adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5c63ef49-0754-4a05-b712-e88b950d210f.json

6768 lines
721 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2017-08-18",
"extends_uuid": "597b5324-dc94-4920-b09b-227fac12042b",
"info": "OSINT - ChessMaster Makes its Move: A Look into the Campaign\u00e2\u20ac\u2122s Cyberespionage Arsenal",
"publish_timestamp": "1550071811",
"published": true,
"threat_level_id": "3",
"timestamp": "1550071763",
"uuid": "5c63ef49-0754-4a05-b712-e88b950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"menuPass\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"menuPass - G0045\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"menuPass\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"menuPass - G0045\""
},
{
"colour": "#10c800",
"name": "misp-galaxy:threat-actor=\"Stone Panda\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
},
{
"colour": "#002b4a",
"name": "osint:source-type=\"technical-report\""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054470",
"to_ids": false,
"type": "link",
"uuid": "5c63efca-89e8-41d6-92dc-4b22950d210f",
"value": "https://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/",
"Tag": [
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
}
]
},
{
"category": "External analysis",
"comment": "",
"data": "JVBERi0xLjUNCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFIvTGFuZyhlbi1VUykgL1N0cnVjdFRyZWVSb290IDgzIDAgUi9NYXJrSW5mbzw8L01hcmtlZCB0cnVlPj4+Pg0KZW5kb2JqDQoyIDAgb2JqDQo8PC9UeXBlL1BhZ2VzL0NvdW50IDYvS2lkc1sgMyAwIFIgMzIgMCBSIDQzIDAgUiA1MyAwIFIgNTkgMCBSIDY5IDAgUl0gPj4NCmVuZG9iag0KMyAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJjZXM8PC9YT2JqZWN0PDwvSW1hZ2U1IDUgMCBSL0ltYWdlNyA3IDAgUi9JbWFnZTE0IDE0IDAgUi9JbWFnZTE2IDE2IDAgUi9JbWFnZTE4IDE4IDAgUi9JbWFnZTIwIDIwIDAgUi9JbWFnZTIyIDIyIDAgUi9JbWFnZTI0IDI0IDAgUi9JbWFnZTI2IDI2IDAgUi9JbWFnZTI4IDI4IDAgUi9JbWFnZTMwIDMwIDAgUj4+L0V4dEdTdGF0ZTw8L0dTNiA2IDAgUi9HUzExIDExIDAgUj4+L0ZvbnQ8PC9GMSA5IDAgUi9GMiAxMiAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4vTWVkaWFCb3hbIDAgMCA2MTIgNzkyXSAvQ29udGVudHMgNCAwIFIvR3JvdXA8PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+L1RhYnMvUy9TdHJ1Y3RQYXJlbnRzIDA+Pg0KZW5kb2JqDQo0IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDQ3ND4+DQpzdHJlYW0NCnicjdRLT9tAEADguyX/hzkmB8Y7+14JIUECEVWRaPENcXBDcHMgocGX/vuOnYDXOFtFOdiR42+eGyju4fy8uJvdzkFcXMDVfAbF4sFC/Z5nf/LMkgTBHxf4isII4QIQLF/zrLh9reqVgfkWfuQZXN/NACKNDhojZCQa3zmB0BjQ0qA0YINqv/WYi7HictesX6pl05KXTVMtf6+e4bEot29PRfn3bVXcV/V6UzXr7eYQ66pk6YYgYLBQvnDkLiiBkyikBqcteg8lBxRQ828XD0RdqQIWefY4KadnZCa7qZqsNs/TJyi/5dk1oy38YYWA3g6s/ZNd/XH3s7O+T8/kpPr1/oUpbuQ4P5IKaZzfISs4QhCh0EdrVBrJdsbwzdGEZNS1r4gIaE5CVBqxnjM5xdD/MYxHe1Iipt835T163UFKof20yGKIto0bnthd21v8ru8lI9qSRpBNQS5KyjoUdpSU4RPhYsunLB9ZUrQbNLKsReUjTIoUFnosaAxqf8rbyR8owUczrlHK5EEXvSWVR7HvF/fIgxIeteF7Qhoklmw9Rf8b0rARek16PjgOiIMMy0z2n2TUNIXO9Jj2ApWGINHxrkRYcgCk4mm2dX1ihnggRzA1GMA/5moizg0KZW5kc3RyZWFtDQplbmRvYmoNCjUgMCBvYmoNCjw8L1R5cGUvWE9iamVjdC9TdWJ0eXBlL0ltYWdlL1dpZHRoIDYxMi9IZWlnaHQgNzkyL0NvbG9yU3BhY2UvRGV2aWNlUkdCL0JpdHNQZXJDb21wb25lbnQgOC9GaWx0ZXIvRENURGVjb2RlL0ludGVycG9sYXRlIHRydWUvTGVuZ3RoIDE2ODg4Pj4NCnN0cmVhbQ0K/9j/4AAQSkZJRgABAQEASABIAAD/4QBYRXhpZgAATU0AKgAAAAgABAExAAIAAAARAAAAPlEQAAEAAAABAQAAAFERAAQAAAABAAALE1ESAAQAAAABAAALEwAAAABBZG9iZSBJbWFnZVJlYWR5AAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAMYAmQDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2/FLilxS4qhCYoxS4pcUgExRilxS4oATFGKXFLigBMUYpaKADFGKXFFACUYpaMUAGKKXFFACUYpaKADFGKMUuKAEopcUUAJRilooATFLijFGKADFFLijFACUUuKKAEopaKAEopaKAEopaKAExRilooATFGKWigBMUUtFACUUtFACUUtFACUUtFACUYpcUYoATFGKXFJigBMUUtFACUUtFACUYpcUYoATFJS4ooASjFLRQAmKSnYpMUAJRiloxQA3FGKXFFACYpMU6jFADcUmKdijFADcUmKdijFADcUmKdijFADMUU7FFMB2KMUuKXFIBMUYpaKADFFLiigBMUuKMUuKAEoxS0UAGKKMUuKAEopaKADFGKMUuKAEopaKAEoxS0UAGKKKMUAFFLijFACUUtFACUYpaKAExS4oooAMUYoooAMUYoooAKKMUYoAKKMUYoAKKMUYoAKKMUYoAMUYoooAMUYoooAMUYoooATFFLRQAlFLRQAlFLRigBKMUuKTFABikxS0UAJRS0UAJRilxRigBuKKWigBKKWjFACYpKXFFACUYpaMUANopaKAG4oxTsUlADcUYp2KTFADcUU7FFAC0uKKXFACUYpaKADFFLiigBKXFFGKACilxRQAlLiiigAooxS4oASilooATFLiiigAoooxQAUUuKKAEopaKAExRilopAGKMUUUAFFFFABRRRigAooxRigAooxS4oASilxRigBKKXFGKAEopcUmKACijFGKACijFFABRRRQAYoxRRQAYpMUtFACUUtFMBKKWjFACUUuKTFABRiiigBMUUtFACUUtGKAExSYpcUUAJRS0UAJikxTsUlACUUtGKAExSUuKKAExSYp1JigBKKWigBaMUtFABiilxRQAlLiiigAopcUUAJS4oooAKKKXFACUUuKKAExS4oopAFFFFABRRilxQAlFLRQAlGKWigAxRiiigAxRRRQMKKKKACiiigAooooAKKKKACijFGKACijFGKACiiigAooooAKKKKACiiigAooooEGKMUUUAJiilooASilooASilxRigBKKMUUAGKMUUUAJRS0UwEopcUmKADFJilooASiloxQAlGKMUUAJRS0YoATFJS4ooASilooAXFFFLigBKMUtFABRRS4oASilooAMUUUUgCiilxQAlFLRQAmKXFFFABRRRQMKKKMUAFFLijFACUUtFACUYpaKADFGKKKBBiiiigYUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAgoxRRQMMUYoooATFGKWigQlFLRQMS
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054304",
"to_ids": false,
"type": "attachment",
"uuid": "5c63f07d-7218-48c7-8b99-40d9950d210f",
"value": "Appendix-ChessMaster-Makes-its-Move-A-Look-into-the-Campaigns-Cyberespionage-Arsenal.pdf",
"Tag": [
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#002b4a",
"name": "osint:source-type=\"technical-report\""
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054738",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51e-4ca4-4ea7-9061-427b950d210f",
"value": "area.wthelpdesk.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054733",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-44f4-425d-9480-4bda950d210f",
"value": "dick.ccfchrist.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054737",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-9b30-44bd-93f9-41f2950d210f",
"value": "fiveavmersi.websegoo.net",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054736",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-46e0-49ac-a6cb-4611950d210f",
"value": "fukuoka.cloud-maste.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054738",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-bd8c-4e56-b984-4d82950d210f",
"value": "kawasak.cloud-maste.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054733",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-8498-49be-93ab-4c80950d210f",
"value": "kawasaki.unhamj.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054731",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-a208-483a-8ce3-498e950d210f",
"value": "messagea.emailfound.info",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054730",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-ed18-47d2-95c8-4812950d210f",
"value": "sakai.unhamj.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054731",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f51f-480c-4c2e-b153-4d78950d210f",
"value": "scorpion.poulsenv.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054727",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f520-8ddc-4ff5-8bb4-418f950d210f",
"value": "shrimp.bdoncloud.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054728",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f520-16cc-4862-8fe8-49fe950d210f",
"value": "trout.belowto.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054727",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f520-c300-4f04-add2-49e8950d210f",
"value": "whale.toshste.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
},
{
"category": "Network activity",
"comment": "Command and Control (C&C) Server related to ChessMaster",
"deleted": false,
"disable_correlation": false,
"timestamp": "1550054729",
"to_ids": true,
"type": "hostname",
"uuid": "5c63f520-d070-47f5-a062-4fb8950d210f",
"value": "zebra.wthelpdesk.com",
"Tag": [
{
"colour": "#007575",
"name": "ecsirt:malicious-code=\"c&c\""
},
{
"colour": "#00aad0",
"name": "veris:action:malware:variety=\"C2\""
},
{
"colour": "#000850",
"name": "europol-incident:malware=\"c&c\""
},
{
"colour": "#00c0eb",
"name": "veris:action:hacking:vector=\"Backdoor or C2\""
},
{
"colour": "#00c3ee",
"name": "veris:action:hacking:variety=\"Use of backdoor or C2\""
},
{
"colour": "#001e41",
"name": "riskiq:threat-type=\"c2\""
},
{
"colour": "#e200a3",
"name": "kill-chain:Command and Control"
},
{
"colour": "#480004",
"name": "maec-malware-capabilities:maec-malware-capability=\"command-and-control\""
},
{
"colour": "#c1e21c",
"name": " C2"
},
{
"colour": "#000745",
"name": "europol-event:c&c-server-hosting"
}
]
}
],
"Object": [
{
"comment": "Detected as BKDR_CHCHES.NAK",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550055411",
"uuid": "5c63f7f3-1660-4e32-b761-4fc6950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550055412",
"to_ids": true,
"type": "sha256",
"uuid": "5c63f7f4-8050-459d-9ed2-47a4950d210f",
"value": "ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550055412",
"to_ids": false,
"type": "text",
"uuid": "5c63f7f4-83f4-419f-a682-425c950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.NAM",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550055466",
"uuid": "5c63f82a-0ab4-417d-a2a7-43a8950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550055466",
"to_ids": true,
"type": "sha256",
"uuid": "5c63f82a-e8d0-4154-acb3-4016950d210f",
"value": "2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550055466",
"to_ids": false,
"type": "text",
"uuid": "5c63f82a-9648-4904-843e-49f4950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.NAO",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550059484",
"uuid": "5c6407dc-e880-4d14-8061-432a950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550059484",
"to_ids": true,
"type": "sha256",
"uuid": "5c6407dc-ad30-4d4c-a4ff-4fbf950d210f",
"value": "e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550059484",
"to_ids": false,
"type": "text",
"uuid": "5c6407dc-5664-4cc6-9dd5-4748950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SM2",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550059816",
"uuid": "5c640928-1920-4b32-be48-4641950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550059816",
"to_ids": true,
"type": "sha256",
"uuid": "5c640928-1eac-4f88-b817-41e3950d210f",
"value": "6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550059816",
"to_ids": false,
"type": "text",
"uuid": "5c640928-9ee8-4065-9922-4343950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SM2",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550059840",
"uuid": "5c640940-6268-46dd-9df9-4695950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550059841",
"to_ids": true,
"type": "sha256",
"uuid": "5c640941-6c20-4b7b-a17b-4f5a950d210f",
"value": "c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550059841",
"to_ids": false,
"type": "text",
"uuid": "5c640941-af88-4f0a-ac12-483f950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SM2",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550059881",
"uuid": "5c640969-fe8c-4b24-8d37-404d950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550059881",
"to_ids": true,
"type": "sha256",
"uuid": "5c640969-d960-4ad2-9664-4376950d210f",
"value": "efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550059881",
"to_ids": false,
"type": "text",
"uuid": "5c640969-1a70-46d1-83dd-4911950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SM2",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550063678",
"uuid": "5c64183e-683c-4344-abe0-4268950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550063678",
"to_ids": true,
"type": "sha256",
"uuid": "5c64183e-7e74-4f36-9208-470c950d210f",
"value": "fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550063678",
"to_ids": false,
"type": "text",
"uuid": "5c64183e-b1dc-45d7-aead-4cf2950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZJEA-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550063752",
"uuid": "5c641888-187c-4923-98e6-4855950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550063753",
"to_ids": true,
"type": "sha256",
"uuid": "5c641889-8778-483f-99d4-4264950d210f",
"value": "4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550063753",
"to_ids": false,
"type": "text",
"uuid": "5c641889-ee18-4c51-b849-443f950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZJEA-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550063822",
"uuid": "5c6418ce-013c-46b8-9792-4101950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550063823",
"to_ids": true,
"type": "sha256",
"uuid": "5c6418cf-12e0-4d42-9c43-4224950d210f",
"value": "75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550063823",
"to_ids": false,
"type": "text",
"uuid": "5c6418cf-becc-46aa-a559-4731950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-B",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550063858",
"uuid": "5c6418f2-1658-40d7-91f4-49fc950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550063859",
"to_ids": true,
"type": "sha256",
"uuid": "5c6418f3-0834-4eb7-bb53-4217950d210f",
"value": "590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550063859",
"to_ids": false,
"type": "text",
"uuid": "5c6418f3-07c4-421f-a642-4c41950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550064068",
"uuid": "5c6419c4-f288-48ea-b9db-a733950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550064068",
"to_ids": true,
"type": "sha256",
"uuid": "5c6419c4-1a84-4be4-8674-a733950d210f",
"value": "2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550064068",
"to_ids": false,
"type": "text",
"uuid": "5c6419c4-6e68-4264-9d86-a733950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550064116",
"uuid": "5c6419f4-306c-46e6-b026-440c950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550064116",
"to_ids": true,
"type": "sha256",
"uuid": "5c6419f4-3f74-4292-bdc1-4257950d210f",
"value": "4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550064116",
"to_ids": false,
"type": "text",
"uuid": "5c6419f4-b4ec-4180-9476-48af950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550064380",
"uuid": "5c641afc-d8d8-4afa-92f0-454e950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550064381",
"to_ids": true,
"type": "sha256",
"uuid": "5c641afd-7704-4b50-9608-43ba950d210f",
"value": "c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550064381",
"to_ids": false,
"type": "text",
"uuid": "5c641afd-ef4c-4e93-b35b-4483950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550064399",
"uuid": "5c641b0f-e784-44b1-8644-4583950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550064399",
"to_ids": true,
"type": "sha256",
"uuid": "5c641b0f-91c4-4ed1-8541-44f7950d210f",
"value": "cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550064399",
"to_ids": false,
"type": "text",
"uuid": "5c641b0f-0c78-491e-bb5b-43d6950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550066557",
"uuid": "5c64237d-4dc0-4eea-b88c-4b9a950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550066558",
"to_ids": true,
"type": "sha256",
"uuid": "5c64237e-98e8-4226-b117-4a9e950d210f",
"value": "d26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550066558",
"to_ids": false,
"type": "text",
"uuid": "5c64237e-d99c-4e0f-83a1-49a0950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067753",
"uuid": "5c642829-60e4-4d76-9889-44e0950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067753",
"to_ids": true,
"type": "sha256",
"uuid": "5c642829-798c-424e-acf6-4175950d210f",
"value": "e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067753",
"to_ids": false,
"type": "text",
"uuid": "5c642829-a4b8-43fe-ad49-4834950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZLEC-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067867",
"uuid": "5c64289b-aa64-4dbf-86e3-4746950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067868",
"to_ids": true,
"type": "sha256",
"uuid": "5c64289c-0efc-4117-928d-42a0950d210f",
"value": "94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067868",
"to_ids": false,
"type": "text",
"uuid": "5c64289c-85b0-4645-9662-49c1950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.SMZLEC-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067889",
"uuid": "5c6428b1-84e0-4944-ad45-4800950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067889",
"to_ids": true,
"type": "sha256",
"uuid": "5c6428b1-2124-4cfc-868b-46b0950d210f",
"value": "ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067889",
"to_ids": false,
"type": "text",
"uuid": "5c6428b1-347c-4841-b1d2-49ed950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.YO",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067934",
"uuid": "5c6428de-26f8-4a79-a49c-489f950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067935",
"to_ids": true,
"type": "sha256",
"uuid": "5c6428df-8450-44ea-865c-439f950d210f",
"value": "2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067935",
"to_ids": false,
"type": "text",
"uuid": "5c6428df-2060-4a9a-8cf6-45ce950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.ZJDK-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067958",
"uuid": "5c6428f6-2554-4101-8b58-4194950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067958",
"to_ids": true,
"type": "sha256",
"uuid": "5c6428f6-f044-4556-8f74-4aa9950d210f",
"value": "316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067958",
"to_ids": false,
"type": "text",
"uuid": "5c6428f6-ebdc-444b-a389-46e4950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.ZJDK-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550067986",
"uuid": "5c642912-4ee8-4e61-94b8-4942950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550067986",
"to_ids": true,
"type": "sha256",
"uuid": "5c642912-14bc-4e74-ba52-422e950d210f",
"value": "e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550067986",
"to_ids": false,
"type": "text",
"uuid": "5c642912-ca74-4a1b-9bac-4633950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.ZJEH",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068246",
"uuid": "5c642a16-ca00-4240-a478-4687950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068246",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a16-067c-4790-a5fe-446f950d210f",
"value": "72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068246",
"to_ids": false,
"type": "text",
"uuid": "5c642a16-1520-462b-83f6-4ed3950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_CHCHES.ZLDK-B",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068272",
"uuid": "5c642a30-7d70-49ac-8332-4c98950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068272",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a30-12dc-48c5-b8b9-4ff0950d210f",
"value": "e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068272",
"to_ids": false,
"type": "text",
"uuid": "5c642a30-0eb4-4e19-911e-4ec1950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_PLUGX.BHS",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068297",
"uuid": "5c642a49-a404-4d34-9a71-4761950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068297",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a49-b418-4199-a87f-4dfa950d210f",
"value": "759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068297",
"to_ids": false,
"type": "text",
"uuid": "5c642a49-4128-4b04-a686-4f17950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_PLUGX.JKK",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068320",
"uuid": "5c642a60-8044-4cb3-b579-422c950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068321",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a61-d6f4-4b23-8bd5-4097950d210f",
"value": "2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068321",
"to_ids": false,
"type": "text",
"uuid": "5c642a61-b25c-4f63-8805-4398950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_PLUGX.ZKEG-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068347",
"uuid": "5c642a7b-214c-41f1-b7ea-4d19950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068347",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a7b-821c-4164-9098-4a9c950d210f",
"value": "f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068347",
"to_ids": false,
"type": "text",
"uuid": "5c642a7b-5348-4662-b369-4f35950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_REDFLOWER.ZBEE-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068370",
"uuid": "5c642a92-b47c-40be-a43e-4d9c950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068370",
"to_ids": true,
"type": "sha256",
"uuid": "5c642a92-ab28-421b-8456-454f950d210f",
"value": "1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068370",
"to_ids": false,
"type": "text",
"uuid": "5c642a92-0618-4dfb-8047-4bfa950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_REDFLOWER.ZBEE-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068405",
"uuid": "5c642ab5-ba90-47e1-a82b-430f950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068405",
"to_ids": true,
"type": "sha256",
"uuid": "5c642ab5-ad58-430e-a84b-4869950d210f",
"value": "c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068405",
"to_ids": false,
"type": "text",
"uuid": "5c642ab5-c098-49c7-b55a-43b0950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as BKDR_TINYX.ZKEG",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068433",
"uuid": "5c642ad1-56ac-4b54-909c-4d1e950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068433",
"to_ids": true,
"type": "sha256",
"uuid": "5c642ad1-6e4c-4080-9ef6-4d1c950d210f",
"value": "f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068433",
"to_ids": false,
"type": "text",
"uuid": "5c642ad1-8c80-4600-9eec-44c7950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_BLOCKER.ASK",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068474",
"uuid": "5c642afa-8a0c-47b4-9359-4ca2950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068474",
"to_ids": true,
"type": "sha256",
"uuid": "5c642afa-6fcc-4943-9fec-44db950d210f",
"value": "5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068474",
"to_ids": false,
"type": "text",
"uuid": "5c642afa-82fc-47cb-8b5f-4060950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_FAKEMS.USPO",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068499",
"uuid": "5c642b13-c1b8-44d1-afac-4f9a950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068499",
"to_ids": true,
"type": "sha256",
"uuid": "5c642b13-b9b4-4ed0-9fdc-4f99950d210f",
"value": "9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068499",
"to_ids": false,
"type": "text",
"uuid": "5c642b13-2e74-4443-bfc0-4305950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZJDK-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068527",
"uuid": "5c642b2f-e288-4d32-b582-4933950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068527",
"to_ids": true,
"type": "sha256",
"uuid": "5c642b2f-78bc-432b-8287-47f8950d210f",
"value": "58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068527",
"to_ids": false,
"type": "text",
"uuid": "5c642b2f-0dac-4af9-aa58-4a2a950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZJDK-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068557",
"uuid": "5c642b4d-f444-4bcc-bb96-4b43950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068557",
"to_ids": true,
"type": "sha256",
"uuid": "5c642b4d-b454-49be-98ee-4131950d210f",
"value": "b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068557",
"to_ids": false,
"type": "text",
"uuid": "5c642b4d-a074-44e2-932c-4fbb950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZJDK-D",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068599",
"uuid": "5c642b77-e6bc-4179-b4af-4136950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068599",
"to_ids": true,
"type": "sha256",
"uuid": "5c642b77-e39c-4b49-bc74-4b97950d210f",
"value": "f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068599",
"to_ids": false,
"type": "text",
"uuid": "5c642b77-cb24-47c3-9036-48af950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZKDJ-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068624",
"uuid": "5c642b90-3bb0-4367-b98e-4eed950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068624",
"to_ids": true,
"type": "sha256",
"uuid": "5c642b90-9a48-460a-9719-48cb950d210f",
"value": "19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068624",
"to_ids": false,
"type": "text",
"uuid": "5c642b90-9f90-4512-a966-411e950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZKDJ-B",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068653",
"uuid": "5c642bad-52c0-44d0-a16e-4775950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068653",
"to_ids": true,
"type": "sha256",
"uuid": "5c642bad-9d84-4b6d-9bd7-48fd950d210f",
"value": "5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068653",
"to_ids": false,
"type": "text",
"uuid": "5c642bad-f66c-4200-b486-45ca950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZKDJ-C",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550068685",
"uuid": "5c642bcd-af44-425f-a948-4be1950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550068685",
"to_ids": true,
"type": "sha256",
"uuid": "5c642bcd-b854-4cc3-b782-40e4950d210f",
"value": "312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550068685",
"to_ids": false,
"type": "text",
"uuid": "5c642bcd-7454-4c31-b9d4-4e7e950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_INJECTR.ZLDK-A",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550069108",
"uuid": "5c642d74-6d48-430a-b5c3-44f9950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550069108",
"to_ids": true,
"type": "sha256",
"uuid": "5c642d74-2978-4b3d-a8ce-42fc950d210f",
"value": "bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550069108",
"to_ids": false,
"type": "text",
"uuid": "5c642d74-ed4c-4f83-81e1-479e950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_PASTEAL.JV",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550069141",
"uuid": "5c642d95-848c-4f2e-a97b-4eab950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550069141",
"to_ids": true,
"type": "sha256",
"uuid": "5c642d95-a7c4-458b-a075-4d44950d210f",
"value": "fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550069141",
"to_ids": false,
"type": "text",
"uuid": "5c642d95-11d4-4640-8bac-4da5950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_PASTEAL.JV",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550069198",
"uuid": "5c642dce-80f4-41cb-93a3-491a950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550069198",
"to_ids": true,
"type": "sha256",
"uuid": "5c642dce-ec64-4dc8-8fe5-4a41950d210f",
"value": "73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550069198",
"to_ids": false,
"type": "text",
"uuid": "5c642dce-baf4-4191-91da-44ce950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Detected as TROJ_PLUGX.DUKPT",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1550069216",
"uuid": "5c642de0-9a40-4978-9e04-40b9950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550069217",
"to_ids": true,
"type": "sha256",
"uuid": "5c642de1-1114-4b52-9ebd-4d5d950d210f",
"value": "45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1550069217",
"to_ids": false,
"type": "text",
"uuid": "5c642de1-2720-4bd1-b929-4a9f950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071734",
"uuid": "fff0be4e-54e6-4038-9206-d96c4555c4c9",
"ObjectReference": [
{
"comment": "",
"object_uuid": "fff0be4e-54e6-4038-9206-d96c4555c4c9",
"referenced_uuid": "4388bfdc-4a4f-4aa9-a13e-17a52cf22b1d",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-a670-40ce-9a6b-4f9d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071734",
"to_ids": true,
"type": "md5",
"uuid": "95778b1c-2862-4a65-b8b9-42803815faee",
"value": "f5744d72c6919f994ff452b0e758ffee"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha1",
"uuid": "f463dab2-6292-42bd-a229-99079581de84",
"value": "a954a3f20ef8065d98d9e3a3c5ae254e27c63bf6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha256",
"uuid": "b016c9cd-ba7c-44a0-890a-723054672ac2",
"value": "f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071734",
"uuid": "4388bfdc-4a4f-4aa9-a13e-17a52cf22b1d",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071734",
"to_ids": false,
"type": "datetime",
"uuid": "15e7f9d2-20ab-4df0-83b3-e6e4f4612acb",
"value": "2019-02-06T07:29:28"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071734",
"to_ids": false,
"type": "link",
"uuid": "cfa4a95c-4299-4f25-9709-1d0b9ccae868",
"value": "https://www.virustotal.com/file/f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773/analysis/1549438168/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071734",
"to_ids": false,
"type": "text",
"uuid": "926f1063-8f09-4c5b-a05a-3ee21861fe3d",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071734",
"uuid": "b7a0faf2-29c2-4381-9f63-3213e5b3da9a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b7a0faf2-29c2-4381-9f63-3213e5b3da9a",
"referenced_uuid": "69735e3c-864c-481c-86c6-8ec4d4448846",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-5b5c-4fec-87aa-48db02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071734",
"to_ids": true,
"type": "md5",
"uuid": "fbcafa1f-6639-488a-8d8a-c2457158af03",
"value": "1c0db37e0bebae961f149c89d6176c0a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha1",
"uuid": "1c6f66a2-99a7-4e1d-8074-551fda9177cf",
"value": "9fa289a229ec2189c12b8d2c1a4a8ff3967eca67"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha256",
"uuid": "aafe3bf9-d023-40ee-8258-77cee10a2ef4",
"value": "1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071734",
"uuid": "69735e3c-864c-481c-86c6-8ec4d4448846",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071734",
"to_ids": false,
"type": "datetime",
"uuid": "d59cd8ca-e09f-488c-a8ff-2cd408e1992a",
"value": "2018-04-06T20:25:48"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071734",
"to_ids": false,
"type": "link",
"uuid": "b57f6799-53aa-4115-ba67-435bc5b9c6e2",
"value": "https://www.virustotal.com/file/1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf/analysis/1523046348/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071734",
"to_ids": false,
"type": "text",
"uuid": "9fd7e59a-4b68-451c-b1fe-b2bbf64a62ed",
"value": "7/58"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071734",
"uuid": "f5804577-702b-4a53-88ad-6abb13449e9a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "f5804577-702b-4a53-88ad-6abb13449e9a",
"referenced_uuid": "de76a10e-ceac-41ce-8652-97d241f784b5",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-82ec-40bb-a112-434d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071734",
"to_ids": true,
"type": "md5",
"uuid": "844df316-aac6-4f60-8287-9c44be4ba66e",
"value": "b0649c1f7fb15796805ca983fd8f95a3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha1",
"uuid": "35f612d8-bceb-4fad-926d-9751a560df47",
"value": "56126b1c19c1121c0f5065204ef5cc4633079b98"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071734",
"to_ids": true,
"type": "sha256",
"uuid": "eff38ed9-1841-4f98-9b71-4b0945c0f9ed",
"value": "fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071734",
"uuid": "de76a10e-ceac-41ce-8652-97d241f784b5",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071734",
"to_ids": false,
"type": "datetime",
"uuid": "d053f597-48cb-48a9-9f11-ae678a71ae7f",
"value": "2019-02-07T16:32:54"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071734",
"to_ids": false,
"type": "link",
"uuid": "25d3ceb1-45b3-4ddd-9930-65f4fa500c65",
"value": "https://www.virustotal.com/file/fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b/analysis/1549557174/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071734",
"to_ids": false,
"type": "text",
"uuid": "b073b6a9-aa27-46d5-8173-9865ef2a3e0f",
"value": "56/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071735",
"uuid": "647b65ec-7d73-44c2-ae8c-ab080fed65b1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "647b65ec-7d73-44c2-ae8c-ab080fed65b1",
"referenced_uuid": "a5f29727-ac0d-4247-8f78-e0aa5f9e3c88",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-af0c-4750-918d-4fb202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071735",
"to_ids": true,
"type": "md5",
"uuid": "e2ec71ae-9d3b-4d0d-bf84-209e57072ce3",
"value": "c0c8dcc9dad39da8278bf8956e30a3fc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071735",
"to_ids": true,
"type": "sha1",
"uuid": "e3930ec3-eccf-40cf-907d-8b2f36b4c911",
"value": "009b639441ad5c1260f55afde2d5d21fc5b4f96c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071735",
"to_ids": true,
"type": "sha256",
"uuid": "d1e68295-5a16-4991-8489-079b867d7586",
"value": "6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071735",
"uuid": "a5f29727-ac0d-4247-8f78-e0aa5f9e3c88",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071735",
"to_ids": false,
"type": "datetime",
"uuid": "9349167e-4449-493b-83c2-53109dbc9fdb",
"value": "2019-02-06T07:29:41"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071735",
"to_ids": false,
"type": "link",
"uuid": "3aeb40ae-5a21-4fb5-8caf-910e55bb142b",
"value": "https://www.virustotal.com/file/6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e/analysis/1549438181/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071735",
"to_ids": false,
"type": "text",
"uuid": "4eedc525-4f71-4b06-95a4-c1f6a88cab62",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071735",
"uuid": "2c29f3e1-f127-4fdd-8999-22bcaf281992",
"ObjectReference": [
{
"comment": "",
"object_uuid": "2c29f3e1-f127-4fdd-8999-22bcaf281992",
"referenced_uuid": "3c46a337-6781-4bed-9c3e-68bb50ab8ea8",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-4954-4f5d-a6dd-4e9f02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071735",
"to_ids": true,
"type": "md5",
"uuid": "a0ac053e-79be-447f-9bcd-a7c3ffe659e2",
"value": "472b1710794d5c420b9d921c484ca9e8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071735",
"to_ids": true,
"type": "sha1",
"uuid": "b8eed7ed-6d2b-4d5b-9796-fc791ced58bb",
"value": "2c1b42e8c8acea5082275b6ea5f5c64ebaf4fa30"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071735",
"to_ids": true,
"type": "sha256",
"uuid": "037296e2-db2b-4634-b3f9-36c327232433",
"value": "e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071735",
"uuid": "3c46a337-6781-4bed-9c3e-68bb50ab8ea8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071735",
"to_ids": false,
"type": "datetime",
"uuid": "e4683a54-05e8-4585-9bfa-31425581e88b",
"value": "2019-02-06T07:29:21"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071735",
"to_ids": false,
"type": "link",
"uuid": "57728893-21c7-4f7b-b602-78146f27ac4b",
"value": "https://www.virustotal.com/file/e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e/analysis/1549438161/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071735",
"to_ids": false,
"type": "text",
"uuid": "48586014-a2c1-4eee-b033-3bf8d634cd5c",
"value": "57/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071735",
"uuid": "50aa4cdb-2585-48a6-99e0-7f713f06a229",
"ObjectReference": [
{
"comment": "",
"object_uuid": "50aa4cdb-2585-48a6-99e0-7f713f06a229",
"referenced_uuid": "c9e089d2-332e-48f3-a1d2-7e11e76aeb74",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-03a4-45b8-b27f-460e02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071736",
"to_ids": true,
"type": "md5",
"uuid": "b1f3774c-3fdd-4a11-8c5e-561200d037bd",
"value": "6f5648ea4ca8a65c36c328c5ae8ac096"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha1",
"uuid": "94b2512b-ed4f-43de-b0b8-91b0343abc3c",
"value": "154669ce22c0b29af28e0677bc65c43fc35cdd6a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha256",
"uuid": "e6bb4b2e-38e4-4995-981e-3f00cda5c134",
"value": "4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071736",
"uuid": "c9e089d2-332e-48f3-a1d2-7e11e76aeb74",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071736",
"to_ids": false,
"type": "datetime",
"uuid": "fb06a9b3-8c7b-49b0-82fd-8e5e82780684",
"value": "2018-12-27T05:48:27"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071736",
"to_ids": false,
"type": "link",
"uuid": "be8dbf00-1021-41ad-84c8-77e3f5208e29",
"value": "https://www.virustotal.com/file/4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297/analysis/1545889707/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071736",
"to_ids": false,
"type": "text",
"uuid": "28a9da6a-b225-424e-a0f4-164bcd0c1d2d",
"value": "33/58"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071736",
"uuid": "17c3d31b-5f83-43ec-92ae-ffcd23c61a27",
"ObjectReference": [
{
"comment": "",
"object_uuid": "17c3d31b-5f83-43ec-92ae-ffcd23c61a27",
"referenced_uuid": "85ea176d-de1e-497a-9837-b666e7074bd6",
"relationship_type": "analysed-with",
"timestamp": "1550071744",
"uuid": "5c6437c0-1c3c-4672-9595-418302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071736",
"to_ids": true,
"type": "md5",
"uuid": "5ce03f47-23c2-4b25-8d49-f2c6b33f3956",
"value": "8a93859e5f7079d6746832a3a22ff65c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha1",
"uuid": "5a6cc79d-ac88-475b-a416-1660508d4c28",
"value": "56d6c3ffa4f3d5ae742f937fae85f0995814cf90"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha256",
"uuid": "4ff8c831-ac48-4288-82f4-331f42c0c68a",
"value": "ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071736",
"uuid": "85ea176d-de1e-497a-9837-b666e7074bd6",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071736",
"to_ids": false,
"type": "datetime",
"uuid": "b6e35013-da19-4631-8ad1-5df51d5a234b",
"value": "2019-02-07T15:56:32"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071736",
"to_ids": false,
"type": "link",
"uuid": "7fe17d41-06c0-477d-a2b7-7ad6f8952483",
"value": "https://www.virustotal.com/file/ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145/analysis/1549554992/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071736",
"to_ids": false,
"type": "text",
"uuid": "9a629de4-dda0-462f-8812-65b663e9c44e",
"value": "55/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071736",
"uuid": "7c6961ca-5d99-4cbd-8948-439c050dc9d4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "7c6961ca-5d99-4cbd-8948-439c050dc9d4",
"referenced_uuid": "e40aa0c7-8063-4ec7-8eaa-5d4e0934112f",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-1b4c-4d1a-b19e-49fe02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071736",
"to_ids": true,
"type": "md5",
"uuid": "c41260c3-1698-4a19-9859-acf624b9992f",
"value": "dbb867c2250b5be4e67d1977fcf721fb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha1",
"uuid": "0e953e3c-b655-487f-a6d6-df53424d5ed0",
"value": "1df29c63c917b089fe0fc099e2783c0c679892e5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha256",
"uuid": "ebf2305c-d500-4015-8e07-b1679ff534a0",
"value": "cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071736",
"uuid": "e40aa0c7-8063-4ec7-8eaa-5d4e0934112f",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071736",
"to_ids": false,
"type": "datetime",
"uuid": "b6b6bd81-d293-4110-885a-6936180eb790",
"value": "2019-02-06T07:29:36"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071736",
"to_ids": false,
"type": "link",
"uuid": "4c1c4e9c-0b1c-4629-8e65-f64b387e7ea0",
"value": "https://www.virustotal.com/file/cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628/analysis/1549438176/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071736",
"to_ids": false,
"type": "text",
"uuid": "26b8b237-97de-4d45-a829-eac39855a438",
"value": "48/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071736",
"uuid": "b400f7d4-a844-43f8-9f6f-15670fa2c4c0",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b400f7d4-a844-43f8-9f6f-15670fa2c4c0",
"referenced_uuid": "e48e0d6e-d612-426b-9c63-b420a90ae5a8",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-7a98-4fc8-a142-48a502de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071736",
"to_ids": true,
"type": "md5",
"uuid": "5186031a-58ca-485d-b00b-861cc7fd45e6",
"value": "23d03ee4bf57de7087055b230dae7c5b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha1",
"uuid": "b4e7c1b5-34d4-4104-84b3-fae929ec4775",
"value": "7cace2e51e8ecc5ddb9720a8dc9e1f3596fe343b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071736",
"to_ids": true,
"type": "sha256",
"uuid": "f64e2541-ba00-4463-bc1f-25a4deb21e75",
"value": "e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071736",
"uuid": "e48e0d6e-d612-426b-9c63-b420a90ae5a8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071736",
"to_ids": false,
"type": "datetime",
"uuid": "0f1445bd-95ca-44c1-9bab-fc1960bb2e9a",
"value": "2019-02-06T07:29:46"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071736",
"to_ids": false,
"type": "link",
"uuid": "64fa1f54-19ad-4c3b-b1b2-40559433388b",
"value": "https://www.virustotal.com/file/e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0/analysis/1549438186/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071736",
"to_ids": false,
"type": "text",
"uuid": "bae98701-7efc-40d9-a584-2d80231b42fe",
"value": "53/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071737",
"uuid": "01386435-635f-478b-9f3a-f50d1bedddcb",
"ObjectReference": [
{
"comment": "",
"object_uuid": "01386435-635f-478b-9f3a-f50d1bedddcb",
"referenced_uuid": "893fd05b-7ae9-400c-967a-7b9354ba2cd0",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-3614-4d05-aedf-4eed02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071737",
"to_ids": true,
"type": "md5",
"uuid": "1fe41a08-0262-4db3-9fbc-66e98e850b3b",
"value": "457812c13d4d8ad5fd844ae572b4322b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha1",
"uuid": "24b27754-c443-4754-ae4b-5d55cc45da1e",
"value": "821368b4910c6ac50f6bad1c218e0f9a6f1fdcfb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha256",
"uuid": "71622522-8f56-48e2-a5db-855ca1477896",
"value": "94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071737",
"uuid": "893fd05b-7ae9-400c-967a-7b9354ba2cd0",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071737",
"to_ids": false,
"type": "datetime",
"uuid": "57b0d487-c510-4f1d-8277-40f93851276b",
"value": "2019-02-06T16:38:35"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071737",
"to_ids": false,
"type": "link",
"uuid": "078a5e11-ea84-4270-9684-cf9b826c92a3",
"value": "https://www.virustotal.com/file/94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9/analysis/1549471115/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071737",
"to_ids": false,
"type": "text",
"uuid": "812d0331-b046-46be-84cf-8f336b99a54c",
"value": "30/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071737",
"uuid": "48e70434-5c21-4be1-bc1f-b780b4d207b9",
"ObjectReference": [
{
"comment": "",
"object_uuid": "48e70434-5c21-4be1-bc1f-b780b4d207b9",
"referenced_uuid": "d89a842f-a120-486c-9712-30971d8b25b8",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-89a8-40fc-af0b-472e02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071737",
"to_ids": true,
"type": "md5",
"uuid": "e02d4bd2-d250-4819-b395-90b23df8dfb4",
"value": "f586edd88023f49bc4f9d84f9fb6bd7d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha1",
"uuid": "2d10f740-1edf-4019-8cd2-5484f3095e65",
"value": "b966657d35bba9416775d320bb87086001995bbe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha256",
"uuid": "12c23290-d187-405e-8c28-337e5750e1f7",
"value": "c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071737",
"uuid": "d89a842f-a120-486c-9712-30971d8b25b8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071737",
"to_ids": false,
"type": "datetime",
"uuid": "16380a5b-84a8-45c7-9d2f-c0cec7698842",
"value": "2019-02-06T07:29:26"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071737",
"to_ids": false,
"type": "link",
"uuid": "c9870bdc-f622-4488-bd92-b1b2e7c6d72a",
"value": "https://www.virustotal.com/file/c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d/analysis/1549438166/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071737",
"to_ids": false,
"type": "text",
"uuid": "f184cade-e94a-423a-803c-b574d9a5662c",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071737",
"uuid": "cffa2b73-f39b-49e0-9824-745f68f99e49",
"ObjectReference": [
{
"comment": "",
"object_uuid": "cffa2b73-f39b-49e0-9824-745f68f99e49",
"referenced_uuid": "1624a039-f336-4b35-b1ad-89e032e4be42",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-8b54-4ae3-a9a3-425402de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071737",
"to_ids": true,
"type": "md5",
"uuid": "27d4f1a2-5792-44bf-8b73-acc15fb590b0",
"value": "1b891bc2e5038615efafabe48920f200"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha1",
"uuid": "ad61d8a8-f5fc-4bff-b946-47cbe4df3056",
"value": "95ab56ab1f0d4f010569ead7915fbc833a36cd73"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha256",
"uuid": "5caef4f2-9c47-45e0-a25d-5655b78065e6",
"value": "9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071737",
"uuid": "1624a039-f336-4b35-b1ad-89e032e4be42",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071737",
"to_ids": false,
"type": "datetime",
"uuid": "46dee20b-793b-484c-b481-b2c2d90cfe6e",
"value": "2019-02-06T07:29:35"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071737",
"to_ids": false,
"type": "link",
"uuid": "bf78ef76-8a9b-4953-81a4-19ceb78bb03b",
"value": "https://www.virustotal.com/file/9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c/analysis/1549438175/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071737",
"to_ids": false,
"type": "text",
"uuid": "d85f4aab-6b1f-4935-a835-fabd2c81885e",
"value": "53/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071737",
"uuid": "f94110e1-dc59-4311-85d2-4e9c846925cf",
"ObjectReference": [
{
"comment": "",
"object_uuid": "f94110e1-dc59-4311-85d2-4e9c846925cf",
"referenced_uuid": "7760b61a-dbbd-4033-80e1-16e65ec75734",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-a538-40e5-ac31-409202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071737",
"to_ids": true,
"type": "md5",
"uuid": "2d8ff686-5f66-4e11-a58f-e608628f2e78",
"value": "37c89f291dbe880b1f3ac036e6b9c558"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha1",
"uuid": "53211a11-335c-4d72-9ba4-123d5c134e07",
"value": "16a046d2557cc6377d713e21f14f1ebea7128419"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha256",
"uuid": "9276a217-963f-4016-8c35-1b9bdcf41fe0",
"value": "e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071737",
"uuid": "7760b61a-dbbd-4033-80e1-16e65ec75734",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071737",
"to_ids": false,
"type": "datetime",
"uuid": "ba06c3e3-d71d-453d-ae9d-35745748224f",
"value": "2019-02-06T07:29:31"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071737",
"to_ids": false,
"type": "link",
"uuid": "577dbfd8-241d-4aad-aa12-bedc24610a2c",
"value": "https://www.virustotal.com/file/e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b/analysis/1549438171/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071737",
"to_ids": false,
"type": "text",
"uuid": "b1f413a3-77cc-40db-8fd4-cb2b4947154b",
"value": "56/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071737",
"uuid": "9781a7d0-f1fd-464b-a4a8-8be4779e3ee7",
"ObjectReference": [
{
"comment": "",
"object_uuid": "9781a7d0-f1fd-464b-a4a8-8be4779e3ee7",
"referenced_uuid": "ee47025e-eee5-4c8e-b1c2-9edf4ac1d336",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-e544-486c-88a1-473b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071737",
"to_ids": true,
"type": "md5",
"uuid": "900d6f66-770a-419b-85f4-a6223c877845",
"value": "bcf3c53af6e43c4c14561e7013622985"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha1",
"uuid": "2a0df2a8-7928-4fbf-bbde-571b55b47f75",
"value": "be23d2e94a13cdb788018c6e8d969c4adcbe3284"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071737",
"to_ids": true,
"type": "sha256",
"uuid": "72fad97e-a845-4d81-a85c-1a570c314328",
"value": "5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071737",
"uuid": "ee47025e-eee5-4c8e-b1c2-9edf4ac1d336",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071738",
"to_ids": false,
"type": "datetime",
"uuid": "479c5091-81be-4c05-aa96-fdafe9a6b07b",
"value": "2019-02-06T16:38:27"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071738",
"to_ids": false,
"type": "link",
"uuid": "af05bf9f-cd60-4135-9c3b-2b5aba115c9e",
"value": "https://www.virustotal.com/file/5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b/analysis/1549471107/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071738",
"to_ids": false,
"type": "text",
"uuid": "23b246b2-3807-4113-a4f6-34071db06983",
"value": "45/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071738",
"uuid": "7380e51e-2b4e-408d-82ce-cf5723eb13ae",
"ObjectReference": [
{
"comment": "",
"object_uuid": "7380e51e-2b4e-408d-82ce-cf5723eb13ae",
"referenced_uuid": "fd727e71-50a5-4910-936a-acbe15fd53de",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-35b8-451f-b95f-4c4c02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071738",
"to_ids": true,
"type": "md5",
"uuid": "fbf31453-3f3b-4ce6-b450-265204e3b25d",
"value": "8a21337be17e1e921eeb4d1b9c1b4773"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha1",
"uuid": "a4a94c78-460e-4ff4-84c5-308e74c812b0",
"value": "d16da0dc12aea0b64abd3871a794cd9af38f2db4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha256",
"uuid": "a77189f3-31db-4e74-aa23-49981edfe1d4",
"value": "75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071738",
"uuid": "fd727e71-50a5-4910-936a-acbe15fd53de",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071738",
"to_ids": false,
"type": "datetime",
"uuid": "a30663d0-0e3c-4ecb-b72a-0e926299dc12",
"value": "2018-12-27T05:48:31"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071738",
"to_ids": false,
"type": "link",
"uuid": "03cdbe18-b8c4-4139-bb23-b8aac34f15c6",
"value": "https://www.virustotal.com/file/75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f/analysis/1545889711/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071738",
"to_ids": false,
"type": "text",
"uuid": "fd10cd43-048b-4df9-bb1e-0150c8cc0f84",
"value": "27/58"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071738",
"uuid": "b0e7f22f-e9d8-4e64-921f-bf6cf386541f",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b0e7f22f-e9d8-4e64-921f-bf6cf386541f",
"referenced_uuid": "f8340e59-acb0-48f3-b89c-80679d3caf99",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-ac74-43ce-87d8-450902de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071738",
"to_ids": true,
"type": "md5",
"uuid": "24588dd6-e7e8-4708-bc1c-206f4ab25e17",
"value": "db212129be94fe77362751c557d0e893"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha1",
"uuid": "b8e838ca-ec5c-400c-a0ec-efc94c432d13",
"value": "7fe6c8191749767254513b03da03cfbf6dd6c139"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha256",
"uuid": "d58faef8-258f-4a83-9c41-a15129ffa65e",
"value": "fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071738",
"uuid": "f8340e59-acb0-48f3-b89c-80679d3caf99",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071738",
"to_ids": false,
"type": "datetime",
"uuid": "349bac4a-c018-4547-9763-6e11637cab20",
"value": "2019-02-06T07:29:43"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071738",
"to_ids": false,
"type": "link",
"uuid": "7140b38b-cf92-4224-8732-882fb3c20773",
"value": "https://www.virustotal.com/file/fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0/analysis/1549438183/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071738",
"to_ids": false,
"type": "text",
"uuid": "2c497ce2-169b-4370-b72d-7a0e3f240e39",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071738",
"uuid": "8fa037cb-2f4c-434d-b4d3-9c6475d6bac1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "8fa037cb-2f4c-434d-b4d3-9c6475d6bac1",
"referenced_uuid": "79543532-9364-4fed-a47e-bc13a4d0b09f",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-ab20-4795-892d-461602de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071738",
"to_ids": true,
"type": "md5",
"uuid": "c75df60f-8afe-431f-a736-5b0fb206ca02",
"value": "75500bb4143a052795ec7d2e61ac3261"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha1",
"uuid": "66c7f8f9-492d-475d-a263-fff2a7502f8e",
"value": "a7d0b38bda630c927820380d311ddc70a9606407"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071738",
"to_ids": true,
"type": "sha256",
"uuid": "97688192-1d57-4c76-ae25-576021ddbc6d",
"value": "19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071738",
"uuid": "79543532-9364-4fed-a47e-bc13a4d0b09f",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071739",
"to_ids": false,
"type": "datetime",
"uuid": "384725fa-ac5c-4a42-928f-0a4b48db0072",
"value": "2019-02-06T05:12:06"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071739",
"to_ids": false,
"type": "link",
"uuid": "d856d880-ae09-4377-a644-e83315acc6a0",
"value": "https://www.virustotal.com/file/19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b/analysis/1549429926/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071739",
"to_ids": false,
"type": "text",
"uuid": "4833f2cc-3e66-48b5-9d93-6683b7284d24",
"value": "50/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071739",
"uuid": "3dd0a7e3-1359-4772-95d0-5b81e80dcaab",
"ObjectReference": [
{
"comment": "",
"object_uuid": "3dd0a7e3-1359-4772-95d0-5b81e80dcaab",
"referenced_uuid": "afe244a1-f7bc-49eb-af7f-b5220e9ddaaa",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-234c-4210-9858-48cf02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071739",
"to_ids": true,
"type": "md5",
"uuid": "23f7002f-3c58-47ac-ba59-e47583e23740",
"value": "d1bab4a30f2889ad392d17573302f097"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071739",
"to_ids": true,
"type": "sha1",
"uuid": "4c1b896e-b96a-437d-99b7-c8413a29d040",
"value": "5b045d98606f000a236b1bd4ac4c9e482b3f5475"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071739",
"to_ids": true,
"type": "sha256",
"uuid": "13e82b01-def4-4e8e-b6b9-899269105756",
"value": "312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071739",
"uuid": "afe244a1-f7bc-49eb-af7f-b5220e9ddaaa",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071739",
"to_ids": false,
"type": "datetime",
"uuid": "cbbfffc0-a0be-49d8-ba2f-2f48564eeaac",
"value": "2019-02-06T07:29:43"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071739",
"to_ids": false,
"type": "link",
"uuid": "ac3f30d3-5631-412d-9996-98d2777da8c6",
"value": "https://www.virustotal.com/file/312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3/analysis/1549438183/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071739",
"to_ids": false,
"type": "text",
"uuid": "dd88f267-0032-48bf-b84c-ace6fdf4677d",
"value": "56/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071739",
"uuid": "0891a364-b5f4-42c4-8f6d-5337c9be52d1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0891a364-b5f4-42c4-8f6d-5337c9be52d1",
"referenced_uuid": "2ebd5019-694e-44b0-b895-429aa15e4811",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-2c00-4255-a7d6-406702de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071739",
"to_ids": true,
"type": "md5",
"uuid": "e9338a5f-94cb-41a5-ac54-0ebe82723836",
"value": "f03f70d331c6564aec8931f481949188"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071739",
"to_ids": true,
"type": "sha1",
"uuid": "cd76c5d4-2795-47b4-a9c5-7e06588a9fa2",
"value": "01edb82de7b9666eaa5d2791a14092f2e73d2795"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071739",
"to_ids": true,
"type": "sha256",
"uuid": "4b332081-fd8f-40c7-a5b2-abe2c72c118f",
"value": "45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071739",
"uuid": "2ebd5019-694e-44b0-b895-429aa15e4811",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071739",
"to_ids": false,
"type": "datetime",
"uuid": "54b9a9db-e9d9-4bac-adcf-855f84d6e131",
"value": "2019-02-06T05:13:21"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "87817bf4-ba5f-4ad3-9d84-2cd48596ae12",
"value": "https://www.virustotal.com/file/45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2/analysis/1549430001/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "30597c02-efbf-4230-a8ee-f2dfd1124e6e",
"value": "48/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "1c9a6b81-aa9c-4d3b-b227-42003244cffb",
"ObjectReference": [
{
"comment": "",
"object_uuid": "1c9a6b81-aa9c-4d3b-b227-42003244cffb",
"referenced_uuid": "15cb12ce-e005-4be5-9482-a583f0e50b0b",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-7cb8-45cd-9d2a-4e7202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071740",
"to_ids": true,
"type": "md5",
"uuid": "0d27215e-dea2-486b-8a50-2c50830704dc",
"value": "3afa9243b3aeb534e02426569d85e517"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha1",
"uuid": "2838ec27-6bd3-4338-83ca-d8527c8a7697",
"value": "df8f49a3fdf8a9d550b22d65d21a8006ff593ac4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha256",
"uuid": "c62d8333-0737-41f6-8d7e-fdde8b66470f",
"value": "5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071740",
"uuid": "15cb12ce-e005-4be5-9482-a583f0e50b0b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071740",
"to_ids": false,
"type": "datetime",
"uuid": "16e27897-efe8-451f-b4bc-dd7204880eff",
"value": "2019-02-06T07:29:28"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "60bf5d46-c96b-4b41-b0d5-75fc50c9ae27",
"value": "https://www.virustotal.com/file/5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1/analysis/1549438168/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "95cbade1-ed3e-4cb8-89cc-88027ab52d1d",
"value": "56/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "62d4ceec-e814-474e-a6e3-9e68c084cae0",
"ObjectReference": [
{
"comment": "",
"object_uuid": "62d4ceec-e814-474e-a6e3-9e68c084cae0",
"referenced_uuid": "d2855be4-6ebb-47c2-ad86-741165666fa4",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-8e28-40e4-bce7-461302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071740",
"to_ids": true,
"type": "md5",
"uuid": "a5b0fc5e-e966-4d3d-bfbf-1fd8695bc7ab",
"value": "0898927cc8ac129af79d48a938edea17"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha1",
"uuid": "ec9f0bde-ec30-402e-b04b-3a0dd62bbaa5",
"value": "0134d88a8254f1e36755954a557c8035386ee5a5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha256",
"uuid": "5ff1ecaa-fd29-49de-a3ce-06d34d635a06",
"value": "e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071740",
"uuid": "d2855be4-6ebb-47c2-ad86-741165666fa4",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071740",
"to_ids": false,
"type": "datetime",
"uuid": "fc3b0a0d-eb10-4b90-bfd1-4c0358412732",
"value": "2019-02-06T16:38:52"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "6a9caeb3-b790-4b7c-87a1-4be4badea843",
"value": "https://www.virustotal.com/file/e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c/analysis/1549471132/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "738776d7-2be1-4287-80d6-6034d07cd906",
"value": "18/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "381d8ded-55ae-4efb-81cd-35ef6efcc504",
"ObjectReference": [
{
"comment": "",
"object_uuid": "381d8ded-55ae-4efb-81cd-35ef6efcc504",
"referenced_uuid": "099e9c1a-b7d6-4426-a115-27e85ccb8fa7",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-2210-4512-8d97-46bd02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071740",
"to_ids": true,
"type": "md5",
"uuid": "b45bc88c-4fe8-41a9-a4b7-001c079e869e",
"value": "5b425dcf90df36706bcdd21438d6d32a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha1",
"uuid": "1f193988-c2f9-4531-a369-c19d5cfa1d6a",
"value": "cbbb2c405c672d5c441cb0added81c714c577438"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha256",
"uuid": "7fb229f0-d367-41ec-a769-d20bb1d15628",
"value": "f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071740",
"uuid": "099e9c1a-b7d6-4426-a115-27e85ccb8fa7",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071740",
"to_ids": false,
"type": "datetime",
"uuid": "bf2dbaf3-7efd-47df-b588-bd777a03d4fe",
"value": "2019-02-06T05:09:31"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "d8c0c9f5-1d28-42a0-bd74-ea924139567b",
"value": "https://www.virustotal.com/file/f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974/analysis/1549429771/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "1dfc514a-3835-4148-9b6e-ff9a918d23db",
"value": "52/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "05595d72-593e-4946-9dc5-24b30515dfce",
"ObjectReference": [
{
"comment": "",
"object_uuid": "05595d72-593e-4946-9dc5-24b30515dfce",
"referenced_uuid": "7d69e219-7501-4077-8921-48919763f43d",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-f734-4f43-b819-48ae02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071740",
"to_ids": true,
"type": "md5",
"uuid": "23da1137-9697-4a94-b20f-0f58e17d42ff",
"value": "9da42d0bce9f5dbf22d33df77c561bda"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha1",
"uuid": "57d3abe1-ef66-4cac-9879-791a8cc033f2",
"value": "83c9f863b287086585790cb9d5e8590ae6ec5905"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha256",
"uuid": "ee9d4d29-9624-4647-a056-a7bc67047e05",
"value": "f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071740",
"uuid": "7d69e219-7501-4077-8921-48919763f43d",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071740",
"to_ids": false,
"type": "datetime",
"uuid": "30dcc6c9-be2f-4a35-81fe-2eec49d74554",
"value": "2019-02-06T07:06:02"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "c1be9f90-7ebb-4b53-8459-2c4e94702774",
"value": "https://www.virustotal.com/file/f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a/analysis/1549436762/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "ec63d1bf-2cdc-4e27-b001-6b6512b835e7",
"value": "46/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "639cd46d-5965-4159-9bce-9d3d7274fbe1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "639cd46d-5965-4159-9bce-9d3d7274fbe1",
"referenced_uuid": "8906dc4a-8002-4d0d-9074-dd9b2ba7b5f1",
"relationship_type": "analysed-with",
"timestamp": "1550071745",
"uuid": "5c6437c1-1ed4-4ba3-88fc-4cf702de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071740",
"to_ids": true,
"type": "md5",
"uuid": "e31ad10b-c31b-4e8b-aed4-965c4a94b81d",
"value": "c76ead62b38a9e9efca82b592d414637"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha1",
"uuid": "4874f894-98dd-466f-a4c8-9f2e09be84e8",
"value": "30e1ffabba6206bc0bcd41870e693022c0ea1622"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071740",
"to_ids": true,
"type": "sha256",
"uuid": "35562067-6daa-4c50-b927-c3773a08880a",
"value": "ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071740",
"uuid": "8906dc4a-8002-4d0d-9074-dd9b2ba7b5f1",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071740",
"to_ids": false,
"type": "datetime",
"uuid": "0bcb1a3e-76c8-47bc-8b63-cdbb3231d001",
"value": "2019-02-06T16:38:41"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071740",
"to_ids": false,
"type": "link",
"uuid": "fb7cd242-c97b-4f00-b50f-fe3fab0a19b3",
"value": "https://www.virustotal.com/file/ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3/analysis/1549471121/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071740",
"to_ids": false,
"type": "text",
"uuid": "259a68af-668e-4f8b-a738-2fd9fac1e150",
"value": "24/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071740",
"uuid": "fc256f20-e734-4e11-81a2-bb8ad2dcdfd9",
"ObjectReference": [
{
"comment": "",
"object_uuid": "fc256f20-e734-4e11-81a2-bb8ad2dcdfd9",
"referenced_uuid": "694806d8-22b7-4b09-ac37-4779a7fbc35b",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-35ec-4b0c-99d5-45a202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "037f474b-0b9b-4ab7-aaaf-a89871de85de",
"value": "ac0ff4bad83350b7dde27af8728a469f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "09a00dde-0270-419a-9efb-fa43665f2c24",
"value": "729f0b2521c30cb58a2d5278786be286574d7748"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "2098ebd6-1820-42cf-9958-3574942dea2a",
"value": "73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "694806d8-22b7-4b09-ac37-4779a7fbc35b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "dff934d0-493a-4758-b958-156ad8d071d4",
"value": "2019-02-06T07:29:36"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "8047b240-327e-4188-a22a-d66defd86c4c",
"value": "https://www.virustotal.com/file/73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca/analysis/1549438176/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071741",
"to_ids": false,
"type": "text",
"uuid": "4f5c1080-4a31-422f-a994-b49b49a72d7e",
"value": "48/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071741",
"uuid": "bccc82fd-3774-48e4-be42-098ea820115d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "bccc82fd-3774-48e4-be42-098ea820115d",
"referenced_uuid": "28c83e23-4c7f-4e8d-ada2-8e03d74fa173",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-5868-48d3-8ff0-428b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "a34cd43d-d983-4995-a2b4-a0521b4f84a1",
"value": "19610f0d343657f6842d2045e8818f09"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "787b6cbc-8a94-4547-a644-5f7caff7d9ad",
"value": "42d5c9c4c02e6d5c88ec0acce72327389a92f0d7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "ff5d34bb-b5c6-45d3-8953-2e4b497e05ba",
"value": "4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "28c83e23-4c7f-4e8d-ada2-8e03d74fa173",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "33709062-ab09-48c6-91a5-21727059b8ba",
"value": "2019-02-06T07:29:23"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "edba8204-6e92-4690-8a80-a39f22a94705",
"value": "https://www.virustotal.com/file/4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691/analysis/1549438163/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071741",
"to_ids": false,
"type": "text",
"uuid": "423dab76-4248-477a-957f-bb41be20b304",
"value": "50/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071741",
"uuid": "288bfa31-7ccd-4d93-989c-9df70ff90f9b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "288bfa31-7ccd-4d93-989c-9df70ff90f9b",
"referenced_uuid": "93bd8a81-3995-4312-90d9-68acac259128",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-88d4-47ed-ae6b-432602de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "ee95223d-b8e5-4263-8872-cb4e1c044eb9",
"value": "ca9644ef0f7ed355a842f6e2d4511546"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "97bfaf07-d309-4f1d-b629-6340c3c3d72f",
"value": "a91669bb4dcb713e997ddf98417730de78cb990a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "d2c42111-9784-4a23-89cf-3835b59595e2",
"value": "bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "93bd8a81-3995-4312-90d9-68acac259128",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "e36744a3-d731-42cf-a842-f68e2a9879d4",
"value": "2019-02-06T07:29:25"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "2548bb19-5005-4587-b789-9c4b6dc4fccd",
"value": "https://www.virustotal.com/file/bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91/analysis/1549438165/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071741",
"to_ids": false,
"type": "text",
"uuid": "9b26ada5-1ba7-4267-8585-5f42a7d354d5",
"value": "58/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071741",
"uuid": "8f353d3b-5d07-4e5a-99c5-a2519d203b3c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "8f353d3b-5d07-4e5a-99c5-a2519d203b3c",
"referenced_uuid": "951ddcdd-17e2-4a56-b66d-c921d543bf26",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-10e0-4381-96e7-494d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "45b6ba99-3589-4ba2-8cd3-d90d37e95c26",
"value": "c1cb28327d3364768d1c1e4ce0d9bc07"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "70eb9cda-d206-42e6-92ea-4bf899a2b1d4",
"value": "741e955a9e458a70b5c085b3bfba800fdfb4ccde"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "4456db49-d339-4b44-9818-a2f47ca38d2b",
"value": "2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "951ddcdd-17e2-4a56-b66d-c921d543bf26",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "8a68d820-1b52-4fb4-ac80-8102db67f6f4",
"value": "2019-02-06T07:29:38"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "f2ebcf5e-3a4b-4442-ad00-fdb675c0d0d8",
"value": "https://www.virustotal.com/file/2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910/analysis/1549438178/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071741",
"to_ids": false,
"type": "text",
"uuid": "ff43c3f5-193f-466b-8068-57e644db8b3e",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071741",
"uuid": "2d8c066c-87d3-4e7c-9bf0-cb14a2613f8b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "2d8c066c-87d3-4e7c-9bf0-cb14a2613f8b",
"referenced_uuid": "cf4e8ce1-02a5-4756-aa73-f0808d26e893",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-b608-4900-828b-4f3e02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "c95bcbb5-59a8-4f4c-9e2b-785e6815256b",
"value": "c2a07ca21ecad714821df647ada8ecaa"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "67a14f1f-1add-4494-8c83-af7095147533",
"value": "84bfc398487494552a2876e32dc8fb4f6f377a08"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "a1df2df1-cf45-4d01-8a10-e0059daffd6c",
"value": "c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "cf4e8ce1-02a5-4756-aa73-f0808d26e893",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "f1c0ebcb-35f8-4a55-93a4-11e7aa042be7",
"value": "2019-02-13T09:06:51"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "fba8bba2-b2ae-4eff-99ae-aac8d9a22247",
"value": "https://www.virustotal.com/file/c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0/analysis/1550048811/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071741",
"to_ids": false,
"type": "text",
"uuid": "dec8c141-11d6-4737-ba00-159741f9356e",
"value": "50/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071741",
"uuid": "d7bca1e4-52c3-4c73-a770-55e812483901",
"ObjectReference": [
{
"comment": "",
"object_uuid": "d7bca1e4-52c3-4c73-a770-55e812483901",
"referenced_uuid": "21d925a3-f03d-4337-85b0-daf30580a4e2",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-673c-444e-8b1d-4d4402de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071741",
"to_ids": true,
"type": "md5",
"uuid": "29e88ecb-21fa-4f40-80e4-9fb247f1f8bf",
"value": "3106dd1dc98bfb8ce72c613448baec29"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha1",
"uuid": "2f274332-7fd7-4e1e-9b98-05313cd79d36",
"value": "a65eccb9a813a6cb32b83703b9b4b7583dc239ab"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071741",
"to_ids": true,
"type": "sha256",
"uuid": "13b3f180-d147-4f23-92a4-f5579826feba",
"value": "72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071741",
"uuid": "21d925a3-f03d-4337-85b0-daf30580a4e2",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071741",
"to_ids": false,
"type": "datetime",
"uuid": "47db33c3-d6d3-48bf-8979-3a22b440a52f",
"value": "2019-02-05T21:35:35"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071741",
"to_ids": false,
"type": "link",
"uuid": "5adb25a6-431c-41b1-b63f-777dc609d61b",
"value": "https://www.virustotal.com/file/72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff/analysis/1549402535/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "78f3b20f-dbd2-41c3-a012-b7c1f89c0c85",
"value": "29/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "70d7c48c-f319-47bf-9c32-d4c986192b09",
"ObjectReference": [
{
"comment": "",
"object_uuid": "70d7c48c-f319-47bf-9c32-d4c986192b09",
"referenced_uuid": "695318d6-bc08-4cd2-833f-432f371f64f1",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-2180-4d76-b03e-4ac002de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071742",
"to_ids": true,
"type": "md5",
"uuid": "280a8a44-64ac-4e8f-88ed-e7a68bf4220e",
"value": "684888079aaf7ed25e725b55a3695062"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha1",
"uuid": "0b791e89-b864-47e4-a8fe-e29eaf0abaaf",
"value": "2d0ee3b718ec4e391753616853286c22be7bf521"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha256",
"uuid": "fc9b4a27-5daf-4e55-8a68-7ecf4176a948",
"value": "2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071742",
"uuid": "695318d6-bc08-4cd2-833f-432f371f64f1",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071742",
"to_ids": false,
"type": "datetime",
"uuid": "03a1a316-4989-43c6-8978-103ef056a79f",
"value": "2019-02-06T07:29:44"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071742",
"to_ids": false,
"type": "link",
"uuid": "31be62f3-78c8-407e-8847-804254979fdf",
"value": "https://www.virustotal.com/file/2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699/analysis/1549438184/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "bb9e0ccb-46dc-4db7-945d-18f6157d3cdd",
"value": "53/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "276c87a6-444b-4cfc-b4fb-840824cfdaf4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "276c87a6-444b-4cfc-b4fb-840824cfdaf4",
"referenced_uuid": "2229647e-bb62-4241-8c89-9d0a1e41872b",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-3380-47c3-a8b0-4a2c02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071742",
"to_ids": true,
"type": "md5",
"uuid": "fc50cc9a-16ab-4af2-a949-7cd9ab18e156",
"value": "1d0105cf8e076b33ed499f1dfef9a46b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha1",
"uuid": "45b063b9-bff4-46b5-985e-e25703d22e39",
"value": "69620adf44795ee5293ce301cd3d70045e332bbf"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha256",
"uuid": "752c815b-0069-47b7-9d5a-16e99d2a7613",
"value": "d26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071742",
"uuid": "2229647e-bb62-4241-8c89-9d0a1e41872b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071742",
"to_ids": false,
"type": "datetime",
"uuid": "16530485-db7c-4482-bd0e-92662eec403c",
"value": "2019-02-06T07:29:47"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071742",
"to_ids": false,
"type": "link",
"uuid": "7e867218-f240-44a7-acf9-abe7d1b93f2e",
"value": "https://www.virustotal.com/file/d26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed/analysis/1549438187/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "f27770f1-10b7-41f9-ba77-f558def1127e",
"value": "52/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "c29a6db8-e2d9-43dc-a547-d82ac940180d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "c29a6db8-e2d9-43dc-a547-d82ac940180d",
"referenced_uuid": "2e73b918-dd7f-46ab-9c10-0b792ab16ac8",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-096c-4c97-b869-4c5802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071742",
"to_ids": true,
"type": "md5",
"uuid": "378c66bb-d84e-46ab-af82-10abe919a0e9",
"value": "a32468828c12657497cddf57190f5700"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha1",
"uuid": "745aa0e3-4a5e-48ec-a43d-fe82949626d8",
"value": "b6d17ae3900e72df2e9ffbf7f03d18e6d7112942"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha256",
"uuid": "c0e62188-b003-41e8-9bef-d7a62d11128c",
"value": "2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071742",
"uuid": "2e73b918-dd7f-46ab-9c10-0b792ab16ac8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071742",
"to_ids": false,
"type": "datetime",
"uuid": "738f58be-7a4e-4d31-bc86-35e1d23f6c2b",
"value": "2019-02-06T07:41:00"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071742",
"to_ids": false,
"type": "link",
"uuid": "fbb07896-9d23-4908-aaac-80994c3d4dc9",
"value": "https://www.virustotal.com/file/2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee/analysis/1549438860/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "5299eea8-f34c-4564-b20c-01277ed7975c",
"value": "54/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "628b2c40-a54a-479d-8222-5ef217c3a617",
"ObjectReference": [
{
"comment": "",
"object_uuid": "628b2c40-a54a-479d-8222-5ef217c3a617",
"referenced_uuid": "b7e45e34-229c-491f-b32a-377671af7a35",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-6640-4708-b6e3-446c02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071742",
"to_ids": true,
"type": "md5",
"uuid": "3549eda4-223b-4362-8776-719a52638006",
"value": "3f72617e150e3dbb3372b84995e7b24c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha1",
"uuid": "5c8a56ec-2494-4feb-8cc8-f63bfb8cf086",
"value": "4afa2232a11f1180bbf05080671ecac61c303b10"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha256",
"uuid": "916aa5f7-8aef-495b-a1ea-566ecc93d067",
"value": "c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071742",
"uuid": "b7e45e34-229c-491f-b32a-377671af7a35",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071742",
"to_ids": false,
"type": "datetime",
"uuid": "d6dfe486-52f4-4565-91fa-62b4a838a6fd",
"value": "2019-02-06T16:38:44"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071742",
"to_ids": false,
"type": "link",
"uuid": "6b866a42-b6e9-4453-8718-f994c8bbecb3",
"value": "https://www.virustotal.com/file/c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb/analysis/1549471124/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "79edd2b7-9684-438d-a988-3b99f82df57b",
"value": "27/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "be7f953d-6b2e-4b1c-87ca-9240177cedaa",
"ObjectReference": [
{
"comment": "",
"object_uuid": "be7f953d-6b2e-4b1c-87ca-9240177cedaa",
"referenced_uuid": "de27e053-4806-489a-9cea-38e966b43179",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-b45c-4f6e-880e-4e2b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071742",
"to_ids": true,
"type": "md5",
"uuid": "5b14c82c-b4ee-41a1-b01a-038918b9c6e2",
"value": "d8605112c0bfea7cb068043ea0250c58"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha1",
"uuid": "fa7181ec-1a2d-41ac-9f35-2d507e431100",
"value": "7f7776d23c3560486e7ddae0e06dc954b7ac0e29"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071742",
"to_ids": true,
"type": "sha256",
"uuid": "2aab9e59-269b-472f-9805-e1efa44bb284",
"value": "2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071742",
"uuid": "de27e053-4806-489a-9cea-38e966b43179",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071742",
"to_ids": false,
"type": "datetime",
"uuid": "6e289952-8687-47fa-85d7-e6e3e3bb0a8a",
"value": "2017-08-17T12:56:03"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071742",
"to_ids": false,
"type": "link",
"uuid": "82f01dc7-8fba-468b-a2ac-cde8cf031e16",
"value": "https://www.virustotal.com/file/2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636/analysis/1502974563/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071742",
"to_ids": false,
"type": "text",
"uuid": "40558cc7-f880-4553-8b93-798ca48a9bb6",
"value": "18/64"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071742",
"uuid": "4151d80d-b8d4-4aca-9def-86eb3b109026",
"ObjectReference": [
{
"comment": "",
"object_uuid": "4151d80d-b8d4-4aca-9def-86eb3b109026",
"referenced_uuid": "da2752ec-c5ed-45fc-828b-543b59dbd0ee",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-a2e4-4770-9f60-4ee602de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071743",
"to_ids": true,
"type": "md5",
"uuid": "41558c4a-1f92-486c-9f8c-4483279d7615",
"value": "62898b77bd9e8e286d6bc760f3e28981"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha1",
"uuid": "f26266e2-2080-4bbf-a08a-b93cd3da902b",
"value": "1c6a50e51203fda640b8535268bee657591d0ac5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha256",
"uuid": "b14a92af-41f9-419d-a29a-f9bb54b97fca",
"value": "759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071743",
"uuid": "da2752ec-c5ed-45fc-828b-543b59dbd0ee",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071743",
"to_ids": false,
"type": "datetime",
"uuid": "519af179-61ff-4534-af29-d8a205fd3b3f",
"value": "2019-02-06T07:40:59"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071743",
"to_ids": false,
"type": "link",
"uuid": "812c7088-e617-4618-ac2f-32e7bd232b63",
"value": "https://www.virustotal.com/file/759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681/analysis/1549438859/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071743",
"to_ids": false,
"type": "text",
"uuid": "e5624e3a-6453-4e9b-8390-118a76810f06",
"value": "52/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071743",
"uuid": "09630c42-c5ed-4979-8225-c764eacedfd1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "09630c42-c5ed-4979-8225-c764eacedfd1",
"referenced_uuid": "d404c92b-1a0d-444c-86c0-02d7ae47edbe",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-7614-488b-9a53-497402de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071743",
"to_ids": true,
"type": "md5",
"uuid": "80f7b91b-13cc-4777-bff5-f968b0e85462",
"value": "ac725400d9a5fe832dd40a1afb2951f8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha1",
"uuid": "8687ff6a-268e-4d00-9b6f-7bffdda04400",
"value": "01d6e50b2fbba59ca22930075c1022b840c4b240"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha256",
"uuid": "9c061b35-0d6f-4eea-9f78-9172ed4d017b",
"value": "590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071743",
"uuid": "d404c92b-1a0d-444c-86c0-02d7ae47edbe",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071743",
"to_ids": false,
"type": "datetime",
"uuid": "6725bb3d-7a9c-4fd4-bf29-ef5fb866fad3",
"value": "2019-02-06T07:29:49"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071743",
"to_ids": false,
"type": "link",
"uuid": "1309230e-0e1b-4155-8a39-8adbd583bc2b",
"value": "https://www.virustotal.com/file/590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237/analysis/1549438189/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071743",
"to_ids": false,
"type": "text",
"uuid": "795217d9-c7f4-4c57-bfcc-04e5db5129ae",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071743",
"uuid": "2c72a63b-8fc4-4126-be30-f07edeeb2be0",
"ObjectReference": [
{
"comment": "",
"object_uuid": "2c72a63b-8fc4-4126-be30-f07edeeb2be0",
"referenced_uuid": "d898f1fd-3317-4ba1-8219-8b965c69ede0",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-775c-461c-ba3b-4a3a02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071743",
"to_ids": true,
"type": "md5",
"uuid": "f6534597-c67b-477d-8867-225ff697db15",
"value": "7891f00dcab0e4a2f928422062e94213"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha1",
"uuid": "e8bede45-67fd-416f-9dc8-35afb001190e",
"value": "7cb04a4b86d998604341bc2b610a0a556830993d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha256",
"uuid": "271dace7-b7be-4ee4-8b49-a65af0bbdf76",
"value": "b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071743",
"uuid": "d898f1fd-3317-4ba1-8219-8b965c69ede0",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071743",
"to_ids": false,
"type": "datetime",
"uuid": "9fa1ed24-4be2-4711-8760-5510d834b226",
"value": "2019-02-06T07:29:29"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071743",
"to_ids": false,
"type": "link",
"uuid": "425e90e6-3556-4924-88d5-1a146adb3b4e",
"value": "https://www.virustotal.com/file/b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df/analysis/1549438169/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071743",
"to_ids": false,
"type": "text",
"uuid": "8db07d3e-5c31-427e-b98b-0e6a1422ce63",
"value": "54/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071743",
"uuid": "8f41ad1e-f4a3-4c32-beda-e7ee3ea8d52f",
"ObjectReference": [
{
"comment": "",
"object_uuid": "8f41ad1e-f4a3-4c32-beda-e7ee3ea8d52f",
"referenced_uuid": "b3a4c9be-5327-4083-8eb2-65484063def0",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-954c-41ad-a6dc-437702de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071743",
"to_ids": true,
"type": "md5",
"uuid": "50266430-8a94-4b33-9f73-f6ce47abfada",
"value": "0c0a39e1cab4fc9896bdf5ef3c96a716"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha1",
"uuid": "5c2b4ecd-19c3-451e-8f95-1c09b2215eca",
"value": "de5af856804974ba3df03928fff03447e8f4c9c2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071743",
"to_ids": true,
"type": "sha256",
"uuid": "428c0287-dd67-4130-bbb5-21d8967f7360",
"value": "316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071743",
"uuid": "b3a4c9be-5327-4083-8eb2-65484063def0",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071744",
"to_ids": false,
"type": "datetime",
"uuid": "2b4ace88-077e-4d68-b057-5513160cf4bc",
"value": "2019-02-06T07:29:39"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071744",
"to_ids": false,
"type": "link",
"uuid": "35d61a8c-b90f-4cf7-8522-dad5063232b1",
"value": "https://www.virustotal.com/file/316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d/analysis/1549438179/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071744",
"to_ids": false,
"type": "text",
"uuid": "003a8d66-7d97-4e4b-a280-63db1baa318d",
"value": "56/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071744",
"uuid": "26b9c4a9-d9ba-4e22-b6f1-598839f9f6cf",
"ObjectReference": [
{
"comment": "",
"object_uuid": "26b9c4a9-d9ba-4e22-b6f1-598839f9f6cf",
"referenced_uuid": "2eb53dc0-f967-43f8-92b7-f9e9b38e55a6",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-3744-4a40-97d7-482d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071744",
"to_ids": true,
"type": "md5",
"uuid": "23b8dde2-9078-4e62-af53-2ef644bd3036",
"value": "779dbb88e037a6ecc8ab352961dbb028"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071744",
"to_ids": true,
"type": "sha1",
"uuid": "fe03518c-959d-4557-b3a4-8ae0f5ed8905",
"value": "36d6cc4c0f6c3a1910114edc3729849897b5a799"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071744",
"to_ids": true,
"type": "sha256",
"uuid": "f3dbf7fe-341e-4aa5-8ce9-58a390ce9066",
"value": "58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071744",
"uuid": "2eb53dc0-f967-43f8-92b7-f9e9b38e55a6",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071744",
"to_ids": false,
"type": "datetime",
"uuid": "ea534ec1-c9ac-4db9-95c8-1019407301c6",
"value": "2019-02-05T21:35:35"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071744",
"to_ids": false,
"type": "link",
"uuid": "f85e1632-fe67-461d-b2ee-894affbfec11",
"value": "https://www.virustotal.com/file/58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59/analysis/1549402535/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071744",
"to_ids": false,
"type": "text",
"uuid": "a32a4a13-9aab-491f-b8bf-86e4595b4c14",
"value": "45/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1550071744",
"uuid": "5cda82c1-3195-4326-9b01-4344c53bf9d7",
"ObjectReference": [
{
"comment": "",
"object_uuid": "5cda82c1-3195-4326-9b01-4344c53bf9d7",
"referenced_uuid": "16fa906e-3189-4edc-9f49-3c63f85f8a7d",
"relationship_type": "analysed-with",
"timestamp": "1550071746",
"uuid": "5c6437c2-b934-4dd5-ba15-463e02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1550071744",
"to_ids": true,
"type": "md5",
"uuid": "681b4482-d64a-4225-a789-c3940a9de48e",
"value": "07abd6583295061eac2435ae470eff78"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1550071744",
"to_ids": true,
"type": "sha1",
"uuid": "81f56633-c943-4a4d-ba76-035a45ac87da",
"value": "16d0795e4864f67acbb1ae2ce76eb16445dae4b5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1550071744",
"to_ids": true,
"type": "sha256",
"uuid": "88bfc5e4-d2db-4f68-9863-14fd3bb06c97",
"value": "efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1550071744",
"uuid": "16fa906e-3189-4edc-9f49-3c63f85f8a7d",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1550071744",
"to_ids": false,
"type": "datetime",
"uuid": "d934f25a-ebda-4fdc-94ba-68f1c13cb9bc",
"value": "2019-02-06T07:29:40"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1550071744",
"to_ids": false,
"type": "link",
"uuid": "9c92b873-8ca8-4558-acd3-ddca03e52ea7",
"value": "https://www.virustotal.com/file/efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057/analysis/1549438180/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1550071744",
"to_ids": false,
"type": "text",
"uuid": "23a6d93a-4234-4420-8fc7-7c911fbbe6ed",
"value": "46/71"
}
]
}
]
}
}
Reference in a new issue Copy permalink