misp-circl-feed/feeds/circl/misp/5d64d069-0fa0-45a4-bd65-b6f0950d210f.json

2140 lines
2.7 MiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "0",
"date": "2019-08-24",
"extends_uuid": "",
"info": "OSINT - Gamaredon group",
"publish_timestamp": "1566995400",
"published": true,
"threat_level_id": "3",
"timestamp": "1566995352",
"uuid": "5d64d069-0fa0-45a4-bd65-b6f0950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Command-Line Interface - T1059\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Execution through API - T1106\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Scripting - T1064\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Modify Registry - T1112\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-attack-pattern=\"Query Registry - T1012\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Gamaredon Group\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Gamaredon Group - G0047\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"Gamaredon Group\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:mitre-intrusion-set=\"Gamaredon Group - G0047\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:threat-actor=\"Gamaredon Group\""
},
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "Get the native informations on the computer",
"data": "iVBORw0KGgoAAAANSUhEUgAABUQAAAGTCAYAAADgCBjTAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAGHNSURBVHhe7d3fsyRXYSd43saOmCA8EQ4i7GFWtoYB/UBGqIUkkOSmW+oWkhojQLQst4Ra8wPQWNJgoC2DYl4WbCN2TUtoIga8D+ZlxBV+IAQRfluiFx70srELjxMTu+sXnvF/cLZO/qg8mXkyq+r2rbqZdT8Pn6AqT+Y5J09m3Sa/OqfqHf/mplsDAAAAAMBJIBAFAAAAAE4MgSgAAAAAcGIIRAEAAACAE0MgCgAAAACcGAJRAAAAAODEEIgCAAAAACeGQBQAAAAAODEEogAAAADAiSEQBQAAAABODIEoAAAAAHBiCEQBAAAAgBNDIAoAAAAAnBgCUQAAAADgxBCIAgAAAAAnhkAUAAAAADgxBKIAAAAAwIkhEAUAAAAATgyBKAAAAABwYghEAQAAAIATQyAKAAAAAJwYAlEAAAAA4MQQiAIAAAAAJ4ZAFAAAAAA4MQSiAAAAAMCJIRAFAAAAAE4MgSgAAAAAcGIIRAEAAACAE0MgCgAAAACcGAJRAAAAAODEEIgCAAAAACeGQBQm6L03vz984PY7AAAAmJGbbnl/9hkPmBaBKEzQAw88GM6cPR/u+8MzAAAAzMBHz54LDzx4LvuMB0yLQBQm6IEHzoWbb/1guOHGmwAAAJiBW97/wcWz3PnsMx4wLQJRmCCBKAAAwLwIRGE+BKIwQQJRAACAeRGIwnwIRGGCBKIAAADzIhCF+RCIwgQJRAEAAOZFIArzIRCFCRKIAgAAzItAFOZDIAoTJBAFAACYF4EozIdAFCZIIAoAADAvAlGYD4EoTJBAFAAAYF4EojAfAlGYIIEoAADAvAhEYT4EojBBAlEAAIB5EYjCfAhEYYIEogAAAPMiEIX5EIjCBAlEAQAA5kUgCvMhEIUJGgtE/9Xvvzf87g03AgAAsC2/957s89gYgSjMh0AUJmgsEP2ffv+94Xdu+H0AAAC2JIaiueexMQJRmA+BKEyQQBQAAOD4CERhvwlEYYK2H4ieCR/+u5+Fi3/3UnhPuv3+l8KFf1hsr3XLN1a1882nM2WrveeLP6z68sPw4fvz+2zqA9+sz++18IFM+fGrxiy5Dhe+eCaz34Ajv4a1O8I3D14I3zzd3fZy+NW1l8PbV+5ItgMAwLwJRGG/CURhgrYbiJaB2wNP9MtiWJjbfr2KEHLDUDQe0wSBw33OeuK1bHvt83s6PHBUQetAe9clBpuHCDO3dQ3PXnkh/OpaOxD93NXm/eeuCkUBANgfAlHYbwJRmKCtBqIj4d0HvjkeEMYZm4OzFRf1Ds9k3DDQXCsMHA408/2M+1/PrNB4fP4cRsdlpJ/NeC/26V6TVWMwMN7j1zBeh0OMwelPhrcPngkHvRmiiWKfT4azuTIAAJgZgSjsN4EoTND2AtEYiGUCs+4y627wF0PUxbYYwNXL2MvyMuy7UC2LL8qGQrxYx7ozHkfD1XIWZLnkvQxam4C3DC3T80jD38GZqsX5pUFhWW/dh6a99uu12sv0sxnD+vjXwoe7oWo2EB0Z7xXXsOxLvPZVm7lxyKqXyueWzDfMEAUAYJ8IRGG/CURhgrYXiMYwLA3+2vKzC8sQLj/rsFs2Vv9426nRGZe9oLAf8sbwb2g2ah1GdsPZVputNsowc6i+KNveSD+btpIx6YbAI4Ho2Hhnr+EaYzYkLpUvg858IFoupX85/MrsUAAA9ohAFPabQBQmaKuBaC9ka6wXpqW6gVw/oGusH8K1A9FYZznjsdhWzVZta9c7FogudWeFJufZD2SbPuRmuWbbG+nn9QWi4+Odu4axve6M0P45ZrSWwY/PEP2dS8+EX109my8DAICZEYjCfhOIwgRNaobokQWi4223xDCx0+YywItlK5Z7rxWILrT3qwPb+L/D/SzCxV4IORCIDvRz14Fori9rjVEMOePsz46DS5l9bzgbDq49Ez7X2w4AAPMjEIX9JhCFCdrmjyqNBWHZMK1aMt4O685UQd3qgG4pE3IOK9tM+9kOEXP9bMRzbPW38HT4cGtbZsZq0cdFO63w8Ez4wBPjxw21N9TPnQeivb4M921Yf4bo2Utnm2XyMTy1bB4AgD0hEIX9JhCFCdpmIDoWTObDtCgGaO3l32VYuTqgK/UDztW6bSb1xrBwqCyK57gsq84p/oDRN9NjhkLMTj/jjxDFHzEaOy7XXnFsvp/jgWg5Vs0xC8uANtk/+37kGrb6uOm1iLqBaJwRms4cHVlODwAAMyMQhf0mEIUJ2mogupCf0bg9xTLzFcvcp6EfMAIAACePQBT2m0AUJmjbgWgzC3Hb4V8MGNMZjtMUA+J65uQug2IAAGCaBKKw3wSiMEHjgej7in+cAQAA2JLf+9fZ57ExAlGYD4EoTND2Z4gCAAAwJIaiueexMQJRmA+BKEyQQBQAAOD4CERhvwlEYYKmFIh+7urL4e0rd7S3X3om/Orq2dY+xS+NH3wynE33K36ZPP0l8qSuWEey/eBSetxqxQ81Fd/7OfTL+Jtrvkt0qj+s1P8F+o2+87T7q/d/91J4T26/jVXXeXn94y/QPxM+19tv4fQnw9vJdf9VZr/l/ZSUFduSey46e+WF/H2YHFfs02qvVNyHvb5Eza/lx2O7935uW9+K+77zOYn9Lu///nHdX+8f/qwNSescuCYjcmM6LSNjvY7uPbByXKv2OvciALB/BKKw3wSiMEGTmiEaA4MVAc4yzMyEPYVMHdlQdc2Qof0r+WVI+MAT/f2ynngt+yNPsc6mjvhjUEcUtA60d11isHmIMLN9jkelcw8UVgSi6b1QBOPt4LOpK9ZTB4Lp6/r9OsdVcvdgbluiDFPT84j1bhC4Dd33izrS8Wp/noaCxzU/a4Pa47WOlWN6WJ3P/pFYcS2HtM9xffE4oSgA7DeBKOw3gShM0LSWzMcgZiCIygQb2YBhKBhqHbtm4LJWGDgcaMaZpf1ZlXH/65kVWv6afi5szLdXG+7nB75Zb1/s0w1UV43BE69l22zqzInB8iHGIBtujYRvmXuhuWfGQ7t0Rmh7pub4cYXcPbgiRCsD0SYA7b5faei+X3ye0u3N+Y8Eout+1gatGttnOp+9NcZ0VDw+37/2teuKx+X/Dnzuar19sU/3nltxLeP45dps6szZIKAGAPaOQBT2m0AUJmhq3yHaCjCSYCYXbGTDjqFg6DABz0DYVyuXvcdgr1pevgwTy9AyXW6eztwsjsvN5IwzPFthaVlv3YemvfbrtdrL9LP+KoAHnqiPfy18uBuqZgPRMly9UNVV1FPv010qX9TfHFv2JYalVZu5ccjqhuW1kTCtdy+0g6V4D/QD1lodlvXbHT9uIXcPrgjRynv5k9W5lOf0zdEwr2Pkvo/9retp7vvhAG7tz9qgzDWJ/bu2GLci5D1bXId01ungmMZzaNVVXsP0fOry9HXZh7K9paT+Zt+yvrosnmfc9+BSfXzmOmSvZXm/vF3VVdRT75Ocey3921P2Jd5jVZtD45C7f3rjAwDMkUAU9ptAFCZocj+qlIQNMShIw6tegJkJOseCoXS/dQKe0RmXvaAwho3tWZEx/BtaNl6Hkd3v1my12WqjDDPHlqFn2xvpZ9NWDCercLUbAo8Eos25JsdXsjNE1xizYZmQbXT7QiaIyt0HxfZM2LQsywRUY8dl78EVoVh9P9b1xrJ627KOMaP3fTNGzeeoCgIz/Vn7szYoc02K80+3le13x6DoS+c8WuPQOs9+HV3Zc+mNVaynDL2btpJzWJx76zrkxrrYPw3O+2OQnSE60pfWfrkxXTgb+xaD7d7+AMCcCERhvwlEYYImF4guA4F2AJALh7KBUS6syIQ52aCkox2IVjMaF4ptxWzO8n1j/UB0qTsrNAkN+4Fs04fcjxRl2xvp5/UFomkAul4gGtvrzgjtn+OQxf3QC6Gq7ZmgqJANrgbEe6RXT6w7F04lcsfl2l3Rl1YQV+2Xvb+HrLjvY13xdTsQzY/b2p+1QZ
"deleted": false,
"disable_correlation": false,
"timestamp": "1566897874",
"to_ids": false,
"type": "attachment",
"uuid": "5d64f6d2-8cf4-4612-93cc-4fa1950d210f",
"value": "Info.PNG"
},
{
"category": "External analysis",
"comment": "Get the system informations on the computer",
"data": "iVBORw0KGgoAAAANSUhEUgAABNMAAAKRCAYAAAB+0e8VAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAJrSSURBVHhe7f39rx33neD59U+7O5jBoBcYdGbbnW2P2mNZT7YoypKlK5km9WSREm3ZMiUNKVGc3nFbPZLWLZumPcoku3H3tO2FTbI1u2P1IuhJEFtX6lkIjLNGNhP0cG1ghCBA4AmwwCbZyfQP60WeEP8JlfOth1Pf+p6qOg/31K1b975+eEH3nno8hxR5z5ufOvVrf/tjd2QAAAAAwHJiGgAAAACsSEwDAAAAgBWJaQAAAACwIjENoMVtd9yV3X7nxwEAOOBuva395zmAoYhpAInbZj+UnT79VPbo458FAOAAe+Kzp7PPfOZk6890AEMR0wASd3787uzUo09kv33LxwAAOMBuv/NY9sgjj7f+TAcwFDENICGmAQBMg5gGjEFMA0iIaQAA0yCmAWMQ0wASYhoAwDSIacAYxDSAhJgGADANYhowBjENICGmAQBMg5gGjEFMA0iIaQAA0yCmAWMQ0wASYhoAwDSIacAYxDSAhJgGADANYhowBjENICGmAQBMg5gGjEFMA0iIaQAA0yCmAWMQ0wASYhoAwDSIacAYxDSAhJgGADANYhowBjENILEspv3W3/rb2Yc+/BEAALYo/IzV9rNXHzENGIOYBpBYFtN+88O/k/17v/23AADYot/87Vtaf/bqI6YBYxDTABJiGgDA/hPTgKkQ0wAShy6mPXwle+qnP8vOVf7sSvaRtvW25CNffS8/zlNfPbnWssLJ7IE/ey974OHm433bfeI75fP6zosLy2phvz/LHnkueqzjdamOlT7e3B8AsG1iGjAVYhpA4rDFtBCbGhFpQHmIKqNWOG4cv/qWNdb5aTOmdW/XDGT5ep3hazHSdb0u+/l6AQA1MQ2YCjENIHH4YtripFcsRKjOSbHnrncvW/Bi9shPr2efqL6fbXtu/n3fslKYFPuz69kjjei1wnZzybpBvs8Q2NpiWvvrsuz1AgCGIaYBUyGmASQGj2m9QWiL0ssYZxoTV/l5FJNexURYtTxEqfeyp/5sts13Xlwy8RUJx6sutcyPfT17pApTfcvy7avYlUSvpdvFmjEtTJjl551vF55/dC7l69H2uoSYFo5RvTb1/kv79esHAEeMmAZMhZgGkBg6pn3kuev5BNYnGkEohKBm4GlOdXUtW6590qoIZt1RKl7WjFSdQmTKw1cdxOaXTPYtm21bT8clMW3JdrWwPHo8BLNGAFx8vu2vS7GfKqK1hcT2Xz8AYK/ENGAqxDSAxJG4zHMhNsXSeLZeTItjVxrTWpc1zqU9prVul68fNANYvF1znVViWmpxOwBgGGIaMBViGkBCTNswpuXrpTcIqI7dsyyEr8bUXaEIZn37rL5P49rMQkwL+2m+DmIaABwsYhowFWIaQOJo3ICgiFCNaa6HT5ZxLY1n6ffdGlNjSbDrW1ZbjFd923XfPCE557DdijHtE1+NzivfbrXnDgDsjZgGTIWYBpAY/DPTGh/2P7zuCaxi6qt9Gqw/phXPoW2/8T7TCNW3rNI2Cda1Xfx4Jdo2nnhbuEtox+vy8JV8vXif6a9T93MHAPZCTAOmQkwDSAw/mebSQQCAlJgGTIWYBpAYOqaFyxbbL00EADi6xDRgKsQ0gMSymPahD39k9sPe7wAAsE2zn7HafvbqI6YBYxDTABKH7QYEAABTYDINmAoxDSAhpgEA7D8xDZgKMQ0gsT8xLdyEINxl8kr2kfjxh69kT0V3klxYvpbyGN95sWXZKk5mn3huW5/tFu682XXThfI8o+e91mfKbfU1i92TfWf3tew7J9LH3sx+efPN7IPL90SP105dfq13OQDQTkwDpkJMA0gMH9OKePTIc4vLws0J2h7fi7DPjYJaHqmuZ59oW7a2ENOW7Cscb4MQNsRrFhRRrBnTvny1/v7LVxeDWb7N1VOdywGAbmIaMBViGkBi8Jj23PXOuPWJ73RNbxU+8tX3uqe2ZvttX9Yd7/qEY4VJr+7twn7bz3fxPKOY1nWey2Jax3b9r1k4xw2C4Ilnsg92L2a7C5NpkXydZ7JT88dOZbs3L2Zfrr4/fzH7Zfw9ANBLTAOmQkwDSAwb0zoCVHqpYhqxQoCbPRZiUjNyFZdPPlVezpkvawtSYfu1pr7KCBW2S8JfPumWn2N4Hkmo28t5tsa0nu2WvGbFeYZzDPsotq/326e6vLPtMs/awuRZiGvlVFr+9c2L2W40yQYA9BPTgKkQ0wASw8a0aEKrRfuUVRGU2qev0mVd++8/7oIQqvL4tDjZlUeq1jC3x/PsiWl927W+Zgv76oiYLcKlmkUka49p1Wei/bIxlTYTJtHymFZvF4Lb7vloHQCgk5gGTIWYBpAYPKa1hqjCamEolsallkiVWz0mBWECrJryCl/Hl1eGmLb+ZZornGdnTOvfru01yyfYkkm09Hm0aly62T+ZVsez5vdxQBPTAGB1YhowFWIaQOLATaZtJab1H7epWPeR8nLOp75zvXH8zg/8P0AxLb/cNIlpnecdyz/nrLhbZ6w9iCWfkZZ/H1/6uSTGAQANYhowFWIaQGLoGxD0RZ3WMJRPlSXTYA+fLKPTCpEqWOcz0xZCVHOqrfv893ie24xp+Xrx4+n3q1iMYafOn6ov7QzhLbnUszGJtnCDAgCgj5gGTIWYBpAYOqb1ha32MBSEGFRMijU/bH95bKoi19KprFz7uvEH//dPeG1ynsUx423qmLf8+XW+ZuXNECqrPf9YGtOKybN6Yq1t6ixex508AWAdYhowFWIaQGLwmDYTgtTSz+/akrbPDwMAOGjENGAqxDSAxH7EtHoaK50i26ZySkxIAwAmQEwDpkJMA0gsi2kfymMaAADbFH7GavvZq4+YBoxBTANI7M9kGgAAMZNpwFSIaQAJMQ0AYP+JacBUiGkAiYMb005mn3huWzctCJ+n1nXn0MW7a651s4SHr2RPRdt23bl0feHumm9mv9x9JjsVP37imeyDm29mu+ejx/akPM5snx9cvmdh+ZevlnfrvHpqYdlhMX+Ojdc63Km07Q6mW+DXcB8s+/UrX7Mj9ZoAB42YBkyFmAaQOLAxLY9U27phQYhpS/YVjrdBCAt3Kn3kufZlmyve6G8vtsycv9gaDr58tQ4OIbrUMaZ5Dqcuv7YY9pbpOOZBEp7X/Dk3zjfEmIvZl6N1R7ffv4YT+PXrttqvXx4aJ/scgakT04CpENMAEgc1pn3kq+/lk17doSpMlLVPm4Vtm9NlUUx77nr75NmymNax3Se+0zXxFoRz3CAI7iVizLZtm05qRKMuYWKqM7asH5dWOmarZccKkWhx6iiPRdV2s+eyu8Kx4xDVfP7ROXS8poM5IL+GU/j1qyye66q/fgOEa4AViWnAVIhpAImDGdPKCPXc9ezcd15sLAuTYMUllSFiFZdozoNbWH+2LESvZowrLvN8KlzOOdtfviwNZ60xrWe79PLO+bEKxXmGcwz7KLav99unPTQERWwIl+yloSKEg9eyD8rL1vL1GlEobBPpCHXNqabUOiFm9WOmiksSw3HKfURhqFgWhNcnjiDF18W519t9ebZOuv8FIVyWx2g+/7Cfrtd0c9P4NVz9eKlRfv1m64dtq9e22GfYz4q/ftHvgYXHV/49D7A+MQ2YCjENIHEgY1oIVXl8WpzsyiNV6wRZEb7ap8TSZeH7ZGKsJ6b1bdc6mbawr+4pukXLgkfb8iIc1AFucZ0QMrqmb+aBpys2bDi903fM1YTj1s8jjzFt55hMY4Xn0x2UFs0jT2Pfy1/TzU3j1/Dg//qlr1nfsrbXvH/ZqTDRFs6/df8AeyemAVMhpgEkDmJMCxNg1ZRXeslmiGnrX6aZRrB1Ylr/dm0xLZ9gSybR0ufRbfbGvjOIBG1v/NPHFtdZKYyESZyFCaR4aih+fLlNY0weXUIYytVBJDzefh7h+VbrrRONknUbE0rLX9PNte1r+fH2+9fwwP/6rXVJa9trXgnHjMMbwP4Q04
"deleted": false,
"disable_correlation": false,
"timestamp": "1566897893",
"to_ids": false,
"type": "attachment",
"uuid": "5d64f6e5-1bbc-4db9-9d29-4bb1950d210f",
"value": "InfoSys.PNG"
},
{
"category": "External analysis",
"comment": "Window details",
"data": "iVBORw0KGgoAAAANSUhEUgAACIoAAAmSCAIAAAA6O2FTAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P3Pbxxpnud55qlQQAGJOuShkEggLqmWWNnsFTvInGr+GFL8kR0VcjUzuRxqOK72pBCNaE4NhSEixWEkdJjFCpmQDjm+rt5dJPcSpyi6dCFAYONY44g4CNgT57LAYOeQF531L+zz257nscfczUk3Os35Jl4omD/22GOPmbsS3faJ72M/unPvFwAAAAAAAAAAALg2xDMAAAAAAAAAAADXingGAAAAAAAAAADgWhHPAAAAAAAAAAAAXCviGQAAAAAAAAAAgGtFPAMAAAAAAAAAAHCtiGcAAAAAAAAAAACuFfEMAAAAAAAAAADAtSKeAQAAAAAAAAAAuFbEMwAAoMbu/WL67//1vwEAAACq8K+m4v/3JwAAo0I8AwAA6kr8/5b/8R8frq3/CgAAABi5zz5/ODv3X0X/T1AAAEaFeAYAANTYw4ePfvbJzwEAAICRu/9v5/7h381H/+9PAABGhXgGAADUGPEMAAAAKkI8AwCoFPEMAACoMeIZAAAAVIR4BgBQKeIZAABQY8QzAAAAqAjxDACgUsQzAACgxohnAAAAUBHiGQBApYhnAABAjRHPAAAAoCLEMwCAShHPAACAGiOeAQAAQEWIZwAAlSKeAQAANUY8AwAAgIoQzwAAKkU8AwAAaox4BgAAABUhngEAVIp4BgAA1BjxDAAAACpCPAMAqBTxDAAAqDHiGQAAAFSEeAYAUCniGQAAUGPEMwAAAKgI8QwAoFLEMwAAoMaIZwAAAFAR4hkAQKWIZwAAQI0RzwAAAKAixDMAgEoRzwAAgBojngEAAEBFiGcAAJUingEAADVGPAMAAICKEM8AACpFPAMAAGpsdPHM2vw33+988/Vd17L09aPvvt/R/PbB1FCvWrn2Apc/UT93D9+JAR8drg1sVMSc380vZS2pnuq6cofPvFIzT1xvPKbpOfgaZ193X3zovXh/NDuo8ec/a+6JRuFt02sEAAAYBeIZAECliGcAAECNjSiekcHD+uOgceZV3DIUGUWUS2iueKIkGa6os4vBXZqSbMx2fZdFKcmeM69Mh7DRbItDBo5pOjx+0//O7LefvV7WG1kYk2yU2Ux3a0Nuz77u7u3rRgAAgBEhngEAVIp4BgAA1Nho4plUYODSiEg+h5Aev8k1JiKfpCufKK+1/t2bGb0tLs1sJxuVpa8fffNmPat0Ke6pyf66AsbrKbaj2qNgTO8ys8MHWd56b9KXdKPLbAAAAKpAPAMAqBTxDAAAqLFRxDPxGlzBamPfeRGLzCpksYiqC9HtrfXv3j1SS5nJxih1EP375xCjOlFEDKvTJjn+m3WdiyQbZX99+d5NKOxpeNUzfjwjRvC3wzEFezfytTtFgkKZROPa297evvy/iW4AAABXRzwDAKgU8QwAAKixUcQzfsaQyRW1yIAkCirCxvw46ZEjozhR6LEuBjLpyIxePC3ZmNXoeFFKQU/dWSZJXjiU7ZWRkhkhMabtHB1eZOPomXyjTFg6k2uUwcwHmdCoXe1SkQ8AAEB5xDMAgEoRzwAAgBobTTyTCgzi1GQpuSSXn5TkU5M4n0gaxYlCKl9xwYnZSDZm54rjmbinG9x2sB/FgSp0efW1GSE5pupmxhGHp254QnMvEbpkjbp6Rrfz7hkAADB6xDMAgEoRzwAAgBq7vuqZy6Qmg3IUZfTxjOzgFhBzGUmq8bFcRc2nEpTk4b7kBGxjcszgopJjJvkBTL4ximd4Dw0AABgx4hkAQKWIZwAAQI2NIp5JFYjkUxNV/2FDi5//bGlNhQ1+UJELLcqViYzgRDnZFXm5SLLRCiKTZM+7j1vmkNR12QXN/EZ/zCHmv9FcM8uXNffcUmbJxuw9NMtb78OV0AAAAK6OeAYAUCniGQAAUGMjiWeSeUMuNRFa61FRSL/UQaYs+dQn74onUu+D6TOCP6VkoxbEM6merkVwPeU1msbcDYzH9Kpq+t4W/UYZzRXEJBuD9rdN1wgAADAaxDMAgEoRzwAAgBobTTyj6kVyxR9XIlOT7AUtAAAAqB/iGQBApYhnAABAjY0qnrGFIPmykktQhSZkMwAAADVHPAMAqBTxDAAAqLHRxTMAAABAgHgGAFAp4hkAAFBjxDMAAACoCPEMAKBSxDMAAKDGiGcAAABQEeIZAECliGcAAECNXXc8s/T1o+++39G++fputPdS7h6+E6M9Olwb2KiszX/zbn4paynoqV+lE7fPvFIzT7wXJx7W9Cx7jbOvuy8+dLc2XMvy1vvei7dN12EoarTei/dHs377fls2fmjn78nIbBw9808afSyruSfn2Xv2ejm3a2TULaryVgAAAIF4BgBQKeIZAABQY9ccz8y8+n79cdx4FTJcUWGJGNlFKcnGbNd3WY5S1HPmlenjt7ttcdTAYU2Hx29SWU5ERgWXTWJUmBHGDPttE2zst11Ck51i4+hZkAMl5cYsSQ7e29s3H9fe5iKigWSGZE59tdsSSV2Rdy4AAFAJ4hkAQKWIZwAAQI1dezwTlJg4+cBDevwm0RhorX/3ZkZvP36zY7aTjcrS14++ebOelbkU93TkIboCxusstv2ymHhY7zKzw4sNlYU096LAo1+FyvLW+0QSs/Y2S1DShqt68aak4hkTyfjbyuDz5ie8sewOn33dHXS4U/YujTQBAgAAOcQzAIBKEc8AAIAau754xl/W7DuvhkbmIrIqRRWg6PbW+nfvHn0j1xCTjX3iDTGmrk2Rg79Z16FIslH21+uPeauQFfbMeNUzfjwjBvG3w2EFcVFq2vnynZzZ1914FS8dbHhlKMLa296z92o9LrnXZBiyPEX1TK9a5lXP+PrHJAPG9CSmpFKQLTW+PMtrG4qoddV0o13DTa1gpveq61U3oSCpUoeLDupw3SEIcuRM1D1MTGnAFYkzZuPYloExEgAAKId4BgBQKeIZAABQY+OunpFJTC4U8Rv9UCTnsV46zEQjM3rltGRjVqDj5SgFPTUdF/nhUNZBRkpmkMSwtnN0eIG1grAkancJRLxrv52o/1CBR/gyG6NUvUhyzJzElFQ8M6vPLkbQH8Oj/CIYNUIzC1pS/aMkxqZZxfFM+bukBN2EjebeezFDMwgAALgS4hkAQKWIZwAAQI2NOZ5ZSq795Ucyg+MZl5qYjWRjdqI4nol7usE1E+Hoj+JYFbq8+toMkhxWdTNDicMHJDRrbxMhihDFBv7HksFDvhhFZjOJ/COndDwTT8nmK+ai/LhFjGlLWFyCoktVwo+56hkZ9niNZszCeGbYu5SoXgIAAKNCPAMAqBTxDAAAqLF6xzNyr1s9zAUkqcbHcgk1n4pPkodHkhOwjclhg4sqGtYJUoTi9ksED4Lfs1TdjHbleMb0yaIUVUyjGoM4xGQ2Ln0JQhcrzGzM3EYWzwTdAADAaBHPAAAqRTwDAABqbNyLm8lCExuQ/PxnS2sq1fATkWQ6kslKXrxQJNloBXlJUc+7j1tmO1X+Yhc08xv9YYeYv1CQHESxQb/gwU9EhI3mmsktmtmLVaLgpL/8mCmJKaXjGT9fkVGNjWfM9PzcKMiQNo72bOjiEh237TWKcUrEM+kr8m4RAAAYOeIZAECliGcAAECNjTueEVrrUfVJcbyh3gcTjeAO91OQZKMWlbP0P1xwnWWSZBpzgU08rFdVY+KfPnIJwX62DpgLFQqDBxVO6M4uonCH+6mGa/TbC8RjJiWmlI5nVOhiBuzuvdXVM1mmojMbl8p4U21v7TfVaNl8/PBGvV9HdtsbWD1TcEWJiiI9bNQIAAAuh3gGAFAp4hkAAFBj1xzPIKlctcqIZfGGdf1zGC95B3KvuomWXwMAAFdBPAMAqBTxDAAAqDHimZtB15d41R6olqrRSWQz44nKAACYVMQzAIBKEc8AAIAaI54BAABARYhnAACVIp4BAAA1RjwDAACAihDPAAAqRTwDAABqjHgGAAAAFSGeAQBUingGAADUWM3jmV
"deleted": false,
"disable_correlation": false,
"timestamp": "1566899536",
"to_ids": false,
"type": "attachment",
"uuid": "5d64fd50-ff84-44de-b5d0-4387950d210f",
"value": "Window.png"
},
{
"category": "External analysis",
"comment": "lnk",
"data": "iVBORw0KGgoAAAANSUhEUgAABVIAAAHoCAIAAAAkP4MpAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAHp6SURBVHhe7d3Lk1znmd/5XvkSdjjaER0ddlszcsttkxDNNikSoprFcrFwoSgKbF4EFRpTAFiY8FCgXZAhkGUQQsxmoAvZEepCQRtRG3pDsgAtGAIj6JjFOCqIBRazoSbmGhP2aIM1/oV53vvlPOfkyaysQuXJb8YnECfffM973vOeLGT+znsy8w/++aOPAQAAAACAQSL2AwAAAAAwWMR+AAAAAAAGi9gPAAAAAMBgEfsBAAAAABgsYj8AAIP1n87+m7985rmqEAAAzBViPwAAg0XsBwAAxH4AAAaL2A8AAIj9AAAMFrEfAAAQ+wEAGCxiPwAAIPYDADBYxH4AAEDsBwBgsIj9AACA2A8AwGAR+wEAALEfAIDBIvYDAABiPwAAg0XsBwAAxH4AAAaL2A8AAIj9AAAMFrEfAAAQ+wEAGCxiPwAAIPYDADBYxH4AAEDsBwBgsIj9AACA2A8AwGAR+wEAALEfAIDBIvYDAABiPwAAg0XsBwAAxH4AAAaL2A8AAIj9AAAMFrEfAAAQ+wEAGCxiPwAAIPYDADBYxH4AAEDsBwBgsIj9AACA2A8AwGAR+wEAALEfAIDBIvYDAABiPwAAg0XsBwAAxH4AAAaL2A8AAIj9AAAMFrEfAAAQ+wEAGCxiPwAAIPYDADBYxH4AAEDsBwBggJ7582/8j9/+y//136z/8pVTqwvL1aMAAGB+EPsBABig9068/v/+28v/3/o7/+XfvfN/XPhR9SgAAJgfxH4AAIbpv/y7t3+/vvH/vPX25WPfqR4CAADzg9gPAMAw/U/fefW/rr/zf711uSoHAABzhdgPAMBg/dd/987PvvtaVQgAAObKAYr933jq6Zdf/svvfvdlAAAwFS+fePm7olEOAACm6Pjxb/+LQ/+ySrgHxwGK/QvPLT7x1DP/9J8dAgAAAABgVrz03Zcf+TqxvwcT+7/xza9+7VEAAAAAAGYFsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xvy9iPwAAAABg5hD7+yL2AwAAAABmDrG/L2I/AAAAAGDmEPv7IvYDAAAAAGYOsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xvy9iPwAAAABg5hD7+yL2AwAAAABmDrG/L2I/AAAAAGDmEPv7IvYDAAAAAGYOsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xv68DEPsvn/j0d0cWq8LJPPPX29dunQ13l793bye7C+y1szd34u3GWv7Q6g1buH11qatwbXPn5mpWYYTlq9u2AXOLjfg+3NpYLisDAAAAw0Ls7+tgxP7PnqkLJyOx/4d/TdrBwyKRO6T9pSu3QhQ/vrG9s+lOP0mFrsLxYv/qjdBCVhI6kLW/e9l+AQAAAAcEsb+vKcb+xy5+1m/SXnL+gxMr+V0b+1c+O3Xxlaxamxdu7TSy/fL37m1/79vEfjxcRTwOGb7MzD6rq4Vjx/5ySn/56na6cMBYWj4el+2JgOoSANlc86IApQ9LV25tX8mbctTVAQAAgH1C7O9rCrF/8ZenPn1w/tMHpy5ePvLrB+d//cvHXKFbMNJl/M/8RGqakB8X3KOnZMWfXH7s4u/86i3eunHt/s75t+zF/PdvvJAKJfPbS/rvhzMC377yw/vmrlROqwOTk6A+MpPnYT4sV5nZ3VULx4j9+eX9O9lVA9mphMh/lMBE9HQJgC2UbZmSuFYolG7ETw3Y5XiraxarAwAAAPuJ2N/XlGJ/vEr/FUn+ZiZfj/3hUV/upJMCaeZf5af03d0wsV8UVhcCyF1iP6Zj6ezN7e2bq92T2+bUQLz5mfAwk5/VubGmFo4R+61qtr9lTt5G9PIqgPK6gOZVAK4w9aTu7ejVAQAAgD1H7O9rOrE/m6J/7OLvzLX6LbP9dtlcGpDN6udRvzP2nz1vJ/Ajm/ClMEz7Nz7bT+zH/irm2/018Hsy22/VF/m3z/bXpwOK0xNyS+2YcwT+VhTWJymKG7EfAAAADwGxv6+px/5nfvKgM/Z75nr+dJF/79ifEr5ayGw/HqoyePu03L9wl7G/8dl+pw7toty6Zz84EGoWc/hK7NfOLwAAAAD7idjf15Qu8s8n891yFvVXPjvvl195ZiV+ad8rR34da/aL/XWqj4Uh25uP9xP78fAUedjP9mcLbtkF+7bCXcR++0n7mM+Xrtx0jyqxv9h6kHfenAJIFaSF8noBbXUAAABgfxH7+5rSbP9nJ35tL903X+zng72dz7eFP/nMnwJYvByrZTX7x34X7ONF/iHSx4v/t8/fChf52y//8+5deSa1AExk6cqtnTQZ3kKSc3ZLle1Eurt1Fkqczm8jonUj9oushRtXV8+arK7F/mLr4asKzVkDf9u+uZl/Yj/tVyhUVgcAAAD2FbG/r6lf5A8MFN9dBwAAABwgxP6+iP1AH40L3QEAAAA8TMT+vvTY/6eP/Dd/+s8BAAAAANhndT5tQezvqy32/+Ov/ikAAAAAAPvsv/3aI3VE1RD7+yL2AwAAAAAODmL/lB2A2P/D73765dJCVQjMrNUb9vvtt99eSoV/5b9h/8Zf+ZLn386+Cv+TjeezFc3tb1bjumf+Jq01gWJDVa9KsWbb5kyFrGMAAADAniD2T9nBiP2/faouBGaSifebZ+xyCslSGNKyZPgseC/9h0+2/8OCWxbmp/bcunk7u4/9Y63esTlpquOsAQAAADAdxP4pm2Lsf2T9t/0m7SXnP/juyfyujf0nf7uy/lJWrc2R7Z2L79XZQwrfeLMoAfZdFeO/+qcLS893Ben22J+dIBg/9q/e8JcPGB2xX31I25zvZxX7Yw8rnB0AAADArhD7p2wKsX/hxsqnD85/+mBl/YdLHzw4/8GNR1yhWzDSZfxPXZeaJuTHBffoiqx4/YePrH/pV2/x5ua1+ybef+O97Wv3N4+UhZL8r93ffu2IFK6+cX/n2r2Nb8ijRzYu3ldOEwBjMlfgj4rfRW5Psqn7Ulfsj9cI9I/9Jod/sm22tbCxveNb1mO/6ZIJ7bJK1bd6c6amNCVdNdf/+zxvV5dq0nha3Ra6OqacjwMAAABgMsT+KZtS7I9X6b8kyd/M5OuxPzzqy510UiDN/KuWXrvnUr0hyb8Z5qUwzvnbiwJW81WAyS2s3vhE8nPn+SMJ29k0e8HkcJOIs5AvOmN/aG282B+m2eNaNpmHm4/ixXaryflyc0XN0H7L6v4EgS8HAAAAJkTsn7LpxP5siv6R9S/Ntfots/122VwakM3q51G/M/bbOfxMiv12wr8utPWZ58c+apntT6pLBjpjv6To8Wf7Y8089term3MQyvkFd7fcXNGlkPDNXuS3FPvbznoAAAAA/RH7p2zqsf+p6w86Y79nrudPF/n3jv3hwv5k6bV7O9e2/eXExSUA/lxAcxVgj1QxXhPCvNUV++Ms+vRjf8v5Bacj9stDIfZnq0dlOwAAAMCEiP1TNqWL/PPJfLecRf2Tvz3vl1966mT80r6Xlj6INfvFfvXL/PJzAeYUQKgg5ebyfvMtAOGkALDXJGOn6LuwccPl9reLL9jzc+NGR+xPy3sQ+2OAr5fd3bx+dld662tWq3jEfgAAAEwFsX/KpjTb/9vvfmAv3Tdf7OeDvZ3Pt4XXf+tPASz8MFbLavaP/S7Yx+v53cf47df7uZLtN7bdbH9+eX9xOQAwIffh/B6xViJxuG3+h79aff4fr575G/9dd+YWLoM3JwjSzSV8ifrxlk4HZA2am5K3gzyxx2U19hfbCjtVdil2INbcvvE38ZyFOQUQb759Yj8AAACmgtg/ZVO/yB8YqHKiHgAAAMDeIPZPGbEf6OOv+L46AAAAYF8Q+6dMj/1fe/RP/uk/AwAAAABgnxH7p6wt9gMAAAAAcGAR+/si9gMAAAAAZg6xv69pxP5n3vjN1V/dFWsn6odmwfL30q8DbH/v26bwuP3WdrndXM1r7sby1exb0idodm1z59bGclX4zF
"deleted": false,
"disable_correlation": false,
"timestamp": "1566899553",
"to_ids": false,
"type": "attachment",
"uuid": "5d64fd61-8eec-4a45-be64-47c2950d210f",
"value": "LNKFILE.png"
},
{
"category": "External analysis",
"comment": "Extract cmd file",
"data": "iVBORw0KGgoAAAANSUhEUgAAC1gAAAsACAIAAAA/DP5HAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P3Nb13pneB5xsowYCDgRSwMIzGBRlstKZzKFtOUy8WXokSRznAEY+hUqalmMpqWOrJdqkpFNccWR5EITE9hYpyIGIyboAYNpHoaE40e2KK00UCLmJ1BRCxiFoOBtgXUTOUm1vEvzHnO63POPffyUjxHvLr6sD9oXD73OS+Us4wE8ovf89qZcz8GAAAAAAAAAGAKCEEAAAAAAAAAAKaEEAQAAAAAAAAAYEoIQQAAAAAAAAAApoQQBAAAAAAAAABgSghBAAAAAAAAAACmhBAEAAAAAAAAAGBKCEEAAAAAAAAAAKaEEAQAAAAAAAAAYEoIQQAAAAAAAAAApoQQBAAAAAAAAABgSghBAAAAAAAAAACmhBAEAAAAAAAAAGBKCEEAAAAAAAAAAKaEEAQAAAAAAAAAYEoIQQAAAAAAAAAApoQQBAAAAAAAAABgSghBAAAAAAAAAACmhBAEAAAAAAAAAGBKCEEAAAAAAAAAAKaEEAQAAAAAAAAAYEoIQQAAAAAAAAAApoQQBAAAgC6dfevPL/7lLMAI5358ofFfHQAAAEBXhCAAAAB06fLl5YV/ceUnl/45QKuf/fPFt3/xTuO/OgAAAICuCEEAAADo0tLSlbf+/OKfvfkjgFb/6Zm3fv5Xbzf+qwMAAADoihAEAACALglBgNGEIAAAANArIQgAAABdEoIAowlBAAAAoFdCEAAAALokBAFGE4IAAABAr4QgAAAAdEkIAowmBAEAAIBeCUEAAADokhAEGE0IAgAAAL0SggAAANAlIQgwmhAEAAAAeiUEAQAAoEtCEGA0IQgAAAD0SggCAABAl4QgwGhCEAAAAOiVEAQAAIAuCUGA0YQgAAAA0CshCAAAAF0SggCjCUEAAACgV0IQAAAAuiQEAUYTggAAAECvhCAAAAB0SQgCjCYEAQAAgF4JQQAAAOiSEAQYTQgCAAAAvRKCAAAA0CUhCDCaEAQAAAB6JQQBAACgS0IQYDQhCAAAAPRKCAIAAECXJjoEWfzovS++3Mh8/tHZxrfP5ezO4+Ru7+1cPXIxdXXu88dzi9XK4M5sJRe95DEfBJNLCAIAAAC9EoIAAADQpUkOQWY+/XLlRnPxJEKH8el28iG5c1ljtC5WX31RhSCtO1tf8rgPgkkmBAEAAIBeCUEAAADo0mSHILVpHKWzO49bQoob94+qK7ZXvrg/k32+cX8j/9y6mFr86L3P769UE0Had7a95DEfFL5q/0thEghBAAAAoFdCEAAAALrUTQjSLBtOLD4U5oto5EZ4UBinkc7qyNZDRfHe519ufLodFkecIJPcMx3Ikd78/koWcLQuhv3ZoTDR0TBDds58+jj5nL1VeuGQnUMvT/7A5J8ueVD4E/I7JDr/J4XnJQQBAACAXglBAAAA6FInIcjZG/ff+/z+TJ5QJLZXoowjChqGrbcbGLbROjkjXkw+D7/njftpaZG3HfmRLq2L1dCRKARp3xkCjiwBqTKU8R+0+NF7VbkSPavlnxROjRAEAAAAeiUEAQAAoEsv09EwtWyiFMcfR4cgZeoR9xnNxepBUZzRurO8ebx5/Acli7Uypv73wmQQggAAAECvhCAAAAB06RUKQcK35QEuZeHRttjsM7J6o/Xy2Mh7DntQGBOSrMDkEoIAAABAr4QgAAAAdOllCkFCP1G2FD/6s8WraRSyPXYIEo3xiJqS1sVCLfhov3ynuCRZLJ4+9oOSF278jTBxhCAAAADQKyEIAAAAXeokBDm787gYm9GlgRAkEeZqDAzqaA9B0rdq3KG8PO5FWhcztRCkZefiRyufh789E/0LjP2gkI9ki7X1tpeH0yEEAQAAgF4JQQAAAOhSRxNBGsEEMD2EIAAAANArIQgAAABd6iQEmfk0OrEFmC5CEAAAAOiVEAQAAIAudTQRBJhaQhAAAADolRAEAACALglBgNGEIAAAANArIQgAAABdEoIAowlBAAAAoFdCEAAAALrUXQhyde7zLzc+/+hsubL40XtffLmRidfHkt7t0+2B9eM40Qu8dMK/2MqNxuKg2c8OPvxs6YjF23sff3P48TcH11arPby6hCAAAADQKyEIAAAAXeooBGmpEGY+HadLGCW5w0lakJO/QIsb90+apwzq5p7JfwSP5xYbi02rux9+c9gMQRqLya9f786Gz1s3v9m7mi3yKhOCAAAAQK+EIAAAAHSpmxCkLWWY+XRol3B25/F7OwOFwY37A4tjTrlIbK98MViiHB1GFJLLx9rc/ubBYIeR3PP+TPVrbvAOw+45uF78Rdsr8b/24kfvhXknY4QgS9e+Prj5qDERZGDx9l7xOXxlKAhCEAAAAOiXEAQAAIAudRGCDCQI8ZksjT7jxv1k5b2dq2d3HhdfhQjjvfQgmLDYOMMl2X/UqS5hcEiaXJQf2l+geHTyOX16/s7FVSE6yXOW9p2hNSnvWYYv6eWJZE+VrRT3TC8p37/9by9umCjzjoGdxYds//25ohEJD0run/+9o0OQ7PyXxikwbYtbN7NDYW7vfZyPBuHVJgQBAACAXglBAAAA6FIXIch26+iLtoEcyc7Ri4O3ar95pMovGoa+wI1shEa6ko/TyL6Ni5aBnamZgeNm8hQjWqlL7pm9f/xn1gzcs2Xn2bz8KP41sukptZcfev9MceBLrfloXUzc3vv4m8OPsxykXOSVJQQBAACAXglBAAAA6FI3IUhbCdHSYdTChVIRNzQ/Z+I4Y5jkqnSiRjPaaLswDNuI1tPZG5HGV807tIYg2XCOhhCIxPds/9uD5j3bdraHIMkbVmfEjPyHqg55iZqP1sXw+eNHW+nnYjRIfhNeVUIQAAAA6JUQBAAAgC690IkgzxOCtN+8VXp+SrW5NQTJ+4z4EJaqpahp7iwWB0OQxkr4M8vzaMo+o/cQJPlqeAiydTNM+IiE1KN1sapDEs1JIbyahCAAAADQKyEIAAAAXeoiBGmLIcLiYJdwde7zaH7G4tU0dxgZgty4P/LglcTVmRvlQI7aVIyWF8jvFl6jeOEh/UTLziD5S6v3L1aaf3vcZ4QoJLt/698eDNyzZWd7CBL/c1UPGq217YgXrz46vHk7X48/8+oSggAAAECvhCAAAAB0qZMQpDXXaD+ZJbQL5ZkpWUIRxx/x50Szw2ixuL3yeXXDuKhovkDykmUqEQ/tSD8Xd8gzi/ad+VfZznxDWwQTXjvf9vn9lapNGfzbUwP3HNw5JASJrq09aIQjQ5DapJD8jBhebUIQAAAA6JUQBAAAgC51E4K0jLXoQDjqZci5LcALIwQBAACAXglBAAAA6FJXIUgxBiOe53ES6UgMFQhMACEIAAAA9EoIAgAAQJe6C0GA6SQEAQAAgF4JQQAAAOiSEAQYTQgCAAAAvRKCAAAA0CUhCDCaEAQAAAB6JQQBAACgS5MSgix+9N4XX25kPv/obOPbaXN17vMvV240FgfNfnbw8TcH11aTz1s3vzn8OPNoq/z2w8+Wys2Jq4+yzW/+6PZeurn49c+Wrn1dXF4tttxzHOGthu9P37l81mH0huk71C8sN9+8XS2OMHt7a3Zg8WQabxV+HfNlTij92/euDqxPIiEIAAAA9EoIAgAAQJcmJASZ+XScMOKYbtzf+HS7uXhC3dzz6tznj+cWG4sN9d5i62YZDYTII/28uvthtuH2XtouLF37OqxHFyZXZdlH8lWt/0j3t91zDMn9GwFKLPn2uCHF1UdjthetlUb0VxyxOI74H2ocz/2g1HH+2U+TEAQAAAB6JQQBAACgS6cRgmyvfNHMPmY+PTKMKCWXj7X57M7j93Za/6/sgx1Gcs/7M9WvucE7DLvn4HrxF22vxOHI4kfvhXknY4QgjcKg9uvVR9mkja2bX+/ONn+tX3h7L41Can1DUYq03jP/tU1+kxcTgrS8z+ruh4PDS5LF9B/h6MXU6Jev/qHyf7fGtwOGPKj1HzNZHLxn8Z9FbX
"deleted": false,
"disable_correlation": false,
"timestamp": "1566905019",
"to_ids": false,
"type": "attachment",
"uuid": "5d6512bb-13cc-4741-a1fa-4290950d210f",
"value": "CMDextractfile.png"
},
{
"category": "External analysis",
"comment": "Runas capacity",
"data": "iVBORw0KGgoAAAANSUhEUgAABgAAAAdcCAIAAADit9cEAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P3PcxzXved9enfjRvTCvfHMvfbTstm+TUq8bIvEfQiTIFVCkQAfERRMkxRECoQIjOa5ak5DnGtREERxMQu5ZUsLogRGT5iKeMKKWUgFc2IYCEUo4lmMH4S14JZezzMT3nDNf2HO7zyZeTIrC8gsJuq8K17hm3Xy5MmslDrU+MT3nPODfzp0GAAAAAAAAGOMAAgAAAAAAGDMEQABAAAAAACMOQIgAAAAAACAMUcABAAAAAAAMOYIgAAAAAAAAMYcARAAAAAAAMCYIwACAAAAAAAYcwRAAAAAAAAAY44ACAAAAAAAYMwRAAEAAAAAAIw5AiAAAAAAAIAxRwAEAAAAAAAw5giAAAAAAAAAxhwBEAAAAAAAwJgjAAIAAAAAABhzBEAAAAAAAABjjgAIAAAAAABgzBEAAQAAAAAAjDkCIAAAAAAAgDFHAAQAAAAAADDmCIAAAAAAAADGHAEQAAAAAADAmCMAAgAAAAAAGHMEQIjLf3rx8ImTpzqvTgMA0CqvTneP/OLlzH+2AAAA6kIAhLgceumfL1yY/+dfTAAA0Conpl555ZVXM//ZAgAAqAsBEOJy6KV/fu38hRcOHAIAoFX+89H/8fQrncx/tgAAAOpCAIS4EAABANqJAAgAADSKAAhxIQACALQTARAAAGgUARDiQgAEAGgnAiAAANAoAiDEhQAIANBOBEAAAKBRBECICwEQAKCdCIAAAECjCIAQFwIgAEA7EQABAIBGEQAhLgRAAIB2IgACAACNIgBCXAiAAADtRAAEAAAaRQCEuBAAAQDaiQAIAAA0igAIcSEAAgC0EwEQAABoFAEQ4kIABABoJwIgAADQKAIgxKU4ADr4HwAAaMLPDub+oxNAAAQAABpFAIS4FAVAP/npz//hhZ8BAFC7H//0P2b+oxNEAAQAABpFAIS4EAABAEaMAAgAALQBARDi0uoA6PT6he/+sqD9cf3nmbO78vN/+5MY7cK/TQ9sVKZP/PFPJ04nLcU9hWznsDe/0L/ozJtJ4y9+r37j75dcCwCMMQIgAADQBgRAiEubA6Bf/D6VkuydjG9UyCJGdiFOsDE59V2S6ZT0FDKdw978wiZZ0yf++MUvzIH5mXKEmnIuAGgzAiAAANAGBECIS7sDoHCe8vN/+1OgBufNLwoKc5ylM9/pzEWX4ejjYKNyev3CH784kxT1FPcUsp017xKl6BdZ2f4AMJYIgAAAQBsQACEutQVA+UxkL/zJX/5sKXkXWX2jym10+9KZ7/504Y9y/tSAChoxpp5jJQf/4ozOYoKNsr+ez+XN6irsGeqsqoTUC1k6I36CeSpxbFoKsirdwX6t95UCQGsQAAEAgDYgAEJc6gqAfv7mFxf++MUvbPyhsowkwbFBRrCxUK5eRlyeack0iuPiMd/8Qk3gMjGNmV8WbEyKjLxMp6BnuHOKaPd/vjyWWZWOk1LdvKgr8EoBYEwQAAEAgDYgAEJc9tMUsNPrFwIFPkte6OMf56gExwU3fgCUbUxulA2Asj1Fe7CzIvrYqEu3+4/nUiH3tagsCADGDQEQAABoAwIgxCWiAEiedSGLC2tCjW/KiWY+lfUELy/oLKeJ2YQodS8/AHK/Thy7zgAw/giAAABAGxAAIS77ahFoGZQkZTKnp72FdXQH/zggVLYTbrT8mKa8p+B1VuVCpl2GQaZdjGCe3xvBziBTnQEgAgRAAACgDQiAEJfa1gBKVmWuTWjPrCV/FSF1O9ESDoDUI2VGcJf7OVGwUUsFQKU9Bb+zzKr0Qy5ktxIz7fZdJS1KcrvQ8wPAOCAAAgAAbUAAhLjUVwGUyUoAAAgjAAIAAG1AAIS41BUAJZObAAAoRQAEAADagAAIcSkKgH7805//H174GQAAtfvHFwiAAADA80cAhLi0eRFoAMBYogIIAAC0AQEQ4kIABAAYMQIgAADQBgRAiEutAZDa+srfH13ugG73twrsm15CDeV2Ui+x+1vsxi9+r++V2USs4urXbmsw//JgY6F/3bj7dOfu043uwEbl2O/77/2+k2kEgOeMAAgAALQBARDiUl8AJIOMzDbwv/j9njaGl2nLwAzo9PoFl/u8+UXFGGV3vJ/jhz7ieKibBvtXGeTY7/t3+4vyuLv23tP+r7uFjYZs2SEAAtA6BEAAAKANCIAQl9oCoDe/yIc1v/h9uDTm5//2p8CWYW9+kWsMhEpZfgBUpb8QuFFRKOOPVpTR2PbwsPk3EBynaPAi3f7OjX8tb+z8+nH/Rp8KIADtQwAEAADagAAIcakpAJo+8cd00uHPzPJjFFmkIzeM//m//cm2y5TkgprwJRsz07hE//KJXdkASD1GqlGOr54tfCM1q+uLX8izySQy25gcmMZARVL5sDKTSl8l+ueznmBjiYEBkJ78xRQwAG1EAAQAANqAAAhxqSkACucXuQogmZWEKmJcozjOjJNvSUsnTaYGpzgAKr6RMH3ij7qxsJJI51bpTCo0bDCWMl+Dtw42FkmmfRU1dtfee7x2zMZArg8AtAIBEAAAaAMCIMSltgAolYkY2QAoFYs4fvaRz0Ey6UmOG9Ofg1YYAIVvpKp1ND/KUS2h36XqmIJD2WNV6OSpMQCSQY8Kd4ob5eQvt0IQARCA1iEAAgAAbUAAhLiMtAJoNwHQoGQkGdOLiqoHQKJnMkMtEDapkp/AA/witSB0blg/jcry+5c35qXKfAobF2/ITcE8uUsA4HkiAAIAAG1AAIS41LUItBeI+I2ZPEVOrUpWSj49rTKaUIDiDLUGUBK7iHHsrWUxTnEA5Cc1MgzSPad/8aZbztmlQksnkjWe/agoNKz/AFl+//LGLDuxa3CjRQUQgDYiAAIAAG1AAIS41BUABZOa0C5gS2ZqlWIXgc4HKJoMjIJr8SRSxT5JwGQW6xF+/0XpFDB5ien5xy/O6Fjn9NIZ1+jWFXpz6UwyU8yLsYqeX9UW2f65ewnmsYONQd1+qq5HJzvBRocACEAbEQABAIA2IABCXGoLgFQRkBeL1ECGOIUTqQAA+xUBEAAAaAMCIMSlxgDIFrO4cpi9WJKFQqQ/ADCOCIAAAEAbEAAhLrUGQAAADEYABAAA2oAACHEpCoB+/NOf/x9f+BkAALX7RwIgAADQAgRAiAsVQACAEaMCCAAAtAEBEOJCAAQAGDECIAAA0AYEQIjLSAMgf2f0sv3O6/ELs2u7v0d7flv6ILc1u7+gdbBxoGO/79992v9117V0fv14525/0XUYihpt5+7jtWN++79uqD3gN7p+YwuZ50zeRref3bd+eBG/zxBe6R4FXmB37b30Lwq+ZPXD9+W/M88HARAAAGgDAiDEZdQBkMt93vyipv3Cwn7x+7+ceVMfu9xHHAx1x2D/oQaRfxPu9g/pn/3D4o3M35P/umH+7BR/Tts/R5NbyD9T/aQpKDfmyIjHM8+cPIP4Q/rGv3p9mjVe77MAr3TXVIKzI6TCHfnM6nm8X1T4kmXO1a5/H9qLAAgAALQBARDi8twCIFVQYzOaYm9+ceHfptONRbmMP1ppdhMeM18cVDpIFUP9Kbt4w/55aSSJSV7n148Df0gP/uO/bMysotHE38m5v5B1z86v+8WDu2jAe3h7i9xvr0Hr3qdQ8yvV0s8Q1Stt4n1mrvVuIf6fszkueckyRdp95hsTAiAAANAGBECIy3MNgFTmkmp0QYw8uPDHvyz8funn//YnN19Mzer64hfybDKJzDYmB6bx90tqTKd8TDXDK3WJ6J/PeoKNQdm/QgX1h+hd+2ekJv6YfO+xmjwizybJiC5GUHIpkleM4Cv6e1gbMKZPFjLIodQl9s941SiIH+X+ypUH6klMz3/tFP91Lf5+VkOlKynyv30I++V9Ck29UjU1Sb8Hdbm4KopX2sj7lER/7//Zdn79WD+GONi50Tchphiq+CXbf8+TFt1Y9sNjRAAEAADagAAIcXluawB99xdThlMcAN
"deleted": false,
"disable_correlation": false,
"timestamp": "1566905770",
"to_ids": false,
"type": "attachment",
"uuid": "5d6515aa-2b50-471a-892a-427c950d210f",
"value": "runas.png"
},
{
"category": "External analysis",
"comment": "cmd file",
"data": "iVBORw0KGgoAAAANSUhEUgAACnwAAAUGCAIAAAA+UhptAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P1Ni11XtuD93k+izi3DfSh1ClsdJRxXUSQoklKnoFxgyccgClK6FKelhk+VElIinPiAOq6CSi4VjShzyzz4EI3A53DNaT0gHiOcYNwwPg3nh/AnSO4cY76NMV/WXnvH3qGI0P/HRl5rrvm+XmJ7jtg7/h+3AAAAAAAAAAAAAADATgi6AwAAAAAAAAAAAACwI4LuAAAAAAAAAAAAAADsiKA7AAAAAAAAAAAAAAA7IugOAAAAAAAAAAAAAMCOCLoDAAAAAAAAAAAAALAjgu4AAAAAAAAAAAAAAOyIoDsAAAAAAAAAAAAAADsi6A4AAAAAAAAAAAAAwI4IugMAAAAAAAAAAAAAsKPDBd2Pz39MXp8+TGlb+/T9k5/ev592DuvOF0cnP32gr6PHH6VEIX2I6R88+zSlAQAAAAAAAAAAAABwqKD7w9PXP/54fhx3JPqet7d1aUF3acjH2qOP3ntJrB0AAAAAAAAAAAAAMHaIoLuE3F2U/fh810+7X1bQXT7m/t17d9KecYkftQcAAAAAAAAAAAAAXDcHCLoPQuwhKUfh73+dvqq9C2bffpa/xb1+6DzGvOVfTbdxcf0M+iB9zjTdfnidoDsAAAAAAAAAAAAAYHv7D7o/PH2tMXf9ivn0J93DtgbdJeydY9v6N9RLPFsi7i+/eCftFTHcnoqYPP5b3221My5PLf7O4+9qJD69vr4dDtgIfXptagIAAAAAAAAAAAAA8JbZf9A9xtzzV8zHz7inQPztZ+7vpksQPQbOV37QXALhGhFv80sQffQX2avaVlSqivikOwAAAAAAAAAAAABge4cIuscou8bcU7Q9ftLdfiF8fsVAeBMCryZB9y5/G1NvdVH5JspO0B0AAAAAAAAAAAAAsL39B931o+3577qn/6a/6d580r3ik+4AAAAAAAAAAAAAgGvoQJ90r8H2FIKXmHsMdQ9j2/oh+MnfdB8E3WP+HETXv8vuPvg+4JqWapc++F4RdAcAAAAAAAAAAAAATB3qb7pLuP3HH1+fnqb/PkxHNfhdv17exLPdl8/niPgs6B7IoZx/U8RdaWy+qT8j6A4AAAAAAAAAAAAA2N7+g+7pz7gDAAAAAAAAAAAAAHDT7T/oLlF3/VL5vHdOCB4AAAAAAAAAAAAAcCMdIOgeaNw9KeF3AAAAAAAAAAAAAABulsME3QEAAAAAAAAAAAAAeAsQdAcAAAAAAAAAAAAAYEcE3QEAAAAAAAAAAAAA2BFBdwAAAAAAAAAAAAAAdkTQHQAAAAAAAAAAAACAHRF0BwAAAAAAAAAAAABgRwTdAQAAAAAAAAAAAADYEUF3AAAAAAAAAAAAAAB2dKlB93cef/fByy/eSXsH9G9P/uc/fv9/fnnyr9O+ion6+p/PP0yJwX86i4np5Uv96+ev2vwAAAAAAAAAAAAAAEQ3L+guYfIvTz757034/MNPvnz1yb/VTY2+/91/0u3gP5214fkkFPn+fz4/+TuC7gAAAAAAAAAAAACAoZsWdP+3J//zvz8P//3rNujuyFHNJiZB93/9/JUG5p8TdAcAAAAAAAAAAAAAjB0s6H7ni6OTnz5Ir69va1oMut8O/8b0Z59qcnL7Wcn/09HjjzTt0/dPvnvvTvg3pb9/X5M3u3jQPSPoDgAAAAAAAAAAAACYOEzQXSPufYBcgu4l1u7zSMR98CH4GG7/7r07sqPFU/x+k6Wge//18vVvuuevoK8IugMAAAAAAAAAAAAAJg4SdJcIuv8Ue+S/Xv6j917mT7RLAD5F1j0Jupvgffzge9pZNA+6y19qn8Xj5e/Bt3F3gu4AAAAAAAAAAAAAgIlDBN1NNN2bBt3vfz35CHsfdF/5DfOToLtG3P/x7K/Tbk9C7PVD8IKgOwAAAAAAAAAAAABg4lp90n2arTcMukviUsS9++Z5QdAdAAAAAAAAAAAAADBxmL/pLp9cH3wkfRp01+3Z33Qv9Uz+7vtQH3QffXV8Y/jN8wTdAQAAAAAAAAAAAAAThwm6Bxp3z6/01fHzoHugcfdcJKdL0L0kDj8935IY+f/pXvrRdv0Iu09PAXgNxqdEF1z/T2clPb3++/N0CAAAAAAAAAAAAACA4GBB9/1Y/0fcAQAAAAAAAAAAAAC4bATdAQAAAAAAAAAAAADYEUF3AAAAAAAAAAAAAAB2dMWD7gAAAAAAAAAAAAAAXF0E3QEAAAAAAAAAAAAA2BFBdwAAAAAAAAAAAAAAdkTQHQAAAAAAAAAAAACAHRF0BwAAAAAAAAAAAABgRwTdAQAAAAAAAAAAAADYEUF3AAAAAAAAAAAAAAB2RNAduDoenr5+ffow7dwYN3NUAAAAAAAAAAAAgDpI0P0/PvjH//sP/1d9/e1/+4/pyGEcn//44/lx3H54+vpHa0Ww7+jB959/cnZkNpZJtgfP007n3XuvPv/k1aPbafcCPnz0JPRnTVUxZ/PaUHB5FJdDJ/z7p3fTbhaG056FMqvrpvcPf/zdP/+TvP7htzHhV/8Qt3/7cUz/5z/+Kh6QnHlbycWU5GtqzGSMlrOvoNduX4s2dMHKzW1x4W4umnTW3qKb+Im9BtH6j799+ee/nKTXL48/1sTPfpbdb77SneCrZ/GQy2wzZFrw2Wdpb9HvH//wl5df/j7tbXb7i7+P98XffPFrTfj1b/6k29P7pTAXEL8/AQAAAAAAAAAA0DhY0P3QgXbj+NzEgSQ4tGVUSEK/T07eNRvLLiPofvvkRajk3tmWVT1/Oohhj735oPtdGd2LJ6bDMuqzoxx0Dz0sh3RWJbFsLJBQ4sd/uHXro+O/+ee//81HGln/03GYRgk6SigxxxolBq8ZsknYe8EO19vEtKbtOzW1Tex7N9POStPrJsp1UiPwh+1y653H333w8ot30t4msxi5pP/y8oef76d9G3TPgXmNmp/88O2duBcdLuier/b8iyb2dhjeL8X6kwcAAAAAAAAAAPA2uv5B9yZWuUMQVOK4GmsvG8sOH67OH/XWsPQNDbrLp/Of3o3/piQlQ4gf1nfpMhVlTrYIuv/xVyay3kQZf/UP5SO/yfZB6R2ut7F503trYpfxbWuhs2sbb/JJjQfutLdV0P3Ol7+0UfNIYuc/P/7ylxwUHwbdg5C+1afVrd2D7n86vp3ujmB6v2R7vAIBAAAAAAAAAABuossOuttvnv+nB/8hpd762//9h3/8H//qP/yPv42HwnY6sJHEg2xEbq/xoRoAtsFvG66W7RIelnhwm1mE9Ccn79ajG2LGlRS5cNBdPj4e23Wf45+OIn2aPBYxrTejcL+dMJ6oBfn3GxaC7lsNvJG/Lvtvvvi1j6z/Nn29/J+Ob3cf5w32EXQPdYQEqUmtvBhjqbSzrItCS1ulcGk46IYiB7cYn62rG+T2n31e2XqbzU6xjj1Z1/ydL45Ofvogvb425/uj917m9Bxil3B7zRxf3703iKhXEnSfftL95/sff/syheRnQfdb97/JXzJvvnm+rdAckmpTqg2664fmfc2d8vXyH/8hB9qj6f0S7fWhCgAAAAAAAAAAcPNcatBdI+7/67+mvb/93zXuLtslDL/NB+W7ON7+4kMSD35x78O0Z5RwtWy42LOK3wxvo7kxUJ1ySrUp2l3D8OXl4/EXD7prxL2k2A7PRuG+v912wI1CGsqTM5soG4lPr9yTcChW64Pu7uvl/aEdjSLrqvk4rw0vJ+uuov56i1WlNNlZU1F3HS/yuc2ea04D1L7SbZpxdbXk4KqBOaHUijJtJ8s4/IAW+5d9+v7JT+/nGLWhEfdnn8ad289q3D3Y7uvlY9S8j5THoLscjYHwxaC7+6y8fPbdB937lKgE3TXiXv88vJ4dz5/1/JUPneZ+0RlvrL1+AAAAAAAAAAAA3h4HC7rnj7PL6z//rSbLB9nNp9ttcN0G4G/d+vX/MrH5RX0Urw0T7R4i0uh4H1NP4eqT2dFJ0N1E08
"deleted": false,
"disable_correlation": false,
"timestamp": "1566908780",
"to_ids": false,
"type": "attachment",
"uuid": "5d65216c-c7a8-46b4-9146-4e1f950d210f",
"value": "CMDdetails.png"
},
{
"category": "External analysis",
"comment": "vbs file",
"data": "iVBORw0KGgoAAAANSUhEUgAABAsAAABgCAIAAAD0JGxqAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAADLYSURBVHhe7Z07bxzZscfvJ1HmbLP1Jkpsw4kYKN1geX0FCA6knMEaYLAUZIDGKlk4NAPBAWEIYCAYBpgLWCwcCAoWm6w+hD6BcKvqvKrq1OnpnukZitT/hwbVfR51nlVdNd2j+Z97AAAAAAAAAFBAhAAAAAAAAABoIEIAAAAAAAAANBAhAAAAAAAAABqIEAAAAAAAAAANRAgAAAAAAACABiIEAAAAAAAAQAMRAgAAAAAAAKCBCAEAAAAAAADQQIQAAAAAAAAAaCBCAAAAAAAAADQQIQCg+d+XP/308n/zBbjlPH/98+vn+RwAAAAAc9kpQvji9JevL8px+tecuhIPrz9eXL/KF4nzXy/e/fhVvtiery4/WDnfPXn38eL9hyeP8vW2JDnp+PWhSnxx+V2+Cnn044v3m8pszx8u3716/z4d35/nxJsl7BInvrv8Q74KefSXd+83ldkJCg9+ti7lFxfPvn377ME37eTevS8fvPnh6cWXqUCCc6+O8sUO3L/6YaYcLvn2h+OzfLkdSQgfbx5/kdMaasj7Yp0mzk7yVNSTCq8oIj4AAABgIVtHCH/67Ytfvn7xz9/ky5n89XcXv/yu+M7THC5CIAf93Y9Prnf00SU8KB3mzucg4WYjBPHF3/2lxD6Prq93DYMC2HG/uJwrWLpUunF+XYOEA0UI3OJgEiJvUlzYk/vq5NOIEI6O3548WKlR7vw+I4SJQa3TBAcGIqSeKPqoDwAAAAAb2DpCWODrKxbUYj/+IBECXbJ3vqNwqt6eGxCvTt9/PGXPd0aEsDceXV4c4rnBogjh/HvbpUfX719d8/WMCGENxhHC89eRJ8lOpwQG9URc3huOEKgzVOybx09Ll3ZhFCGsxeywZ1t4HiQwqCcGPEcAAAAAFrJThDB8hvDw3/XtoxIPSHl3TL6YVP34FiqQF15iBk7M7/No/5v88g9PHtW3ffSLQzVRjhYMcDq78vxBfiufGm2t1PIpkOB4IInKUUH/xKOkpAjhVW299lYPQaevx4TPTX45+fTycT6/6qP9+5qoHz4w8nl/PsSnT7FBS0xHa1Hl1sTeQS8pqbePauu1isQ5OVGnM1ETGQ5FSi0ZiO5/OVSsQgHCXDeyurw1VCAnu8YMnJte3dFvvGRv/ug4Z2nPvibKMcOZLu1yxdpEilLkU3mRU53+1DT/TU14HzqIEDgcigunRyglV7/So0fRQqla0mVNNNGG8FZFYn4UC0IjhAgAAADAMnb4HsJX/zxKjr6LEzg8+O9vk0MtZdRDgyVPHsqH+vWNnRoqiG9dP7DnT+uLe83n1dvmYtmzl/BARxfV4+fAIHgdKLvvuYpqIsUGnVjqpHPxdYRAVeR5Qqref+HBND1EXpewTLs9/PG895sznEUucsplFzwHAxIe6FeAapBw/n2OClJ57VuHzxDEdy9VWk9IpuuSjhCoS7kK+/f9c4kURZTqgyaYuDpTmvPETxBiki+efWXxrWuowD6xcc2LD11c23TJxXIkwI61iS42RwhUJXvVunx2rHuxuWnltdt4IIgQElzRue8y5KiH96+qy+7LTA2qa0JGUUWNRjHsRgyrDl40AgAAAGaz0zeVmRInHD35U0r44rSdE/xt5vasYIsI4dWpfEmAPOwSIXh/Wnn8OloQCcn7b2EAoyOEIrOc6/RyTrRiVWYid3JDhKCy+DJHC415EcJiNkQI1p8Wj5997k2uP+HSo2IcRShHvAYh0xGCyuLLGpMUTJlRE50owyBCWPQxc44QyGe9evzgDTu45ASLI8serfpYXTnH4uCaz/uTU352or3zKWe6oqvwJ/HZn3aOfu4k4bxwvqwuOOMqNlxFQjU3gRO4JEJg17/GS0QTZUsO+xyChwgAAADAInaOEBLtuYF8gzk9W6jHdhFCcuvpr7ztQw50+pvCAONkN6+9y0pYt155/9Y1V8WCCCFd9hGCXJZ4oFFihiBCUJeJeRHC4mcIE44yRwid/03DUW/m5KO6/lwlSqecIEJgR9yUV6/6WAe9xAxBhNB13iSOmhiOTlgjQsg++tkJ+bLk/pLfn/72LvXIwa0scKYLpowS60QNm57opGN+SYKDh/T+jxwzB+Wb8CFWi0lsyame9CBCAAAAABaxUoSgXH/3DMGyOEJ4cvmBPX46b//dkPenlTe/MELgJvLXAOqRqrsIoQUAI1Eucmg9cb0NezgvQlgOe8P1NSHDwId2zxAa7Jo3x3r5M4RGfV6RqT1xIUHYQ1Nm2EQcXWQGEcKit4xShPDgShxWOucnCcmvnX6GYLzthPN0Z0QI3ITxxct7OENRrunqcxfmRwh93QyXbANfMCjfxP6eIeAtIwAAAGA260QIv3ny368v/p1v1/p7CB55wjDzlxOy+57e2mcf2rjv1R2XYsXnHkQIKl3q5i8SuDCAqJGAydJNmEiAxRbPns/rYwSWk6sb79/0vLGvCEF8d+0Q1//tdPQpu40EGly++NxSxoQEOrcgTUdNcOHahIphOu8/iFWs6z9sIlX3QUtiIHlZiMCOMrnmyVdOLnt2Xtkbrp4rFytObe9tJ1Q61yVR2pkWz9s45WP/3jjNUjG77Kbp4A3+obcd9FkG27v7fqTmGQLLD+MKomvCFB6OYtznCDxCAAAAAJaxbYRQv6acjxIeJNT/ZUSHeWigK24IFcTnLm46+9zK+0+X6VAhwShCSJ69lCeBdC5iSYj3y0sAkAOJfKjvFlc5cti2pMPpUG8c6a62qMOwtwiBEY88H9UzHkUIRAoAylEfQagXkK7Pqbr1v1Wu8+CDdN0lFY2Yt4biRx82QiCGTaRIIJSmB6hDhQUhQnKCs6MsPrdzwdmt14mBK1wRn1jKp/+JaDJC8AWIIrnJ4cM1XdP1J/T944jcUI5V1KEejJhaNV1VOblPAYNx3/WcbG5CZ7V27QQuiRAQIAAAAAALWesto7tG/3ghY54hrMVeI4S7RBchrAp7krf4ZZSh0zwOTj4HEB8AAAAAi0GEEHOACOHhZZHPMvv/AhVkzi/1c4z43aGVuNUxAiKEAMQHAAAAwBYgQog5xDOE9j1phAeTtFeJ9hoeJMilvKUeJSKEnuev8Q1lAAAAYDmIEAAAAAAAAAANRAgAAAAAAACABiIEAAAAAAAAQAMRAgAAAAAAAKCBCAEAAAAAAADQQIQAAAAAAAAAaCBCAAAAAAAAADQQIQCgub2/h3BnwBIAAAAAN8xOEcIXp798fVGO07/m1JV4eP3x4vpVvkic/xr/itnOcFsr/A7ad0/epV9A09I48cXld/kqRH46bUOZ7fnD5bv0c2N0fH+eE2+WsEuc+O7yD/kqRH46bUOZneh/U5l/hkx+bqye3Lv35YM3Pzy9+DIVSHDu1VE7f/tDPsKfMFsAt7WzkAlEfultHdT9qx/qcOah5NiKLCql+1EcHefC9aTy/PXt/WlrAAAA4A6wdYTwp9+++OXrF//8Tb6cyV9/d/HL7+Z54p9whPDq9P3HU+9rS3hQOqwE3myEIL74u7+UXyJ+dH29hx8lZsd9/q8dS5dKN86va5BwoAiBWxxMAscH/sNrcfdP7quT6QhBHOJUbBUWRgjLfj65d80zyyOEzKgiz08UIcg01hMFxwh4kAAAAADcEFtHCAt8fcWCWl9dfjhYhLCQKEKgvpkYo5aZESHsjUeXF4d4brAoQjj/3nbp0fX7V9d8PSNCWINxhBB/cH12kj3+eiJ+8CBCCIKHg7IoQhgXPkiEUOcqnjQ8RwAAAABujJ0ihOEzhIf/rm8flXhAyrtj8sUkjhAkHmihAnnhNWZgj7y80mPDBvn8Ph/VNadEOmdRNr2muGcIqdGWm5tgv7+UL4d0qX/iUVJShPCKnzBI+ahpk74eEz43+eXk08vH+fyqj/bva6J++MDI5/35EJ8+f6hfE9PRWlS5NbF30EtK6u2j2nqtInFOTtTpTNREhkORUksGovtfDhWrkE
"deleted": false,
"disable_correlation": false,
"timestamp": "1566908833",
"to_ids": false,
"type": "attachment",
"uuid": "5d6521a1-7c5c-4f23-ac50-486c950d210f",
"value": "VBS.png"
},
{
"category": "External analysis",
"comment": "powershell file",
"data": "iVBORw0KGgoAAAANSUhEUgAAA5EAAAGWCAIAAABuKpB5AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAHKrSURBVHhe7b1NiyVHuqA5v0SrqaFhBM1Q0mK0URV3BioXuZuuAaVUCeIuQtBLLSQ6FkqRGvJS2YuioGm4scgWTHBJyBkSURDMakCMSLQQsRC1yfwR+QuKsfe1r/c1N/Nz3OOcCI/I58HJdDe3bzN3f8KOR5z/7j0AAAC403z44Yf/9b/+1//8n/9zOga4heCsAAAAdxycFe4AOCsAAAAAbB2cFQAAAAC2Ds4KAAAAAFsHZwUAAACArYOzAgAAAMDWwVkBAAAAYOvgrAAAAACwdXBWAAAAANg66531/sU/Tp+k/dvIp89e/Zp49ezTFAgT6CcAAAC4edY4a7DVszd5u/zpQwn75uTyH0/Pv9Hzwofnb/OpjSIuNpWwD7+/d/b3P5rt4/vpzDrePw2Z/PB+OrrF9Ltrfx6//PXXl4/TQaA9vjqSo80zHCPZAAAAd4Wlzipuenbx/L33np++eXvyMIXeLWf9+YPD1fsWOatU9fS7dDDhdjjrq1evSqY4KwAAwB1iobM+/Onpm/hKQHDW12YJEme99dwFZ3357NmrXEucFQAA4A6xdJ01qKq+DxDk1SnprLOq6ebXCVrT9e8YCJL24vl7T16nU7Kse3iWOev9H/749PvfhH/jOwNhX4N/c/KzX0b97uOzv987+Szs6an4goFfZ5UiQojEbM+W/MNW9THEDFUq8XP1tEofyDpuKPG7D57KTn2TwWTlAnut0MXgZmvXhrvdJYFd9RR/9NFnnVWjJyapEjWxlBqOyrl0JuYYTqYcwnHNK9Y0kkM1wjPN5dWzxzFCLaVbNAAAANwQy99nLQK6r7OK5vZ+W0uFNfuovCObM5S0UkS021HyivWRhBOfPpJqGq19n9UIYjhMklfFNO57U/S2Nw3JRcRUdXVTYhZd/kwcNGlrtNV0SuLHamiVQjWiHIfc+llpcamGmqTXCmHFOmvs+Y7SqfC56NEo00GgHvcHIiBR8gktKaWPpebDklHeefwyJgrHNfXLUkDNVfZkt7SiZGUi+aIBAADghljzO1iBrJVFOnc4a2etVNzXrLnKYXpBVjMvp9qcD0VflWbWWY16Wr1r9q0FCj6hYCUyLseqRLbKWBMOtDjvlBxkR3NoqlFzHrci0FbA0++u/ak+GKnH6oSdrEMMG9okKHmVipUIYUf+b9IXbDzdKTnITj7TLxoAAABuiJXOev9CPVI/vtdF0BlnDai26lbjlI/+62ac1S3i7kAdxtOVFU8xFcdyZ9UkRS4naX1CoV+ELKw6363RljqrrtHqUm7dNuysATOCvbBCPDmoSs0x7IWd8G+J1Wam8XKCkp/s5ICWmDMAAADcEOudNf8m1thZ+2ur+YP+Zp3VsNRZ19E3nxXOqo4oThniTJ3PJxQGRbTKWBNedZ214itz08468M4c3I8RGFTFlBBivHxc09tcTby8U/KTnXymXzQAAADcEOucNRiqrInqh/i9D/Stmzrsy6miud3fr7ptzqpnT78LgdUsCz6hMFdECbcvmy52Vp+VwVemaYUkb6pq6HaXBHaXIEUHm+hOHN2BwZWyV6SKRM9VCVFevsziqbXMZ7RmxUx1p+QnOzHeqGgAAAC4IRY6q8qo+TTfLZTa7xqowuqT+DdTVVvL2eypN+2s7lP1JIuzthe1MopjZvoBfZbIkbMma0zxzULpcmdNZ0vRe7bC1rmV1253qQ0WHTSoGbbRY+yIORctMuMz657rj1xR0IirgSk5/oUAjZcTlPxkp+QwVy0AAAC4blatswYNPb5THpuB+UAfugsAAABukFXO+uT1NayDHhskbBF0FwAAANwgK38H6w4gEpbAxWagnwAAAODmeXedFQAAAABuCzgrAAAAAGwdnBUAAAAAtg7OCgAAAABbB2cFAAAAgK2DswIAAADA1sFZAQAAAGDrrHfW+xfmC1rvEvxB0v2gnwAAAODaWOOswVbP3uQtfSHWNyeXZT/w/DSfipGr3W7/O7T63/gkX/pfvr4/bPdOPktn1iFf/f/3j++no1tMv7v2Rr/Wv3ybf/TglV/uL1nNJNW8r2bXWllTRjhG1wEAAK6Fpc6qbnrxXK307cnDFJrCS8jDn55aZ718+1SSKLfZWQ+pmLfHWX9z8vMfn37/m3Q04RDOWjSwlcJFXI+zvnr1qhSCswIAAFwXC51VZVQXTYOzvjbGJQp7evH26fk34eDD87en5yGmRBBnvfjp5DLrLM562ziqs0rqly9fJtd8/PLVs2erPXCHsx4ALeHZs1e5gjgrAADAdbF0nTV/6B/k1amnKmwIlPXUb04udb866/NgsVFnvbPG1dm4Oak90TcKnp4/jxHcqwUp/tHepl3mrCH85w8+LG8OhH0NlmXUvC989sHTv//x9DvZ/fD7e/kFA59hzEpj2qyEkn/Yfng/BUrMj++X+CU3zedE1nGDa74fjDPsxKIDpnTzekO/FWKrOXLebK2UXndJWNcfRfpc7BAzHIqrhjD9z3qgRk/43GIJiXRKjfJxSWOKqfmYwJjJy8c1K1eEKbuExxJindNxzdBWKYdqhGDhGvQ4Rqil9IoAAACALsvfZ42f+4dt6qzFVoO5emeVCDG+cdYPz1+Xtwv0FYIcQWz1m6C5UUxzDvGUe/1gh7Y6sYk4Z+kjqabRrDXKZgSxmtz7p6KJuiQpKlmlUEyxsT1JOHFWyTmmMqubEl6yUo+M2ppsNWZiwjWfkDbqabBVEWg9pSG25jnbWPS0FcKKddbY8R0PU0uzsUNMOUy2GndzhMcvSw6a4eCoEBWwJJ4M9qSmsZopJ5epTW1OSLDsJceW4xrrZcm6ppY92Y0lhaQ5BxupKRsAAAA6rPkdrEAUStmiTWZDlfXUy7eikq2zyo6EG2d1iI9K/LIjRWhM2ck5pMVapbrsYRGByDJREavzihnx4cUOverJflnpTEwztBJpsjJ5KiXhSItzhBIiO5JDUw1Tw2ErAiucdX+y9QULDMS9Xna2lOp9Hh8+jTWpqQ8wR00dSlZ2R/5v4hUmCUrespPPdIsAAACALiudNemjrolaQ/U7siZazTJEDjvWWSVO+qBft3lntS8S5G3eWUUQGrqK4fEmk5kqZmTG9sKpKJHxQ/wYWJhm2C9iooxFVRc7qyyg6lJu3bbirG4n25vsGlIpwwK99/kjYZLQB9Qj2WvJopnyDHthJ/xb0reJXIKSt+zkgJaYMwAAAPRY76z6uby83uqctSK/leWcNb45UJ1V0tZ106yqY2fNonxsil84+kI5b3vBEcUpgzJ2nG+a4aCIo62zGuZacT3OWnBWVzTOllLN0ePDp7EmNfUB5mhaq4jJM8TWd2drCpOkxMs7JW/ZyWe6RQAAAECXdc4a7FN8VGwyvmC6l7NK/NOL7Ky6yKriGxB/3emsekqLOyreZDIDoZy1vWir75/8XM2yMs1wroiSwx6vzOZ8Js6qO8tbIYcx5x697pKw1hgVcTgXe6pu2eokaj4V8ysRNZdp7hJcQ/2RMKmpD7BHtnCDzTNElz94EGNpBfMZrV48yglK3rIT4w2KAAAAgC4LnbX7aX6grJJWOs6a3DSts0bljfm8PXmSrXfGWdPZUnpR3oNi3aUiVmc/Vc+yOGt7qpU+RJct98nKoq6Z4tclz+XOmqLtKrpthX2pYCKvve5ShSsOZ1CdM7E7ib3VJeySpmLOlYIkrJZpjlxkJZ7wpTd18YlqjXwJJUVsshL/QoDGywlK3rV16WylZgwAAAATVq2zBnPN3nkHadwF5qG7AAAA4PisctYng9/9vxsgYYuguwAAAOD4rPwdrLuMSFgCF5uBfgIAAIBrA2cFAAAAgK2DswIAAADA1sFZAQAAAGDr4KwAAAAAsHVwVgAAAADYOjgrAAAAAGwdnBUAAAAAts56Z71/cZyvTgWAO8Pd/s48AAC4RtY4a7DV+qX/V3gg1Xyu/FR79OVXv/zlwSOzo3z04i9fvbiXDm
"deleted": false,
"disable_correlation": false,
"timestamp": "1566909327",
"to_ids": false,
"type": "attachment",
"uuid": "5d65238f-d530-4a38-bb36-43bf950d210f",
"value": "powershell.png"
},
{
"category": "External analysis",
"comment": "Obfuscate strings",
"data": "iVBORw0KGgoAAAANSUhEUgAAAbYAAAXpCAIAAACV/KoWAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7L09zyXJdee5n0TO7gIazECWNJ4kjKUZQO2MsGtxVwYhdGOhTzBbAGnUACWyRX8BGYUh2UZbfNA0GjTWLFTTKiyIdVp016aAsYU950TEeYuIzMj73Lx1n7r/HxLd8Xri9fxvZD03b/4PfwQAAGACJBIAAKZAIgEAYAokEgAApkAiAQBgCiQSAACmQCIBAGAKJBIAAKZAIgEAYAokEgAApkAiAQBgCiQSAACmQCIBAGAKJBIAAKZAIgEAYAokEgAApuxK5P/2p1/+v//rP+n1zb+r6X/0R3/23/6TpfP1l59x8r975YuV6q7WjD/70//9//pf/o9y/Zd/WxM/Lf7sv7QB/l9/8Wc17WT++i922nLT/r9//j/VxIfjf/oP/6BLo9d//A+XLZKb0v/81zUNvFyWJPI/ffG/lQjL35f/7X8uEZbI3/5pt41EIqtc/tEf/de/TMI6RHaVuehf/8V97K1/+5+vt8v/zef/8XbKqOxIJA/woygjz8Y//Om/qbH74Yorfs3NAz4ixyTyjz77xvRuLJFc/i9fffO/vvqvHPvsm//0xX/7y5GSOuQz/B5Pjtfc5XyEvP0YtyWSP5kuPSs9j9Ml8o///X//q3//8xpZBxIJMockUu6ai/YRU4mkxP/6l3LY/HevJLwtkZuOKoevetvSzjssqf/583I78xd/xirwvxR/48L/5U/LTdN//mveo/52aXifK1X+rbVSVazUjZcJXLgvW3SDsUSWzmf7XJgGq71aOeiNJqpJpLUS5XIw8zw0q54K+N5GgXNz63vrJ6ra8f1MWYxr4pn68n/+yV/897/6i//7f6zRNYa65jeDn8DB6ByQyE+Eg/8WqfpI5H+LLDpYJLKJIwvlnkSyV/Q7jBF30k3Je07cr2xNSpe9S77aPLm4H+1L8VhKMYfnlObV3mz12CJPbMdv6/EuH4vdFO9g9aoiEgYug2pmq+KUDm9+hBQmE9UUpw7cmqijDlepbjPG+Kbn3fBz6/k3n/+Flk9luAN9FT8heS0ugs+Sf/X//cm6TPYr7iYzzHNYr9EeHm8e8OI4cIrkf2TMEtlrXxNEusX+8rdS8WKJjO5qfqXpugspwBbU8VTFKNBK+iZs+0ZfTS2Od7nol+rRKtolJafwPFSznGW9GnfDMZuoYJOhqJmlZnrVi6ayRIZWKnPpDMSexGmvtMWq9DN2Cf/jn/x/f/VX//3f/3GN7tBNdZpALZBHnZdgYdXAy+DIjTZrYvqL9lwiQ0D/ejNi6mOz/XpcIsW907mpWL5AIgm2X+x0fj6jc/jOqdw8HFSH2UR1Hp6ig5mfSyThptGayyLiyNNuxUYSyU27wnLtTkJoYriL/vj/IYlcvePOM9n1s81PN+puyaabB7wsjv25hg6SGt6TSIUtbEmkbKYgFpUsIm2/arruQgpsSmQr0HOZRDbEq9e0rFe9nOK8ri+8yWyisn5lhz8qkQqbbemzMmlZt3sitMW6Hs+/0c5S2ArkUeclWNg84GVwTCIX/qJ9gUSKw/j91L70I+ltg8p5QdJ1O+oupADvV3U8lRj1Ok7pfJKIvpo2Oke3pWpdywYlvdDIWLTpdbOFyUQlDw9NMCN1c01z+fHRLFSUWern1nejmnJaE8beGCZeypX+XNOtSx1p2Bth/iu9KfAiOSiREq3/IskS6f9cIzo40M19iWTYPdodk1MH3pQtvW24SySyhNWUbuhNiaQ67Oe1Su2V+IYm9tIwQbvkEdeqpny7w8Lb+NGZZ/r+9x47kkhXhbLqxDJ+gbKpMCc6EDe6//gf/prMBhFxHXZ92GrlCFf80o+fw7DcXLh11Ybm17RcYUeBl8auRAIAwOMCiQQAgCmQSAAAmAKJBACAKZBIAACYAokEAIApkEgAAJgCiQQAgCmQSAAAmAKJBACAKZBIAACYchcS+dm3//pP335dIyv87bsv//kPX/xtja3ATfyzv77femr89dPvfvf+7Q9qTPjB2/cuiQtUamLM93EOOZ5elwJXZN72lNSpNgw3LmOzxzqxr96UhK9f1fCPv/jwr19+9eOSusSb73fWJcNNuDX913/68I6flWY7Em2bKm+w1095uvIgeSI0qV/tmE9o/PzVBrflJInc+43IyA0ksvBnX/2hetEOvOODyDjVESewzB+8feKwKyBYPOR0hq/BvO09sqc3Vi3wQrCo6cTSUjZZvIFEVuL+4XZZo3WTkNm26DReHlaRSBpkGSOPNk6DzYvk2VTU1e4mTuNh5jjV6oIXCSRyTNrctvF7dyoE1yBiDcvJvnUN5m3vMevNqgUvkbSCTozuQyLJGp1qw1bhoRVsgJLm5iEI3nCC8sSFGueuNrgtSxJZ3vtaLvfDaLQ3v9H0JogsjppYL/86hxF+i3O43bUVx+P/xvumIJEcbndYBb3PSulHJDJtboqVfT/VjpxhcZ/DYTVbjHJDhexLY/8SE42SPW+7RpS1JnqLc8p6/RMvRxIjL5EcljI1/OpNSeGr3aFHiSyL6D44W0N8JeWNEmkbgIpRVips8+EGHsfLMcmcT0OeOI37KtJUK1WMSpKwNr3go7Mvkf/zF7+1d2d7WB/bT0PKb0e6Y+OFp0gOOAmr4lh2v0hhdSeVSJ9YYPfwjhroJdIESql72juBhTk03NzZmyxuXsE0k0Rpu1aSUi6T8D2oDEoRsYVCNTuw4ZllW++X6cRIJVLU0CSsiqN9CgZZlHC3iGljJHT/ZMhOt9w8rHKjXSOCH7CFeXq0SCBPnMbjWrgiNaOmzC2DO2NNIge/Lh5f0pBf/nWBRL5jz4kbOiqaulyTyK/4sBD00ZcZceAU6b3A+YPb2hwUJJ5FxeLR45zT9FFvoMsn+hRh3rbUGFWpTAx2FnfpxKitxbtX8TCY10g/7QiRyC9YNOOHnC8zYiKR+RbbiH+uEUbrJdPjJ5Ip8TxxGrfaqUiaUo7O1wXcD0s32qKS5a5ZX+8lPz+ut9Lleo5Eyp1R1LttiZQq2S31z6ljjpwibY/7vZ42umRKPGdY3OVEv0g+1KJcqGPYRiOnxzjbLfR1UxeUYUtmiAi1ihjxAsk6llOhRpNObUukVEl6J9K5sZuGEkmJ1IqcUtnmxq4otCH7oXfTQFNQ4nniNO6qcNDKJFudaXCnHPtzDR8V2013OkVGLrrRFuHzW3nnFPm3UjFIXnS/jkOnSNnFtMejN3DMb+3mNHnLm3+EnFa8hucuRMR8pk8RRm1HUwyn5toTgxMLE4oY6UGyRnUtWOC8Sm5LJEkhFwiS58uMqPvHUzvTDpKtb1vwXLx/+zqMvKTZPFC8RPPEaUaYOU0l0pRmA+BeOSaR4d8l/b9FZtwrbhawLc5OYiq5K5El0e9+OTVM3emYRBZR6Y5MvLktJfiGJvtI9A3nGsFLOOI8iAn5BU7KaZ33dfHKxF5njphYGKHq0wJZIvOi7EokwXcDTvXyKic6idRb7CMSWSaXCAOPM06xmsvpWtBFpqsdMjgynHhwd+xLpP9ztrvRFtxftOkKx0b/8q8jf9EWd6rRBYkkxJ0s2iyUq1XnJjSRr60bN0V28mAvi98owVMaVifJjXlHtNI7jPMvR6hVslMLLl4HUMm98Pj6vcUZYSFEyGxugxSW+U/SyYwlsqT7ZVLjaicn8sXLHezrZti90SbK1Hbjjuuk2X4KrU6aOSkkqxRnfGVywV1w7BQJrslYAsGnyeqnDrgzIJEfD0jkIwGJfKFAIj8ekMhHAhL5QoFEAgDAFEgkAABMgUQCAMAUSCQAAEyBRAIAwBRIJAAATIFEAgDAFEgkAABMuWeJjA/z5ke2hwwf2i0P/8Z0usIPH3Qc/6bv4W+Cx6d2ic32pHSyH5r05mpi7pLFOWQ84yvN+vB7ewiaH5lfeSB6nfwrFe5R7vzofSmmy91qZQsALHOSRB77MbQJF0hkZeYS6xZuIZGV1Xq9RrqaInmW+fpJwtm0xX
"deleted": false,
"disable_correlation": false,
"timestamp": "1566909379",
"to_ids": false,
"type": "attachment",
"uuid": "5d6523c3-5388-42d5-bfd6-4f07950d210f",
"value": "obstool.png"
},
{
"category": "External analysis",
"comment": "FTP Capacity",
"data": "iVBORw0KGgoAAAANSUhEUgAABJMAAAp5CAIAAACm8ahqAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P3vjx33neD7zbObBRYXc4GLScaevbI59tKSRjumaJsWWzLNJinZItWW5Z6WOGxK7F1c29qlGY1p/fAIN4uEs772IMNuUUHWPcGF5wYZs2UBIdqDayABYjBWAj1YIOACNwGCBLjzIHqQBwH/hXw+3/r+rPpWnfr2qe4+Vf0+eGFwWKdOndNH1Kjf/tSp7+99/guPAwAAAAAWGeUGAAAAAIuOcgMAAACARUe5AQAAAMCio9wAAAAAYNFRbgAAAACw6Cg3AAAAAFh0lBsAAAAALDrKDQAAAAAWHeUGAAAAAIuOcgP24guPPfHYn/wLAADG6/hjf1L7rxuARUa5AcX++aN/8s3nL55/9hsAAIzUN7558Wtnvl77DxyARUa5AcW+8JiU26VHjn0BAICReuxPTpxdPl/7DxyARUa5AcUoNwDA2FFuwOhQbkAxyg0AMHaUGzA6lBtQjHIDAIwd5QaMDuUGFKPcAABjR7kBo0O5AcUoNwDA2FFuwOhQbkAxyg0AMHaUGzA6lBtQjHIDAIwd5QaMDuUGFKPcAABjR7kBo0O5AcUoNwDA2FFuwOhQbkAxyg0AMHaUGzA6lBtQjHIDAIwd5QaMDuUGFKPcAABjR7kBo0O5AcXayu2ffebzn/7M5wAAOFy1/zxlUW7A6FBuQLG2cvujz3zuDx/5LAAAh+jTn/nj2n+esig3YHQoN6AY5QYAWFiUGzBVlBtQbNByO/vUL3639ou3P+e3PPP2pd/8bq0Sb5/NHOqnVxvbW+z9hdrtwzGX3/zBJ/fftXa+vRweWt65/4OfnvF/VN/dNLttLs/cCABTRbkBU0W5AcWGKzdtrXMvJxv/9Kf1LUXk6T3jbc4Xysof8+X3CnqyQbpr50pt45M/3alaLi433VjtqbHnGk+e/vGbT1YbqzsAMG2UGzBVlBtQbLByyyXNn/70V089k2ypfO6NX11642xtoxyhsTFTg1lzv1BG9pj5Axqfe+O97HuIfXezPlhzJNXaHlreuf/ad5M75n4ysgOAaaLcgKmi3IBiA5WbJFbaOfGphr+J6ksC7ze/k/iRBHLbr577za8umXMjdWPtvETZv/tMxaFeKJY/pjw9bAyZ6na+9MbV+smiDVJuO5t6wmRjYlZabrK/vw8Ak0W5AVNFuQHFBio3qZr3/rS+sTm20nZqDKbijXK/dpzmlowhXqguO3PLnEKp5eYP1T0k1HMg/emO6ffc2spNn+JPsAwnW155LT27EgCmiXIDpopyA4oNVm65WVM9fiRyMrvFEdUMqsY0L2eIF6orKLfotTpOp0zVUi1bbqH04i3mCiXfbp/RAcB0UG7AVFFuQLEDnbntJajyR65ZnHKTHQYqN420xuVMvPjMSQCYLMoNmCrKDSg2ULnlkiYTP3oyYQibZ86a4OkMqpnfczMGeKGGtnKrh5mUW3ISZuZZ3nffdGdInvn2x0l61cut++qRXFsSwBFBuQFTRbkBxYYqt2xi5eJH2iZc58PEnmxpC6rur40Fc76QuYpJ/QjZcqsufGK4R3Xm9t65X9gX6hq4nfn2zk5Yzy2dp9XKbXnH7WZUD+kUzm7hwpIAjgbKDZgqyg0oNli5ZedR89GgmmPxtAOSPzMTADAAyg2YKsoNKDZguVUjsrVZZyH2c1UnZoufbYJyA4B9Q7kBU0W5AcVay+2zn//UI38MAMAhotyAqaLcgGKDztwAABgS5QZMFeUGFKPcAAALi3IDpopyA4odQrnpZfTtlRj7XPG/l/04pjKXc4wv5KhX8+9YZm0me33I2jX9v7tprhi5uRxvXED2fYYPZHnHXvdyDnN9pOP+PHP4SOeU+QCX39RrukY/0aF/yGKCn7MhP5ffnt3H/OAlPyDlBkwV5QYUO/hyy678Nqf8MV9+b75rnOhvGHP8ZvbZP7zyWu0XlO9u2t9j5Pcz9xtbeBX9/XLm5f4bxzwwYRG58B7kN7MDXBB8Wp9nCz7SPTNJINmT1oK+Z/N+op/oYD9kcQQ+54q+87C99XOWn7r/m6fcgKmi3IBih1FuuXXSzBoAmUUFXn6vz0oD2WPmD6jb38u+gbrSX4yuvOZ+A7Pkl5jaluDMtz/O/GY2+xfKrmPWtR1NfvFq/Gpb7Xnm2zvtB/e/a0Zv3r1E42cfwGg/T9HzI62k74GPVOzxr6hRe270EvJvtL1/oB+yOAKfs6E/y2s7YXvH5yxP7/u/i1FuwFRRbkCxAy23+JxGuzq2YZa3lsoyK2L7VbN/dekXujCAbuw4ATJ/TLOogFdN3tyel964qqsXzDipMvN7ifm15l33y58nv5384GNz/o/uEJKm+p+ljUYBRv9De6z717UZx4zp/6SthzJPcb8Xmo1Cfi7/a5PeMe/E7vndM+2/rskvvuZQ0ZuXZzV/9gK5jzR7zBk/+8J8nqLwIzXny1WfgzmCPIuPdK9/RZXsH/2bKy1RvQ25c/+1Hfu/PsihDuZDrrZXP5Qx1c85bIm3y6HaP2f3/0+SLbmfmnIDpopyA4otwMxNI60xBIs3yv0Za8RlZ271Uyi13PxxdOm5zAmWQdtvTs3t+ttJ9JtKeFR+PXK/zQf2d77ML4v+V6gu2WN2ksPat6S/rtVeN/rf++WN5X6DTNhf+MJBWn/2ErUnjvnzFAUfafyTZjfWPpn+ak9sPeYIPtLCv6LmaNGnKjGgYWM3uvd2oB+ymP7nHJ4Vb+/+nOtblq+89rG8w+iYFcoNmCrKDSh2+OUmQZUZf8W1Nly5RS/Udi6ls7yT+Y1KdP/+kTza9auV/YXSb9Hf1Xr8tlTw65r+cia/Fyr7y5NsabyEvOHq0Zm/LEY7hP+xvPVnL1F7Yusxx/B5CnnP/T7S6HflSOuPX6L2xNZjjuEjlTfc869oRXazR1Pmp/Bvyd1p/UBK1J7Ydcyuz2Qan3P4yxxv7/pM6kdoR7kBU0W5AcWObLnJozPKrf57RqW5vfW3k85freI9e/6qpHr9uia/RYWr3oVfj/LPlV8czW91Mw6bZIY/ZuvPXqL2xNZjjuPzFHv5SL3WH79E7YmtxxzHR9rz87TC0Qz5KXyl+IdaP5AStSd2HXP6n7N7rmcO0vWZ5LbkUW7AVFFuQLHDLzdz4mKIqGfOmrgaptySNtOzJf1ucszMU2Itvxh1//6RPCpHqP0P28tXlu1v6vKLjvutvd+5SVbzmBlycP+/4uuvbh2/rvX95anlx2z92UvUnth6zDF8nqL/56C/podXP/Okef+tP36J2hNbjzmGj7T0Q0iLIj6mvJD9iVo/kBK1J3Yd8yh8zrntXZ9J/IN3o9yAqaLcgGILUG5COipcUMQMymRLvtzMVUzqR8iWW3XhE8M8qjO39879wr5K58DNaPxiIb/u+P9FOfqdqf23EzmC3b/6VUYe9UeIf7nxG+PtLerHzNIksLtFl3rL/bqmvyy6A4rOX93CS/vjtP7s1WGbL1eT+0hbjzmKz1MUfKTpuzVHa/3xj+xHWvJ5imZR+Pef/RCSD2RfPmRxJD7nSry94zPRN1Z7D20fPuUGTBXlBhQ7+HI7NPnTMrvI7zez/1ftfZD+CqX2622kV+uW15VfmwZ69bZf7A7BwX2ego90WPv4eWYt0Icspvo565GTb/dV8h8+5QZMFeUGFKPcOun/MNzjf34eq8ZvZoP9pIcVvYeOj3RY+/d5ZvH3dv8/ZzNazGRb64dPuQFTRbkBxdrK7dOf/fwfPvLHAAAcok8/QrkB00S5AcWO0MwNADA2zNyAqaLcgGKUGwBgYVFuwFRRbkCxiZTbmbfu3r9/e9YV4Vp8/ebOfbndffPr8fZXNnXj/c31eOMCWnrTvPvqtvPWUro9+qHWb9/fudn70guPL/+riy+Jyye/UH9ohi+cP/fSyuO1jYWOnb4sr37u9BO17TXVbtbz54+l22c+HcDio9yAqaLcgGJHbuZ2ZasWY69s2p6RVHOdoy1Xda
"deleted": false,
"disable_correlation": false,
"timestamp": "1566909435",
"to_ids": false,
"type": "attachment",
"uuid": "5d6523fb-2aac-46d2-a15a-456e950d210f",
"value": "FTP.png"
},
{
"category": "External analysis",
"comment": "Proxy Capacity",
"data": "iVBORw0KGgoAAAANSUhEUgAAB3gAAAOoCAIAAAC867K0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAMWCSURBVHhe7P3vb11nguB31qtBAwMU5kW9GBQKayxQaZXsUrXVpqqrzFJRMim3SkW1bbWKGg81ND0/POwpqlutMlt2tNj5obgiJeNhpMx0rMwunM2syqSQiRPtjINNZiuMFUAvdoH1iwAJNptMvdHuYnex+hf2POf3Offcy3t4D3nJez/CB92Xzz3nOedeUmrzi6ef+7V/4zsvAQAAAADAngnNAAAAAACMRGgGAAAAAGAkQjMAAAAAACMRmgEAAAAAGInQDAAAAADASIRmAAAAAABGIjQDAAAAADASoRkAAAAAgJEIzQAAAAAAjERoBgAAAABgJEIzAAAAAAAjEZoBAAAAABiJ0AwAAAAAwEiEZgAAAAAARiI0AwAAAAAwEqEZAAAAAICRCM0AAAAAAIxEaAYAAAAAYCRCMwAAAAAAIxGaYXf/1tbPfzj/w9ogAAAAAJAQmmF3QjMAAAAADCA0w+6EZgAAAAAYQGiG3QnNAAAAADCA0Ay7E5oBAAAAYAChGXYnNAMAAADAAEIz7E5oBgAAAIABhGbYndAMAAAAAAMIzbA7oRkAAAAABhCaYXdCMwAAAAAMIDTD7oRmAAAAABhAaIbdCc0AAAAAMIDQDLsTmgEAAABgAKEZdic0AwAAAMAAQjPsTmgGAAAAgAGEZtid0AwAAAAAAwjNsDuhGQAAAAAGEJphd0IzAAAAAAwgNMPuhGYAAAAAGEBoht19tP3z13/22qkffx8AAACmwfET36v9agwwmNAMu1t5/627n//xnX8OAAAAk+/f/c+vr/2Dv1L71RhgMKEZAAAAgML8m2f+zX/6N2uDAIMJzQAAAAAUhGZgD4RmAAAAAApCM7AHQjMAAAAABaEZ2AOhGQAAAICC0AzsgdAMAAAAQEFoBvZAaAYAAACgIDQDeyA0AwAAABD8zvdPfvAf/q1/9C9v/JNf/9nHj//0D1Zerx0A0I/QDAAAAEDq3/7n1z558mHk/r/6s/k352rPAvQjNAMAAACQOveHZ/79f7XxyZMP/8HDv1N7CmAAoRkAAACAwt3/7E/+g//mw7MXf1wbBxhAaAYAAGDvXjzxvRPfOwlMkotv//61X16tDQIT6fh3v1f7v+x7JjQDAACwR8dfOvGTny7OnV0AAI6iCxcWf/v4d2v/931vhGYAAAD26MXv/s65189/64VvAwBH0U8u/PTYi0IzAAAAYyU0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QjMAHGlCMwAAAOMnNAPAkSY0AwAAMH5CMwAcaUIzAAAA4yc0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QjMAHGlCMwAAAOMnNAPAkSY0AwAAMH5CMwAcaUIzAAAA4yc0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QnPJzN2tW9vLtcERDTHn3KWnO7eeJbYunas926m3N3fCn82V2njVyubO1vtztcHwQtKb3Ll2t/4shWPXHy198eXF6/O18V4n73wZHbl0Z/C3oyvzr3461F21ObKVaNpHr54eZhBoR2gGAABg/ITmkpm7W50n1CHmnLv0dLPzqNfrtfe3djbj5H16Y2tn6+bp+gG5lc2de2/XBwtrm0JzX6Eyx+H45J3BrTbE3IUr4XE45dMPjtUP6F50S8kVdzX8kcOL+3u9KTcOAm0JzQAAAIxfV6H5wr31lRAf52/cK8e1mZVH71wovmxrfrth8Ww0uLpWGRnZ3KWnYSnxMKE5Oqbx6j3nDj9nu9DcrwK/9v5W7zLkfuqTnN7Y+mzjtfqzy/dKgwWhub+VhS/un0weX7m/lD/eRemszLHrjzpeU3z6g4tD3s/wRw4vmvPT+wu1xcuNg0B7QjMAAADjN3ponrm5/smTD29cnb/x5MNPnryzcnP9o5sz0fiFe9GX6ytz8Xhcn+Mji+4cHXDjajFPzdrmrWchKM+EHRuyDpsNzm/nu0wsrz7bufV0I1zx3Ma1PezqEOaMpkr3r4hOD1eMN7vImnIWguOrRwfEV6/cUu3E3jnTazXrCc1hxXEpBL+9ma5Ejje+iMZXwv/OliSnu2GEzS6KNcu7KYXm5XvRyZ9tvBZfNDk9enbrs+irzZXGtc9TGpqHCcenP7iY7IMRt9qFO3FCDSemq5v7LOCthubs+Pjg3VYWt8jZ+2DYqyf7Y9R2yWgcBPZCaAYAAGD8OgnNcVmev5FE5KvvhC/n3vro0Vsz6TEzK4+S9c7luDx/ozigx1yyHDj5snFRcFaBg3jh83L5lKFVLpQtoF5ejct19cs+t5Q25XQ81jhn/myvntAcyeNyyL4N21y89v5WWopDaB60D0avco8OTblnHXR5sJSkM9MZmo9duX/x0/snByfRK/fjfTPSeFragGJl4YtHr1754GLDFhnRweWaHB85dHgd6q72zZBXz1ZnV5py4yCwN0IzAAAA47dPoTksXi7toZEdE57NVzcPWM6crFMuKcpmtoK4Mhgfv6f6GZ1YRN4sHyfld3l1ezMk5nMb17aX4+XSpRwcfZkso47uJ3lQaJwzf7ZXU2gOC43jj+w7vbFVXqScrV+O/qQtOBpp3OCij1CZi+Pnbn7WEKnLcVlobiMOzXlfrux0HBb/9hbVUJkrW2SE3SQOYr/mg1O8olJTbhwE9kpoBgAAYPz2a0VzFpQTpYXMyerm7OB+Kq02Mxd2okj2pqgF3LQ+956yq8qF8tXH89tbl9Y2VsMuGVuX7iZdtXpL0RXzXTKyW8o0z9lfY2hO91wudd65m5+lW1vkz4bHpbXPuyqvZY4JzR1bWch2yagl1JN3vlz64svkcwIzoTLXd8aYvNAcCnv82jPhJTcO1k4EhiY0AwAAMH77FZrDl+l2GdXH8fGPsgXOfTX12XLADdE5OyAaD1tVzORbJLcRXSjbgqOYM0yVbIgRJ+zkgPItFY8bQnPznP01h+b4A/q2Sp/Rl61xDkJ0bh2aw4T1tc+1Bc6vxdFZaN67YhVzORlfub8UHlfKcp+P+wvHFOOn5ycoOjcuXm4cBNoRmgEAABi/fQvN8S4Z4eMBg8ouGXNvfVTqzn2FRJvvkpF027j/JiNbq9vJiubl0qYZ8Sl59g2bXZS+7CvMUJ0zzsfJhhhhknzD5fzI0rRNobl5zr76hOZyTY6FKJz+2bq32XpF80qx60b4k89cGY+nEpobDPXRfEFY1Byv0s0+Ja+8acbpDy6mk+SHJcqxtfLU4CsOfVfNDvZ0oRn2i9AMAADA+I0emg+xIfZHPgzKSb32uYJ7cnojD9LpnzabOPdTqvy7rtGeTIcziY54V+M9HeiG0AwAAMD4TXBozlclw+hO3ql+at/hMOJdjfd0oCtCMwAAAOM30SuaAWDyCc0AAACMn9AMAEea0AwAAMD4Cc0AcKQJzQAAAIzfIQjN1xc//+rMbG0QABiK0AwAAMD4HY7Q/PhUfRAAGIrQDAAAwPh1GJqPrz8ebmHy9cXPny9eLn8Zh+bLj5fWF0uH9TO/vXPt7lzv4OpaZQQApoLQDAAAwPh1EJpn7y19/vzdz58vrV8/8+D5uw/uHU8GkwdBsTnGqdvRkSEr5w+SZ5eiE29fP77+VXp6H2ubt56FoDxzd+vWs8356uD89s6tZ1uXzkWDy6vPdm493ZiJnj23ce1ZQ5gGgAkhNAMAADB+HYXmfO+LxTMP4tXKzaE5ezYdTxQZuljd3Gju0tOkIwczd7d683E0mK9rjhc+L5dPAYAJJDQDAAAwft2E5tIy5OPrX4UdMPqsaI4fh+XPpZXL5bg8MDTH65RLitAcL2quD8bHW8sMwIQTmgEAABi/zkPzqdvPB4bmVNglo9g6Y+jQnG2XUZi79HTn1vZy8mVlmXNan3tPAYAJIjQDAAAwfh1tnVFesJw8LsXly4/fTR8vnrqcf9zf4pkH+ZHDhebGjwEs1+cQnb
"deleted": false,
"disable_correlation": false,
"timestamp": "1566911548",
"to_ids": false,
"type": "attachment",
"uuid": "5d652c3c-7d4c-4c94-b60c-caa1950d210f",
"value": "Proxy.png"
},
{
"category": "External analysis",
"comment": "Progress bar",
"data": "iVBORw0KGgoAAAANSUhEUgAABGUAAAH5CAIAAACnFBSWAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAFfCSURBVHhe7d3tbx3XneB5vQoCBBDywi8CI4B2sV7rybJJi1QcUzJFk7KeKOshNBW1ZIrqybjpmMqypShWVtu9SDR25J0RNKKTaQvbM5rtRB5JSToYAW30AgO328K0B7OYgRe9T43ZdPvFuHe7txv6F/Z3TlWdOlV1qlj3nlush/sFPhAuD6vqXpKXqvreU6y74b/esh0AgOr8x9e+87Wnn7VHzl46sfC9E/YIAKBRFu799Zanx1KDw4leAgBUi14CgNahlwx6CQBQLXoJAFqHXjLoJQBAteglAGgdesmglwAA1aKXAKB16CWDXgIAVIteAoDWoZcMegnw9cz46HffXfzeT34TgNP/9LOLV37vW/bI1X/1xjdeO5T6VQIANMcrP/l3W57emRocTvQS4OuV12cv/fjc/vkXATh9+MPfnvuN/anB1O8RAKBRmF8y6CXAl/TS0g+/mRoEYGTPxwMANBy9ZNBLgC96CShGLwFA69BLBr0E+KKXgGL0EgC0Dr1k0EuAL3oJKEYvAUDr0EsGvQT4opeAYvQSALQOvWTQS4AvegkoRi8BQOvQSwa9BPiil4A8u0fHv/Pi/v99aeX7L80e3vV1+1MAgCajlwx6CfBFLwF53j+58BevX/yr5Ut/8e0Lf/abb6Q+CwBoLHrJoJcAX/QSkGfP6Nj/+fqFz5Yv/R9Lv/2bkzOpzwIAGoteMuglwBe9BBS4M78gvfS//MPzqXEAQJPRSwa9BPiil4ACu0fG/uqNS+df3J8aBwA0Gb1k0EuAr157aev2HQcPHj5w4BAwJI4cmj1wMD0IDJW9e6dS+wKg4eglg14CfPXaS8+MPLt7z9R/8V9tAQAMicOzR57c+lRqdwA0Gb1k0EuArz566fndk1/d9AQAYEgcOjxLL6Fd6CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAnzRSwCAYvQSWodeMuglwBe9BAAoRi+hdeglg14CfNFLAIBi9BJah14y6CXAF70EAChGL6F16CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAnzRSwCAYvQSWodeMuglwBe9BAAoRi+hdeglg14CfNFLAIBi9BJah14y6CXAF70EAChGL6F16CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAny1sJdWZn/16d6J1GCu3c9NfXjspfef25Yaz9h28cBL2SVPTanBDw+M784OTo2YEaBvo9c+nv/g4/nblzdnB68tmJF4MLkksA7oJbQOvWTQS4CvdvbSg/H0oJuKJV01UjjFyXRqauriluBGvKSsHt4emYjqSGXV9ZHws6mOAnq1eeX+kZVpdfvkqqkj6aJgMP5szpLA+qCX0Dr0kkEvAb5q7KWtyw/KTRNJID2anbM/1L0092B+edZaLGvk+rGJU8FtCR5zu9iW8fejCjIRZQ9arO0DfRm9dv/5Pfr2nstHwomjhZkPVkfDBRZmotkk15LAOqGX0Dr0kkEvAb5q6KWJm/O/enTuV4/ml1f23np07tbNrcFgcEOJz7gbvypLqjoyN4LPzsuKV1e2Ln8aru4kkRNMCsmNYxPXg/hR4RTOIOlT9aIiiiRmomRhnUk501P0EvKdXJ2PsyefLKbjx8wpJXtp+vnb0W3HksA6oZfQOvSSQS8BvmrqJXNC3awkk5o7cvdS9NlwPBDXVDzX5BSeRLft4gEVRdI8wXl0unOmLo6kp4yCv3Ry/6mSY3IpPjEPyNp8cvWIpE4wI1Qo+1dJMjJzUt9W0RVNK7mWBNYHvYTWoZcMegnwVU8vWZNCW5c/VafV5cwv6dtqMsqaR7Ibae1eMplk9VIwy5SeWQqFlSW3rSKKJpqixdSnXDNOQE+mn79tpVEcQmpcX+/h8vO3g17KWxJYD/QSWodeMuglwFftvTR+9VFhL4XUqXfx+XjleknNI5mqCWeZgk+Fs0ZhF6VEZ9kl/mbJXp2ZJQxI4i+RpIjiqaRIdG7e2ksCFaKX0Dr0kkEvAb5qOh/Pnj4KbluNNPfgXHh7dnzOXNFhdu8ts2TJXrLmlOz4CSeLEtmze2Qk+Vm5bf95Unw7vmge4Ct5aYfM3ztZ18dbY0mgUvQSWodeMuglwFdN80sPZm/ps+zUVR/CItIzSHrw6oOwnSZWzGLWkj30UjDFpKaSTPnYZ+Kp60AEyWQWE9Z5emrhcDwqK3tJkXNSH4aepM78B9EZdAXUXyjpU+/ihaOT8VJ/quRYElgn9BJah14y6CXAV+3n4wEdxVlz6A56Ca1DLxn0EuCLXgKqwFW/0SX0ElqHXjLoJcBXDb0EAGgVegmtQy8Z9BLgi14CABSjl9A69JJBLwG+6CUAQDF6Ca1DLxn0EuCrhb1kXXkcaL/gSnql/9ip1GUknNscvaYvr3dtwTGYfANc56CvPZePfKAeecf/squjXya9hNahlwx6CfDVzl4qvoZ4CSdXU0eNQC1U2OinYsnDax1Ca/SSa5vqGuXBVcjVZ6MQktvhAtZvhHNwEMK3jZJH1enroXfzy6SX0Dr0kkEvAb5q7KWtyw/KTRNJID2anbM/1L0098C8d1MhOXxJH7jER4RpZa8BvXll1bVYdnUZcbwJ6XzwfqN7Ls8kHkZ2dXnw2cfj+IpyBt3yv3yss/DYWt1Wb6+Ufqqk7bl85PbqjONJYq+45jbjBUavRZtSWw4jyjnoTz3tVX2lHm3wqe78NhV8ma1GL6F16CWDXgJ81dBLEzfnw/efXdl769G54NriiYuMx2fcjV+VJVUdmRvBZ+dlxasr6i1uCy9NPqpOK1JHLeZGcCSkzjUKRC+f6wWEHE7JYVb+oZI62UYteWRlQb2paHyI6VhdD8qIvsfwjtRn9dGVHrx9eXSPOtLKX10esxpJPs7UV+QedFMH0OoB6KPMskeE6EfJ/gl+sup5tToThEr0M5Jx/WPSg2p5eSYEzxAzYn7i4dNJPRud29QLR6xDebkvvZZsJz7odw4WKPOVOvHb1B70ElqHXjLoJcBXTb1kTqiblWRSc0fuXoo+G44H4pqK55rc4qOlFDkSSo2rY6PocK2IPgaNDqGSR2Op1WXJeESW1Iet1qD9snTZ1d1fUe6XmSGHlcF2ULnNJ1eP3F4dLf5uywG3OnYPf77W01L/pE4mpneiJ4x5MqTIuH5m5m7TLJYYUc89HRv20885mKfUV+rEb1N70EtoHXrJoJcAX/X0kjUptHX5U3VaXc78kr6tJqOseSS7kYp7SegXnl2Hg6lDIhkxx1tFEgde8VFadnX1knP0MnbwoV7AHGMlDssc965furaYIzPnV+T+MtOSDx71021jno2Jp6V6AliH4/HPzhzuh2StxJOkYJv6WWc906wnoawVbz87WA1+m9qDXkLr0EsGvQT4qr2Xxq8+KuylkDr1Lj4fr3wvhdTxlnVqTfIg0j3iljxIMkdmjtX1Yav5MF4gOnSzl19z9azUV1QwGKOXGkcdmkcH94kQkqeEep6Y50D6iF8/YeQHGj+RzOp520xEhZJ4PkRLOgfDDweN36b2oJfQOvSSQS8Bvmo6H8+ePgpuW4009+BceHt2fM5c0WF27y2zZMlemh49aV5mThz5mSMzw3GM5aSOUM12zMvbztXjz1q35YbjCGyt1Q3nV5T7ZWbIZ60vfM807VS7+EdvH3/L8b26rX5emSeG9SO2M8B6Zjq3KUf/qed88tlobjsHq8FvU3vQS2gdesmglwBfNc0vPZi9pc+yU1d9CItIzyDpwasPwnaaWDGLWUuW7qU9CzO349fjEweL0cvS5swc1zGWol9jto6Z1AHoqtms2aZ79fhe4s/qDYaD5tVr9+rqaDK5pPMryv8y0w9ekQPHeGHnl4yBCH7QJb7D5icSHfqrp030U9PPgeRG7IN4dcge/jQT183LbDP5c4+373qKugfzlf5KM/htag96Ca1DLxn0Eu
"deleted": false,
"disable_correlation": false,
"timestamp": "1566911569",
"to_ids": false,
"type": "attachment",
"uuid": "5d652c51-7478-4bff-a1a2-b3dc950d210f",
"value": "Progressbar.png"
},
{
"category": "External analysis",
"comment": "List of crypto files",
"data": "iVBORw0KGgoAAAANSUhEUgAABDQAAAKPCAIAAAAdUQ2hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAJX0SURBVHhe7d1bbtzIEq7tfy4b2MCei2F4JoagQaxrG56IYA1EkAfi9gx+RiQPkRmRB9aRJb3AcyEnmUdSvb6ocq/+//7P//1/AAAAAHB3FCcAAAAADoHiBAAAAMAhUJwAAAAAOASKEwAAAACHQHECAAAA4BAerDj58vPP3/9ev7v2Xb7//vf3v8m54wChi7ylAAAAn9BIcfLtx3tK85M/P74WV2vavcbG/Prrbbrh9/PaMhD77MjB+NkIaXzv/deX5f58wDMSp8718jTQeFhH2sL0HN9+fpv/eLCzpTgBAAA4Tbc4eX6ZQvlSHmjqGqlP2r1Gx5y/4thXnMjg9UiqlYYZ0Cm6Z0vV9ZweOqW7mzpsvKH2cZWOsYW5XNyKk4Od7RnFyb7HAQAA8MF0ihMXs7rhXrR7jY6pn3xfozixobYgcdZ8beKmk8Eb3TueXoMyLGy8mb1fL9x7C/KA0ltRPIgjne3AW1pxv297AAAAjqBdnARlw0DwavcaHDNVEc/Fzf3ZJd418mi7OCkLG5nO/xWvfPF7hLO3l3Rlu9PwfbewTuRnvO/CMgO/IxUUJwAA4HNrFyfRFwXLp9GawGyQkps1uLd69a7Olngn4TIqTrR9/gQ9L0UaxYnMsvYKaowgU0oX2xItfg+ZIqt2qo3KbnNe8PzdTtrL+6//5V/1bL20MTqu7ZHZbyGEOZD8UnYme7YQrH+VTbFcmnenGT1dqpy2jFxcutTCvOUY9Q23Xcw67SDL/XaW8p302w8fx3wgy+N2G5ns2wsAAMCRNYuT8HNcU0jMyUnbt5/bvXpjiu0eDV5l7JtC2HZzatkGTDFuVea5INQuwsIjW4DGxyyp7yezlNsPG1Pw3fb+/LKmVduu+836mhPuH1fwODSCm3PTGc3TGd/C06s5T7lh+aOe6jbFvLXJvLv1kt/dLHyO5y8sthzj8uj10N7ep8a8ZRmkd+zV7fvHUT7ugt7vXxIAAIAHdVZxsiU/uXNpbPfqj2nrgaw2mJTZWkmAK4uQRJaXlxNhqFWyhrDw0DXIOMVQJ5LVugTpG2ub0rRa7qg8oqVj/7jc44jmLafwq601WmbksIoQco/J9H5q2+6f49kLi+kx2lX5dWaD9I69uv34cdTfuu7KAQAAHsuZxYn+8f31xSbF84qTPI1FydtltbBxUXwuHofaiczrI6wszKy2+ONpZBC32rKxGd/zPJpvP9tv/7jKx1Ec16wcZ2gLiT7BubRbV54as3Cf+N1V8nflOZ67sJg/xnaLv5o3VrcfFyfVtdWLHAAAgMd0dnHi89M5xUk5uMa4s4qTYoRKqA1XpeGvqFiacw0K15A3xusRUVo1ITUP4v3jKieKi5Ni2KEtpKWa0YqVp6vCnLDfXbTfSeU5XmJhnj/Gdkv/2Cvb98+9tbb6SwIAAPCg2v9CfBD1JGPZtKTlxNu7DUntXo2rcmlObE4afyT25XTMbnFShm+l4a+8uSyfTlGeoW/cV5xsjfKDCbv94xorTvw4J2whztl629ru74l71Z7jBRdmxNuvt/irtcZi+/vW5m4GAAB4dO3ixGejIhQun9nn4b7dqzemJZdc2i5qg/KejAY4M3g8lywpGKH2zcm5xYmuyg2SNVY3FafVVDI9lcP2j2soDUeL6W6hHFkH8SufmHrPzx7vt/IcxQUXtvB1Rbulf+yWLXfLtdW2n9THBAAAeEyd4qQI6EUmk+Q0XypyUqtX76pVxi+9+V+5BvPHLz9fTSjUibJsJwO6UCu3hUk3TbeFRcmRlUxcpVtw+dIcXaVR5zL3mP+3rkpYl/vzS93jCvau+diO47qY9tYWsqesg6zDZv+nUnJpmc7+7K8a4XOcmTWEjY2Fxfwr2m7pHXt1+/5x5Fcn+etUeUkAAAAeVLc4mWiYS0xO0rxlPh7WUGtyVdxr7OpKo5jJW3METAF65jPiesnn1yjUuo+rMyn/Laq3VeVpciXDZiuPGs0pLVO7tDpLGy+21j0usW5wO2dd89ql9oC6WzDzTgszK8/2Zcf3u6vsN3qOq9MXFpuPcbild+zV7Yv8cbi1+dcpeEkAAAAe1EhxgmuQTOmiZNg4xMflWuPlXHgLl3PYhQEAAKCF4uRupHJwH9iHjQP0A3X3V3quXJxcdguXdNiFAQAAoIHi5COoFSG1dkTkq5X170etqn95DAAAAJdGcfLYtPyYMnRcgVCcAAAA4IFQnAAAAAA4BIoTAAAAAIdAcQIAAADgEChOAAAAABwCxQkAAACAQ6A4AQAAAHAIFCcAAAAADoHiBAAAAMAhUJwAAAAAOIQHK04u8p88//77X+O/qo5Ludl/n57/ED4AAMDHMFKcfPvxntL85M+Pr8XVmnavsTG//nqbbvj9vLYMxFA7cjD+iUHWrWQ3HeHlaaDxsHZu4fSa4WYTXZK+eO+/vpTtAAAAGNUtTp5fTCjXFDhSn7R7jY45f8WxrziRwetxXxPk/hrDr+QEMogbIWy8ofZxlXZt4Zya4WYTXc6u4mTfsQMAAHwSneLExb6hcN/uNTqmflJ+jeLk7ec3194UreQUT69BGRY23kz964jYni2cVTPcbKK72HvsAAAAn0O7OAnKhoEg2O41OGaqIp6Lm/uzS+xrZP0TipN4JScJZz9hSZezOyXv2MJ5NcPNJroHihMAAIBIuziRbyHKLLh8eq2J0AYsuVnje6tX7+psiZsSRqPiRNvTtxlFKdIoTmSWtdc6rB0qKD9qKzmNjOb+5k/YqIK1yV9tmm5Oe3n/9b/0R99LG6Pj2h6ZDLU0CrO7/FKW+8e3EM2ePZp5L5rU0w32xbjZRKFozKycKB7EtKS5xV6NZpRLS6OIX6ps3vNfPAAAgIfQLE7Cz3dNIRGksenndq/emGK7RyOaSWYaGae4tt2cWrYBU1hcLctbyIBZMH16NX90hVN9JaeSKcrth406tZnx+UV/nqPt2q77zfqaE+4fV/A4ZDH23HRG83SGt9Cdfd7LOle5l5tNFBgd07wS0rJM0ZkxOHaj8ugBAAA+vLOKky0pyp1LY7tXf0xbBsTFSdHdhsKcLC//4N8VJ7l8qNZKTiZTuHF8Y21T0u52VB7R0rF/XO5xRPOWU/jVho3d2eVnk/7vOJE3NqZ9EHtmDH8LFnYcAACAT+XM4kT/+P76YhP/ecVJnvmi5J0nwlrjQuoTU43IgK440VmkjFFx+uzH2VGyWbfasjH80kD45JpvP9tv/7jKx1Ec16wcZ2gL/dn9XsqWm03knDlmZ8ZWcVJ99AAAAB/e2cWJz2HnFCfl4OcXJ8UIZXEiiy/+fYC0l95KzlCuIWish1eferM4K8vejqJ/XOVEcXFSDDu0hYHZ/V5cy80mKp05ZmfG+vNtXQIAAPjo2v9CfBANJZ/Z1KUh/u3dxql2r8ZVubR9g5FL43cjo6Nj1ooTFwSXBNlfyTnKM/SN+4qTrVF+2FXLjRUnfpz+FgZm93vxLTebqHDmmJ0ZKU4AAAAi7eLEZ6yitFg+s88/WW/36o1paZFQpu3sext/T0ajnhk8n6sMgjpUnimzS5f55iTNW+yiaKxO51OvSN/zPJXD9o/LReFo/Ggx/S30Z/dzBbPfbKLcmWN2ZnTHbkSnDQAA8Dl0ipNUfqxRSRNbXoTMl4pE1erVu2qVQU1v/leuwfzxy89XEyh1oiwjyoBFcbWOr0OVmXJxcmTUjm5Mc3SVRqk37D3m/60rWKHO4hbfPa50AlllqLnZjuO6mPbmFrqzyx/zBfuWufEmE1lnjtmbsTj2/CWpPHoAAIAPr1ucTDTBJyZvaVYzHy1rqC1zv+s1dnVVlgQaGV+/pwA92/LicsN6KY/dQgYMsvhys8+Ui3Ilw/Lcucq/a6o0mlNaPmivrTBtvNhv97hEisKTbXe65rVL7QH1ttCdvZfgFzebyDhzzP6M2bH7lyR49AAAAB/eSHGCa5D06UJn2DhkDtMDjZdz4S3U3W
"deleted": false,
"disable_correlation": false,
"timestamp": "1566912605",
"to_ids": false,
"type": "attachment",
"uuid": "5d65305d-db8c-483f-ac89-efc7950d210f",
"value": "strings.png"
},
{
"category": "External analysis",
"comment": "List of algoritms",
"data": "iVBORw0KGgoAAAANSUhEUgAAAoYAAAViCAIAAAAQmqo0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P3Pi1xZlueL1rRnNSq4vHq3bufldodLrbrx3C7hhdolL9cLs2yvlj85VIcLEwhko0AQSnChIMFz2ILAi0Yk2Kg10uQ6mWggCgcNRaIY5PTGf5CTGutfeGvtn2vvs/axbW7nmB83/8IHcXzb/nFMtvb+nLXtx/mr/+Or2wAAAAC4cqBkAAAAYBBAyQAAAMAggJIBAACAQQAlAwAAAIMASgYAAAAGAZQMAAAADAIoGQAAABgEUDIAAAAwCKBkAAAAYBBAyQAAAMAggJIVvrp15++//v8AAAC4Wv7T3/+f2fq82UDJCv/l4J/+cX98/x//vwAAAK6Qf/qnw1t3bpCVoWSF/3LwX//3//Cf/u5XXwEAALhC/vHB5D/9/dfZEr3BQMkKUDIAAAwBKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSQYdKnuy++3z87nQrlOydHn78fGyR5YsxXZ3NGuVNZuOP81Fe6DEnMJ42ymuZjKYT+SefFT+d8oiXZPLHP/3mX/aTwl//9jf/9qff/fm3O75k51/+8Dsq8cyeFwsBANcSKBl0pWTWVSa/0dkqOuTmFVZuVXI907kyFhu92XlHIzqCUxMls49/z1cDz38vrex5Ovu3P/zzr2sKAQDXBygZdKRkTWmjs/e7e0mJZevk/eGJzD4N03mjUNF8g0sIkprk3aqnRIWUEzdOQBnR1DSFe6fj2A+df+W5kZilkilp9vkuibaR+5Kn//g0KSkVAgCuEVAy6ETJ5J7UvnLLWlqNzP3xM8lP2I4M9/7QbFNzYba/TfUX7HgXlWyHyDaZOfM2JeHAGtqeJxMvLIxQlUuNbES+bjA6N/28Ox3tsZJN//R/YgoX5/qpkvf/+c8mReaDP83++Pt0T9sU5hvUaiEA4FoBJYNOlKx7sZElU7Vm3iwLm/3oPQvaK2SPFtNuZY+dripYpc1MN+2TqvmLBroIcKm2KFSuVxRSJVNmzEp2hVn6++vf/qa5la0WAgCuF1Ay6EjJWi6bKzkRVUAarunXhT5bSsm2xGTD6Zk0lUx+tSVRtI6sT/rTnmH0PSfoIjNu9NBEUXIwcarkbIu7pRAAcM2AksEas+TLKFnvWdBeofgoW1M81FAyNxzz5vPnw7N5etqNPs1uPBF7SLe7lRQ8J3Pq5I/xs9bpQ/v//OfmZ7jUQgDAdQNKBt18vEu1TmPjmvPImC/uTYznpOE022n5t6AoXUP2qPxSU5J/0/kniWzi1CxTz/pUT4AKQxN5XCJPc2NmnOqWypsb1GohAODaASWDbpSsulP7xDX5yewbx7RSKi3TW9wKLpN0aD5R5R4iy4Zy/xbvbOy+WCwKLT7TNT3k43JKzc+Oy0Pz8HxNwh3K/fnHDhc+BaK588yJcv5VY/4MV2ODWi0EAFxDoGTQkZKbiebKZO/IDpT0u1t0zhUCBgAABSgZdKZkm9RmXzq6LCb3Hb6P8xS5q6cPALiJQMmgQyUDAAC4PFAygJIBAGAQQMkASgYAgEEAJYN1Kjn7QLVgr9tbNnGJ/3R0H2/u7vC9Itx3k8yx/f1LAABYASgZDEPJ9STfGPaw0dWeuxgxhx2c3eDh+e9hZQDAqkDJYMhK5s9dZ6nz1hK3bCKUEU1lU3i5uza5H6DOyhVPAwDAUkDJ4OqV7L9HlDxkfuiDS8KBNbT/rlHNLZuIbETezTZGN11d5q5Nzd/08DRvV6zdVxEAAEpAyWAgWbLiTvWtZdJnXr5XumUTkXYrfmQ7ZtvJL29TJ+0/finuZJyTP/Trp7M//2H2HL+rBQCoA0oGw1SyLTHZcPo7nU0lk1xtSbRsJOuW/rTGjcrnHF1kxlonkskfizd4KCfQAABQAZQMBqtkBytTPNRQMjcs3LLJPZp06396OnaS7ngrWXjCElkyAAAsBZQMBrpx3cUtm4isW/UEqDC0ksc66d2LBc33kgEAYBmgZLBmJZu9aIeTH1k2FPr3d1e8ZRMd80Ohhy7v2qSrV/nE9a9/+5t/+xM+hg0AqAVKButU8lXT0V2bmvcnZvvq34zCu8sAgFqgZHCDlJymyERpF30hnBP7LziZGxtrvxPSNDcAALQAJYOblCUDAMCAgZIBlAwAAIMASgZQMgAADAIoGUDJAAAwCKBkACUDAMAggJIBlAwAAIMASgZXruSXDz/88uBeVrhG1N8J4Rswh+9KEfEnvfwPm4ifGUnuWrHox0bccL5DMXp+E6qsJrg+2K/btf5YuqT5q3MKLvDSn4xtDJT+Qs7lv+ZXAc8RPu34g3rXayo1z38AQMlgCEq+2MkLl4SmXDYJ6xFteY2wx8ntoSJUwS8T8ac3Y+Gi04j9hxVHNOHl1Q+q1DTlYPjw62heO3oRa9Z6o9XUFg2oTtSeDJiWgaimFsPd4X6eVo3/GMDDnUqN8x8AUDLoTMm3X1zUJbvk4C8Pj+WfRsnHF49fPBLVSvCvcmZTKC5YCjQPW9e7ZPL71UFfR9wcTgtD5UUDNfrc2ps0Rjf9qzXFn2DAiCChF1cNGAm/1vPxgt9mJ234CjE2FgzUNE3rNFkaf0GQnsb1mUrK+Q8AKBmsrOR788cfvsw+fHn84uWDt19mb+e3baE9YOLW9M5rqskCDgf20cfU8PXL2y9+cc0L8AWvmT/hwMwov1uVbliZOgTN7ezqOCWZyX4h09cR06eoHHBjaQ9F0oGUwnCs1gRXDr0uC5dvihz72tEB36PMqIUbukSWTRBzYuuexEA+tk1ghyCkHswxPeq0qg5kK/vCeKr+BMzoi5LCmqepQg1F3GIqXQIoGXSi5LDz/IiszBmwrmT/qCu3RGHHjFmnaFY3+RuFVRt36aR1mQSvaNbojOzcLmqNnmkBTdfEBq7nrJxGjwO5HvSa4KrZms4pox21vso+nJxlRWSaCJkmfvIvdKJkAZVHNTpXhebFgZg0hBYHp6Tqaar0MpXMpUmE/0P0CbIRUwlKBl0oWaS2lOny/nMhSzbHnFKLbFhquF3JhJ+f6TQuKblqNqbriOuqcGkf4fkfl0u3uIh+FNKBtEK/GKk1wbXAvHYhIJPI5JgRsokxliuZWqVqoQq+H+rEtmoZKOtwYTB3RRq37pQwlZYBSgYdK3nn9ZdWJTt4jzpuXNcr2WHmbZJAiPWorVAhmbR+LatYxWL/VJlPJru6b6D2mS4ZtasYGC581eivBRM10oubyIZeeuddh3vpYyqpRmPoszhQHj9rCydMpZWBkkEnG9cyCbbHQsPHFzN3/GjnOHyA69GDt6FmpZIno2nIevPFrpkQx3nejpzJ4VifybPdOEo8gTh6uig0oCbxlLZO5tw8aRJWIq2mqwOGTiKYEEX0QvNx8sp6RDDLeGA/2XIKjHABGo/1gZTpwIPGkr1JX4qSJx+OMZWWAUoGnWTJFw/fmu1o/pCXk67Jg03h6wun53svQzVRs1rJe7Ox+M5lsujQbHTlfmmTC1aKybBjNdFW7IfzaugLGVN/OhvHHUV3AtxbXHHStU+BVgrfw9kpX2HI0ZN32ho1YyfgarB7qmpQpYTXznuUX2Ufcia00k6ik2wIudddfhJbxIkWJEHYtn8R3g4RToueQvXTbICptDJQMuh44xoQdlGTtC4u4Log3bnB3JCnOUSgZAAlA1BFY0N4M7khT3OYQMlgZSUDAADoAigZQMkAADAIoGQAJQMAwCCAksGVK1l8XaqC+3f3Px1Nzu/eycpVnuxPqPKng537olDtQS10zfe3ZSEAAPQElAyGoOSqnwchWJxGkCTLhVamyq7O9m7QqtqDVnjn1cHkzbZ/NJU6AAD0AZQMOlNy/3eC2n5ztPvEHpNlw3GBJ/v7r26Z41
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913137",
"to_ids": false,
"type": "attachment",
"uuid": "5d653271-9780-4fcd-8224-4d42950d210f",
"value": "listalogo.png"
},
{
"category": "External analysis",
"comment": "Cyber kill chain",
"data": "iVBORw0KGgoAAAANSUhEUgAAB1QAAAVmCAIAAAChuBsUAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7P3pd1xXgTf6/973A0/T3bE1T6UqmqZphgY6SQNNx/M8D7ItS7JmVcnzGNmOLQ/yLCUE0gmQdqdz0yQPDzzcwOXyhLV4f3lxeXPzV8Ba/Am/U3WkUmlrKltTSfqs9Vlap757n33KhujFNzv7/P/+2xe/AwAAAADACqP8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAAAArkPIXAAAAAGAFUv4CAAAAAKxAyl8AAAAAgBVI+QsAAAAAsAIpfwEAAAAAViDlLwAAAADACqT8BQAAAABYgZS/AAAAwDPY1H75/Mh/XXrzf9z40cdD73+yEKKVo/Wjp0TPCp4OQPGUvwAAAECx/uXoqaCoXWhbul4NvgMARVL+AgAAAMXqvPlWvpa99s7/uvTm/1g48VMufu/D4DsAUCTlLwAAAFCsnjvvDL3/ycDbP/uLz79U/o1N61rOf/6VA9F15K++/K/fOXLyK9tbPvOFf44+/vcvfvsbeztfPtAXXcQTntXpR/8Z97/BdwCgSMpfAAAAoFjnRz4Yev+TS2/+j3/Yejx/5u+WrlcrvrE5fe/d+OPhC/f/4vMvHbvyJP7Yfevt8m9sLmx1i3T4woN4heA7FO8vPv/ah3/684dnXwpygFVC+QsAAAAU68IbPxnKlb+7MjfiZjb++LWdbfmPkfJvbCr8+HcbjwTFbjGUvwBzpPwFAAAAipUvf/9pf3fczEZar32v6sVtd977Tfxx4O2ffeYL/zz47q/ij1Fe+c0tQbFbDOUvwBwpfwEAAIBinXny/lCu/P2Lz7+0refqyYf/0Xrte3G3+4+72/uGfpS+/+/xPt+/XX+45847Z4f/j5cP9MVl7rPa0z9YfPn74pv/3x//9OdRH78Wh6Pl75vv/j9jQ4VF8NS37Iom/39DZ8dv+X/ePJ6/JTDlCrG/OPu/80PxCrmVoy+Q/Ur5PA7jj0pqYN4pfwEAAIBixTt/r73zv14+0LfQ+oZ+VGT5myth/7+hXdnyNC58R/vW3HV+qHDatLeMtbEfns110LkOd8padroVsh/H7sq12Lnv8PFrYysXfoHo4/9u+3z+4+g1wHxR/gIAAADFisvfRRZ8h0BQvBYKO9nRvbejhezUt+TmREP5DcjZWvb/fffFibXsjA89PvT/Tlgh1wWP7iYOvkzw0eZfYH4pfwEAAIBilWL5O31tGle0+aH8x5luGRsKq9vcdt3J0wrD2BQrxEnu9In8LcEKMywI8NyUvwAAAECx4vL3xo8+3tL16kI7/eg/iy5/w3I2NmP5O80tY0Pj1e205e8MK+Sekl8hfq7yF1h0yl8AAACgWHH5G7/wrRhrv7Zh3+nbPXfeiXQN/tuWrlc/84V/DuZMp8gXvs1Qmz7vzt8iy98ZVsg9Jb9CnCh/gUWn/AUAAACKNV7+/u1Ls/rbDYcH3v5ZXODm9Q39aO0/bghmTmnPyeLK37/NVrpTH7+bG/rw3FjBOvZxpltyJWz2xN6xr9H28Z//+Id3X/zbCbXsjA89PvSHCSv8xblcfXwuV+/mv0zc9k7zEWBeKH8BAACAYhVf/q79xw2D7/4qbm8DHTd/EEyeUpHlbyT7Traxzblx9/rHj1/LXU9d/s50S66EjYeyXyPb207dyU63Qvbj2F25P0j2odHQzG2v8hdYCMpfAAAAoFjFl79/t+lIXN2eH/mvxn/d91df/tev7GiJ6+BbT3/93//+28H8yYovfyO5KvbPo/Il7PTlb2TqW+ISNndEQzwUzw/q3diUK8Ti/jcWbxBW/gKLT/kLAAAAFKv48veFr63vG/pRz513ql7alg+PXHoc97l/u+FwPpzO4QsPii9/54sSFlhJlL8AAABAsZ7pzN/JDp6/F/e5Nd/aEQxN9kw7f+eL8hdYSZS/AAAAQLHmUv5+c1/nlbd+Gt3+6lv/83P/8C/B6GTKX4A5Uv4CAAAAxXru8vfz6w/2P/iPuMzd2j0QjE5pScpfgJVE+QsAAADLT7L3Uc3B80G4CJ6v/F3zjxuaX30SN7nHB0aij8GEKS3Jmb8AK4nyFwAAAJafRMdQKjMSq2u+VralPZiwQJ6v/P2nA91xjXvtnf9V+U9bgtHp2PkLMEfKXwAAAFh+Eh138+VvMv0kvmjsvFe592Qwc349X/nbev17cY37tZ1twdAMlL8Ac6T8BQAAgOWnvvVGKjOc739j2RY4nQ0bu+5VHzi7ZsPx4K65e77y9/Tj/4zuuvbO//rM3/1zMDQDxz4AzJHyFwAAAJafumNXC2vfKcTbgfue1B0bKNvWGdz+3J6v/I338O4/czfIZ6b8BZgj5S8AAAAsP7XHriZzm3ynlx8dvUh03avaeypY51k9X/kbqfnWjiCZlfIXYI6UvwAAALAMlG1uq9ydqWm61NA2mOx9lEw/nnzsw5SSfdktwMn0cO3hS8Gaz+HUw/94jvJ3z8nB6JaWgdef6dgHZ/4CzJHyFwAAAEpO2Zb26kMXEu23C2vcbIfb87C+9UY0VH/iVjA0WbLvcfSzvvXm0h77sPYfN8QdbuRvNxwORmdg5y/AHCl/AQAAYOmt3dBac/hiY/eD8eo2PVzfeqNy76kp39tWuedkfuZEw6NbffseVx88H9w1d+dHPhgaLX9fLtJ///vvxB3unfd+U/XS9mB0BocvPFT+AsyF8hcAAACWTM3B88meh3Fvm+x7XNd8rXJXJpgzpYpdfWNt75j0cLzVt6H9dvn2nmD+fOm5886zlr+Rv9t0ZFPHlcZ/3R/kMzv9+D+VvwBzofwFAACARVW+o6eu+Vrc2DZ23qs5fLlsa1cwZ1blWztzKwyn0iOpdHarbyRaNpg27zpvvhUXsgNv/+z8yH/13PlhoZaB1w9feDhHrde/Fy118Xsfxg+KLoLvAECRlL8AAACwGCr3nkp0DcUtbaL9dvm2Zy58C42Xv7mDgIvcLzx3Lx/sizvZRbOt52rwHQAokvIXAAAAFlD51s76lteyFW36Se3RK+VbOoIJz2fNhuPRmnXHXwvyRfAvx0533fq3i9/78NKb/2PhROtHT1nXeiF4OgDFU/4CAADAgqjceyo+hDfRfrts84lgFAAWmvIXAAAA5ln1gbONfY+S6SfVB84HQwCwaJS/AAAAMD/WbDhee+RKdqtv51Dl7v5gFAAWmfIXAAAA5ip/sG99642yub3JDQDmi/IXAAAAnl/Fjt74YN/61pvBEIvpL/7lRvcH31/X+9HAB7+LdPfumziUDQc++Gjdv7ycz/P+Yv/347sKJ6x7/aN1vWP5tb7RmX/bd2B05ve/+rfjSxU84ncH9o/mUy4LsJiUvwAAAPCcEh13U5mR2iNXgpzFF9evceeba11Hy9m4rj2w/+W/+NuXC/O83ITRcjY74fUbcb7u9dGGN14hXjkK46Vqej/Kz5zwiFwHPXbXFMsCLCblLwAAADyzqn2nU5mRuuZra9Y1B0MsiVzrOla2jjWwhdfZZragkM3LV7eFYSTf845Wvdf6plsq7nZrRvO8qZcFWEzKXw
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913272",
"to_ids": false,
"type": "attachment",
"uuid": "5d6532f8-5f78-45ac-8157-09c9950d210f",
"value": "cyber.png"
},
{
"category": "External analysis",
"comment": "Ip infos",
"data": "iVBORw0KGgoAAAANSUhEUgAABaMAAAM1CAIAAADijnpWAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAP+lSURBVHhe7P2LdxzVne8Nv39B1llrFitrZT2ZM++snPWc8xzmWfMeznNmEsKQkJCZJHOeiUkImATiJBAIJGAwyDa+gMEYbMA2F9sYG4ON75YvSLJl+Ybvki+yLbVa3a1rS32r6qq+d6tv6u73t/euLrVKLakl6+bW9+sPRXXVrtq7qnap6/ftvXf9f7yRBAAAAAAAAAAAAEB5AKcDAAAAAAAAAAAA5QOcDgAAAAAAAAAAAJQPcDoAAAAAAAAAAABQPsDpAAAAAAAAAAAAQPkApwMAAAAAAAAAAADlA5wOAAAAAAAAAAAAlA9wOgAAAAAAAAAAAFA+wOkAAAAAAAAAAABA+QCnAwAAAAAAAAAAAOUDnA4AAAAAAAAAAACUD3A6AAAAAAAAAAAAUD7A6QAAAACKcXXnQwt21hkWMhybVq58aIHO6rlrdu665RuSbHQcZ7Y9tGDd+nbj8gJuLB3IiDF30ealB01mYzKdMaZnx1iQftG657c3FE9sSMl5+qDDmCwSrq/e+fwiLcFc2uGWC/U+QxpCqt6+ed5Ass2v7LnRYUwzHIbzz3PZ3nDDY0imYzwnjJV1hYdpPvixMYHOxht6skH4Gmi38/YMPQM6rJzFThHPbnABilHimQQAAABAEeB0AAAAAMUY0emYt93a4fERN241rF+/+qEFq9+4Gh6ScmR8u9bwIHZ755BVOixKX3qGZcRoN1Ue3Pk0hb6LtlUWD+zHmJ4fY6VI3NNZd3wfS1w0CC9MqTMk8K7fvo5OxSt7Gs62+8xmU/XxQ6+sr7sxOA3F8JXr6cDXvXHcVN9DJ/BG5cF9z2+54TAmG45B558X+xB3BD5ebS56CQafE43BKX0Dqyo3rnxoY4P+cegxCjqqNzMPYtGh+iGr8tyW01HamQQAAABAceB0AAAAAMUY0ekYHMFyz2LNhZJbJXDaq+ct2Lzr+M6HFu0rlouAR+lXBy/0md6gwL54qDzG9EOP8eq+uQtWr75VsERbPtzZKMS6etHIxg3Hc+H5BStfOTNWY0inqIPg2LVm9UOLdtYVMSaKnZPhqWNOxzDtOAZwrF++8vnqC0uZw2VYpXM7TkdpZxIAAAAAwwCnAwAAACjGGJyORP321aP+Sm+gbsvqh9Y3OCLMhlg6bNg/TJTO/YhiMfYY0w89xva6p4vvoVSnY16x2H4Q3OlYenHI8lIZxkHwnKHdPl89tBvRJDgd7Hxuq/TpF3FIAsbtOh2jn0kAAAAADAOcDgAAAKAYY3A6wpVjbtPBw29ucLBoec2ZYbYdLko3vVG828sY0w89RvMh1qbDXLBEUJLTkTi7fTXrRXJ15FFLeBOYRdsq28fXrGM4B0HatnJlMd9h4p0OlkZkxCyPzbuK9yS6HaejxDMJAAAAgOLA6QAAAACKUZrT4fA46rZvHus4HWwsUr3TCjMXPt5UfFzS4aJ0VoZiAfkY0w8+Rkd7wxvLR+jnoo2OmadomaXqLevY2kWb3zhoujHcCJq+zk1scJOVc1duW3+mc2y9foZ3EJgBUaTw7JwUFJtRdHPB6E4HG4tUbyDTuXrRcHu7Laej1DMJAAAAgGLA6QAAAACKMaLTURg2P7Ro26axvXuFNWqYu92a/8gGfRjmLR5T4HQUHsvq57cP8w4UfjYMI5IOO4aop7P64M6n2Sihq185Pqyn4Gg37dq+eR7Ld93qMfhE43E6jCOSDm8cjOp0sLFIF+07m/94Y8+6h5ZXFxsr9DadDk5pZxIAAAAABuB0AAAAAMUY0ekYePfHOH5sZ2ORCmehgOLjkg7nXLDlxcZxGGP6Qv/i6qF5C1YvvTiM4zDs2RgB39ntH1OIXmR800FIlax9x+Zh3iYzlOEchGHcnGHPSXFGczqYLWW8dsXHTJkIp0OjxDMJAAAAAA04HQAAAEAxRnQ6ikawJcIH5qi7IfwFQXsdG6SzyLikxaN0x9Wdxd+QMtb0g4+RjQ1R/PUl43M6CFae0c/VcMOgFmeY88938vzxSR6RlA/Msam94Np5HJvWFB0fZAKdDqK0MwkAAAAADpwOAAAAoBiT5XSwkHXIK0LCleuLjmlaLEr3NCxdNNwAqGNMbzhG3w1KWdCtpoDxOR2+hleKuw+DEcOgltpgodj593WuXsnaxeidSgqYSKeDrR0yfCwbdaXIuKQT6nSUeCYBAAAAwIHTAQAAABRjcpwOHhWzF5Qalg/zFg8epefHmLhxq2HTls1zF6x8aPm+4i0vxpp+yDHy4g3b+sMwToex507PhaVr9m06Y6rvobVS/dUzbHzToY1Erh56fv2hXRdNvFWL4+yZ6ucXDTMManHY+dd7D5nNpl17tj1Nx7ho864RRnU1jNPhGXZYkJGcDjYWadGmN+xVwUPcqxGdjuWHzg4qz+BBT0o8kwAAAAAYBjgdAAAAQDEmxengY5FuMQ1ZTrBoeci4pCxKLxwPYu7yzavPOIoPGsoYY/oix8hfAbv8UP2ghSJl4Z4ZQxpWWNevWTeXDZ/JWbTu+e0NRV4a0t6wdM1q5r9oyTYvPWga/oiGws6/ti1nLt/D8EaJ4ZxwhjdWRnA6xFikRRu2sB5JxnFJR3Q6DOUxtDop8UwCAAAAYBjgdAAAAAAAAAAAAKB8gNMBAAAAAAAAAACA8gFOBwAAAAAAAAAAAMoHOB0AAAAAAAAAAAAoH+B0AAAAAAAAAAAAoHyA0wEAAAAAAAAAAIDyAU4HAAAAAAAAAAAAygc4HQAAAAAAAAAAACgf4HQAAAAAAAAAAACgfIDTAQAAAAAAAAAAgPIBTgcAAAAAAAAAAADKBzgdAAAAAAAAAAAAKB/gdAAAAAAAAAAAAKB8gNMBAAAAAAAAAACA8gFOBwAAAAAAAAAAAMoHOB0AAAAAAAAAAAAoH+B0AAAAAAAAAAAAoHyA0wEAAAAAAAAAAIDyAU4HAAAAAAAAAAAAygc4HQAAAMoWuxI6fP760o07f7ngrb/7tyeIb3z3Fwa+9aO5tPyHTy56f9dXhs3BTMPpj9IFfXHtVrpedNW++YNfGy7lf/2PJ+la76q72O72GbYFU4nFIX+47yhdC7oihvvuP937kLjj6DpeMLUbNrxNUEMAAAAI4HQAAMBsYVv1GYoxCp/7C9l8qM6QviiGrSaV/z7nKUPuJUIxzNKNO7/z77837HBk/vfzrxv2M7E8/+6nhhxvn+GuGkV6hpSTSomVZ9xQ+Prp4ZP//Pj8ESrwUCg9Bb2GXU0gE3JDFTKVNWSSuGbreXrlx9/60VxDMUbgmz/4NVXX2/QdZmYNAQAAMI3A6QAAgFnBn1dtMDzlGygPp+N8cxtFL4b9lMhkOx20f0OOt0/ZOx0UwS7dsNPwy/yY+G+/eIpqhWG3t89E3VCFTGUNmXBu59Yj/tO9D1Glpctt2O2ozNgaAgAAYHqB0wEAAGWOXQnd+7uXDA/3Q7nTnY6mLte//OEVwx7GBJyOcTNJ4fT+U/V/+5PHDXmNDwqGDTsfNxN7QxVyhzoddEJ+9fIqQ77j47/8+x/oRjbsfwRmZg0BAAAwE4DTAQAA5UxtQ1OJLcnvaKdjW/WZv7nvV4bNx8pkOx10OIYcb59ydTqc/uicF9805HKbPLZ4jSGXcTDhN1QhU1lDJoqDX18dU1+VUaG9nbpuNuQylBlbQwAAAMwQ4HQAAEDZ8u6Ow6X3Wr9znY5R+xGUCJyOcTOx4XSDueu//PsfDFlMCHRaDHmNicm4oQq545yOSapm3/rR3FaHbMirkBlbQwAAAMwc4HQAAEAZ4vRHH1u8xvAQPzJ3qNMx1sMcgcl2OsY0VmKJlJ/TcfDrq5NxonSqLt4w5FgKk3dDFTKVNeQ2oRPy4z+9ashrAvnBHxcactSZmTUEAADATANOBwAAlButDvl/PPKc4fF9VO5Ep2Ni4/nJdjoM2U0IZeZ0tNg9kxrEEiU2FCpkUm+oQgx7mBAmyen4w+vrDRlNOEVLPjNrCA
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913345",
"to_ids": false,
"type": "attachment",
"uuid": "5d653341-ce34-4173-9c7a-caa2950d210f",
"value": "ip.png"
},
{
"category": "External analysis",
"comment": "Write file",
"data": "iVBORw0KGgoAAAANSUhEUgAABb0AAAJTCAYAAAAsUbupAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAKtkSURBVHhe7f3vk2XFned51qP5Yd02Vm1WVjZTVTZ0UZpGiGIEIpEEoawkMwFJkKIEykqUFZCZTPVQqCdhKSCUUtOzP4aWGspMRAZlayt6ZkdtayMRiXYWgzKTre2MacOKBzxc5sHOg519UE+0Zru2s/wJvufrfvycr/tx93POjes3btx4P3gZ9xw/x3+dezMjPun4/a3/6PN3GQAAAAAAAAAANgGhNwAAAAAAAABgYxB6AwAAAAAAAAA2BqE3AAAAAAAAAGBjEHoDAAAAAAAAADYGoTcAAAAAAAAAYGMQegMAAAAAAAAANgahNwAAAAAAAABgYxB6AwAAAAAAAAA2BqE3AAAAAAAAAGBjEHoDAAAAAAAAADYGoTcAAAAAAAAAYGMQegMAAAAAAAAANgahNwAAAAAAAABgYxB6AwAAAAAAAAA2BqE3AAAAAAAAAGBjEHoDAAAAAAAAADYGoTcAAAAAAAAAYGMQegMAAAAAAAAANgahNwAAAAAAAABgYxB6AwAAAAAAAAA2BqE3AAAAAAAAAGBjEHoDAAAAAAAAADYGoTcAAAAAAAAAYGMQegMAAAAAAAAANgahNwAAAAAAAABgYxB6AwAAAAAAAAA2BqE3AAAAAAAAAGBjEHoDAKr6wh9/EQAAAFhrd3zhj5M/ywIAjidCbwBANQ88+DXzzccvmEe//hgAAACwlr752AXz0EPnkj/PAgCOJ0JvAEA1X/uTM+Y/vud+c9vtnwcAAADW0hf++F5z/vyjyZ9nAQDHE6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKCacuh9h/n9f/w5AAAAYKnSP3vmEXoDwOYh9AYAVFMKvf/D2+8w/8FtfwgAAAAsze/ddnvyZ88SQm8A2DyE3gCAagi9AQAAsEqE3gAAQegNAKhm40Lv0zfMhV/9nbnk/eyG+VzquiX53Mvv23YuvHx2Vplz1jzws/fNA6fj88+a879KnZfr3bjydQ75fnSiOfnim+nzAAAANRB6AwAEoTcAoJpNC70lwD3/dLps2WyY/Oaz9rW0q4PoUllwTRBu96F2eN754pv9uVydKaU5kT509Ty91/UZAACgFkJvAIAg9AYAVLN5oXdqhXQvCHljT+9NDpLdauw980V/LIFxd1wqa8mK9J/tmfPJld65FeCKvT9emR212yrNSVCWrBMAAGC5CL0BAILQGwBQTdXQOxX21hJva9IIVjfbvrjV0W6FtS93W4lckBXWbz7ryqYEv9KeXxVt294z532AXCqz9/tQOxduj4fe8UpvOXZzLeNpXqsxSLAt7fvx+3ssmZf22uTq8VU+QwAAcCIQegMABKE3AKCamqH3557es6uZvzgIb9tgNuCD1VLZuPSqZhdsp0PkuEyOJ7QnYbANtvuAuttGpFTW3NuvNp8fevvAvhzMy/1+DPK6D7NTob4LzNN15p8hAADAYgi9AQCC0BsAUM2J2N5EVltnQ+I45J4XeuswOw69k2VBX+aH3p0uWO/PdeG1lbtf1+0Ccd9HW2cxTAcAADg8Qm8AgCD0BgBUQ+i9YOhtr9PbgegwuVAmwXIXTPe64HlQV47qp91CRddRul+VDeZlSrsAAACHQ+gNABCE3gCAak7GF1lKmBvtV336bBv2Lhp6q9XbchwFyKWyXi5kTp//3NPP9nXoVdnxqm8bgvf3f/Fl1bYt8+NbfOwAAACLIvQGAAhCbwBANVX39A6+MHI10qG3kEA3tbp6PPh140jVq+uMw+JSmTcn9I77r8tdqN+V/WzPnPf3n75hX/f3Rc8jWnkeP6v82AEAABZD6A0AEITeAIBq6q70zoW6AAAAOKkIvQEAgtAbAFBNzdBbtvgIthQBAADAiUfoDQAQhN4AgGpKofdtt99hfu8/vB0AAABYnn/8R4mfO8sIvQFg8xB6AwCq2bQvsgQAAMB6Y6U3AEAQegMAqiH0BgAAwCoRegMABKE3AKCa+qG3fJnl35lLP7thPheXnb5hLvyqKfNS10zWtvPms4myitoxnH86UTaXrWvPfDFVtmbO7bxofnPwem//SXNOlT+/mz4PAABA6A0AEITeAIBq6obeLojOBcLyRZdLCYsVqXPlwXfO03vz+iKh92GC/7ntHYKE2vvb6TIJxD/Z+ZI73r5qfrN7bnANAAA4uQi9AQCC0BsAUE3V0HskhP3im++bB06ny8TnXn7fXHj5bLJM6k6XlYP2xUm95f7Giv2/7Vlz/ldRfSr0XuQfBGa3F5TNa+/53RfNm2cmlJ150nzCam8AAKAQegMABKE3AKCaeqF3ISSOtzWJA1cJy5tzEuBKkNuXu+D2QruNiS1LrYyW+yetmNYBubxutxaR/rVhvV05bvsoYwkDdd+3S4MtSVyI7MpaKvx3dco9rr6uTM2LtGGv8+Owc6Lbcfe6kHvB9oKy8LUvz5Fge78hW5h0q7o9Wd3dBt2yInxQDgAATjRCbwCAIPQGAFRTL/SWILYcoKZXertgO78iWZfl2hhvu9OtGFd1q1XkQfCclG9L7g3CfDHYwkSC6LZdG3rrulRZcxys5B7Us0B7bQg+uGfUl8yb+32Ybff3Zk9vAAAwEaE3AEAQegMAqqkaehfD4kzonQhze3HAnAucw7C4SNqTlc9P75nzb7qwW8JlHwRLkNwFzUkzQ2+7YltWVGsq9C4F2ao8CMBT13ql9uw10v/2/MjzypMQ3G9p4gLxbr9vtep7eB8AADiJCL0BAILQGwBQzdqt9F5K6D3edq+5tmnviy/vNX1xrx9Q/UoGyYF8W9kQWm0vEhgLvbswX/47bHN2exG3XcvUedNU6D3Yw1sH4gAAAITeAACH0BsAUE3NL7IcC4zT25u4LTeCVcynz7ZBcBwwZwJnCXonr1p27fnrpc86+B0bw1joPVwlLtenxt2Q0Hts+xY7tve7Pce12e01Y//i0/r66Svkn99RwbYE3QdXzfP2+JzZ716njgEAwElH6A0AEITeAIBqaobeY+FzOvQWEtS2W260XPAch8CJULgNsctBdUiHxXa1s+pzKfSWMt3HQeAs4+/K1VhtuK3vbccg59+84UL4tmzYtpubZJ9mt9fUpdoSw9A84cyTZn/ffYml121nImRLk1wZAAA48Qi9AQCC0BsAUE3V0LuRXn1cjw2tJ27ncTylgn4AAIDjg9AbACAIvQEA1dQOvbvtQ6oHtW4F9KYG3npV+Sr/EQEAAGDZCL0BAILQGwBQTSn0Fr/3j/8IAAAAWJ7b/ij5c2cJoTcAbB5CbwBANfVXegMAAAA9VnoDAAShNwCgGkJvAAAArBKhNwBAEHoDAKrZuND79A1z4Vd/Z84/nSiby9Z13L408kvmzf3XzW/2nzTn7PE5s39w1Tw/uK5x5knzyUFzbUddt31VnX/d7G/7+6T+F82bZ/yx17TTtfmH5vnd9l51btCeLsu2N6Ydr70vM84UaU+335A+T283w45xRj9mSM6pl5rbaE5/s3suvGdlpr1nitrxHfr5HIVj81kaUeMzw+cl6dzOi2FfWp/sfCl5vbNhn7Mqfen/vkjNZfeeOcJnX5f8PJB6j/TvuXBe8td3c3mIuSL0BgAIQm8AQDUnaqX303vzvuhSQu+f3TCfS5VNMbe9Q3O/hIYhgfzSWgi9B2FZe628Vr/M2jCgPZZfjn0bz++210tdtjzqgw7KFmxvmsI4U2zb4VwdOsAT8RiXojCnrWTfozm1oc
"deleted": false,
"disable_correlation": false,
"timestamp": "1566915690",
"to_ids": false,
"type": "attachment",
"uuid": "5d653c6a-02e4-4a19-996a-4a17950d210f",
"value": "Writefile.PNG"
},
{
"category": "External analysis",
"comment": "SFX startup",
"data": "iVBORw0KGgoAAAANSUhEUgAACLoAAAb4CAIAAAAN77++AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7P3PazPtnfh7zr/hZBL3rTzn2IzG9Li1CFY9HTmyCSdSjubbxjhypBCMIRyY+9YJGLkDPZzF1wxkJVWv5pgsmqxUdALGm16L76Y3s/A/0Wv/C3P9rquuqpJk2bpvl/UWL4x0ValUVj95GuedT9X/5X/arwMAAAAAAAAAAGBrkYsAAAAAAAAAAAC2GrkIAAAAAAAAAABgq5GLAAAAAAAAAAAAthq5CAAAAAAAAAAAYKuRiwAAAAAAAAAAALYauQgAAAAAAAAAAGCrkYsAAAAAAAAAAAC2GrkIAAAAAAAAAABgq5GLAAAAAAAAAAAAthq5CAAAAAAAAAAAYKuRiwAAAAAAAAAAALYauQgAAAAAAAAAAGCrkYsAoHr2/28HB39/CAAAAADYqPrB3wd/jgEA8FGRiwCgen71q//1l53/9X/5ZRcAAAAAsDn/7b/9E8UIALAlyEUAUD3/z//2T9/9z//33do+AAAAAGBz/pdf/urg/3EY/EUGAMCHRC4CgOohFwEAAADAV0AuAgBsD3IRAFQPuQgAAAAAvgJyEQBge5CLAKB6yEUAAAAA8BWQiwAA24NcBADVQy4CAAAAgK+AXAQA2B7kIgCoHnIRAAAAAHwF5CIAwPYgFwFA9ZCLAAAAAOArIBcBALYHuQgAqodcBAAAAABfAbkIALA9yEUAUD3kIgAAAAD4CshFAIDtQS4CgOohFwEAAADAV0AuAgBsD3IRAFRPPhf9X//uf/rh330HAAAAAFjFj2t7/p9UZchFAIDtQS4CgOrJ56If/N1PdnY/AQAAAABW8aNP/7P/J1UZchEAYHuQiwCgeshFAAAAAPAa5CIAAALkIgConlflon/851/9x7/+vX353R/+/eI//of0p9+m+xT77Yn3xgVecswSv/7XX/3h5+HiKw1+lwwyK+3xl/+attOV3A4AAAAAPipyEQAAAXIRAFTP+rnoH//5V//2z9+lK789MS9//t2vf+6tl/ntyX/8+9E/BouBlx4z8POjf5OdSTUn/VniQ1V8Un7xJ7Guq5VcP/m1e2PgH/6U/Mt/jv9Bv/z99F/+a9rWP92K3Dr43X8l/9Qu2gEAAADAB0YuAgAgQC4CgOpZNxf9/OjfgvEgl3asX/+rjTSWnEbyVsLglPfyY/oKjl9wwF/94eff/eHfy1vRp/b4d38a/87kotY//aeJQO1k/uVPLf3kd7+XK//wp+R3vy/YAQAAAMBHRi4CACBALgKA6lkzF/3jP//KvzqcrDhmZEdd+c2M9egnckVGnf9xIVPNb/3L0P39n0pKj7DuMX1//6fgKna5XKQPGy56Wv+UqMkhk4vMVeZkGfrT+Iu+4py8El3yT78ff9EzRvkdAAAAAHxg5CIAAALkIgConjVzUcENgbwSE8Sk7IqfiBaP9ax3zJDOTmbP37qL0bnzzyUl3z/8aSqvLxfkot9P/0V2IHuDovb4y39Of/efc3X1uaIdAAAAAHxg5CIAAALkIgCono3kovzW1+eilY9ZyH5QbrpIHOTf/vmo5O1ybGj+L44eHvrPRE0Rqa2yBqVXn/v0++mXP33J7ZA9JgAAAIAPhlwEAECAXAQA1bP+xeiC7hJMAgVXhytJO8syzzrH9Pz8O7v43R/+XdWmMBeZNxb8Olluumi3nSRq3kjfqUhtkkNFajc1VJTbAQAAAMCHRi4CACBALgKA6lkzFxUUmmyJ8e48JMd6CtPO0kjz4mPa2xrl9rd3J8oc8Ls//Lu7DN3CS9L5uUj1ITVs5CaHfj+1E0i6G+V2AAAAAPCBkYsAAAiQiwCgetbORbLWBOM+L/Pbk/8oHAkCAAAAgCohFwEAECAXAUD1rJ+LBFmM1ko+r01NAAAAAPBekIsAAAiQiwCgevK56IcyF9UAAAAAAKv4UW3P/5OqDLkIALA9yEUAUD2vmi4CAAAAgK3HdBEAAAFyEQBUD7kIAAAAAF6DXAQAQIBcBADVs7lc9N0f/v3iP/6H9KffBpte4Nf/+qs//DxcfKnWP/3n/He/ty/b4y//NW2nW5dq/UM7WBn8LhlkV74t8Qsm/xSe5Ape/FUI7//b0PyzWuv7+chfju+r/cNTkS8n83t9w/9k8U+O731+OQtOg38n587h9f/J+jhfjrDgH2n+nZw/MYd/7eS5E+PLWWDdL+elyEUAAATIRQBQPRvLRb89+bd//k4++fl3v/65evJSPz/6N5maVHb696N//O2Jjk/Kya91jvrXv5d7yk1iJXcE5cV/Iv7Dn5Ivf2rp5+1k/i//lXz5T/HT/C2tVqbt30/Fetlh/SNslPigf/nP8T/I3/Glf+qvJPhF3ue3Ib+E/0pPSZLno89KL36N7+fd/qNS8P3oRflPjnjOl+N9OeJ85Ncy+J05q2/zn6z3/E+O5/1+OcKmv5+y05Bf2tb/O7ngHMTzr/6frPf55Qjhicnz0Welz5MvJ3NiWVv972RNfJD9f9/BPzxb/e9kLfPlZFY29eWEyEUAAATIRQBQPZvPRZ5f/6sKP/blP/7zr/yXAbE1c4TiA/7qDz//7g//XtqK5B+K6VxRMfE35Nz/I7bwLQWLv5+W/em79EPln6/5v6vNH/zmpfwL3Pz3ayV/4rbHv/vT+Hfpn8HhL7KWzEHKfpGv/G0s/ir+oS0+1/8vAtLn4o3qrN7q+wmPUPirvasvR8h9P/4/OeLlR/5yhBf9wyN21p9oP/qrfjlCuP6KL0co+H5e8eVYYmf9u7zVlyNkDvL6L0dY+v288stJ+afBv5MD9hy+7X+y3umXYz5LfxXypXijOquP/OUIK34/3me5f+eI51/1yxHC9Vd8OULB9/PSL6fg/33LdfUPz6/f6MsRMgd5/ZcjLP1+3vrLCVb0d/UmX85C5CIAAALkIgCono3kIpmFzBiQvZScGRXST371//7//EpslfnntydmQqjA3//Jv5BdUS7Shy1Yt9K/pQ35x6f+g1Nvlf8bSfHXqfgrVP0dq1c076/W9viL//enUvKnb8kRPOKN6o9Vuac+gvojef4v8lIeA/tnrdq06AohrX9KxJ7p/tlfZAWZr0IIDlL+i3zVb+O/95d/FYJ4u9tqLooiT+lP4y/yefCruXeVW/LluJXcr/YevxxBHMHt4P+TozeZE1j3H578EUp+ta/65YgPsptW/4dH7pn80+/deerT+CpfjpD7ftb+coTg+3mDL8d8w/KlfKL+8XvdlyPo38UdpPxXW/XLEcoPYr3RlyN5p8G/k0PpOcidX/efrI/272R3Ym/x/7CED/Xv5PTE1BHcv3PMEb7SlyPkvp+1vxwh+H7W+nKC//cd/MPzJferreDj/Ds5+HKCleD3cu96a+QiAAAC5CIAqJ6vNF30j//8K/8ORt7Lv/9T+YCRoMuT3FlecS6boKRsUsrx/27ML4q/Hu2fnd7/KLKdZP6aNX+1BscRf2Crv9ILBUcoZT/U/p3sNhWdYdY//GmqPsL9GVzwi6zA/34KDpL/Rb76t7H8q1D8req/QDGnpP/LlPW+nyVfjvCt/1FZ8csR0h2y/+RkNr3kyxGWHOFbfznCy//hkf/91/R38r9U0itf6csRCr6fN/lyBPW5b/DlhHu+/ssRCg7y+i9HeNE/POt+OZnT4N/JIf8c3uY/WUu+HCH41d7tl+Od2Fv9Pyyh6NPf0ZcjrPT9eCeW3+0rfTlCwffzJl+OoD53jS8n9/++g394vrz6yxEKvp/XfznCi/7heYsvJ1hZ+5+cFyIXAQAQIBcBQPV8pVykrhqXbl09FynqcnNF00XqgnVHC47g/w2cX1z1vzWQfj91/2tE+XfyK/4qbif6f2Ip/tJOfqc+VBww+J86mj/F0wuwZMn/faU9iDzOf+9/rf+OwPiK38aSr8Lw/xsE8Usl5n/0Kr4oeW7r/dcES74c4Zv/o7LalyPY8w//yRG/4HpfjlD9/xwZ7vzzv8jX/XIE+/288s
"deleted": false,
"disable_correlation": false,
"timestamp": "1566977561",
"to_ids": false,
"type": "attachment",
"uuid": "5d662e19-43e0-48f2-b5db-4c10950d210f",
"value": "SFX.png"
},
{
"category": "External analysis",
"comment": "Extraction cmd file",
"data": "iVBORw0KGgoAAAANSUhEUgAABO8AAAFqCAYAAABCo37kAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAFnISURBVHhe7d3Pjx5Hnt95nQxjDQx8mINhGOiLd/WjVzBpiTNaUdwSWVQPV1NsqdlsatjkUtXjHZmLId2ExGqql7aw02zJFNaap0vzo0UPvJoZQGJRY4xmBbthwLPacguG9sjTnvvCM/+E2PjGr4yIjMgnn6qsZD5V78MLrIyMjIiMzKp66sPI53nsv33imwoAAAAY0urvf6BWr3xQ3AcAAID+CO8AAAAwOMI7AACAYRDeAQAAYHCEdwAAAMMgvAMAAMDgCO8AAACGQXgHAACAwRHeAQAADIPwDgAAAIMjvAMAABgG4R0AAAAGR3gHAAAwDMI7AAAADI7wDgAAYBiEdwAAABgc4R0AAMAwCO8AAAAwOMI7AACAYRDeAQAAYHCEdwAAAMMgvAMAAMDgCO8AAACGQXgHAACAwRHeAQAADIPwDgAAAIMjvAMAABgG4R0AAAAGR3gHAAAwDMI7AAAADI7wDgAAYBiEdwAAABgc4R0AAMAwCO8AAAAwOMI7AACAYRDeAQAAYHCEdwAAAMMgvAMAAMDgCO8AAACGQXgHAACAwRHeAQAADIPwDgAAAIMjvAMAABgG4R0AAAAGR3gHAAAwDMI7AAAADI7wDgAAYBiEdwAAABgc4R0AAMAwCO8AAAAwOMI7AACAYRDeAQAAYHCEdwAAAMMgvAMAAMDgCO8AAACGQXgHAACAwRHeAQAADIPwDgAAAIMjvAMAABgG4R0AAAAGR3gHAAAwDMI7AAAADI7wDgAAYBiEdwAAABgc4R0AAMAwCO8AAAAwOMI7AACAYRDeAQAAYHCEdwAAAMMgvAMAAMDgCO8AAACGQXgHAACAwRHeAQAADIPwDgAAAIMjvAMAABgG4R0AAAAGR3gHAAAwDMI7AAAADI7wDgAAYBiEdwAAABgc4R0AAMAwCO+cJw/9pnruzGUAAAAMYO1//yvCOwAAgAEQ3jkv/6tP1ZnZtvr2u18AAABgl159/z+pbz57rPi6CwAAAP0R3jmv/Ov/qH7z1d8r7gMAAAAAAAAeBcI7h/AOAAAAAAAAU0N45xDeAQAAAAAAYGoI7xzCOwAAAAAAAEwN4Z1DeAcAAAAAAICpIbxzCO8AAAAAAAAwNYR3DuEdAAAAAAAApobwziG8AwAAAAAAwNQQ3jmEdwAAAAAAAJgawjuH8A4AAAAAAABTQ3jnEN4BAAAAAABgagjvHMI7AAAAAAAATA3hnUN4BwAAAAAAgKkhvHMI7wAAAAAAADA1hHcO4R0AAAAAAACmhvDOIbwDAAAAAADA1BDeOYR3AAAAAAAAmBrCO4fwDgAAAAAAAFNDeOcQ3gEAAAAAAGBqCO8cwjsAAAAAAABMDeGdQ3gHAAAAAACAqSG8cwjvAAAAAAAAMDWEdw7hHQAAAAAAAKaG8M4hvAMAAAAAAMDUEN45hHcAAAAAAACYGsI7h/AOAAAAAAAAU0N45xDeAQAAAAAAYGoI7xzCOwAAAAAAAEwN4Z1DeAcAAAAAAICpIbxzCO8AAAAAAAAwNY/9T7+zqrCqvv8nf6teffNHxX0AAABoK724BAAAwLAeu/5HP1D4gfrnd/+r+hd/9n8U9wEAACD1k7u/r85efrn4AhMAAADD4bFZh8dmAQAA+nt944y69KMzxX0AAAAYDuGdQ3gHAADQH+EdAADAOAjvHMI7AACA/gjvAAAAxkF45xDeAQAA9Ed4BwAAMA7CO4fwDgAAoD/COwAAgHEQ3jmEdwAAAP0R3gEAAIyD8M4hvAMAAOiP8A4AAGAchHcO4R0AAEB/hHcAAADjILxzCO8AAAD6I7wDAAAYB+GdQ3gHAAAw37U/fF19+J831J/8PzeMP/rbDXXt31wq1gUAAMDuEd45hHcAAADzXbr+HfVHX/5IffTVj40//r9vqP/5rVeLdQEAALB7hHcO4R0AAEA/suIuhHf661IdAAAADIPwziG8AwAA6OfCtVfUn26/rf70v9xQ37/GqjsAAIC9RHjnEN4BAAD096f/5W31821W3QEAAOw1wjtn6PDuv3vyv1dP/5PDAAAA+9Lv/K/fNkr7AAAADopSJjQ0wjtn6PDuxeMn1G+f/rb61qmXAQAAAAAAsM+88sp31OF/+mwxFxoS4Z0zdHh38uS31NOHnlX/6Bv/GAAAAAAAAPvM/3D0f1RHfuO5Yi40JMI7h/AOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPCu7aWNq+rehfK+pfbah+r0tdVW+ePXPlPnfvFL6/al1v5edNsnX8vKjq2qx+Ptkcj5tMZy0JSux17Q/XTdM3ItqvfcTu+1RfkxzhlrJ33szr93VtXzH3+mnj9W2qeVrtUUvneGmDcAAAAA+xLh3cgI79rGCe/m/EE/1yV10ocGhmtL/tBOyn+p/xiXvvTX+g9wGzbE/ep2Pn7bBQWr6nFdd9HQ4PBt27b/N4xNn99p+XfkP/yTAOIAal+Pcr2UvUdsQOXulz7XrhrsNO3lQZ2My/Qjx4Z7bw/pfkx/x95Wp01/437vHL4tx0g7H6rDyTxP/HunNW9pXQAAAAAHF+HdyCYb3q18R7372XfUs/qP3Te/el29HO17efPH6iOzL6q/oMuzm+rB1hn1Uih7Vr2/dVN9vfHsnoR35o/zX8gf777M/zGf1vMWCl78H9m18s4/vuMAYgek7TBOCR7icEN0n+dcJlDJ2kxCGN92E4oc6PBu7vUoe/zah+p5zd5Heg7lmKSthrk3/T0j10fqmOsUXefs2MO3/b78mu3i3ujJhmd23K37YoTvHTO3PrzT7YYxzL1Wj/Z7p3PeAAAAABxohHcjm2J49+yNKzacu/i6+kiCOwnyNm2o8OZXP1ZvXtT1pEzv+x1fNzr23Rtd/a+qe9s3bTi3ckZ9vb2uLpuyq+r9Fbvq7oHff2Fdf23Lk6+L7dbYP4ztH7/uD/Tv6j+go9U9zeojW9eu+NHbtWAhIcfkf/SL+I9z+wd4Kww0f9w34zB9xX/wl/74z+k69txs0PB8FpxJGBDOYaG23VyYMduvfbhg5sscr8/PBCB/EIIPs9/PX7HdZdXMQXm/U7seXXOv5/Cku/ZJ+0m4JOSecnMr+2T+TVv+OkUBVHasD4Lka38ND8f3RlX/847v77i/Omm7VG+H3zuh3LUZvvb96HbjsE/vL14rt5/vHQAAAABTRXg3sqmGdyagu/i6DeJceJcHc3775c0r6pIJ1VbVm/NW5F1YN6vr/LZZZffOerLSTlblNds27EtX6S3CBh7t8CH7Q96ohQkd5A/wVjuV1TLmj/Y8iCiNw465CRU7uAAi9Oe2Q4DQOveebbeCI0sCBt+PaVfqffSXybke6JVC1eshSnOvr9Ntt+3n1O/Lr0G231yLt/U9FdWJAycZg3xt/tX3tR+HqXNbt9W6F3dBjy1uq1d4tyffO668cI+He9eXuWvTvlZ87wAAAACYNsK7kS1beGfKfV2/P/o32V9iVtDdDEqPyabhnXvEdhb/Eb04+cPZ/PEfVvSU/vCXP9qbFT99tAIBUfnj3UuPKQcQ8kd8r2BFgoCPm8CmNJ7mkUm/3aNtHzBk5aUA4tsff5H0eaADiDnXI5972W/vy0aY9/w+0m236klZVie+br7/EKZlbfZbIddDNo4+7Zbu1SG+d0T7Htd19bafbz93fO8AAAAAWEaEdyNbpvBOtj8yj8/aevLedzask8dpr6h3P0vfG69IHpXNgzgJ9EKZfe+7EN65lXo7fx889/5hbrv541hW0eRB3aLhXam+lOXBRToG+SO++eO+EEC4P+5LYUJbfH
"deleted": false,
"disable_correlation": false,
"timestamp": "1566977585",
"to_ids": false,
"type": "attachment",
"uuid": "5d662e31-6270-4c87-887e-8b0c950d210f",
"value": "CMD.PNG"
},
{
"category": "External analysis",
"comment": "Commandline function",
"data": "iVBORw0KGgoAAAANSUhEUgAABPQAAAHJCAYAAAACZWe7AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAF+dSURBVHhe7d3vzyXXYR92v0pSJAhcwDXSxIDRQIUtCwZpUaLEiJv17nIp01nVFH8sw65XWsaISKZclbKyWUts0CKyLVKAu0uqL2w3gPwm7K70QrANCE2BCgvxxb6NUeRN+0Zv9rX+hOmc+XXPzJw598dz7zz3uffz4gPeO2fmnDNn5j7a89WZe3/uv/3VTxQAAAAAwNkg0AMAAACAM0SgBwAAAABniEAPAAAAAM4QgR4AAAAAnCECPQAAAAA4QwR6AAAAAHCGCPQAAAAA4AwR6AEAAADAGSLQAwAAAIAzRKAHAAAAAGeIQA8AAAAAzhCBHgAAAACcIQI9AAAAADhDBHoAAAAAcIYI9GCJp58+BwAAAKwgNa9m+wR6kBH+GL3w4svFhUvPAgAAABkvvvRy8bmnn07Or9kugR5khEAv/FH65X/8qwAAAEDGxXL+LNCbh0APMgR6AAAAsBqB3nwEepAh0AMAAIDVCPTmI9CDDIEeAAAArEagNx+BHmQI9AAAAGA1Ar35CPQgQ6AHAAAAqxHozUegBxkCPQAAAFiNQG8+Aj3IEOgBAADAagR68xHoQYZADwAAAFYj0JuPQA8yBHoAAACwGoHefAR6kCHQAwAAgNUI9OYj0IMMgR4AAACsRqA3H4EeZAj0AAAAYDUCvfkI9CBjWaD3X//yfwMAAAAHITXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQgwyBHgAAAMciNe9dh0BvPgI9yDjEQO+xd39SXP1R43u3i48l9gEAAOD4pOa96xDozUegBxkHF+i98n4vxPvY298vLr0y2GdrLhRPfa8ODq+8fWFQdr241IaKo/JNy6bbC+fZHtNanPem7QEAAByW1Lx3HQK9+Qj0IOPQAr0QbM0VSj327veLp86l2wyrBBeBWgji6n1PVjbdXu68N20PAADg0KTmvesQ6M1HoAcZxxTohbJ2JdrVH71fPFZtDyvUvl889crt4kpbtuZjuuM2Q51t/aWwarBb/bZpWbOtlDrHfjAXO3l7AAAAhyI1712HQG8+Aj3I2HmgN1tIFMKpNqxrvHu9K6/CvOh91a8quGuO60K8sEptKhxLGwVs524XV9r6wusQmoX2QvublrV1l6YCvfjcu/KTthfex/UBAACcYal57zoEevMR6EHG6azQS4RvXWiUK0vV1ZcKu+o6px4lHZeFcGydAGvUZheKRY+wtuHZpmW59qpt70fnEIWSW2gPAADgUKTmvesQ6M1HoAcZR/HIbQipwuqzeFtnHOilQ8Fpo/2bUOyp+DHYNjzbtKytu7RK/8I+22oPAADgUKTmvesQ6M1HoAcZx/Edeuut0DtxoFfV+ZNeMLbYZ9Oytu7V+hf2qes5eXsAAACHIjXvXYdAbz4CPciYI9B77O35HuGcCqSq75iLgqsQZj1WrUoLodayQO9C8dS70+eQajNsW7TXb2PTslaqvfYXcOv30SO3zf6bt5c/dwAAgLMkNe9dh0BvPgI9yDicH8WopcKuWh1y9b6b73shqBqHWKM6lpxDus1+e90jrScqq43bu1489m7dx04X0gUnaG/m6wcAALBLqXnvOgR68xHoQcYcK/T6q8AAAADgdKTmvesQ6M1HoAcZuw/0rheXqpVwqTIAAACYT2reuw6B3nwEepCx60DvY2/fnvh1WQAAAJhXat67DoHefAR6kDHHI7cAAACwD1Lz3nUI9OYj0IMMgR4AAADHIjXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQg4zjCvQuFE997yfFlbcvJMoAAAA4dKl57zoEevMR6EGGQA8AAIBjkZr3rkOgNx+BHmR45BYAAIBjkZr3rkOgNx+BHmQcVqBXr8C7+qNabyXeK+932y+9Eh1z7nZx5UfvF49F5Vffvb4oBwAA4GCk5r3rEOjNR6AHGTsP9JqgbPePudZh3iKsG76f2FYFenGIl3gsd7ZzAAAAYJdS8951CPTmI9CDjNNZoXe9uNSuhovUgVmuLFVXIwRz37tdfCzeFoK43mq7qUDv/eKxbp9SOG5YFwAAAGdeat67DoHefAR6kHEwj9zGj8zGNgn0UtsAAAA481Lz3nUI9OYj0IOMgwn0Uiv0RqzQAwAAOGapee86BHrzEehBxhyB3mNvzxGOJcK6kalAr7/tsXeHj/iWx70r4AMAADjrUvPedQj05iPQg4zD+VGMYPz9e227H3v7+73tV9tVec0KvUvvRmWp7+Irt89zDgAAAOxKat67DoHefAR6kDHHCr0qTOt9l90e8X15AAAARyM1712HQG8+Aj3I2H2gd724tM/fRyfQAwAAOBqpee86BHrzEehBxq4DvY+9fXu/wzKBHgAAwNFIzXvXIdCbj0APMuZ45BYAAAD2QWreuw6B3nwEepAh0AMAAOBYpOa96xDozUegBxkCPQAAAI5Fat67DoHefAR6kDFfoHe9uPSj7xdPnetvf+zdnxRXf9Q44Y9nhLouvZIuO0TxrwfH45gegwvFU9/7SXHl7QuJMgAAgOOQmveuQ6A3H4EeZMwS6FU/PBHCvAvFx+JA75X3eyFeCKg2D+RC3SE03CC0qvoXBYuTodh+CePVP9c6tNufQO+Txbv33ike3vrkaNujB8PtAAAAu5ea965DoDcfgR5k7D7QS6/MC8aB1DbUod7qgVwqBAt17P8v364X6M3v4q2bxcN7pSi4+8qdm8W755sygR4AADCz1Lx3HQK9+Qj0IGPXgV78WGiqbCrQq47rVsy14VoTDr4SrahLPaY7WPmXFVbnZfetQ7K2L21/q76/+37Tj/eLp9r+lueaK6vqHK4I7MZn2fnVYWV93PeLS++uGOiF8WiOGweXufbS576S818sHt65OBncCfQAAIDTkJr3rkOgNx+BHmTsOtBLf69dHEw1otBvFAJ2AV1zXBc6Ta1IC9vTqwJHQt1xWz11/Ysga9Fe1cemH+Ec631C/94vnsyUhWDysXfj1X/xOeTOb3hO9b4rBXqTZcvai/fP1T0UHqv9cvGV8rVADwAA2Cepee86BHrzEehBxm4DvRACTQdr1Uq20aqvEDJNHTMuWwRm8X5TQWJCLtBLrfRrtv161PdFW6F/daA3VZZ6jHcxDpnzS6wkHI9fLnRLla3XXj78XAhh3b1ri9cCPQAAYF+k5r3rEOjNR6AHGbsN9MaBUSwZ6FWPo059f924vnQoGAVTg+0jywK9YVkTdJ0o0Bs+ctuttMucX6Ivuwj0eu0N+lhZFuiFR20f1D960XPvi8XFaD+BHgAAcBpS8951CPTmI9CDjN2v0JsKmKbCuHHIlCvLBXpT7fbkAsQQam17hV6ivcU5LAnYBn0JdffPfYuBXhNc9s59Fec/uVJwJ9ADAABOQ2reuw6B3nwEepAxx49i9EOn5WUhqOqvBLtePNaFYqsEek141ts2bdReCLOq96GefgjWhmhxu8PQLhvojYK5Omir98+d37Av9fu2nbiufmiXK8u1l6trdQI9AABgn6TmvesQ6M1HoAcZuw70civgpgK9NkzqPepZhWC5AKq/bemjoT3D9so2XrlQh25V/6Oypt643bUCvWZb3Nbi12qXnF/vMdjm13Or/iTGq9SGcdV49Mra67FsPEN5fNwwQFxOoAcAAOyT1Lx3HQK9+Qj0IGPngV6pCpQ2eXxzE1XotfrqPAAAAI5Hat67DoHefAR6kDFHoBdUq9J2HOrVK9GEeQAAAKSl5r3rEOjNR6AHGXMFepVX3j/xd7JNu15cWusxWwAAAI5Nat67DoHefAR6kDFroAcAAACnKDXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQgwyBHgAAAMciNe9dh0BvPgI9yBDobU/1oxzN9/hVPwLyo1r6ewMvFE997yfFlbcvJMp26WJx78HN4t3z9fuv3HmnuHdtuA8AAMBhSs171yHQm49ADzL2MtA7d7u40oRh+VBsv4
"deleted": false,
"disable_correlation": false,
"timestamp": "1566977639",
"to_ids": false,
"type": "attachment",
"uuid": "5d662e67-6cf4-49aa-9ec0-8b0c950d210f",
"value": "command.PNG"
},
{
"category": "External analysis",
"comment": "Cyber kill chain",
"data": "iVBORw0KGgoAAAANSUhEUgAABjMAAANgCAYAAABp5pqtAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7P3ZdxRXnu/99/WvLWaEGIUQottlY4ONbcCMYp5HMYpBTAIENth4xGAMZrCZbLeHruqqand1Pe62T5/up46rTj91XGv1/amLxzen1nr+B3st/wf7l9+dGUlE5CelTCkix/fFa6HcOyIyyYyIhO9He++/+v91Pe9SMWdk/jpRL6DW/c1CAAAAAAAAAEiOqkOixqh6vpZ8mJE56EipFzo86s1BVambCgAAAAAAAEoycV63O/bu37lLn/xr3vV//J/u/X/6fxJhxwof256r9ZlV8rUAdUvVLVFlqr4flWyYkTngSKgXWD71RqAq1I0CAAAAAAAAw7b31Tvu9m+/q6jTN38hXwvQUFR9E1Wi6v5JhRmZA42UenHlU39xVIS6AQAAAAAAACBR/Td+4QOGlYcvuqc2HXbLD77sfrZ2vxd+PG3hRte+ZKt7dlufm/r8+mGZt/mwf67rv/6DfC1Aw1N1UFRIYf1/5GFG5iAjoV5U+dRfFqlRFzYAAAAAAABS9+rDr3zA8OzWYz5ksJ/P3v6lm/TM6kEfq2MNpeXxxX5/o/pLsu3X7n//+L9cn+oD6pGqlyJFj3KA4YcZmZ1HKvxChkf95ZA4ddECAAAAAACg4i59/C8+XLCRGUHQYJ7ZenTQx+pYpRjp/oQZaHiqnooUDDfMyOw4EoWhRLnUXwaJURclAAAAAAAAqu7Cvd/4cKGre7cfcWE/7754y417ekX+8Y7z193oJ5ZE+tWxSnHtl9+WEWZcdV//+JP7wfs/7va2TFsuzPj626D9J/f1K0Ps49v+l7v96f+JtRejjhFvDwcqh93t/zez3af/K9f3k/vfnx52f/1K7HF+e6AMqt6KRJQXZswZOR1OlEr/JTBC6qIDAAAAAABAzQlGZqw6cskt7jmTOnuu0sIMCwhCQYUFA//vr91CH2aEwoGgfbB9ghAi2M6HDMVGdxQ7xkLX9+3gz/vDt1ezfbnXGH3MaBIkRNVjMSylhxlzRkaHE+XQfwEMg7qoAAAAAAAAUPOCMKPS1GuJKBYAxNvDj4uGBtkw49EIjtxICjU6Y9BjhNvtcXCM+PHij8PbAglT9VqUZOgwY87I6XCiVPqFo0zqwgEAAAAAAEBdCcKMtz7/7+6NT/9b6soKM/IjH2Ltg4UZah8RJtgoi+j0VDmlPm8ksCDMQI1QdVwUNXiYMWfkdEBRKv2iUSJ1gQAAAAAAAKBuBWHG1OfXy/44WzvDFgvf99qHbtu5d90Lu/tdy+OL5bZKWWGGGiERbw8/LrZPQZgQDxtCBj1GuD18TMIM1CBV30WEDjPmjJwOJ0qlXyxKoC4EAAAAAAAANIQgzJi1fLvsD5v0zGp34d4/5wOJwIn3Pndj5i6T+8SVvgC4BQKh0RNByDBYmFFsHx8mhNawiKx3EVfsGEOtmUGYgRqm6r4QYcackdMBRan0C8Ug1AkPAAAAAACAhlNOmLHlzBW/7c3f/NEdufyRDzHsZ2tbsm9A7hNXephhciGElwsDBg0ziuyTCxO+/vb/xNrV/sH28WPE28P7EGagjqh6cJOKhhlzRkaHE6XSLxBFqBMbAAAAAAAADa2caaZseqkrv/i/3bPbj+fbDrxxz++/++KtyLbF2LalhxlJIUwAJFUnbiKPwow5I6MDilLpF4cYdQIDAAAAAACgaZQzMkOxEMP233H+uuyPK29kRlIIM4Ahqfpxg/srFUyUQ4cT5dAvDDnqRAUAAAAAAEBTGkmY8bO1+/PTTNlC4GqbuOqEGQDKourKDWhEYYYOJ0qlXxAy1AkJAAAAAACAplfONFNhc7p3u4EPfu33PfjmfTfu6eVyuzjbnjADqCOq3twghhVm6HCiHPrFND118gHIWQQAAAAAQNN7FGZskP3F7HvtQ7/f5Z//u5v83Dq5jfIozND91aXqBwA8VX+uc2WHGTqcKId+IU1NnWxAQ1P/AAEAAAAAAEN5NM3UDtmvtDz+orv+6z/4/Z7Z2ie3KebRNFO6v/6oOgXQwFQ9uk6VHGboYKIc+gU0NXVyARWhvswBAAAAAECtG87IjNFPLHFvff7f/b7ljMow9lyNFWZUm6rTABWg6tN1ZsgwQwcT5dJP3pTUiQQMm/pSBAAAAAAAtaLlyRVuwtLdbsrWs2767lfcYz9bKrcr1XCnmbKRHH/T3SP7BkOYUStUXQgYJlW3rgODhhk6mCiHftKmpE4aIEJ9UQEAAAAAgHoy+pm1buKKA276rouu88RNN+fcR17X2fu+T+1TjuGEGWPmLncDH/yje/3vvnbTFm6S2xRDmFHPVP0JCFF17BomwwwdTJRDP1lTUicJmpT6UgEAAAAAAPXqsb9d7MY+v8lNWnPEzdj3hus6cy8XXDzI/PkwJ/N44CM3/sVd8hjlGk6Y8ber9+VDiRd298ttiiHMaGSqfoWmpOraNaggzNDhRDn0EzUddVKgSagvBwAAAAAA0AgswJiy5bSbeeRdN2fAQovsqIuuUHgR1nX2npu8+bQ81nCcvfPLssOM0U8sdfte+9DtefWO/1lto9hzEGY0I1XvQlNQde4aEgkzdDhRKv0ETUedBGhA6kYPAAAAAACawbTdr8jgIq7r9F03s/cdH4Co4wzH8Xc/8+HCpY/+xZ2++Yu8A2/c94FFEg699dAf841P/5t/LpueSr0WNCNVJ0PDUXXvGpAPM3RAUSp98KaiPnQ0AHXTBgAAAAAAzeyxJ5e52ac/zE0npYOM2afvutkn7/ht1TGG68n1B93N3/wxP2IibfZcz24/Ll8L8Iiqq6HuqTp4FfkwQwcUpdAHbSrqQ0adUTdgAAAAAACA4sYv7fFrYaggo+vsQz/11JgFpU8FVQ5bxPtnaw+4Z7b2ucU9Z1Nhx7bnKHfBcKCQqsehrqi6eBX8lQ4pSqEP2BTUB4oap26kAAAAAAAAw9dx5N38ot8RAw/cxBX75D4AwlQdDzVN1csrZBhhhj5Q01AfIGqMujECAAAAAAAkq/3gZdc1EF07o+vMfTd1x0tyewClUPU+1BRVN6+AMsMMfZCmoD401AB1wwMAAAAAAEhXy9wVrvPkHTdt58v5QMPW0Eh6wW8ARtUFUXWqjp6iMsIMfYCGpz4kVIm6kQEAAAAAAFTe2Oc2+gBj1NyVruPwu/7n2afu+Mdq+6aw7Jrr//hr1//Vf7nL5uNrbkaub/6VXJu5cia63+7P8n09u0Ptdrwrn7kesV/4eP1ndvq2GWe+zrfln7vYsdEAVP0QVaHq6ikoIczQOzY89aGggtQNCgAAAAAAoDZMWL7Hze7/wP88+tn1fsHvsc83+WLZPswIAoydbtXHX7tVyzI/W6AQCyLCwcL8K7ntMj/PWJYNJjw73lefufn57XL7xY5nIUbPmfBzZ9ss5Ch6bDQoVWdExag6e4KGCDP0Tg1NfQioAHXzAQAAAAAAqE2T1h51HUeu5R+Pfnp1pL8p+ZEU4dAiGyT4sCE8KmL3Z/nRFJ4PLaKjLPLt4VEcuf0iIzCC/WxESHjfQLFjo0moOiRSp+ruCRgkzNA7NDT1xiMl6uaCuva3AAAAAAA0jynbzroZ+16XfU1reS58yD32YcbyzM/BSIp8e26ERe5xnu1voyvCj21kRu5xeGSGDyaC7YJtw/vGnrOgvxSq/oE6p+qUSIWqv4+QCDP0hg1NvdlImLp5oKaoL20AAAAAACDZwt9G9TWtYmGG/zk0kiIcMsT6IiGHP15szQyxT7BfdMRGNgQpeuxKUPUX1BhVx0SiVD1+mGJhht6oYak3FwlRNwdUjPoCBQAAAAAAiSHMqIBYONIUVJ0HFaTqnEiEqs+XKRRm6A0aknozMULq4kci1BcbAAAAAACoKsKMCmjGMGM4VD0JCVF1UIyIqteXKBdm6M6GpN5ADIO6uFEy9cUDAAAAAADqxrRdFwkzUH9UnQplUHVSlE3V7UvwV6qxIak3DWVQFy+GpL40AAAAAA
"deleted": false,
"disable_correlation": false,
"timestamp": "1566978932",
"to_ids": false,
"type": "attachment",
"uuid": "5d663374-e3bc-43ae-a0e3-4517950d210f",
"value": "cyber-.PNG"
},
{
"category": "External analysis",
"comment": "IP informations",
"data": "iVBORw0KGgoAAAANSUhEUgAAA7gAAAIECAIAAAC8JBW2AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7P3pkyTFne+N3r+AV9IrPXojmzeyqxdjNmaPjJGZdExXjN0jxq4BZ5AGZEdCZ8TDHHQEaJCAAYEGaLrptXrf94VeqF6ru5beu2vf96rc94x9yX1f7tfDM7OyqrJ6LaEu9PvyJdrDw8PDwyMq4hOeHh7/LyWeIZPJZDKZTCaTyQtMoEwmk8lkMplMJjcwgTKZvNLt3vzay089/dw8P7end2Gye9nlHNm1bu0Pf/byt35Yn8+L3/rJr77/WtMnNydd+sJV7u1lz/BBLQZbzu556bU3v/uTl78xt93nvvGTl7/7i/df29d5W1y0yr29LBm2/Lm24kP52ZZFWT26Y66Bzk9W/ZkdlJ+8WLcVHJTXf/jenl1dweDCVR7B+sHf1Wde8bLuyAIvw/lfb5d/svlI5YjPP3th1NXLzxyRFqxyPy9zCclk8ldpAmUyeSXbee6Zn8y/AXM/8G14euDcC881IJtFfvnv32vpfQC6XfYMH9DB6ZaXfrEIRxr5u68dbPYvXH2xlzHD3nWvLljlAb1MfCk1b37/uwuZr5F/8vpLZ92Pg8uulj/XP07U/JcC5cc+/+ssdRxZ+/2Guc33d9fZFq27tJezhGQy+a9gAmUyeaV6un3VdxbcfWt+oNuwfuK9Xy1c8d7+yZufjC3IpN7LnuGDWXfv+t1Dbvfp11/r0hfmU/NyZ/hXBOXpm3u+/yCIXOdvvXZuZFE+D2Sx45kltvWXAOXHPv/nPHJ21XcX5LC0HxyUl7GEZDL5r2UCZTJ5JVpvWfX6wltvve9/G278E/kD+NU3GqPtsmf4QA4OHHxYEKz6Vy/dbIC2y54hfOJ3C1I+qB+PL6WHfm6p+hu/OPfwGKdv/vXCfGpeblB+/PO/5oeupQcD5WUsIZlM/muaQJlMXmnWJz/5xf2Q9H634aV+In8gN8p82TN8EI+cfP9bC7J6KP/wzyfm9zBe9gy5D371oCyOvPazhbk9lL+7+WE6GKDq9t2LC5cTlJfj/K/avfnXD/10d39QXs4Sksnkv7IJlMnkFeWlujwu8H1uw8FPlqCob/1s1RtHOppvdu462/HJe28u8cPxiy/d/Etn+EB+LDq3/J1Vk3/RDC1Ln/xiYbIH9GPwpe2N5xbm9pD+w+YHf/FxbM+9uy4sGygvz/lfcfN798HZb/zkZev10z+/8DZ/CZK90HkfUF7WEpLJ5L+6CZTJ5BXje3V5XOB734b9p7+/ID3zi8+eXfQ6v9jxbKN+CN/6aGResmXP8IF9u1H332889/4bZ0d6/VZHCF2fHrj52q+XeC3vJ00tf+EMl2DW99f6g9P382ONDdK4ql/+/nsHmwcqObv87pYjS3bP/eHJJXtdz/f9oXxZQHnZzn/LSz8Uvfjd1/YcHJBci1a5r5e3hGQy+UkwgTKZvCIsNS/V5fGHLza439/7Ntyw/e8X5xqTQfuqBvn/rmNemmXP8CE8v2/0T1ftmo4tSgMv1YX61T9O3zPlMmQ48sriJsafbr89L81fxvOOy8s/XNc3vSAB91Ltwb+7uTBlIzd8tFjgxwblZT3/mUde+emiteCfbX+QEVEaedlLSCaTnwgTKJPJT7z1yTeW6m/6XFNLVyPKeXhQ/s5SPyg3pKgHAOXHyvDhzFs0X/z+upF7tQI6D/79go1afqEBwy1vhh3PLkrzlXFSpd30p3/e5Vy4qN4n3m4E/Q9SyK6m+W2oL37/Fw24+bFAednPf1TLyT8sXOXp577x60cd7uMvUEIymfyEmECZTF4Bbtxo97M9HfoSH7O49214utGd+7UlULWrafH7bQt7Six7hg9rceTgPYZ7q7gRsC7FcMuZYcczi9I83oPBw/l2+8378l/jAezuD3N9Ly3o3fGL0ycaZfWYLcrLfP437FK/xIuYD+jlLiGZTH5STKBMJq8IL/yh/zvv3az8jP4ot+HJ1xr87vzqHxsM09a4g8Ei7ln2DP8Sbsi1v3qMwekeLMNGLeiP+2Cw3G4Myks96lSsn1h4KH/1SlfjrB77+C7r+d+oS/0Pjzxgh+ylvLx/oWQy+UkxgTKZvFJca717+ZmT7rn4R7oNNwajn7y/ed4P9LGOdY26Xf5wVfNcmoqXPcPld+M3Dh9mbIcFfsAMG4Hyw33d7S/vhuM/3JvmF78M9433+hDfMKvleBBatvO/Ub+LxzgN5rycf6FkMvkJMYEymbxyDOT6yZufDMx/t+zRbsPizRcaDIkAV175Ck63vNDwbaenX3y2pVHb27JnuNxu2C31qV+crjT7PbwfNMNGB+g7v7CGG6uvsR++/K2fvvnMqoPNY19Fbcx3o9cN7z1m3+IhNX5aGe6j4aDRy/OLwTKd/w2+/zJ31PTbLXte+MWv6g7Ni9ZxOdfibPhO53wv418omUx+MkygTCavcD/ybbhRS+d9/ff3+A7Fsme4nG48ysHfbw4uSvmAfuAMGx6ge/obzy011MZfxI2J/4erTixKWbW+67UFzcZzn1f8C4JyQz/0+d9gMDveFh4cOPjDew6B/K1fH2R9jhdmeD8TKJPJK9kEymTyCvdj3IZdDz7sK/OvXjhb94NyIy97hsvlxu9aPUaXjwfPsHdzo5T39/yf7/9yXmJk6+/vW/IRYjFY1/ckeeJBuUHPcpT/QU/dn/z54MN20iBQJpNXsgmUyeQV7se8DTs7lugRMc/f+vWeBx1fdtkzfGwv8WmJF585+4idHB4qw8a9tx/IX0GnlCW+FfLc0sM8Oxf1zH5uT33iJx2UG43Q8uyRjmcadxxq5Pn7e38TKJPJK9kEymTyCvdj34ZdAwe/f29K+OGbb9xc9I29pb3sGT6Wl+gQ8o3fdTzCp9eYHzLD+34n+Z5+/ZN7jn/8eG48Akl9P4pFtv1xIVgvHNvkSQflR+ogtMDfeahBSwiUyeSVbAJlMnmF+3Fuw/rkJ0t9inmRH6gNeNkzfEyPnW6M7A/bKFjzI2To73tjcZ388OVv/WT+y3xL+NGB/j7WT7z3qwXbsnyvZuzFHU6+u6iL+ZMOyg3T1/kbP33zmbf//AL869cb/W7A/TCjZBAok8kr2QTKZPIK96PehoP3bfdt4NdfW/ozHMue4ePaea7x7+k/fPhuptyPkWFwuuW1VQcPdrmnxYVv6bn8kwfXvb90M+eyjFy2wHrLR407hNxr3LrFbbG/OL34UyYrGJR/+uddC96h1N1rf934B4FnTj7weUugTCavZBMok8kr3I92G176B+hv/WztJ0e2L/36/xItjsue4WN6Saj9w/yhnR/Yy57hAoudLy3Rt7vRR7Yfx0tT8kf3+GT34lE+GhP8SgXlJX8TaNyNmw+U8UAmUCaTV7IJlMnkFe5HuQ0v+vIw90/quw7Hes+uWoJ9F/dhXfYMH88rjpK5u5oaDrywrF8neTRKXtzTeslXIVcmKP/qtYFFKatuPHzeg5MugTKZvJJNoEwmr3A//G248TgMzzW1LG4g9Pe90nBUhJ9u76hLtuwZPpaX6kb8kz/verQu0cue4ZK2vdGoUfkhGi/v46X6JT/39+smgwsT1/nm2qV76z60l/mrhA97/o9tb/A0cu+BAhv+WkKgTCb/bZhAmUxe4X7o23DDz7DdoyNsw5+eX3yhvZZg2TN8DC/5sl0jan8QL3uG93TD5tinftexINkjecm39+4/YHPDc+xR/VcG5UbDwz31k8pnBRubQJlM/hs2gTKZvMK9HKDwrXsPd9WoS8BcM+eyZ/jIHtvz94uyhb/xi9OPOsbFcmd4P+96beG24O8sA1nqB3/XcDSSX73U/gAdxL9OoBy/+cKCxMzv71qYrM4EymTy37AJlMnkFe6HvQ03Sv/M2UXJ5rnBx8ye+vW5SpfWZc/w0bzE24Tf+F3H9IKUD+hlz/D+btg2/9x3Nz/mJ/qWHi954ME+lN3wHHtU/7VBWfrkF4vS3/sHjZurGvQ8IVAmk/82TKBMJq9wP+
"deleted": false,
"disable_correlation": false,
"timestamp": "1566978978",
"to_ids": false,
"type": "attachment",
"uuid": "5d6633a2-1e3c-40c9-9dda-4202950d210f",
"value": "IP-.png"
},
{
"category": "External analysis",
"comment": "Query WHOIS",
"data": "iVBORw0KGgoAAAANSUhEUgAAAdsAAADdCAYAAADzVNidAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAADgHSURBVHhe7Z0/jiRJrqdz7zLA9gUSK/UJSn8YrY5QQB2itBZK2xsUUFIn9gKFkUZJtDAYoE/wtNeYG9QaSaM5nU6jmXuEZ0Zk/oQPmeG0PyTNjHRz9/B4+OWXX37+9//+Pz//19/+CwAAAAAn8PCvf/0LyRYAAAA4ESRbAAAA4GSQbAEAAICTQbIFAAAATgbJFgAAADiZqWT78Lfffn7/nz9/fvkQy0dI/f/8fP76OZSD1+eMMTra5uOnHz+fS72/Kt8/xeVem5ea19qP+uMa/Umbx9c0AGAfLdl++WO78HhB/vHt5+MdLcyHD59/fvxKwfrHz4+BvMfHr38uAf6PUtfY+vCB/LDIzvSDD6x/Fb9///R+TlJaEriBBHuLCenjE5ItAPdIS7a0iP0O4uHDt5/PT7/dzcJ8LEn2+9O33cn24W8lQX/6rZxU1P+LL/4qdqvsS0m0GuBo1/UXn4DEbV2K9/XjpzIGJene6u7u2oj9+06UzgLJFgBwLVqyfSw7OwronGDrInygy3llYbeFWQK/7vDsgudyZWf8/an+rYlB2lp2aT5hUHJc5Eu9DNJTE6HiA5D0ezxgcx81ofq2xBfnJb8oCFqbe76mMs9f6/iUslyHx6zKud4yFuqvbIxG497jSJt6UqN1FhZfdOcZt0lXI8pfbaP666hf+ISr6aDIPBjN61zP/f60RMm2118m8/NMypEPA5lZA9YG9QGdkGt/AICYlmx5sVHQK381CFBgosUpC6wsrJKAeDFyGRt4/MJcPvOxGkhXQcAv6FJmZrco9aTv6DMfM8FBj82itragRLaanazf6V4b7xc+pjokvuYkwsFS9NfxUz0fy/Fmgxm/1kd3jOJx1zIZR9qMxpOPJ7Zrmy1ZkMwk26N+icbCEto3oedRfxLxiWWnv6Eu8r+ccNg5vrZb6omezdd04uLapLIAgJhVstUz/+9lx6n/+4XJlezio3qrhRoF2O0x4uOT7DK+l50HBR8ry7ABh4OpO7O2+tnjI9hOPvs3waxjnw14EVpOdz+MaaeH9zUfUx0SX2sCkfpiu00qq/vOzNo/8bj1x13LZBxp0+qvdfh4YnvkM+USv2Ttijywb4eeR+bpJtlm/U3o8r2sQduelOvruZHVNn0bAIA1S7KlBVUW5pensqg4ANX/qVC2+JIF3ToJjlkZ32PdsWCX/qndbTA8EsRER9nJr467tsQXsS3XwPua4Eua5YQi83WWVJrO1b+Rf+Jx64+7lsk40qbVX+vw8WHiiPW6xC9eV09o30SCO+pP4trJ9guvvbUOmZ4bWeADAMCWh3/84x+SbOsikstJtIDo/84Cs4uP//ey5TMfCxYkPzVc0M8UAP0ONYODTjkZiOr0gpgcl8RljxM+iCmqu8pe/gGpEgzr58zX46SynEjQvfK729kmtvfqEJf4xcs98bwe6dm3fYZNss36m9SFkzLpoeWM3cvOX/QUWbG56sDrwfQBAIhZdrY1cGgi4t1UTSqjIEGLtfeABsvDoKSLuFLvt9l6GRIg1m1ywtb2DFpG9C7HXLLVALKqZ3cEVtei55mBZaOL66/n6yypiJySNrVZ6nz9TcbajuGNJ1uWdWzP6lzqF/pKWBsL10dkHx9P9TzuTyI6KczW36wusnaKLvVzs5vWJT8MJXpqPW5P/ebsBwBsack2EgIAgMUnaQDAHEi2AIBpkGwBOAaSLQAAAHAyN51s5Sw6fnAp4iXOuuWBpe19Og/dK/uL75HN6Q5ennvbpe1dD5dyi+sPgHtllWzpgY31Q0vfdj288dqMFvulwYC/F+we5Mp8pg9W7X3DztH3NPdkGjStjrNPUx/XJX5H9UaXSnby0uoYP9oH+GzZPRydD1t/nvvQ3L1w1J8AvAdasuWnFjnoLWexjyVgnvUVlzMYLfZLgoHsVNfBfcZnGphnn9ikJ1yPvKc5lxUdDiSmo7rQE76z76jmJ3IHuon+lPSlrfb5gE2Wo/PB1+Mndy/U5S1w1J8AvAdasrWBM2L4FQL3rlQfjG07FLClHu2Uyt9SjncIGsj5KxH1WMEnKrubfKY34NQFbnVp8to/JwrTppAnAkVtsXr07Ivgr1VU2/bCdWsgF78sOou9olcqo/+vkAxmddHyvoxHfDgOzqr/lzKGbA/NRX7f8WITX97XeVTQcRG9ig7RPGPZ0r/McSq77t8T1Vud2FiZ88HyVSNi/bWZnkza0ON+Htb+Ou9b7q3baE7q14qy/ggeN377m5ah/se6APCeack2233J4vMBRD7LAiuLqizcJQhXGf9vA/ISXFu9Gty4rFv8cZKr9eoilnuo6zYp8HGbFAQ3CWGxY5aonvbV85nF+2EW34cN6iJfEn4qU7+Q3yaSScQeXVqdgd2cCCaCMfdNfVGfZY7Q5fwvnDyX/nvvOFa9o3kmMhlXSdZLexm2Hl1Kt3ZbGX82PtjIis8W//Vlivo4Wg/RnJe+vS5Vb663jI3/LMe2/RF6CV/nEeva2uyvPwDeM3PJlhaNCUR2EUZBwgYfPVtu7QSBjj5HhMHFLWDbzkYXF+xn+oyI6smxvs8sXo8ZuH3eiZjk1RkH8m8ma/XLMXlZgfWJlFt2KRIsbaDfq0srk9gtba776bGUJZ/r5eN1/dX9Y0b6lXGKx1xl0fuBM6Te0pc9SfT9eR9k7wMfvStcfbxaD0l/vTHS+nZtRjvdfn/xvB/ZDsB7ZnUZ2S+2VihZtJsF5hbosuDouC1H9fKFGC520sXUs/2PFruXzxLVU916PrPsDTrSNiU3dzy0p45DItu2Me+DI7r0ylgosfg2e3Dbdf61S53mWOu7Jg7br8hiHURWfEGXb2nnG5SJaPWKDzlJbfyw+DfyAfm09z7wkWyzHpL+Rsl2KStj7OdEv7/1sbUstx2A98rqASk+S/9qLsfVh31k0fhFJJ/b4tMzZG5nvXA5QJbFvN0B5AsxXOzcNx2jgKs7NatLf7GrPAoUGZEefDzxmS0X7Roy7I7Donq03YgJpiOZ6uSTw4gjurQynWDbO96Dx823bY75caV7n+udbdyX1uO5w2NZypl528PWo8/kI3/FhnRZdttVF3pCu6Dt2Hkx867waB56Xaxv5X8vWz4TPL5PxfZgfkb9EWxv8X18GTnWxdYH4D3Ski1/KItjdSnO3N+jYJQ9IJW9KzVa5FIvX4i9xc7317QvelCmtj2z2CU5q43zgcDvEtrxxGcsZ522NvTQ8ouO1ObSb/51m1gmfojrZBzVRRK6qVNRH+w9+WA9nO/9sf47jsmGeJzFvmW+tBORgX98PX/i0eYYzQX7XmF/qZvk2kYiU/YmW/7cWbetPp9kxPOzt/74OF/yVn2pXX02IF9/ALxXVsn2CH6BbeXljL2zOzoKfb2m/c+J92UWdPQ92wwNoP7BLwAAAO+LU5MtX24qZ77PT9sd4VEkeZuzarOjegl0Vx3tBCyyE5Yz/kgOAADg/XBxsgUAAABAzoskW9n9XvdS8kuhuutO+h5tuEUwJwAA74nBA1Kvdxk0uzz9Wlz73jPYB+YEAOBeaclWnjxcJ1f5OsK20kuAwAo8mBMAgHvFJFsJZH4nq4//+4DCDwDVp2yv/U5XfbBqjfk6g/vqwfr1e/S0cPmrO/SVLO6P4AefzK4+CqBRYM3edXtN9GTIJxq2648fhSOy8YNrkX2YEwvXnBPeBqpL7xxmGetS2grecSzviS7li13y9aWlHgDgNlhdRm7fX6UnfEvSXb5P6b67ZwJ/C1g1mJPMB3ANztvASn3F71H17VpsgONytW1ts/8e3H5/vXfr0mfFB1avY2T7NaH+2c6asNr/xcajsqgfJbNP2sKcuOacoLZUF/rMdVVn26b5zMmVbat2Fl0kAa9PAAAAr0v4gBQFGTnDXoLLKphR4DGB+trvdI3k63olKDlIt16dpV7Sn935MOPAKsdy2yPUH1Z/CrKjoKxBlPzPO5z6P/09Ko
"deleted": false,
"disable_correlation": false,
"timestamp": "1566979659",
"to_ids": false,
"type": "attachment",
"uuid": "5d66364b-2d88-4969-80e8-4d87950d210f",
"value": "query.PNG"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566890715",
"uuid": "5d64dadb-1654-4b89-bd0f-437c950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566890715",
"to_ids": true,
"type": "md5",
"uuid": "5d64dadb-a6f8-422a-a0c9-4b79950d210f",
"value": "1426f88edaf207d2c62422f343209fae"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890715",
"to_ids": true,
"type": "sha256",
"uuid": "5d64dadb-a5dc-488e-ba95-4d2d950d210f",
"value": "204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566890878",
"uuid": "5d64db7e-6634-42f3-a837-40db950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566890878",
"to_ids": true,
"type": "filename",
"uuid": "5d64db7e-8204-4a29-9c54-4ec9950d210f",
"value": "a.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890878",
"to_ids": true,
"type": "sha256",
"uuid": "5d64db7e-a824-4631-9e22-47e4950d210f",
"value": "a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566890951",
"uuid": "5d64dbc7-5564-4729-aaa5-46ca950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566890951",
"to_ids": true,
"type": "filename",
"uuid": "5d64dbc7-7af4-474b-bc36-4468950d210f",
"value": "18535.cmd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890955",
"to_ids": true,
"type": "sha256",
"uuid": "5d64dbcb-d23c-4c9f-bc7e-4ec0950d210f",
"value": "29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566890976",
"uuid": "5d64dbe0-c9a8-4a69-af77-4dbc950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566890976",
"to_ids": true,
"type": "filename",
"uuid": "5d64dbe0-2c48-4153-a4ed-4ef1950d210f",
"value": "21826.cmd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890976",
"to_ids": true,
"type": "sha256",
"uuid": "5d64dbe0-23f4-4c5f-864b-40c7950d210f",
"value": "825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Microblog post like a Twitter tweet or a post on a Facebook wall.",
"meta-category": "misc",
"name": "microblog",
"template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60",
"template_version": "6",
"timestamp": "1566891062",
"uuid": "5d64dc36-bfb4-4909-84a4-4870950d210f",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "post",
"timestamp": "1566891062",
"to_ids": false,
"type": "text",
"uuid": "5d64dc36-1958-45c0-abde-48d4950d210f",
"value": "I have decided to push the recent analysis of the #Gamaredon group on the repository and added the IOC (can be exported in JSON) and the MITRE ATTACK references."
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1566891062",
"to_ids": false,
"type": "text",
"uuid": "5d64dc36-9280-41d6-91e4-48a7950d210f",
"value": "Twitter"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "url",
"timestamp": "1566891136",
"to_ids": true,
"type": "link",
"uuid": "5d64dc36-23e4-4b90-b0f4-4c93950d210f",
"value": "https://mobile.twitter.com/Arkbird_SOLG/status/1165375513709486082"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1566891129",
"to_ids": true,
"type": "link",
"uuid": "5d64dc36-c838-40fb-a501-435f950d210f",
"value": "https://github.com/StrangerealIntel/CyberThreatIntel/tree/master/Russia/APT/Gamaredon"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1566891123",
"to_ids": true,
"type": "link",
"uuid": "5d64dc36-0e9c-4385-abc4-48b5950d210f",
"value": "https://t.co/STsb0kt4aU?amp=1"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "username",
"timestamp": "1566891062",
"to_ids": false,
"type": "text",
"uuid": "5d64dc36-ddc4-48b1-a592-4bcb950d210f",
"value": "Arkbird_SOLG"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1566891062",
"to_ids": false,
"type": "text",
"uuid": "5d64dc36-02b0-437c-a4dc-4b01950d210f",
"value": "Informative"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "creation-date",
"timestamp": "1566891062",
"to_ids": false,
"type": "datetime",
"uuid": "5d64dc36-6f30-48aa-9284-455a950d210f",
"value": "2019-08-24T23:29:00"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566892520",
"uuid": "5d64e1e8-1628-4f3d-a20c-4508950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566892520",
"to_ids": true,
"type": "filename",
"uuid": "5d64e1e8-a6f4-4086-828c-404c950d210f",
"value": "QoceoIJ.vbs"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892524",
"to_ids": true,
"type": "sha256",
"uuid": "5d64e1ec-6a88-4e08-8613-42c9950d210f",
"value": "37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566892569",
"uuid": "5d64e219-7654-48ab-85a7-4e7f950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566892569",
"to_ids": true,
"type": "filename",
"uuid": "5d64e219-ef28-4fa2-aa34-4074950d210f",
"value": "zZBwUAc.vbs"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892569",
"to_ids": true,
"type": "sha256",
"uuid": "5d64e219-9dbc-41a3-8584-4cff950d210f",
"value": "f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566892592",
"uuid": "5d64e230-3134-42f9-89ec-4979950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566892592",
"to_ids": true,
"type": "filename",
"uuid": "5d64e230-7b88-4879-8e70-4812950d210f",
"value": "PowerShellCertificates_C4BA3647.ps1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892593",
"to_ids": true,
"type": "sha256",
"uuid": "5d64e231-25d8-462e-9013-4171950d210f",
"value": "6de997b9bbfa09def80109108def78a42bc16820c681d12210011ea5d1a86321"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566892680",
"uuid": "5d64e288-df60-4d0d-8f8a-4081950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566892680",
"to_ids": true,
"type": "filename",
"uuid": "5d64e288-c02c-42d9-bfb8-440a950d210f",
"value": "Document.docx"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892680",
"to_ids": true,
"type": "sha256",
"uuid": "5d64e288-2574-491b-9aa1-42e1950d210f",
"value": "2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec"
}
]
},
{
"comment": "URL request",
"deleted": false,
"description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.",
"meta-category": "network",
"name": "url",
"template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5",
"template_version": "7",
"timestamp": "1566892847",
"uuid": "5d64e32f-f018-4a7f-b22f-47d9950d210f",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "url",
"timestamp": "1566892847",
"to_ids": true,
"type": "url",
"uuid": "5d64e32f-647c-4d0e-be1a-4f1e950d210f",
"value": "http://document-listing.ddns.net/"
}
]
},
{
"comment": "C2",
"deleted": false,
"description": "A domain and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "6",
"timestamp": "1566892989",
"uuid": "5d64e3bd-6474-4db5-ae6b-1e07950d210f",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1566892989",
"to_ids": true,
"type": "ip-dst",
"uuid": "5d64e3bd-2130-4ca1-8b32-1e07950d210f",
"value": "188.225.24.161"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "domain",
"timestamp": "1566892989",
"to_ids": true,
"type": "domain",
"uuid": "5d64e3bd-f7a0-4b4e-8df2-1e07950d210f",
"value": "document-listing.ddns.net"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566896932",
"uuid": "5d64f324-5260-43cf-b1e2-af53950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566896932",
"to_ids": true,
"type": "filename",
"uuid": "5d64f324-cbc4-4f51-8605-af53950d210f",
"value": "02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c.scr"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566896932",
"to_ids": true,
"type": "sha256",
"uuid": "5d64f324-12fc-45f0-90ef-af53950d210f",
"value": "02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566896986",
"uuid": "5d64f35a-142c-4672-8bcf-49d1950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566896987",
"to_ids": true,
"type": "filename",
"uuid": "5d64f35b-a498-48dc-bd2a-47ed950d210f",
"value": "FDGSKGN.vbs"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566896987",
"to_ids": true,
"type": "sha256",
"uuid": "5d64f35b-1e58-4ba2-a4d2-41c7950d210f",
"value": "630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566897118",
"uuid": "5d64f3de-1fa8-4573-882e-4b24950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566897118",
"to_ids": true,
"type": "filename",
"uuid": "5d64f3de-c390-4fcf-8d8f-4916950d210f",
"value": "PowerShellCertificates_C4BA3647.ps1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566897129",
"to_ids": true,
"type": "sha256",
"uuid": "5d64f3e9-7fdc-4a1d-af84-4826950d210f",
"value": "8f33ce796ee08525d32f5794ebd355914140e43e4b63e09b384dabda93a8b22c"
}
]
},
{
"comment": "C2",
"deleted": false,
"description": "A domain and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "6",
"timestamp": "1566897258",
"uuid": "5d64f451-9930-41fd-951a-48c7950d210f",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1566897258",
"to_ids": true,
"type": "ip-dst",
"uuid": "5d64f451-4378-43bc-a24e-495a950d210f",
"value": "176.57.215.22"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "domain",
"timestamp": "1566897258",
"to_ids": true,
"type": "domain",
"uuid": "5d64f451-115c-4d8e-baa3-4681950d210f",
"value": "shell-create.ddns.net"
}
]
},
{
"comment": "URL request",
"deleted": false,
"description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.",
"meta-category": "network",
"name": "url",
"template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5",
"template_version": "7",
"timestamp": "1566897378",
"uuid": "5d64f4e2-156c-4616-84b5-4d97950d210f",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "url",
"timestamp": "1566897378",
"to_ids": true,
"type": "url",
"uuid": "5d64f4e2-45c4-4e3f-829d-4d0f950d210f",
"value": "http://shell-create.ddns.net/"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566915798",
"uuid": "5d653cd6-1190-4192-8e01-4679950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566915799",
"to_ids": true,
"type": "filename",
"uuid": "5d653cd7-7c60-47ba-9ca1-43b7950d210f",
"value": "9856.txt"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1566915805",
"to_ids": true,
"type": "filename",
"uuid": "5d653cdd-7774-46ef-9eff-4d0e950d210f",
"value": "23379.txt"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566915805",
"to_ids": true,
"type": "sha256",
"uuid": "5d653cdd-92b0-411a-9680-4366950d210f",
"value": "a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995329",
"uuid": "0711a0d0-fa31-44b0-a6ba-2874d8997878",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0711a0d0-fa31-44b0-a6ba-2874d8997878",
"referenced_uuid": "b6188b63-e953-4d96-8f98-850ebfafef1b",
"relationship_type": "analysed-with",
"timestamp": "1566995332",
"uuid": "5d667384-61d4-41b3-90f6-4c01950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566896987",
"to_ids": true,
"type": "md5",
"uuid": "09378942-5e03-4a0a-b65f-a0659a2a4381",
"value": "a510822b1a425efc55cc7052972ae59b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566896987",
"to_ids": true,
"type": "sha1",
"uuid": "33af6da8-4ce7-4690-aea0-8f1273f8b14e",
"value": "c6f1e82edd5a3c817166668603d767e700c930d3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566896987",
"to_ids": true,
"type": "sha256",
"uuid": "3ec41758-aefb-43ed-9bcc-3f49da225e8d",
"value": "630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995329",
"uuid": "b6188b63-e953-4d96-8f98-850ebfafef1b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566896987",
"to_ids": false,
"type": "datetime",
"uuid": "7dfb5a3e-3681-4269-b2df-e775b6da61d8",
"value": "2019-08-05T04:35:23"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566896987",
"to_ids": false,
"type": "link",
"uuid": "0f21dbf0-342c-4bdf-a279-6c2c7a7a23c9",
"value": "https://www.virustotal.com/file/630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322/analysis/1564979723/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566896987",
"to_ids": false,
"type": "text",
"uuid": "99252912-f5db-4a89-a65e-f8f433f8592c",
"value": "0/55"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995329",
"uuid": "50a80329-012a-4924-86eb-5fd85597cbed",
"ObjectReference": [
{
"comment": "",
"object_uuid": "50a80329-012a-4924-86eb-5fd85597cbed",
"referenced_uuid": "18225ad2-1e0a-49a2-bc87-b8cf7235a94f",
"relationship_type": "analysed-with",
"timestamp": "1566995332",
"uuid": "5d667384-e58c-4544-9cbf-4edd950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566896932",
"to_ids": true,
"type": "md5",
"uuid": "f7bd786e-24f2-4998-8ad5-a607dd4158ba",
"value": "73bc90e40f241df4e7b60125ad372ab8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566896932",
"to_ids": true,
"type": "sha1",
"uuid": "7c6da3b9-b87e-4f4f-ac33-9eae6a7bfbc6",
"value": "9f28284e42ccf1d042b30e80f2ae123ff3972d58"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566896932",
"to_ids": true,
"type": "sha256",
"uuid": "f16a61cc-3003-4a99-92b0-8bc9e4ee9516",
"value": "02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995329",
"uuid": "18225ad2-1e0a-49a2-bc87-b8cf7235a94f",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566896932",
"to_ids": false,
"type": "datetime",
"uuid": "7c14a4e0-2884-46c5-8c39-d32198492d0e",
"value": "2019-08-17T15:59:55"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566896932",
"to_ids": false,
"type": "link",
"uuid": "182e8670-8124-4701-86d0-002da0e29ec7",
"value": "https://www.virustotal.com/file/02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c/analysis/1566057595/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566896932",
"to_ids": false,
"type": "text",
"uuid": "858d3f83-f025-4407-a2ad-04311deb90fc",
"value": "37/71"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995330",
"uuid": "b859bc0d-6e14-45b4-80e8-4d5d79f6880d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b859bc0d-6e14-45b4-80e8-4d5d79f6880d",
"referenced_uuid": "cee3c9ac-0af1-4ab3-a484-c92874ed9bdb",
"relationship_type": "analysed-with",
"timestamp": "1566995332",
"uuid": "5d667384-cb04-4f7c-ae39-4d25950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566890955",
"to_ids": true,
"type": "md5",
"uuid": "bc5277ef-d402-49e0-8df7-3549176e0306",
"value": "5850172495a36c0850a459cf9063e9ff"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566890955",
"to_ids": true,
"type": "sha1",
"uuid": "52b37285-50ce-49ec-8159-55d3f9205873",
"value": "d2c56c4521db1fd829ac9fe0d3cadd913880dde8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890955",
"to_ids": true,
"type": "sha256",
"uuid": "b136933a-dbe5-4da1-9edc-833742efd47a",
"value": "29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995330",
"uuid": "cee3c9ac-0af1-4ab3-a484-c92874ed9bdb",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566890955",
"to_ids": false,
"type": "datetime",
"uuid": "61b4ff21-07bd-4869-8523-eb2566a820ba",
"value": "2019-08-18T16:32:06"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566890955",
"to_ids": false,
"type": "link",
"uuid": "0e3ab5bf-aecd-484a-a7ac-444b3ab51a62",
"value": "https://www.virustotal.com/file/29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f/analysis/1566145926/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566890955",
"to_ids": false,
"type": "text",
"uuid": "ffaeea0a-699b-4b97-9269-506e79a8acec",
"value": "3/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995330",
"uuid": "b7d07cd9-63db-42d0-bacd-1e38ea200b6a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b7d07cd9-63db-42d0-bacd-1e38ea200b6a",
"referenced_uuid": "136f1c84-a4aa-4f07-876d-c5eb3aba5a80",
"relationship_type": "analysed-with",
"timestamp": "1566995332",
"uuid": "5d667384-c0a8-4945-abb5-4389950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566892569",
"to_ids": true,
"type": "md5",
"uuid": "38dff4e6-b796-4799-b215-b3a1f9b0c77d",
"value": "e427637799ecaaaaac6a7a2a21af3870"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566892569",
"to_ids": true,
"type": "sha1",
"uuid": "a84b0aa0-8a09-44b3-a652-4a8619d6e5ec",
"value": "3c082ca475eba394ccbc14c734b395955afafd22"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892569",
"to_ids": true,
"type": "sha256",
"uuid": "218e1d7a-6a1b-4a4f-88fe-d45e9d2fa9b2",
"value": "f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995330",
"uuid": "136f1c84-a4aa-4f07-876d-c5eb3aba5a80",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566892569",
"to_ids": false,
"type": "datetime",
"uuid": "0105b097-ed59-409e-9596-aa6763c2eb69",
"value": "2019-08-15T20:00:25"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566892569",
"to_ids": false,
"type": "link",
"uuid": "8fa80388-17d3-48fd-a044-000c19d6f8b8",
"value": "https://www.virustotal.com/file/f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315/analysis/1565899225/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566892569",
"to_ids": false,
"type": "text",
"uuid": "0b3589cc-c435-4b84-bdf4-64c0a9b1d56a",
"value": "0/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995330",
"uuid": "abf752c2-dbf6-4f1e-9731-c4d4b9f9759d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "abf752c2-dbf6-4f1e-9731-c4d4b9f9759d",
"referenced_uuid": "6d04e4a8-bd44-4cd6-9c80-c13fbbae11be",
"relationship_type": "analysed-with",
"timestamp": "1566995332",
"uuid": "5d667384-e660-4618-9c0c-429a950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566890715",
"to_ids": true,
"type": "md5",
"uuid": "4520c6b7-1709-40b7-8bef-7ebcd85eaec4",
"value": "1426f88edaf207d2c62422f343209fae"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566890715",
"to_ids": true,
"type": "sha1",
"uuid": "829bf425-3b21-4e41-8cf3-cf61625185ca",
"value": "5e94c7a8df9ab65fc2b2fbdabea61ade8c3b0018"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890715",
"to_ids": true,
"type": "sha256",
"uuid": "1a8350d4-f16b-4c4e-9c07-51176c97341e",
"value": "204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995330",
"uuid": "6d04e4a8-bd44-4cd6-9c80-c13fbbae11be",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566890715",
"to_ids": false,
"type": "datetime",
"uuid": "ff1f826b-fde8-423a-b728-79bef43078d0",
"value": "2019-08-20T02:21:12"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566890715",
"to_ids": false,
"type": "link",
"uuid": "c95f4c33-6497-46a1-9dc3-2fe567ebfabd",
"value": "https://www.virustotal.com/file/204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8/analysis/1566267672/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566890715",
"to_ids": false,
"type": "text",
"uuid": "f3eb1c81-5dac-4eeb-9138-129977f41ee1",
"value": "24/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995330",
"uuid": "cf01e1fa-bb40-4d0b-b52b-908910c2fd26",
"ObjectReference": [
{
"comment": "",
"object_uuid": "cf01e1fa-bb40-4d0b-b52b-908910c2fd26",
"referenced_uuid": "8df78dd1-7cda-4e63-b3c2-9bcc3d77077c",
"relationship_type": "analysed-with",
"timestamp": "1566995333",
"uuid": "5d667385-9178-4738-8025-44f3950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566890878",
"to_ids": true,
"type": "md5",
"uuid": "27d15ca1-25f5-400f-9bcc-b8f2f2bf9a76",
"value": "1676158ff7d9751413308094c97c7055"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566890878",
"to_ids": true,
"type": "sha1",
"uuid": "c6109acd-5c20-49a2-bb5c-5426d7aa97bd",
"value": "f53bfcc0acd1978bd9e4e032fe25ca51c2a32f7a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890878",
"to_ids": true,
"type": "sha256",
"uuid": "aadeb9bc-7074-48bb-b5de-04f72b1081d7",
"value": "a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995331",
"uuid": "8df78dd1-7cda-4e63-b3c2-9bcc3d77077c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566890878",
"to_ids": false,
"type": "datetime",
"uuid": "b1c888cf-e0eb-46c0-bdf3-76cfcb1e4366",
"value": "2019-08-22T04:16:19"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566890878",
"to_ids": false,
"type": "link",
"uuid": "6d63994b-134c-4dfd-8b13-9ff61aba2a20",
"value": "https://www.virustotal.com/file/a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06/analysis/1566447379/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566890878",
"to_ids": false,
"type": "text",
"uuid": "dd87da85-5ff6-4154-b632-960a1590bf41",
"value": "31/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995331",
"uuid": "41714cfe-419c-4827-824f-90f281a2785b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "41714cfe-419c-4827-824f-90f281a2785b",
"referenced_uuid": "c29ee2c4-9889-402f-b864-ae08eac1c5d0",
"relationship_type": "analysed-with",
"timestamp": "1566995333",
"uuid": "5d667385-7c7c-4d81-b5de-44f8950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566890976",
"to_ids": true,
"type": "md5",
"uuid": "0f17db7a-88ce-4ebf-83e7-b322644d50b7",
"value": "df366065b771ec78320e9fa64e213f39"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566890976",
"to_ids": true,
"type": "sha1",
"uuid": "7bffbecb-c2e4-400d-af60-a05b093af4b8",
"value": "5223f3c84108c6b7800fc0160c2dc0dbeb5b7107"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566890976",
"to_ids": true,
"type": "sha256",
"uuid": "e75b669b-3095-4c07-a7da-317bb56ab924",
"value": "825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995331",
"uuid": "c29ee2c4-9889-402f-b864-ae08eac1c5d0",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566890976",
"to_ids": false,
"type": "datetime",
"uuid": "cf26bfcd-0c49-47e6-9750-f2fdd67d8363",
"value": "2019-08-15T20:00:25"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566890976",
"to_ids": false,
"type": "link",
"uuid": "d11518fb-4858-437a-9084-c800b807ba9e",
"value": "https://www.virustotal.com/file/825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b/analysis/1565899225/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566890976",
"to_ids": false,
"type": "text",
"uuid": "c17cb473-1517-416a-ad5d-0f3cbf6dfee2",
"value": "0/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995331",
"uuid": "3c64cb44-c63c-4da7-a2ae-0bdeb778f9dc",
"ObjectReference": [
{
"comment": "",
"object_uuid": "3c64cb44-c63c-4da7-a2ae-0bdeb778f9dc",
"referenced_uuid": "ab3fe092-6f45-489e-bef1-e1af90f1fe74",
"relationship_type": "analysed-with",
"timestamp": "1566995333",
"uuid": "5d667385-5650-4931-b72b-4678950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566892524",
"to_ids": true,
"type": "md5",
"uuid": "ecfacb82-678c-4d7c-9c04-25aef0ccd7c0",
"value": "19e85555e91bb07d70639a9f12dffb33"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566892524",
"to_ids": true,
"type": "sha1",
"uuid": "55b383ab-e661-43bb-bc02-5478b9eb1263",
"value": "617fff945957dbc4c57a1d961f3132454a2b744f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892524",
"to_ids": true,
"type": "sha256",
"uuid": "02296d3e-e7ee-45b0-9ec4-886b4b25ecf6",
"value": "37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995331",
"uuid": "ab3fe092-6f45-489e-bef1-e1af90f1fe74",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566892524",
"to_ids": false,
"type": "datetime",
"uuid": "ea81adf0-49f5-4324-8f2c-2898405366f7",
"value": "2019-08-19T16:37:32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566892524",
"to_ids": false,
"type": "link",
"uuid": "f0aa02e1-357f-4c00-92e7-c0b0916373a9",
"value": "https://www.virustotal.com/file/37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316/analysis/1566232652/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566892524",
"to_ids": false,
"type": "text",
"uuid": "42bf37b1-da36-4da6-a398-95797d64a396",
"value": "1/54"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995331",
"uuid": "253f4638-714a-4229-9f2c-95f73e86e0cc",
"ObjectReference": [
{
"comment": "",
"object_uuid": "253f4638-714a-4229-9f2c-95f73e86e0cc",
"referenced_uuid": "694eee41-afe4-4a3c-9759-10499c17f5a7",
"relationship_type": "analysed-with",
"timestamp": "1566995333",
"uuid": "5d667385-0a40-47f2-835b-45d3950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566915805",
"to_ids": true,
"type": "md5",
"uuid": "8919eb00-6cb0-4b15-9d09-772079a0f8a6",
"value": "bd126a7b59d5d1f97ba89a3e71425731"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566915805",
"to_ids": true,
"type": "sha1",
"uuid": "d4af8516-08fa-4d96-b474-decd31167f8d",
"value": "457b1cd985ed07baffd8c66ff40e9c1b6da93753"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566915805",
"to_ids": true,
"type": "sha256",
"uuid": "1584f436-aed4-41f7-aa8d-e1f5013f5476",
"value": "a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995332",
"uuid": "694eee41-afe4-4a3c-9759-10499c17f5a7",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566915805",
"to_ids": false,
"type": "datetime",
"uuid": "969d556b-ee90-4f22-9572-18703bbf94e3",
"value": "2019-08-27T23:45:43"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566915805",
"to_ids": false,
"type": "link",
"uuid": "4bb23eec-24fa-4138-acce-8aa2666eb5c9",
"value": "https://www.virustotal.com/file/a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599/analysis/1566949543/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566915805",
"to_ids": false,
"type": "text",
"uuid": "ea33de9a-c505-4378-860e-20f4d61d0ec7",
"value": "1/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566995332",
"uuid": "8a9d306f-3fa1-4b7a-b5be-5af92c041fce",
"ObjectReference": [
{
"comment": "",
"object_uuid": "8a9d306f-3fa1-4b7a-b5be-5af92c041fce",
"referenced_uuid": "9788ebc6-52c7-496d-8d53-e79676970b3c",
"relationship_type": "analysed-with",
"timestamp": "1566995333",
"uuid": "5d667385-a2d8-44de-bc29-406c950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566892680",
"to_ids": true,
"type": "md5",
"uuid": "32d4a6a9-3b55-4289-8278-01ffd6ebca9a",
"value": "d2e34941fefe458c98e5f382364fe195"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566892680",
"to_ids": true,
"type": "sha1",
"uuid": "4217237d-2783-41ca-889b-a11de613efcb",
"value": "c41162e2130dc8ff73e2a0a962af490b8e0a5915"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566892680",
"to_ids": true,
"type": "sha256",
"uuid": "848f8416-6640-4751-b59a-484a3eaedc22",
"value": "2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566995332",
"uuid": "9788ebc6-52c7-496d-8d53-e79676970b3c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566892680",
"to_ids": false,
"type": "datetime",
"uuid": "dcecf358-1519-4ea9-8eaa-2a7c385d7b38",
"value": "2019-08-15T05:00:23"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566892680",
"to_ids": false,
"type": "link",
"uuid": "450a5bc4-9a3f-4128-a966-a9793de6df26",
"value": "https://www.virustotal.com/file/2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec/analysis/1565845223/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566892680",
"to_ids": false,
"type": "text",
"uuid": "52f01a1b-b382-47d4-ac1a-19bbbd4a4705",
"value": "0/59"
}
]
}
]
}
}