2023-04-21 13:25:09 +00:00
|
|
|
{
|
|
|
|
"Event": {
|
|
|
|
"analysis": "2",
|
|
|
|
"date": "2016-06-28",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "OSINT - Linux/GafGyt - DVR devices compromised/infected",
|
|
|
|
"publish_timestamp": "1467101654",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1467101559",
|
|
|
|
"uuid": "57722fef-c208-4297-a3bc-40be950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#004646",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "type:OSINT",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#71e100",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "circl:topic=\"ict\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101179",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57722ffb-0054-4c6e-9207-041d950d210f",
|
|
|
|
"value": "https://otx.alienvault.com/pulse/57711ad9609200013550ca4f/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101193",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723009-c638-4c2d-aa9a-4165950d210f",
|
|
|
|
"value": "https://www.reddit.com/r/Malware/comments/4px0gi/telnet_malware_on_the_rise_infecting_dvr_devices/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101217",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723021-e848-4ca6-99d5-041e950d210f",
|
|
|
|
"value": "https://isc.sans.edu/diary/More+Multi-Architecture+IoT+Malware/20731"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101217",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723021-e568-4950-b8a7-041e950d210f",
|
|
|
|
"value": "https://bitninja.io/2016/01/11/port-honeypot-is-ready-for-action/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101218",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723022-56b0-4b83-83f6-041e950d210f",
|
|
|
|
"value": "https://twitter.com/bartblaze/status/747409050434945024"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101277",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5772305d-b714-4708-b12e-4c06950d210f",
|
|
|
|
"value": "92.222.66.214"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101277",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5772305d-d1d4-4a97-8d9c-45a2950d210f",
|
|
|
|
"value": "149.202.242.80"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101278",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5772305e-5e44-4e1e-9be2-4e9d950d210f",
|
|
|
|
"value": "74.118.193.239"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101278",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5772305e-8ec8-4903-badd-41dc950d210f",
|
|
|
|
"value": "208.67.1.15"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101320",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "57723088-74c8-4a50-91db-4010950d210f",
|
|
|
|
"value": "69.30.210.254"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101516",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314c-7068-4b8a-9b5e-450d950d210f",
|
|
|
|
"value": "23899602a260225156a757c871eb2654"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101517",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314d-3aa8-465b-810b-47d7950d210f",
|
|
|
|
"value": "49fe0263b252b5b2709ac2bdcbecfe46"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101517",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314d-7398-4c5b-a449-4199950d210f",
|
|
|
|
"value": "dce199485b21563df8609f4bb0c0b5c3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101518",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314e-a8d0-4c2e-9703-44ff950d210f",
|
|
|
|
"value": "69477ca5eed0f6ceefa34ec8cf655246"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101518",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314e-dd24-4b0c-a407-4492950d210f",
|
|
|
|
"value": "e63de7dc3f0afcd20d10323d94d5b8d3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101519",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314f-0d60-45aa-b971-4b87950d210f",
|
|
|
|
"value": "88aa4e588ac1edbaa93b34884444f21e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101519",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314f-d918-4463-9046-4ee2950d210f",
|
|
|
|
"value": "842d2f4423392de0fe20c6446280a991"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101519",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "5772314f-681c-4e87-8118-4ee0950d210f",
|
|
|
|
"value": "321eb5472268010f2c15fe2e46651dd5"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101520",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723150-04e0-49cd-b775-4e42950d210f",
|
|
|
|
"value": "78dc4c517e826a8c29665d83ee118a96"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101520",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723150-7a38-4f2d-a699-464f950d210f",
|
|
|
|
"value": "3c038f728b2d87869327f0b1d232f899"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101521",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723151-e070-428d-811c-438a950d210f",
|
|
|
|
"value": "512cfc1c441ae5348b7dc21442e55e2e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101521",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723151-c37c-41e1-ab85-42e4950d210f",
|
|
|
|
"value": "fe8ee254e768ef2676aba92755f34c6a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101522",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723152-d2c4-45bf-a1b8-4251950d210f",
|
|
|
|
"value": "e14c0bb02273eef1c7a7c46709e474d8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101522",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723152-b0a8-4170-930f-4ad1950d210f",
|
|
|
|
"value": "ca6c5776e776dd4de6904aaf4b6a547d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101523",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "57723153-0f6c-4a59-99c8-4852950d210f",
|
|
|
|
"value": "8dc6032667bb6ee266e32d7117d3ca80"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 8dc6032667bb6ee266e32d7117d3ca80",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101559",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723177-779c-4ec4-920f-06df02de0b81",
|
|
|
|
"value": "dc15df4fd8ee7695ee8895d6c08fcfa24de8092c11d045143cd8d9e92330d48a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 8dc6032667bb6ee266e32d7117d3ca80",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101559",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723177-8c24-4472-9e06-06df02de0b81",
|
|
|
|
"value": "b22229b8f7c006983e0c9cd1644378968c981b84"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 8dc6032667bb6ee266e32d7117d3ca80",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101560",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723178-7b94-479b-8c6f-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/dc15df4fd8ee7695ee8895d6c08fcfa24de8092c11d045143cd8d9e92330d48a/analysis/1455801664/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: ca6c5776e776dd4de6904aaf4b6a547d",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101560",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723178-8ab4-4802-85f1-06df02de0b81",
|
|
|
|
"value": "bffedbd067c8c94e8c052dc49df08bd29606355498b84a5dd21c027cb8dd3ef4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: ca6c5776e776dd4de6904aaf4b6a547d",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101561",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723179-da24-4a95-b5aa-06df02de0b81",
|
|
|
|
"value": "9f07a4e8528848ffe7b88a8cf1b891c6a053a8ae"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: ca6c5776e776dd4de6904aaf4b6a547d",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101561",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723179-7478-4646-8a48-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/bffedbd067c8c94e8c052dc49df08bd29606355498b84a5dd21c027cb8dd3ef4/analysis/1455801318/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e14c0bb02273eef1c7a7c46709e474d8",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101562",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772317a-ffb4-498f-91d5-06df02de0b81",
|
|
|
|
"value": "6adb257b753301070b1de956ab6b935c6570ed6afac3628c25286e34401a716d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e14c0bb02273eef1c7a7c46709e474d8",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101562",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772317a-3b28-43db-81bb-06df02de0b81",
|
|
|
|
"value": "bd0af9998c8918c0bd8705164d24d1294b325b36"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e14c0bb02273eef1c7a7c46709e474d8",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101563",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772317b-d0d4-4852-9aac-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/6adb257b753301070b1de956ab6b935c6570ed6afac3628c25286e34401a716d/analysis/1460103566/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: fe8ee254e768ef2676aba92755f34c6a",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101563",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772317b-2e64-4f7f-a2ee-06df02de0b81",
|
|
|
|
"value": "dbce46b935cb4f05bfd14240b094e9eda16c0d4de22c257c9c35f1ee963b04d6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: fe8ee254e768ef2676aba92755f34c6a",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101563",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772317b-ee50-4057-96c0-06df02de0b81",
|
|
|
|
"value": "394fc3526025bf379775babd5e8ed78d97ba8377"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: fe8ee254e768ef2676aba92755f34c6a",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101564",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772317c-4e34-48a2-a9ee-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/dbce46b935cb4f05bfd14240b094e9eda16c0d4de22c257c9c35f1ee963b04d6/analysis/1460103680/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 512cfc1c441ae5348b7dc21442e55e2e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101564",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772317c-83d4-4100-9444-06df02de0b81",
|
|
|
|
"value": "1db98a09bccd1b06d1b17c7697680a32827a6f64f311201f251dc8891eea42b2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 512cfc1c441ae5348b7dc21442e55e2e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101565",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772317d-a874-4f41-b5c5-06df02de0b81",
|
|
|
|
"value": "f84019211f7fc232defa56f5a87169afd7838db7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 512cfc1c441ae5348b7dc21442e55e2e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101565",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772317d-978c-417c-85d2-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/1db98a09bccd1b06d1b17c7697680a32827a6f64f311201f251dc8891eea42b2/analysis/1460103501/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3c038f728b2d87869327f0b1d232f899",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101566",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772317e-7194-4049-995a-06df02de0b81",
|
|
|
|
"value": "4b668014046dfc2e0b5595e2ea423d79cacb7b8275a2dcfb1376b5d6e8a7f27a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3c038f728b2d87869327f0b1d232f899",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101566",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772317e-2b60-4333-9d78-06df02de0b81",
|
|
|
|
"value": "e7ec06e87e83a51ed07567251e8ade99e2af9c99"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 3c038f728b2d87869327f0b1d232f899",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101567",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772317f-3a00-4614-a100-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/4b668014046dfc2e0b5595e2ea423d79cacb7b8275a2dcfb1376b5d6e8a7f27a/analysis/1452649990/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 78dc4c517e826a8c29665d83ee118a96",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101567",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772317f-cae0-4143-97fd-06df02de0b81",
|
|
|
|
"value": "93d787c00b4f96eb1aedacefdcd21024d99fca630bcfca4051d097de6517d20f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 78dc4c517e826a8c29665d83ee118a96",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101568",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723180-403c-466d-bc66-06df02de0b81",
|
|
|
|
"value": "8cf359bfa882cec3567776daa2c2414409e355bd"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 78dc4c517e826a8c29665d83ee118a96",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101568",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723180-7034-442c-ac8d-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/93d787c00b4f96eb1aedacefdcd21024d99fca630bcfca4051d097de6517d20f/analysis/1448320139/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 321eb5472268010f2c15fe2e46651dd5",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101569",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723181-3494-421f-9ec2-06df02de0b81",
|
|
|
|
"value": "53dda69ad144382a07e38c7db53a6be5ba4ecafa726d4cac711107ba0bd97a80"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 321eb5472268010f2c15fe2e46651dd5",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101569",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723181-6154-41ac-a3c2-06df02de0b81",
|
|
|
|
"value": "84e36ab9099ec6aa385670385cc853078b727be2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 321eb5472268010f2c15fe2e46651dd5",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101569",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723181-cbdc-44f4-93d4-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/53dda69ad144382a07e38c7db53a6be5ba4ecafa726d4cac711107ba0bd97a80/analysis/1454154465/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 842d2f4423392de0fe20c6446280a991",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101570",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723182-2b08-4709-a208-06df02de0b81",
|
|
|
|
"value": "6c4dd25bad713dc8116ab1a6d4ae0febb2e51f0dd364a75097ea4de37ab7b935"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 842d2f4423392de0fe20c6446280a991",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101570",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723182-f490-45f5-b6cf-06df02de0b81",
|
|
|
|
"value": "aa175e75773d46e5908678345a310057a6840c6f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 842d2f4423392de0fe20c6446280a991",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101571",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723183-1108-4569-8c11-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/6c4dd25bad713dc8116ab1a6d4ae0febb2e51f0dd364a75097ea4de37ab7b935/analysis/1452650720/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 88aa4e588ac1edbaa93b34884444f21e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101571",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723183-fd88-4056-bc0f-06df02de0b81",
|
|
|
|
"value": "7d80756e208cc14d86f84dd72191a76e6efdcce645b0467dc21bef4d82bda5a8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 88aa4e588ac1edbaa93b34884444f21e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101572",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723184-ae3c-452b-8ae4-06df02de0b81",
|
|
|
|
"value": "604d384c8264429ffcfe7d4f56dfde8a24037780"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 88aa4e588ac1edbaa93b34884444f21e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101572",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723184-df08-49ad-a697-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/7d80756e208cc14d86f84dd72191a76e6efdcce645b0467dc21bef4d82bda5a8/analysis/1467029152/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e63de7dc3f0afcd20d10323d94d5b8d3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101573",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723185-5660-4856-abb0-06df02de0b81",
|
|
|
|
"value": "a33d258694568b7a2eb2fccc4419479c6c7482c87dcc73ab4a2c85ffbe27068b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e63de7dc3f0afcd20d10323d94d5b8d3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101573",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723185-a24c-4031-9612-06df02de0b81",
|
|
|
|
"value": "8932991f302b3bff67036edbd0bc1bbe3c36d9c3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: e63de7dc3f0afcd20d10323d94d5b8d3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101574",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723186-5170-4f70-9a04-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/a33d258694568b7a2eb2fccc4419479c6c7482c87dcc73ab4a2c85ffbe27068b/analysis/1467029150/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 69477ca5eed0f6ceefa34ec8cf655246",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101574",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723186-01e4-4697-9065-06df02de0b81",
|
|
|
|
"value": "b610378992e657d1aa211d27577a3745f8cc6514dc03787cf963916eb0bc6247"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 69477ca5eed0f6ceefa34ec8cf655246",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101575",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723187-1084-45a4-911b-06df02de0b81",
|
|
|
|
"value": "5175555630b66e5a01030cf4c62c32c272038d20"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 69477ca5eed0f6ceefa34ec8cf655246",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101575",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723187-fe08-406b-ba40-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/b610378992e657d1aa211d27577a3745f8cc6514dc03787cf963916eb0bc6247/analysis/1467030142/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: dce199485b21563df8609f4bb0c0b5c3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101576",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723188-8a28-45b9-86e2-06df02de0b81",
|
|
|
|
"value": "c1ac12ab98190d29bd29d4ddfb2da325e6db5124a248d824532055428d7b5970"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: dce199485b21563df8609f4bb0c0b5c3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101576",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "57723188-9684-47a4-b914-06df02de0b81",
|
|
|
|
"value": "03e7d7f6ca97e3359ee6958e53dd8be92833adb7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: dce199485b21563df8609f4bb0c0b5c3",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101577",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "57723189-e7b0-4f6a-879c-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/c1ac12ab98190d29bd29d4ddfb2da325e6db5124a248d824532055428d7b5970/analysis/1466965905/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 49fe0263b252b5b2709ac2bdcbecfe46",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101577",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "57723189-3b7c-45e6-bb3d-06df02de0b81",
|
|
|
|
"value": "5e131ab7d131d69238667545056e718c2ca290bfd660e12e1093ec0e9d78755a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 49fe0263b252b5b2709ac2bdcbecfe46",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101578",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772318a-d948-4ac2-bfc0-06df02de0b81",
|
|
|
|
"value": "2f4e1c1781cb292b1f486113b8cbff3567aa3ef6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 49fe0263b252b5b2709ac2bdcbecfe46",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101578",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772318a-f0fc-40e6-a1ad-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/5e131ab7d131d69238667545056e718c2ca290bfd660e12e1093ec0e9d78755a/analysis/1467030486/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 23899602a260225156a757c871eb2654",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101578",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5772318a-6884-4f00-b7ac-06df02de0b81",
|
|
|
|
"value": "a78448f08a6f3dd58b2f1d3b7e61407ba7b9cce63f00f3568236132519d86e08"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 23899602a260225156a757c871eb2654",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101579",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5772318b-ac78-4cee-adb9-06df02de0b81",
|
|
|
|
"value": "0674a065906c928f9b24817a1b5394f285eb4a9d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "Imported via the Freetext Import Tool - Xchecked via VT: 23899602a260225156a757c871eb2654",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1467101579",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5772318b-3358-406a-921b-06df02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/a78448f08a6f3dd58b2f1d3b7e61407ba7b9cce63f00f3568236132519d86e08/analysis/1467029148/"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|