2023-04-21 13:25:09 +00:00
{
"Event" : {
"analysis" : "2" ,
"date" : "2015-04-11" ,
"extends_uuid" : "" ,
"info" : "FBI Flash Message: MC-000055-BT EC3/IC4 takedown of the AAEH botnet" ,
"publish_timestamp" : "1428923916" ,
"published" : true ,
"threat_level_id" : "3" ,
"timestamp" : "1428914519" ,
"uuid" : "552b6de3-9b10-48a1-8226-c05b950d210b" ,
"Orgc" : {
"name" : "CthulhuSPRL.be" ,
"uuid" : "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
} ,
"Tag" : [
{
"colour" : "#33FF00" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "tlp:green" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " J V B E R i 0 x L j U N C i W 1 t b W 1 D Q o x I D A g b 2 J q D Q o 8 P C 9 U e X B l L 0 N h d G F s b 2 c v U G F n Z X M g M i A w I F I v T G F u Z y h l b i 1 V U y k g L 1 N 0 c n V j d F R y Z W V S b 290 I D M y I D A g U i 9 N Y X J r S W 5 m b z w 8 L 0 1 h c m t l Z C B 0 c n V l P j 4 + P g 0 K Z W 5 k b 2 J q D Q o y I D A g b 2 J q D Q o 8 P C 9 U e X B l L 1 B h Z 2 V z L 0 N v d W 50 I D Q v S 2 l k c 1 s g M y A w I F I g M j Q g M C B S I D I 4 I D A g U i A z M C A w I F J d I D 4 + D Q p l b m R v Y m o N C j M g M C B v Y m o N C j w 8 L 1 R 5 c G U v U G F n Z S 9 Q Y X J l b n Q g M i A w I F I v U m V z b 3 V y Y 2 V z P D w v W E 9 i a m V j d D w 8 L 0 l t Y W d l N S A 1 I D A g U j 4 + L 0 Z v b n Q 8 P C 9 G M S A 2 I D A g U i 9 G M i A 4 I D A g U i 9 G M y A x M C A w I F I v R j Q g M T c g M C B S P j 4 v U H J v Y 1 N l d F s v U E R G L 1 R l e H Q v S W 1 h Z 2 V C L 0 l t Y W d l Q y 9 J b W F n Z U l d I D 4 + L 0 F u b m 90 c 1 s g M T U g M C B S I D E 2 I D A g U i A y M i A w I F I g M j M g M C B S X S A v T W V k a W F C b 3 h b I D A g M C A 2 M T I g N z k y X S A v Q 29 u d G V u d H M g N C A w I F I v R 3 J v d X A 8 P C 9 U e X B l L 0 d y b 3 V w L 1 M v V H J h b n N w Y X J l b m N 5 L 0 N T L 0 R l d m l j Z V J H Q j 4 + L 1 R h Y n M v U y 9 T d H J 1 Y 3 R Q Y X J l b n R z I D A + P g 0 K Z W 5 k b 2 J q D Q o 0 I D A g b 2 J q D Q o 8 P C 9 G a W x 0 Z X I v R m x h d G V E Z W N v Z G U v T G V u Z 3 R o I D U x O T M + P g 0 K c 3 R y Z W F t D Q p 4 n L 1 d W X P b O r J + T 1 X + A x 7 F q W M a C 8 E l l X K N L d u T 3 H u y z L E z U z P J P N A y b X O s x S P R 8 f U v m r 95 u x v c J B J W b I G u U y e i K J C N b g C 9 f o D Z / l f 2 / v 3 + p / H H Y 8 Y P D t j R 8 Z j 95 + 2 b U A g / Y R z + E w H 3 B e N + p F m o 8 e Z k 9 v b N / s d Z e p 1 p d r x g f 337 h p 18 G r P 9 w 2 W R X 6 W T A l 93 W B T p 5 C a 7 Z N / 3 z x d 3 / 9 o / f 7 z L 9 r + m 1 / k 8 L f L F v K R z d A 5 v O h V M S H Z + 9 f a N M P S Y D E M / F i w K l a / g F y A H 9 / 0 Q f l t e N 9 d //OXtm++jb5/Hv3vB6NDbU6OzMy8cffT25Oj0I34/Ofb+xc7/5+2bE6CDtCoCSkV+krQJfB8xS1sZKT/ULApiP4zLtufeXjD63VOjr++Yt6dHf/nj5AQJft54x/6pZCBHHqyxp5TwhVp/Y5v6k9I8WhTFYrZNoImfhGs0o8iP4oBF0lfwQSL1hZQgShmDMP0gMbLdvGmEfH6D3GUoWZbP8eNqsfT2otEMuacOeHth9RsrUDw3+E/u6dGKnf5+CJ9n3l48+gBjxR7wp3TFFvj0BX4p0nye4bdL/NZ6wRJvLpD6PX699sr7LJ0jfXbqCT46wjsfWQ4/zvHyp1d2dlXgvWts2XTSPGkI5Svszx3eaCjh49hxakLvKRsb7ib4FmpIxP59j3fpcuLFo5rMQ8V/cWOZWVpGPpftMenOwv1T1R1MwRNfxywUfhCWD77nIjnkQh8e7EVwLU4O9uR7zrniXIYcbhzshfBdnnKljw6wScLpZ/ykR7nEz4O9AH470uYT70fH9KiIxwd7Gj7H0UFg3ky34oaaiI/WH9fHB7r1ZNUs0vX3BL+GNTF4a4cwURLcdALuxa1HxEZ/sZmixw8ELx8d87ojzc94y3RElc3wlZGhsNZGxvToxhuMsOg2SaB6quwYvZHacMOTarVpCzc8pXes8VRKqeSNXkWdDashPdicIj3rPZDaT/TaFBkFkn07gwk5Zjh5/9uZaR09HMDjmy+xqUlo4UdBuy0oEK6gV5PvI8FDHvXQ63Y70T4ooLW30Bu668JmNQJBmm44q9EisNVqwAoXQfBMq7FhJ9be0bETYKpByHHoK7AyQnM/iZmOQp9HbJm9ffP3P7E5tGzZeNHY+O0P1qKO10QNdlPiWCe+KgVNEibRJuzwDrla5lMGK0C3Ogyewi5UhZYgeQtZtk6HZNNmWz6fbbk5w6LAD2Fa6oSe2uzB4TRbIuNkvBjMqc+12Zp5ibFz0OKl4uj0RsBEVLGtN9vkoRxMAxiPREJrjtZovQNsD1Y/dhjW7qexuzkQxbQYeml+H+25IxQrM9ZW5rhRbajgtctJrmIa1cEZFIECX/6JwYuJv6NzhyRDaZr38rZtxgYOVjA8qAP0t55NXTuiDto8Eh3qX6eZ8YkzsgwTMBILLzJeJekTCATgOzP6RRsfGNoGo9MjaPuRPeTgZqLb6VC/4DAFth47JIRiEQqbbhJBV12PHtl/gFFSpNmqwDs5ev2L2u9eMbxcgpLNpileooiySyOP0AhwQeIrv5jYZOWWhyCJ/aBrmDD4cUZGK19LG6WzD+yP7K4MY4w8SlsEsyZd+5blGKrUosjg25Lh1aMnlHmc5L10LCLQqlHS6fh0MUmnL6VU+yTgMwY2CuNHWCUXyFYGF8vKQpNHlsLkWt0S96el4GAFZi4NtfaVtWsuV2wA1tFGp54TLgmC0JVrxtrzJUx8obtL6ojcdZrJ43/8HYaLHHkazfEHh+zxAEykpRO+SzqYnbER2maZwhdZpm5WCsStta+3DmSnA5Eb0xiAP9tjA05mONZpPn1nxtyZ1MOYPDwL2X6mz+7Sec13/Fy+28zKsFHheK+MUeHKRKiTx4e0mOC0vkG+/5wbvyCGeYfpN/zhAkxajhd0C1Nji59bhipxMFRCKVJnbQ5+fbII7mi2cN2ndL7eYC6v9p2ydyifXTURxPKgCmwkt3L87Ii7xaZKRJ9OEDtyBD4wiNTy8pcGGfXLtR8HtpfHGubpS+OleukGPo+H6n4Y+bG09l/C1ErkjiSgKQ+tJHZlIE5IsVnerhLUJArYiHakIwRGkBYyW1eFi4QMLhCIUlR3Uf5uXEr06XJK4U8vwU0gj+HLValBIQTAQCtbObTkEhz0/j5hOhSmFcbU71y6YDLBcNYihl+wYuLZmaC29MFjiJ4yYw+e1K1/fE9GIHoZgvGSaL3gyvdEBNZLYYwmYqy+qNG+JzlYOxnDPfhnjo0LbJdiuwm2K3advSqEdb6dg11XI5VP4+107pHHlScSwzwJieSToUCmeHW5bU29LEXScQUFNA02RPOMlf2yVEmfQ6rQTm31zf7apMJFHPlBTVPF4OKpLenwlvv8a09bkluSC8z4hwFVMDrJ4cOTD+yIqobF3KOyIlx19cBzuqA2u6C4xApIfxfecxUFB7vQ67CsYNCs9Hq8rh2JwWyMbMS+3JFEl2WZFwIFrOosTBJj4uEqctqbIAipNPZLrHeXSPSySde3TKp5JwO/m6X7YUzetx8eOzfZHkF5Q7h35Qk5ogr8dErpRlDR+fzaozL+Fd2B35bYakZpkgKTbnlZ+FZ1Fd8TYoSV/AhUOiYnE4jV5ijwS1bcLGsi9/Cjqd7Do5iMYv+mh6CtxoUAbzWpzJ3GqU9AQRygNusX0G8DkIvAubOQ221N9JMzWIBecsc4RPflsExu2GeP0Bo4ZDQoOI59mTdXc1Jw8EQ7vfqA+IprymLDXDinfOTEfR/A7nJrH24GoKdJGfbTG0DGQewrZaM3Xua41Gcmae6eeJQ8IdwBmI2FryMbvW9oUfOuQ7grVcX5E9PYPZeKK3R3LPR+jD7DevmAw3o+Ro3unn4QYP7PQj9FKV/ikj0x9QE1atT7XWUwplhAYONHnHgXhMNKwAC3ZyOD0HO88MLSwFzi2M17FBMbZ5WtQfWVLanK82N04sWjsaJrz7kIdCQRkzXIkAd2TamTqNdlq5A/BLziFUCoAm0ZPBE20ZyatGBJQpSQI22wRaqFSopCghfpFroo4Q1iKk4Qs0VPRy262Mw8VSG34JtaQyhVYK1NyiJMCPekmjuCN13l/V0dixpGJmpI1mGJWjPXZU9aOLcK42YHuEmDwRJtnFlkYGpCGoBbjQpDMbTQbSV8q5J6+asoQW1hOTgo3hLMFq/TWAdvObW1Gosw3bL2ZIFVUFxDuHJxzU4KrHz9NOkPs+RoXbJ5vZiL/CqfpLiQi7xZjujZEWYzNC7FlFZtdomPgcu4s7vfVUfwJKgjC2cBqBFJ2d1vZ6BCxljf/a/J9iYjgRccboXwP8
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909603" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "552b6e23-3890-4943-b553-42f6950d210b" ,
"value" : "FLASH-MC-000055-BT_TLP GREEN.pdf"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909678" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6e6e-aab0-4511-b343-eb29950d210b" ,
"value" : "AAEH"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909678" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6e6e-0bdc-4d59-b2c7-eb29950d210b" ,
"value" : "VObfus"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909678" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6e6e-d438-4180-bad4-eb29950d210b" ,
"value" : "VBObfus"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909678" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6e6e-4088-40b6-9913-eb29950d210b" ,
"value" : "Changeup"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909678" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6e6e-d360-448d-80bb-eb29950d210b" ,
"value" : "Beebone"
} ,
{
"category" : "Network activity" ,
"comment" : "Shadowserver foundation sinkhole" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909712" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "552b6e90-cbb4-412f-bffe-73a5950d210b" ,
"value" : "46.244.21.4"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909960" ,
"to_ids" : false ,
"type" : "comment" ,
"uuid" : "552b6f88-341c-4a2c-b1e5-c060950d210b" ,
"value" : "Sinkhole IP marked as useable for IDS. The idea being that it is not malicious, but it indicates that some malicious software is trying to connect to previously malicious hostnames or domains."
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909974" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f96-abac-4390-8545-4f04950d210b" ,
"value" : "timechk1.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909974" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f96-c580-41ca-9a4c-40c7950d210b" ,
"value" : "timechk23.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909974" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f96-ab4c-49ec-a22a-4ffb950d210b" ,
"value" : "timechk1.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909974" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f96-4e28-45de-87ed-4bed950d210b" ,
"value" : "timechk23.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909974" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f96-a194-47e9-8e92-4a51950d210b" ,
"value" : "timechk2.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-74a0-4ed0-9a72-4415950d210b" ,
"value" : "timechk24.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-cf9c-4c60-a376-4932950d210b" ,
"value" : "timechk2.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-5c98-4b4e-9b6c-4c8d950d210b" ,
"value" : "timechk24.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-76bc-43a8-bd88-4fed950d210b" ,
"value" : "timechk3.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-ce98-4afd-a700-4609950d210b" ,
"value" : "timechk25.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-0c48-4f80-ab6d-4505950d210b" ,
"value" : "timechk3.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-6d84-4ebb-80c3-483e950d210b" ,
"value" : "timechk25.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-b984-4d7a-8dac-463f950d210b" ,
"value" : "timechk4.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-6708-4ab2-89a4-4ec6950d210b" ,
"value" : "timechk26.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-2e14-425e-a31d-4eb9950d210b" ,
"value" : "timechk4.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-2f94-4e15-8d81-4446950d210b" ,
"value" : "timechk26.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909975" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f97-e780-43f7-ac76-4e24950d210b" ,
"value" : "timechk5.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-b578-4ccd-912e-4891950d210b" ,
"value" : "timechk27.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-8608-4b6f-a60c-4d50950d210b" ,
"value" : "timechk5.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-4e24-4c14-b0d0-4929950d210b" ,
"value" : "timechk27.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-6974-4b31-864c-4c4e950d210b" ,
"value" : "timechk6.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-d028-4d61-ab4f-4227950d210b" ,
"value" : "timechk28.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-7c00-4103-8bab-452d950d210b" ,
"value" : "timechk6.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-01f4-4915-b027-4e30950d210b" ,
"value" : "timechk28.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-bce4-4460-aed8-46c4950d210b" ,
"value" : "timechk7.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-00b0-43bf-87ca-4ce3950d210b" ,
"value" : "timechk29.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-ef54-4d18-ae7d-43fe950d210b" ,
"value" : "timechk7.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-45e0-47ef-b691-487e950d210b" ,
"value" : "timechk29.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909976" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f98-0c00-44e5-afff-44eb950d210b" ,
"value" : "timechk8.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-9e50-48ac-8f78-48a2950d210b" ,
"value" : "timechk1.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-0880-43d1-891b-446c950d210b" ,
"value" : "timechk8.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-7ff8-4261-b454-41ea950d210b" ,
"value" : "timechk2.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-57f4-44b2-8a09-4b31950d210b" ,
"value" : "timechk9.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-1948-4f1e-a8bf-4ae6950d210b" ,
"value" : "timechk3.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-12dc-4473-8e0e-40c8950d210b" ,
"value" : "timechk9.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-e434-4a5b-9d7f-48ea950d210b" ,
"value" : "timechk4.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-bb68-4568-a670-41e7950d210b" ,
"value" : "timechk10.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-56d8-4073-93f5-4b9a950d210b" ,
"value" : "timechk5.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-24ac-42f5-8420-4bd0950d210b" ,
"value" : "timechk10.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-10f8-4cf5-b96b-4326950d210b" ,
"value" : "timechk6.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909977" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f99-8854-4eed-bf33-48fe950d210b" ,
"value" : "timechk11.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-e054-42de-bed1-436e950d210b" ,
"value" : "timechk7.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-f928-4907-aa6e-4c19950d210b" ,
"value" : "timechk11.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-0490-4206-9f2e-40a3950d210b" ,
"value" : "timechk8.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-6b60-4898-9b41-4eb5950d210b" ,
"value" : "timechk12.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-a2a4-4ca3-8da5-4bf6950d210b" ,
"value" : "timechk9.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-058c-4712-8922-4049950d210b" ,
"value" : "timechk12.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-2e00-4d84-ae49-4a5e950d210b" ,
"value" : "timechk10.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-a008-499c-a29b-466a950d210b" ,
"value" : "timechk13.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-74e4-462e-a1db-4258950d210b" ,
"value" : "timechk11.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-5640-426f-93a9-4044950d210b" ,
"value" : "timechk13.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-2928-4d75-9717-42e0950d210b" ,
"value" : "timechk12.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909978" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9a-4a30-4ab1-88a9-4da1950d210b" ,
"value" : "timechk14.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-a018-4afc-9e77-4b9d950d210b" ,
"value" : "timechk13.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-a8e8-4e38-8cf9-4f8f950d210b" ,
"value" : "timechk14.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-94d0-4f6a-8c03-498c950d210b" ,
"value" : "timechk14.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-b5d8-4ff4-9b31-4537950d210b" ,
"value" : "timechk15.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-d1a8-41e9-a516-463d950d210b" ,
"value" : "timechk15.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-b000-4160-8209-497e950d210b" ,
"value" : "timechk15.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-e0c4-4b76-bb87-4329950d210b" ,
"value" : "timechk16.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-7758-42d9-9b16-4157950d210b" ,
"value" : "timechk16.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-2c2c-4a70-9171-4a24950d210b" ,
"value" : "timechk17.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-4370-4781-9d00-412f950d210b" ,
"value" : "timechk16.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909979" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9b-1c98-48fc-90ae-4eed950d210b" ,
"value" : "timechk18.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-0c28-4f45-9ebb-4724950d210b" ,
"value" : "timechk17.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-11d8-4f7c-b0d5-464f950d210b" ,
"value" : "timechk19.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-d8e4-4529-a712-45d8950d210b" ,
"value" : "timechk17.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-41cc-43f6-bd50-42c4950d210b" ,
"value" : "timechk20.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-c3b4-4cdd-9ff4-4c97950d210b" ,
"value" : "timechk18.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-4ab0-46a6-98ce-461f950d210b" ,
"value" : "timechk21.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-8090-46a7-9506-4b75950d210b" ,
"value" : "timechk18.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-4d9c-4d58-84e2-4446950d210b" ,
"value" : "timechk22.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-6e40-43f8-9c9b-4648950d210b" ,
"value" : "timechk19.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-277c-488d-9fa3-45dd950d210b" ,
"value" : "timechk23.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-4e7c-46fa-8abe-415d950d210b" ,
"value" : "timechk19.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909980" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9c-eed4-4e15-9ab0-4472950d210b" ,
"value" : "timechk24.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-b214-45a0-a520-4572950d210b" ,
"value" : "timechk20.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-ae64-4d32-b6c8-4a9f950d210b" ,
"value" : "timechk25.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-9088-473a-9e8f-4745950d210b" ,
"value" : "timechk20.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-f548-4a27-8f16-47aa950d210b" ,
"value" : "timechk26.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-e9c8-4fb9-a0d3-4d5a950d210b" ,
"value" : "timechk21.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-ea00-49e6-8920-4f70950d210b" ,
"value" : "timechk27.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-0aa4-4ea8-8b25-4590950d210b" ,
"value" : "timechk21.com"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-35d4-44ea-80b9-4f65950d210b" ,
"value" : "timechk28.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-266c-453b-a367-4575950d210b" ,
"value" : "timechk22.net"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-0a20-4e4f-9f49-412c950d210b" ,
"value" : "timechk29.org"
} ,
{
"category" : "Network activity" ,
"comment" : "DNS requests" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428909981" ,
"to_ids" : true ,
"type" : "domain" ,
"uuid" : "552b6f9d-7cf0-40c6-a498-4610950d210b" ,
"value" : "timechk22.com"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1428910002" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "552b6fb2-1e80-45f5-b6d8-4acf950d210b" ,
"value" : "MC-000055-BT"
}
]
}
}