "185.67.2.156"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd1-4710-4396-a9f8-4640950d210f",
|
||
|
"value": "http://217.106.238.89/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": false,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "59b7cdd1-c658-4f5b-829d-4f4a950d210f",
|
||
|
"value": "217.106.238.89"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd2-0c70-4e13-b411-4827950d210f",
|
||
|
"value": "http://euqfwticrd.su/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd2-c7c0-4759-99ab-02b8950d210f",
|
||
|
"value": "euqfwticrd.su"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd2-5740-4a39-b4a3-4510950d210f",
|
||
|
"value": "http://qljsukddh.ru/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd2-b684-4131-b644-4f27950d210f",
|
||
|
"value": "qljsukddh.ru"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd2-3674-4aca-b0ee-496c950d210f",
|
||
|
"value": "http://vbquoegxdqmhbs.work/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd3-3f70-467f-a10a-46f8950d210f",
|
||
|
"value": "vbquoegxdqmhbs.work"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd3-fc6c-438b-b2a3-4e4b950d210f",
|
||
|
"value": "http://xpjsvwvxsbnv.biz/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd3-4734-4a8d-b36c-02b8950d210f",
|
||
|
"value": "xpjsvwvxsbnv.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd3-e358-403a-b14f-4d4e950d210f",
|
||
|
"value": "http://uoivdwisd.pl/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd3-0184-462f-94f9-4038950d210f",
|
||
|
"value": "uoivdwisd.pl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd4-a1d0-4d08-982c-4f37950d210f",
|
||
|
"value": "http://dkbclsxl.su/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd4-2508-45bf-9db1-4bfe950d210f",
|
||
|
"value": "dkbclsxl.su"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd4-e0e8-4cea-9bfc-4f33950d210f",
|
||
|
"value": "http://xsmoouv.su/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd4-3bd0-40e9-9c85-4b76950d210f",
|
||
|
"value": "xsmoouv.su"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd4-9a94-4326-9774-4efa950d210f",
|
||
|
"value": "http://lkqmqgbpdle.su/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd5-88f4-4857-841e-4ae6950d210f",
|
||
|
"value": "lkqmqgbpdle.su"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd5-6288-407d-97fa-4c65950d210f",
|
||
|
"value": "http://opwpsjnhkshl.xyz/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd5-f264-42de-8b18-42d6950d210f",
|
||
|
"value": "opwpsjnhkshl.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd5-ed54-4f4d-87ad-02fc950d210f",
|
||
|
"value": "http://bhetakwouno.info/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd5-1b78-41c7-a1df-44c4950d210f",
|
||
|
"value": "bhetakwouno.info"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd5-26ac-4de8-94e5-4cdc950d210f",
|
||
|
"value": "http://wnobheuejtidtiip.info/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd6-3674-4fbb-badf-4336950d210f",
|
||
|
"value": "wnobheuejtidtiip.info"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "59b7cdd6-6758-4ca5-9837-47fb950d210f",
|
||
|
"value": "http://ixgolywnbwvwmtu.org/imageload.cgi"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223741",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "59b7cdd6-adcc-4b9e-96d9-4633950d210f",
|
||
|
"value": "ixgolywnbwvwmtu.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Artifacts dropped",
|
||
|
"comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223743",
|
||
|
"to_ids": true,
|
||
|
"type": "sha256",
|
||
|
"uuid": "59b7e43f-5b98-4145-aa0c-453502de0b81",
|
||
|
"value": "5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f"
|
||
|
},
|
||
|
{
|
||
|
"category": "Artifacts dropped",
|
||
|
"comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223743",
|
||
|
"to_ids": true,
|
||
|
"type": "sha1",
|
||
|
"uuid": "59b7e43f-f7f8-42ac-bc85-4ec302de0b81",
|
||
|
"value": "5c50cdad090de913d0c87edeb392c8df1af9f5c3"
|
||
|
},
|
||
|
{
|
||
|
"category": "External analysis",
|
||
|
"comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1505223743",
|
||
|
"to_ids": false,
|
||
|
"type": "link",
|
||
|
"uuid": "59b7e43f-fb38-4b54-a271-4e5702de0b81",
|
||
|
"value": "https://www.virustotal.com/file/5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f/analysis/1505217371/"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
}
|