misp-circl-feed/feeds/circl/misp/5c829fc2-7e94-4722-8c67-2e8468f8e8cf.json

{
  "Event": {
    "analysis": "0",
    "date": "2019-03-08",
    "extends_uuid": "",
    "info": "2019-03-08: TerraLoader Signed -> JS RAT",
    "publish_timestamp": "1622022016",
    "published": true,
    "threat_level_id": "2",
    "timestamp": "1621850064",
    "uuid": "5c829fc2-7e94-4722-8c67-2e8468f8e8cf",
    "Orgc": {
      "name": "VK-Intel",
      "uuid": "5bfa439e-c978-4dcd-b474-73f568f8e8cf"
    },
    "Tag": [
      {
        "colour": "#b5654e",
        "name": "TerraLoader"
      },
      {
        "colour": "#f591da",
        "name": "Digital Signature"
      },
      {
        "colour": "#7f3e2d",
        "name": "ARTILDA CONSULTING LIMITED"
      },
      {
        "colour": "#585483",
        "name": "var BV = \"6.0\""
      },
      {
        "colour": "#073972",
        "name": "rkey: \"wearenotcobaltthanks\""
      },
      {
        "colour": "#3f86b0",
        "name": ".kz Domain"
      },
      {
        "colour": "#0088cc",
        "name": "misp-galaxy:tool=\"Terra Loader\""
      },
      {
        "colour": "#004646",
        "name": "type:OSINT"
      },
      {
        "colour": "#0071c3",
        "name": "osint:lifetime=\"perpetual\""
      },
      {
        "colour": "#0087e8",
        "name": "osint:certainty=\"50\""
      },
      {
        "colour": "#ffffff",
        "name": "tlp:white"
      }
    ],
    "Attribute": [
      {
        "category": "Network activity",
        "comment": "Terra JS",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1552064675",
        "to_ids": true,
        "type": "url",
        "uuid": "5c82a0a3-0368-4fe2-b9a6-1b9d68f8e8cf",
        "value": "https://host.moresecurity.kz/host/info"
      }
    ],
    "Object": [
      {
        "comment": "",
        "deleted": false,
        "description": "File object describing a file with meta-information",
        "meta-category": "file",
        "name": "file",
        "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
        "template_version": "15",
        "timestamp": "1552083459",
        "uuid": "5c829fd4-6c58-4888-81f6-1b9e68f8e8cf",
        "ObjectReference": [
          {
            "comment": "",
            "object_uuid": "5c829fd4-6c58-4888-81f6-1b9e68f8e8cf",
            "referenced_uuid": "aa54ad77-4a78-41b0-8f7b-6534e0944ba8",
            "relationship_type": "analysed-with",
            "timestamp": "1621850064",
            "uuid": "5c82ea04-abd0-47ca-a164-473202de0b81"
          }
        ],
        "Attribute": [
          {
            "category": "Artifacts dropped",
            "comment": "",
            "data": "UEsDBBQACQAIACSIaE5ZBMkaEWUEANDcBwAgABwAOWIzZWM3NTUzYjA3OWY0MTM1NjVhN2Y2MWM4ZWZkM2NVVAkAA9SfglzUn4JcdXgLAAEEIQAAAAQhAAAAZFm/gT/JGV+f5P2lB2dXkrPrl/CUBAnD073/7VD9rFdDQ/R1r+YrAzVvh4q82/ezad/fUrTrX+EDyo2w0zfNHjUHJ/JdCize939y1/at1892tney/+2p2JLCDBJjRg/HFa1r00QsbqLuHQ/khDQQg5iqzsHxP1nMZg57lj9UN43gQdUlyOUEOU3Zi0AsAH3+BdKiZa6hGJoFebe3OItnrEgrytccU2OvukRcnaqP/JarZz0ZKkEAxYJvOl24FnqP9yWCocFtbKDVrxC1yNZ24cU0OJcmnLyNmnCpZ8CLE9yzgLqZCfzdZkMUGRXaMyrrp2LMSf466ENr6wS7ui5unrSA3M6zc/v/AOOQMYy7JK4AZTKnogh+vFnhqz4xsJNpEi/QyEtahC/jwI05RJOm+79Hdrm4XB/gMFFyHOS1F+ssXcRsK/g2CdRzbu+6EyPo/rZ24GXHT4uiDVbqXYXIV5a/XDXTOOEtupynfb4RlDMDkEzTmcKAfBU8eCf7UBRA9aIztcQZn/QQOiWTHMHOK6bTn2A9xqqZIbeQYmrWkrsIBOA7Wi84D5JxKYWm/Ws9T3Jeub1bLY5fTuNwFLNyZtAE9pqXMkE4wiWumeL/F/m2R4GV1STPvJ9BFVky+w5ZzPPWDPOJVfRtOUg3492WiCFeCG44VT7qoggUbFnFkdUV3tXbEY1xy/g4BqFhBUWy9K9osSobVxLr74zROjrCu1aW7S3Ra8vfxivFbEMBGr5dF7kGHa/X1+Gy3wneAoqPe819tQaCqCpqYxNE6jor1FnXPrBcL90nwxL53fYedoFzelfiVQXojZZD2Re9dbJdILatwIMtYBto2WF4uL/+EAGLyRrEZLS/1fGGX5etZLVOwFNcTO2ADyy8T5lyEsynFEnHjBZHPDrWPAIwZ11ktib1vaxC5fx4yzUGSK4O0MPZ1vNZ75AzMSwGgQrnYbVgOFJXq0FRK49XsrBI9IqCOL+sd7uo7vPf9ezVsrMbHKzbxou8xwA6ZDjSW+GBKzmhh6IU0ydtuNEfzOBKNQKPI9pF3JL/AhYu+Pt6/yuoKka2P9FeELkDkFil3BqS8C2EGY2ViTZKowZwkuM1ENI92GmA98hMS12Efl/cCc51TGe44hKE0l4JpCArhYf2AZV0KFhnpHEoapcqdodW0yG0gLeZzmkfHUGjLpazWFI+qxQm9ICPOhprSX5XlDL44yxCd9dGVgfZvmOG0HQD1G8wHKGVt/NPYXCtxzEPT3VEcW/5XmXZLtbPzGXXRm0Fdqrh9ypyh6Oeh5b9Ox43728MEAzkRZaUIaJTQ4njMx3C9Q9JAwlm/tHwBdutkOCgwF8MvCTDA/p5qHRDKginbA4SdFgNLWe9EQrf52R/uRBzC2qZ9NWz5kV81fJj1BK208NGadO9jaG9E+xdSMnu1/6Y/EhTc6b/MQIc+t5B5h1bE2QT6lUYqoB2WlneRq28OmRWTJ4PO5jN/aqnlwGEF7vBcZ0q8No28Fwu9DqqONrrzNttn1KZfe+PPr/F42ckYioAzj+mdwGleNA/cJzEROhc8CD3expCVw6RyVvK3yeGGr6C5UC1TARgU77j2liUe9oxk5cXy6nXy84rEzO1cjGVaFM5slj7dyT5A4J1NsB+V1geG3y/6Tl93qVUBobvMHh5IViosc//MW1rOdapnX8pyo79r6IuYUAENqzo3slU5GUukWubG0AvADGCG8q788ilikbsxoMJg1ENrFF8Pl549OVjgiywgr1Z0FdPwJZhSxNtfRYI1yVA+ciZmjoszsa+6RF6zdlAd7b9qhuiuItEvgcHMGxyyvLGfGSamfUX722aPLowQiW97i+Hq8VW4nfZiDyCFCsFUggcStJwZk8t/oMsIXxZ56rWD4ulM88c61x6mAuGpjeLky4TnecztjUlSfX8gls0xH2+/Nyrs6AS63nYi2g3h56OTCoyaEaZYHDZ7Hi0Wju1dHF716/pu0VWBHnIYBNWn77MxbimSNczJeOj6081srctoNsg3ZmQfNd24vIR6gpzplEdLvVTSrlYjWoj6lYce3LbbFK9pFeoQ+ONGRz8WJDZasWp39AjUP/itbO3D/ua6Jdlds7iFAIrB65IeVyDmoDuJIlhtWKMnzZWjpkeDA5e1ppA8MTwYpfr4++1uPinoEkTDabLyG/rxoMxgYzbRJQd5UFpT6SsOfBd+pB1LT8cJ0IsKf/UwM/iiJhU35DxmCRy76KMwv4+9kPj3Pw/mg44PqJSpvB81Rt4REM5BM4boP5eiZc0kzXsdyvoJP98CcAbPlVW7j3IdbW3wY8E74JP0knAeXyCYVe+TCIFpVOasKpR/Vm3kij4v3uWH22LtxkNVqu/sbZFXrCup7OoInoDubH8kqwnmPqbeYNPSJ+yvHfeVzei5R4dBm5iApB/gaaExExjKiqmaHBi2cteY3q5DcUuWWxjqdY2rHanqaik1yzfri3ZeAXCiqKslNokoBkqiw5sJ9h/29EIXg8TpC4rM+SFZkbn6vT9TdXrbv3yvXx3xaGMOf3SZnQiAb5+vO81kH58AHMYnBb/SeoptGo1Yaq4HqvkV8q9aljJ3kAge2PIuGq4OuQw4TGy93cx36ReBHgEjlpX7Y5Ey1WFZdL1dIssfI8jQCU7iB/4XvUtwExIwmm0sxGKsgFtF1Ji0cC0yiK3GKKvl8+C5GA+GW1L0iHBSO7ggXUrH1nfOPWAMD7YxBZslJqaQ4fWwQG8FR6vUodiNsaC8kTHlY3hX1UU6+bdVLFH9hfqJi1D4Eh9gQUDDPaCv/Xmt/rJiwtr7b/xJYC90RUidYHhVjBchFEBnnM1eIXs3D9YxMKQXggEhAMZy6BGPgIDDiWdL+qSFIx93QD0jLTRcKCaNy+E1m3f5sZOSUdPj2yFlr/qWplzrAAMg5AJULFYdQk0mzXttn+1xjpHCpm/L6SmVf3jLnZ3tJzev6/3Z+GPAsMBPZdSNC4tApagkO/R3yjZ7ZO2Tp4DmXkvqOIUl7tXqtIji8Avk9KxlEr0oSQz2QqddjpiFO94Dp7fOdMQEG62BoPWNiJjcuDH5n8n+AlL18m9U2t/9Leu4L00HalHECoeK84dCsWTmUyhkCScNO3edrMv4A0mq0txc8MSd+eGO1PcEShM3DnN0c44xR0S9IlEBmrYhFtyLj4JTQmSLAMaAGwZ/eE0V2iTTdD0iyqkqwPOHUl7QHIHZBwqDCBznXk62pjLLeMfzuV2ZayJ2W+QjTcekhokbeDIO6ewvopJ04YcDRp/JnLKJRy5K0s/dLfqG7DYsg7wCW1wPlkD9ggwCsbTFZadZ33H6/X6ORMoum4yoQGv414TlRwcg16roqWTLQxTgXowgG1NBvh4BsJufTXXuLW98Os1rXTn7FaXtx6MhxHu1PuNLIHp58jl3byZZNYMpebV4JAUH72EhbBwkR2OJ+2mCpp8oR1y+qJCySIQAdz0wm+Czya5vl9pztbGTKFWichCHAWKC1A3umDLDVB19HxOJnlP56YQ0Hg9OruX/wX0GeHrO7WwyuLyP0/RnL5U25jB7jnZJWlhg4CG7+pQ19eewXaZhciyJQpr08PVdDYd7bFqOhHIa/K1IQx0q+SFgZazFTbMPCfR4uopgBzXq0k2YShmMYaGf0uSBUc8rZUq3O3xM5dJ40q4Dt3gilrAfcD1laLP93bum0/exefcqwvAc9UfirtoMNI5jqUSxWcrt/R417j/EBSERvZQYfPRonKfZnWt5WE5FFwX4hyK9tYAcp8gU1XvDUM7945GetXfL7udoiTk4vYJm5fuFFGh6mgLAoVNCmYHxvUpIkI6NTPiY7P37TN6/5JT8gTg7oBUbP7yt2pP4OuBvHTdB+4JTv++tAqU/rIhe9psNzomLey3Yl5o/Slt4vHvmdxscJVGlYPBsP//BM+K4xBblOCXM0PZnbKZniGOG9WM/3
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "malware-sample",
            "timestamp": "1552064468",
            "to_ids": true,
            "type": "malware-sample",
            "uuid": "5c829fd4-1244-4cb9-b88e-1b9e68f8e8cf",
            "value": "2019-03-08-TerraLoader-DLL-Signed.vk.ocx|9b3ec7553b079f413565a7f61c8efd3c"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "filename",
            "timestamp": "1552064468",
            "to_ids": false,
            "type": "filename",
            "uuid": "5c829fd4-582c-4f90-8d22-1b9e68f8e8cf",
            "value": "2019-03-08-TerraLoader-DLL-Signed.vk.ocx"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "md5",
            "timestamp": "1552064468",
            "to_ids": true,
            "type": "md5",
            "uuid": "5c829fd4-d5e4-4036-89f3-1b9e68f8e8cf",
            "value": "9b3ec7553b079f413565a7f61c8efd3c"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "sha1",
            "timestamp": "1552064468",
            "to_ids": true,
            "type": "sha1",
            "uuid": "5c829fd4-c28c-4c8f-a0e2-1b9e68f8e8cf",
            "value": "24d6407e700152c83ed7f0b33c7cf9d86e2bff92"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "sha256",
            "timestamp": "1552064468",
            "to_ids": true,
            "type": "sha256",
            "uuid": "5c829fd4-0074-4440-beed-1b9e68f8e8cf",
            "value": "49af65995e51d88bbe8b0d4be5a5df2692aa57800f1875a18ecbd3f483c8a094"
          },
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "size-in-bytes",
            "timestamp": "1552064468",
            "to_ids": false,
            "type": "size-in-bytes",
            "uuid": "5c829fd4-332c-4b84-ba7b-1b9e68f8e8cf",
            "value": "515280"
          }
        ]
      },
      {
        "comment": "",
        "deleted": false,
        "description": "VirusTotal report",
        "meta-category": "misc",
        "name": "virustotal-report",
        "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
        "template_version": "2",
        "timestamp": "1552083459",
        "uuid": "aa54ad77-4a78-41b0-8f7b-6534e0944ba8",
        "Attribute": [
          {
            "category": "Other",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "last-submission",
            "timestamp": "1552064468",
            "to_ids": false,
            "type": "datetime",
            "uuid": "1a1cc932-6715-4472-8d33-b8c3dcac0518",
            "value": "2019-03-08T18:42:12"
          },
          {
            "category": "External analysis",
            "comment": "",
            "deleted": false,
            "disable_correlation": false,
            "object_relation": "permalink",
            "timestamp": "1552064468",
            "to_ids": false,
            "type": "link",
            "uuid": "a4ac7353-7b42-4f17-ab49-036ebdea2d8a",
            "value": "https://www.virustotal.com/file/49af65995e51d88bbe8b0d4be5a5df2692aa57800f1875a18ecbd3f483c8a094/analysis/1552070532/"
          },
          {
            "category": "Artifacts dropped",
            "comment": "",
            "deleted": false,
            "disable_correlation": true,
            "object_relation": "detection-ratio",
            "timestamp": "1552064468",
            "to_ids": false,
            "type": "text",
            "uuid": "0352b7e6-10ee-4741-825f-7a7b11090e08",
            "value": "5/70"
          }
        ]
      }
    ]
  }
}
chg: [feed] added 2023-04-21 13:25:09 +00:00			`{`
			`"Event": {`
			`"analysis": "0",`
			`"date": "2019-03-08",`
			`"extends_uuid": "",`
			`"info": "2019-03-08: TerraLoader Signed -> JS RAT",`
			`"publish_timestamp": "1622022016",`
			`"published": true,`
			`"threat_level_id": "2",`
			`"timestamp": "1621850064",`
			`"uuid": "5c829fc2-7e94-4722-8c67-2e8468f8e8cf",`
			`"Orgc": {`
			`"name": "VK-Intel",`
			`"uuid": "5bfa439e-c978-4dcd-b474-73f568f8e8cf"`
			`},`
			`"Tag": [`
			`{`
			`"colour": "#b5654e",`
			`"name": "TerraLoader"`
			`},`
			`{`
			`"colour": "#f591da",`
			`"name": "Digital Signature"`
			`},`
			`{`
			`"colour": "#7f3e2d",`
			`"name": "ARTILDA CONSULTING LIMITED"`
			`},`
			`{`
			`"colour": "#585483",`
			`"name": "var BV = \"6.0\""`
			`},`
			`{`
			`"colour": "#073972",`
			`"name": "rkey: \"wearenotcobaltthanks\""`
			`},`
			`{`
			`"colour": "#3f86b0",`
			`"name": ".kz Domain"`
			`},`
			`{`
			`"colour": "#0088cc",`
			`"name": "misp-galaxy:tool=\"Terra Loader\""`
			`},`
			`{`
			`"colour": "#004646",`
			`"name": "type:OSINT"`
			`},`
			`{`
			`"colour": "#0071c3",`
			`"name": "osint:lifetime=\"perpetual\""`
			`},`
			`{`
			`"colour": "#0087e8",`
			`"name": "osint:certainty=\"50\""`
			`},`
			`{`
			`"colour": "#ffffff",`
			`"name": "tlp:white"`
			`}`
			`],`
			`"Attribute": [`
			`{`
			`"category": "Network activity",`
			`"comment": "Terra JS",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1552064675",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5c82a0a3-0368-4fe2-b9a6-1b9d68f8e8cf",`
			`"value": "https://host.moresecurity.kz/host/info"`
			`}`
			`],`
			`"Object": [`
			`{`
			`"comment": "",`
			`"deleted": false,`
			`"description": "File object describing a file with meta-information",`
			`"meta-category": "file",`
			`"name": "file",`
			`"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",`
			`"template_version": "15",`
			`"timestamp": "1552083459",`
			`"uuid": "5c829fd4-6c58-4888-81f6-1b9e68f8e8cf",`
			`"ObjectReference": [`
			`{`
			`"comment": "",`
			`"object_uuid": "5c829fd4-6c58-4888-81f6-1b9e68f8e8cf",`
			`"referenced_uuid": "aa54ad77-4a78-41b0-8f7b-6534e0944ba8",`
			`"relationship_type": "analysed-with",`
			`"timestamp": "1621850064",`
			`"uuid": "5c82ea04-abd0-47ca-a164-473202de0b81"`
			`}`
			`],`
			`"Attribute": [`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			"data": "UEsDBBQACQAIACSIaE5ZBMkaEWUEANDcBwAgABwAOWIzZWM3NTUzYjA3OWY0MTM1NjVhN2Y2MWM4ZWZkM2NVVAkAA9SfglzUn4JcdXgLAAEEIQAAAAQhAAAAZFm/gT/JGV+f5P2lB2dXkrPrl/CUBAnD073/7VD9rFdDQ/R1r+YrAzVvh4q82/ezad/fUrTrX+EDyo2w0zfNHjUHJ/JdCize939y1/at1892tney/+2p2JLCDBJjRg/HFa1r00QsbqLuHQ/khDQQg5iqzsHxP1nMZg57lj9UN43gQdUlyOUEOU3Zi0AsAH3+BdKiZa6hGJoFebe3OItnrEgrytccU2OvukRcnaqP/JarZz0ZKkEAxYJvOl24FnqP9yWCocFtbKDVrxC1yNZ24cU0OJcmnLyNmnCpZ8CLE9yzgLqZCfzdZkMUGRXaMyrrp2LMSf466ENr6wS7ui5unrSA3M6zc/v/AOOQMYy7JK4AZTKnogh+vFnhqz4xsJNpEi/QyEtahC/jwI05RJOm+79Hdrm4XB/gMFFyHOS1F+ssXcRsK/g2CdRzbu+6EyPo/rZ24GXHT4uiDVbqXYXIV5a/XDXTOOEtupynfb4RlDMDkEzTmcKAfBU8eCf7UBRA9aIztcQZn/QQOiWTHMHOK6bTn2A9xqqZIbeQYmrWkrsIBOA7Wi84D5JxKYWm/Ws9T3Jeub1bLY5fTuNwFLNyZtAE9pqXMkE4wiWumeL/F/m2R4GV1STPvJ9BFVky+w5ZzPPWDPOJVfRtOUg3492WiCFeCG44VT7qoggUbFnFkdUV3tXbEY1xy/g4BqFhBUWy9K9osSobVxLr74zROjrCu1aW7S3Ra8vfxivFbEMBGr5dF7kGHa/X1+Gy3wneAoqPe819tQaCqCpqYxNE6jor1FnXPrBcL90nwxL53fYedoFzelfiVQXojZZD2Re9dbJdILatwIMtYBto2WF4uL/+EAGLyRrEZLS/1fGGX5etZLVOwFNcTO2ADyy8T5lyEsynFEnHjBZHPDrWPAIwZ11ktib1vaxC5fx4yzUGSK4O0MPZ1vNZ75AzMSwGgQrnYbVgOFJXq0FRK49XsrBI9IqCOL+sd7uo7vPf9ezVsrMbHKzbxou8xwA6ZDjSW+GBKzmhh6IU0ydtuNEfzOBKNQKPI9pF3JL/AhYu+Pt6/yuoKka2P9FeELkDkFil3BqS8C2EGY2ViTZKowZwkuM1ENI92GmA98hMS12Efl/cCc51TGe44hKE0l4JpCArhYf2AZV0KFhnpHEoapcqdodW0yG0gLeZzmkfHUGjLpazWFI+qxQm9ICPOhprSX5XlDL44yxCd9dGVgfZvmOG0HQD1G8wHKGVt/NPYXCtxzEPT3VEcW/5XmXZLtbPzGXXRm0Fdqrh9ypyh6Oeh5b9Ox43728MEAzkRZaUIaJTQ4njMx3C9Q9JAwlm/tHwBdutkOCgwF8MvCTDA/p5qHRDKginbA4SdFgNLWe9EQrf52R/uRBzC2qZ9NWz5kV81fJj1BK208NGadO9jaG9E+xdSMnu1/6Y/EhTc6b/MQIc+t5B5h1bE2QT6lUYqoB2WlneRq28OmRWTJ4PO5jN/aqnlwGEF7vBcZ0q8No28Fwu9DqqONrrzNttn1KZfe+PPr/F42ckYioAzj+mdwGleNA/cJzEROhc8CD3expCVw6RyVvK3yeGGr6C5UC1TARgU77j2liUe9oxk5cXy6nXy84rEzO1cjGVaFM5slj7dyT5A4J1NsB+V1geG3y/6Tl93qVUBobvMHh5IViosc//MW1rOdapnX8pyo79r6IuYUAENqzo3slU5GUukWubG0AvADGCG8q788ilikbsxoMJg1ENrFF8Pl549OVjgiywgr1Z0FdPwJZhSxNtfRYI1yVA+ciZmjoszsa+6RF6zdlAd7b9qhuiuItEvgcHMGxyyvLGfGSamfUX722aPLowQiW97i+Hq8VW4nfZiDyCFCsFUggcStJwZk8t/oMsIXxZ56rWD4ulM88c61x6mAuGpjeLky4TnecztjUlSfX8gls0xH2+/Nyrs6AS63nYi2g3h56OTCoyaEaZYHDZ7Hi0Wju1dHF716/pu0VWBHnIYBNWn77MxbimSNczJeOj6081srctoNsg3ZmQfNd24vIR6gpzplEdLvVTSrlYjWoj6lYce3LbbFK9pFeoQ+ONGRz8WJDZasWp39AjUP/itbO3D/ua6Jdlds7iFAIrB65IeVyDmoDuJIlhtWKMnzZWjpkeDA5e1ppA8MTwYpfr4++1uPinoEkTDabLyG/rxoMxgYzbRJQd5UFpT6SsOfBd+pB1LT8cJ0IsKf/UwM/iiJhU35DxmCRy76KMwv4+9kPj3Pw/mg44PqJSpvB81Rt4REM5BM4boP5eiZc0kzXsdyvoJP98CcAbPlVW7j3IdbW3wY8E74JP0knAeXyCYVe+TCIFpVOasKpR/Vm3kij4v3uWH22LtxkNVqu/sbZFXrCup7OoInoDubH8kqwnmPqbeYNPSJ+yvHfeVzei5R4dBm5iApB/gaaExExjKiqmaHBi2cteY3q5DcUuWWxjqdY2rHanqaik1yzfri3ZeAXCiqKslNokoBkqiw5sJ9h/29EIXg8TpC4rM+SFZkbn6vT9TdXrbv3yvXx3xaGMOf3SZnQiAb5+vO81kH58AHMYnBb/SeoptGo1Yaq4HqvkV8q9aljJ3kAge2PIuGq4OuQw4TGy93cx36ReBHgEjlpX7Y5Ey1WFZdL1dIssfI8jQCU7iB/4XvUtwExIwmm0sxGKsgFtF1Ji0cC0yiK3GKKvl8+C5GA+GW1L0iHBSO7ggXUrH1nfOPWAMD7YxBZslJqaQ4fWwQG8FR6vUodiNsaC8kTHlY3hX1UU6+bdVLFH9hfqJi1D4Eh9gQUDDPaCv/Xmt/rJiwtr7b/xJYC90RUidYHhVjBchFEBnnM1eIXs3D9YxMKQXggEhAMZy6BGPgIDDiWdL+qSFIx93QD0jLTRcKCaNy+E1m3f5sZOSUdPj2yFlr/qWplzrAAMg5AJULFYdQk0mzXttn+1xjpHCpm/L6SmVf3jLnZ3tJzev6/3Z+GPAsMBPZdSNC4tApagkO/R3yjZ7ZO2Tp4DmXkvqOIUl7tXqtIji8Avk9KxlEr0oSQz2QqddjpiFO94Dp7fOdMQEG62BoPWNiJjcuDH5n8n+AlL18m9U2t/9Leu4L00HalHECoeK84dCsWTmUyhkCScNO3edrMv4A0mq0txc8MSd+eGO1PcEShM3DnN0c44xR0S9IlEBmrYhFtyLj4JTQmSLAMaAGwZ/eE0V2iTTdD0iyqkqwPOHUl7QHIHZBwqDCBznXk62pjLLeMfzuV2ZayJ2W+QjTcekhokbeDIO6ewvopJ04YcDRp/JnLKJRy5K0s/dLfqG7DYsg7wCW1wPlkD9ggwCsbTFZadZ33H6/X6ORMoum4yoQGv414TlRwcg16roqWTLQxTgXowgG1NBvh4BsJufTXXuLW98Os1rXTn7FaXtx6MhxHu1PuNLIHp58jl3byZZNYMpebV4JAUH72EhbBwkR2OJ+2mCpp8oR1y+qJCySIQAdz0wm+Czya5vl9pztbGTKFWichCHAWKC1A3umDLDVB19HxOJnlP56YQ0Hg9OruX/wX0GeHrO7WwyuLyP0/RnL5U25jB7jnZJWlhg4CG7+pQ19eewXaZhciyJQpr08PVdDYd7bFqOhHIa/K1IQx0q+SFgZazFTbMPCfR4uopgBzXq0k2YShmMYaGf0uSBUc8rZUq3O3xM5dJ40q4Dt3gilrAfcD1laLP93bum0/exefcqwvAc9UfirtoMNI5jqUSxWcrt/R417j/EBSERvZQYfPRonKfZnWt5WE5FFwX4hyK9tYAcp8gU1XvDUM7945GetXfL7udoiTk4vYJm5fuFFGh6mgLAoVNCmYHxvUpIkI6NTPiY7P37TN6/5JT8gTg7oBUbP7yt2pP4OuBvHTdB+4JTv++tAqU/rIhe9psNzomLey3Yl5o/Slt4vHvmdxscJVGlYPBsP//BM+K4xBblOCXM0PZnbKZniGOG9WM/3
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "malware-sample",`
			`"timestamp": "1552064468",`
			`"to_ids": true,`
			`"type": "malware-sample",`
			`"uuid": "5c829fd4-1244-4cb9-b88e-1b9e68f8e8cf",`
			`"value": "2019-03-08-TerraLoader-DLL-Signed.vk.ocx\|9b3ec7553b079f413565a7f61c8efd3c"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "filename",`
			`"timestamp": "1552064468",`
			`"to_ids": false,`
			`"type": "filename",`
			`"uuid": "5c829fd4-582c-4f90-8d22-1b9e68f8e8cf",`
			`"value": "2019-03-08-TerraLoader-DLL-Signed.vk.ocx"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "md5",`
			`"timestamp": "1552064468",`
			`"to_ids": true,`
			`"type": "md5",`
			`"uuid": "5c829fd4-d5e4-4036-89f3-1b9e68f8e8cf",`
			`"value": "9b3ec7553b079f413565a7f61c8efd3c"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "sha1",`
			`"timestamp": "1552064468",`
			`"to_ids": true,`
			`"type": "sha1",`
			`"uuid": "5c829fd4-c28c-4c8f-a0e2-1b9e68f8e8cf",`
			`"value": "24d6407e700152c83ed7f0b33c7cf9d86e2bff92"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "sha256",`
			`"timestamp": "1552064468",`
			`"to_ids": true,`
			`"type": "sha256",`
			`"uuid": "5c829fd4-0074-4440-beed-1b9e68f8e8cf",`
			`"value": "49af65995e51d88bbe8b0d4be5a5df2692aa57800f1875a18ecbd3f483c8a094"`
			`},`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "size-in-bytes",`
			`"timestamp": "1552064468",`
			`"to_ids": false,`
			`"type": "size-in-bytes",`
			`"uuid": "5c829fd4-332c-4b84-ba7b-1b9e68f8e8cf",`
			`"value": "515280"`
			`}`
			`]`
			`},`
			`{`
			`"comment": "",`
			`"deleted": false,`
			`"description": "VirusTotal report",`
			`"meta-category": "misc",`
			`"name": "virustotal-report",`
			`"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",`
			`"template_version": "2",`
			`"timestamp": "1552083459",`
			`"uuid": "aa54ad77-4a78-41b0-8f7b-6534e0944ba8",`
			`"Attribute": [`
			`{`
			`"category": "Other",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "last-submission",`
			`"timestamp": "1552064468",`
			`"to_ids": false,`
			`"type": "datetime",`
			`"uuid": "1a1cc932-6715-4472-8d33-b8c3dcac0518",`
			`"value": "2019-03-08T18:42:12"`
			`},`
			`{`
			`"category": "External analysis",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_relation": "permalink",`
			`"timestamp": "1552064468",`
			`"to_ids": false,`
			`"type": "link",`
			`"uuid": "a4ac7353-7b42-4f17-ab49-036ebdea2d8a",`
			`"value": "https://www.virustotal.com/file/49af65995e51d88bbe8b0d4be5a5df2692aa57800f1875a18ecbd3f483c8a094/analysis/1552070532/"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_relation": "detection-ratio",`
			`"timestamp": "1552064468",`
			`"to_ids": false,`
			`"type": "text",`
			`"uuid": "0352b7e6-10ee-4741-825f-7a7b11090e08",`
			`"value": "5/70"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`