2023-04-21 13:25:09 +00:00
{
"Event" : {
"analysis" : "2" ,
"date" : "2014-03-30" ,
"extends_uuid" : "" ,
"info" : "OSINT - old njRAT activity" ,
"publish_timestamp" : "1536927633" ,
"published" : true ,
"threat_level_id" : "3" ,
"timestamp" : "1536927610" ,
"uuid" : "5b9ba490-0e84-4127-916f-4f75950d210f" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#054000" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:tool=\"njRAT\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#ffffff" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "tlp:white" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#00bde6" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "veris:action:misuse:vector=\"Remote access\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#3b7500" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "circl:incident-classification=\"malware\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#00223b" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0026eb" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "estimative-language:confidence-in-analytic-judgment=\"moderate\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536926886" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b9ba4a6-64b8-4561-a3c1-4d97950d210f" ,
"value" : "https://www.symantec.com/connect/blogs/simple-njrat-fuels-nascent-middle-east-cybercrime-scene"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536926928" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5b9ba4d0-b15c-4860-b9b6-46d5950d210f" ,
"value" : "njr.no-ip.biz"
} ,
{
"category" : "Network activity" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536926953" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5b9ba4e9-ff3c-4024-98a4-4760950d210f" ,
"value" : "njratmoony.no-ip.biz"
} ,
{
"category" : "Antivirus detection" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927009" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9ba521-bde4-4769-806b-4f44950d210f" ,
"value" : "Backdoor.Ratenjay"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927039" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9ba53f-6cfc-4071-b166-4fdd950d210f" ,
"value" : "Symantec has observed the growth of indigenous groups of attackers in the Middle East, centered around a simple piece of malware known as njRAT. While njRAT is similar in capability to many other remote access tools (RATs), what is interesting about this malware is that it is developed and supported by Arabic speakers, resulting in its popularity among attackers in the region.\r\n\r\nThe malware can be used to control networks of computers, known as botnets. While most attackers using njRAT appear to be engaged in ordinary cybercriminal activity, there is also evidence that several groups have used the malware to target governments in the region.\r\n\r\nSymantec analyzed 721 samples of njRAT and uncovered a fairly large number of infections, with 542 control-and-command (C&C) server domain names found and 24,000 infected computers worldwide. Nearly 80 percent of the C&C servers were located in regions in the Middle East and North Africa, including Saudi Arabia, Iraq, Tunisia, Egypt, Algeria, Morocco, the Palestinian Territories and Libya."
} ,
{
"category" : "Network activity" ,
"comment" : "Potential sinkhole" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927248" ,
"to_ids" : false ,
"type" : "ip-dst" ,
"uuid" : "5b9ba610-0314-4618-b854-4cb4950d210f" ,
"value" : "204.95.99.26"
} ,
{
"category" : "Network activity" ,
"comment" : "Old allocated IP" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927315" ,
"to_ids" : false ,
"type" : "ip-dst" ,
"uuid" : "5b9ba653-5788-43a1-86b1-4de4950d210f" ,
"value" : "83.71.169.49"
} ,
{
"category" : "External analysis" ,
"comment" : "Screenshots" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A b 8 A A A D D C A I A A A C d 5 o g r A A A A C X B I W X M A A A 7 C A A A O w g E V K E q A A A A K T 2 l D Q 1 B Q a G 90 b 3 N o b 3 A g S U N D I H B y b 2 Z p b G U A A H j a n V N n V F P p F j 333 v R C S 4 i A l E t v U h U I I F J C i 4 A U k S Y q I Q k Q S o g h o d k V U c E R R U U E G 8 i g i A O O j o C M F V E s D I o K 2 A f k I a K O g 6 O I i s r 74 X u j a 9 a 89 + b N / r X X P u e s 852 z z w f A C A y W S D N R N Y A M q U I e E e C D x 8 T G 4 e Q u Q I E K J H A A E A i z Z C F z / S M B A P h + P D w r I s A H v g A B e N M L C A D A T Z v A M B y H / w / q Q p l c A Y C E A c B 0 k T h L C I A U A E B 6 j k K m A E B G A Y C d m C Z T A K A E A G D L Y 2 L j A F A t A G A n f + b T A I C d + J l 7 A Q B b l C E V A a C R A C A T Z Y h E A G g 7 A K z P V o p F A F g w A B R m S 8 Q 5 A N g t A D B J V 2 Z I A L C 3 A M D O E A u y A A g M A D B R i I U p A A R 7 A G D I I y N 4 A I S Z A B R G 8 l c 88 S u u E O c q A A B 4 m b I 8 u S Q 5 R Y F b C C 1 x B 1 d X L h 4 o z k k X K x Q 2 Y Q J h m k A u w n m Z G T K B N A / g 88 w A A K C R F R H g g / P 9 e M 4 O r s 7 O N o 62 D l 8 t 6 r 8 G / y J i Y u P + 5 c + r c E A A A O F 0 f t H + L C + z G o A 7 B o B t / q I l 7 g R o X g u g d f e L Z r I P Q L U A o O n a V / N w + H 48 P E W h k L n Z 2 e X k 5 N h K x E J b Y c p X f f 5 n w l / A V / 1 s + X 48 / P f 14 L 7 i J I E y X Y F H B P j g w s z 0 T K U c z 5 I J h G L c 5 o 9 H / L c L //wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAJiRJREFUeNrsnXlsHFl+37ubpERdQ1GiRPGYGWk0WWdkJJvFArm8RhIDgZFAWRuYBIvEyB9G4AUC5EA2gY0ECDbxTIAg3sU6CAx7vYGTANkdLwIn2BnNjkYHKfGmeJPi2ffddd93NZk/Xnezye4uVjcpiiK/HzwIxepXr163mh/+3lmBHQAAAM0TwEcAAACwJwAAwJ4AAAB7AgAA7AkAAAD2BAAA2BMAAGBPAACAPQEA4EzZc3R09P79+z09PYFjp6en5/79+8PDw/gfAgC8Yfb8wQ9+0N7eHnittLe3f/TRR4d8hx989esffPXrPrNVknfmnz0erU5+qvGff/gT71crqal3V31hs9c2VdsjLByA02zPn/70pzdu3AicALq6uj755JNX/SnsU6eHQOvq0qdAfa
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927431" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5b9ba6c7-7a04-42c3-933f-4e63950d210f" ,
"value" : "figure2_17.png"
} ,
{
"category" : "External analysis" ,
"comment" : "Screenshots" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A p Q A A A G i C A Y A A A B Z B F Y R A A A g A E l E Q V R 4 n O y d 6 Z c V x 3 n / v 9 X d 987 C M A z D s C M Q C A S S E C A Q s r X Z k u z I l r x E s Z P Y c b Z z 4 p P j k 7 z N P 5 D X y a v 8 A z k n J 7 Z k x S f O z / I u y X F s W Z K R w a A F E D D s y 8 A w w + z L X b q f 34 u u q n 66 b l X f i 5 g x w 6 j q n J n b t 6 v q + T x V X c u 3 q 5 c r 9 u 3 b R 2 g h E B G E E P a 4 J E k 3 B E 8 P q O R 8 u 5 i R p i P p 0 c 3 k + S j B l v d W 7 M 0 H l 9 c J / 2 x m 21 b / z Y 5 J U R 4 i e X i F s L Y D 1 T 54 O y n a 12 r e Z u F 2 c 5 v 5 B M D J / S h 2 P N d z F y P X t G F y m v V L m 52 i O M / 13 I 8 T t 1 w u I 4 o i l M t l B E H g 5 N 5 q i F w F M U O R i C h 3 d U s l 0 p I 29 e G O D K m q r F d m k d R r 2 V 5 H J 1 G N W X 3 y 9 K 6 J r G i i 4 v s W I t d M x z u 42 d l t k 3 O z y V r Z 8 V z P X S x c k 9 E s F E 3 C r f R L V 9 k 813 M X O 7 d W q y F J E l S r 1 Z Z 8 + 6 i h Q V C a o a j Q I I K I I m x 87 B m U l 3 Y j q c d z 7 Z 8 P C y I Q h A i Q 1 O u 4 c u h N j F 85 j y D M N x 3 z T I l P O D Z x x 7 d t Z 1 d m n C 3 v Q u C a w S V W T d F r s 2 d O 1 j y / s w 96 r u f e w d y i / m f a 4 y x X 33 W V y e W f 53 r u x 4 F L R K j X 6 z q u G b d V E W v u b x C U r R R G G U i S B I E I s P 7 h J 9 C 1 d g O S 2 v y q X x 9 u U 6 D 0 u n d 9 d h Y 3 z p 7 E y M U z E E H Y 0 m S U m S i e g I r y q j y u u N v F t U 2 W v A P b J l K b X R V v S 2 / a N j 8913 P v d K 454 d o m W z O O f z f Z 3 C e b f Z t / n u u 5 n n v r 3 I i r 1 p s N c a 0 G C k I Q B A I R g M T 8 X Z v 34 f Y F o g S A A A G I 63 X U a 3 W I I L z d b v n g g w 8 + + O C D D w s k i J d e e q m 1 C / 6 W U K 9 W M T Y 1 j c F 7 H k b c 3 g U k 6 S V v r X 6 J Q A I A B I R S t v J 7 q n r V D l K L Y A A J y N v 1 o B 7 y 0 V q a 9 D + V G E r o c L 1 N o C y Z L q n J V a Z E m h 6 N q l 0 b 4 T U k h H Q j d V h o 30 V r X O J + F 3 F t K 2 k k 60 U 0 x O o z f + k j S F d l z q z J z G q Q O 0 z Z N h G S J E Y S E + L K N L o v H c d q U U V X 9 z K L 3 z 744 I M P P v j g w 8 c x C E p D Y 4 S x X K q 2 e X y t U s H F q 9 f w v Q u T G I 0 J k U y X J I l 88 l s u l c r V L K I k e y J c 2 W G X T i m O t e C B F E 5 B 6 M h L g A g y 20 m S A E m S U 3 J B G E A g v T S f r r L l y 1 f k V x C E E E E A S h I k i X F v q B A I g j D V W 4 m t T A E C E Y J A S O I Y h i L N 8 t r q g / u V x F m d S 40 Z h C G E C G Q d 2 / y K A F D q l 1 l m W d d E l M 9 L A A L p F 5 D L K 0 Q A o g R x P U Z S m c H j v S U 8 e s 8 G r F y 9 J v e 0 m G 0 p 3 L X f t g T P 8 / B g u 2 T G 0 91 O r k t Q 2 y 4 h 2 i 752 V h F l w g 913 M X K 7 d o n m n G b + a L 7 X K f 53 q u 5849 N z I T m g B z k O H x 9 X o d 1 W o 1E4 E y J H E d 1 d l p C B I I o w h R e w e E E K h X q 4 h r N f A V s F J b G 6 J y G y h J U K v M p g J M L p I F U Y R S W z u C M E S 9 U k O 9 V s k g B E T l M k r t E Y g I c b W S 2 l Z 5 w x C R z J v U a 6 h V q 4 w L h F E J p f Z 2 A A J x r Y o 6 e / p J Q K D U 3 o E g S I V b b W Y m V 8 Y w K i F o U 3 l r q F c N v 9 r b E Z R D U J y k T 0 U z 8 R Z G E Y J y O 4 Q I U a / J M r H q S / 3 q A A D U K 1 X E 9 a x M I g x Q b u + E C J G W a X Y 2 t w Q Z h B H K H a k o j O s 1 W S b S 4 r v U 1 g F R K o H i O m q z s 9 C C k 1 K u a G u D C A K Z t w I i Q l Q q I y y V Q J S A i F C t V j E 7 W 0 n v n w 2 C h s n D 1 V 5 U m 7 H F N W v g N t s L g V t k 3 + x X N j t m v + N 2 T J s u G 57 r u X c 6 l 9 u 0 c X m c r c / y + G a T o O d 6 r u f O H z c y j X C A C T M V r B k I U v s k C Y Q I U G 5 v T 1 f F Z H y p X E Y U l f K Z g k B e e U 5 F H L h t I d J V Q i K E 5 T L C K G r M K 9 N H 5 T Z E p X J D X g i B s F R G E E X I L x Q K K D U W l c o I o x L T u W l e A S A I A 5 Q 7 O y 150 x C W p F 88 X p Z J B I G 1 T B A C B E I Y l R r z M t t R W x u i c m O Z i A h B V E J b p 3 E f Y 2 D 4 x Z / E F t A r n 6 n w 7 G y s a 8 k O S 2 W I I E S t K k U n A U j S J z Y p I b n i 625 c t o n F 1 o 7 M 0 M o k Z O a 9 n V y X T c 5 t 1 m d s 5 X D 577 m e u 5 i 4 t k n K D L Y 5 y c x r 9 t 2 i C d I 16 X q u 53 r u r X M j n s A c B I o M W 1 z W w l E E A a K o l L 5 a R l 4 W F Q B I h D D f q a l E K C A g w p D f v Z f b F k K g I T O 3 E Y Z 8 s Y 7 F E R A E C B A 0 5 l H / R Q i b Z Q I g R A A R u h 42 I g B B K l x z Z Z F c A X 3 J 3 s Y F 8 z m f N 0 0 j W F 4 d T y T F H 4 D A 8 t Y n H S 8 y Y W u L D y 0 P 1 a j E Q i A A U v F P B F C 2 P k u q b C z Y J g n X x M H b j 0 s c 8 m 2 z v d k m t 9 v F V X 3 G Z B V 1 R J d P t r R F + T 3 X c + 90 r q 2 v u e Y f W z 7 X v G T 2 V V 4 u 7 o / n e q 7 n z i 0 34 k a L B g C + b Z t w e Z o g j C D U S i Q r i L Y r s + q H R p j q E T m J K a U V 5 Y V C v o I A I 4 q J r 9 S K j j e 5 E I C R P 1 e J j v J l v i j Z a 3 H g J r m 8 I P n S G / U i 0 r w k 7 R M R 1 I M / g j H 0 c U W + M Q k h p D s k f R B M S G a + C C H 0 r Q h J w Z s A z E b F G 6 i t 8 R X Z s L X B Z p + 3 k 2 v a t s W Z f Y n 3 N Z d v t o 7 O / f R c z / 0 4 c F 37 m s W r i c / m s + m T 53 q u 584 d N 7 I l U g m V E X P b J S Z h T O 6 N E 7 t 8 I j r d o Z 7 v t g x c B P V Q D u c K o X S X F F O w D 2 L Z E + X S l n T N 5 H J R p + 0 y c U g y w s q V T 0 A L I f T 3 u e f y s i m b Q i l G L S o B 7 W D O D r O m L Q A E o e u W W J r M R u 6 Y N X k V l C n E z A b G 20 G D s L W c b D S b l G x n W r e L 6 + w H h j + m b 9 w v 0 19332 k 8 y / R c z 72 T u T x d U W j W 9022 y 26 R T 57 r u Z 5761 x 9 D 2 W z w c K c e K 3 O C 6 R P V c d 1 x H G S 3 h 8 o 7 / k T e o 1 N I K d 51 O o d F 4 c k 0 x L k i h t p Q O a a E k D M R / k q H q F F F g B V e A t X i G w V U I A a y p 5 J L j s X Q m R 2 a D 64 + U D 8 t g I h 8 n K Q H 7 O c 0 L a I b 2 H k Y Z + 6 s S W E u F 6 F e g L c F c y 2 Y p s s z L Z j 22 / m N e 25 P m 8 n 1 / b d Z q + Z D V u w p T H L 6 L m e e y d z W 4 k r 4 j a z c b N l 9 V z P 9 d x b 4 w a 2 s 0 s u I t U f E e X + G k N 2 Z 129 n j 69 n K a T A 5 K A u j K b y 6 P 2 C S F S o Q Y l 1 g A S J P c 5 K k v l U f l F J r R I 2 W W M B i 7 z m w R n k N r r 5 q o 0 g r Q 4 m 2 u u s q f + B K D r Q 38 q k a l 35 + P 5 k V L W V R V n E V k e z S V C r V p F v V a 1 r H r y r I 2 r E r y N m M L P z K v + X I 3 W 1e4 W O t f F 5 H E 2 u y 5 W k X + e 67 l 3 I r f I p i u d y 3 d b a N Z / P d d z P X d u u R G Q H z R s E 7 F N 0 T Y a Z K t n Z l q 5 j 4 u i d O V R X S 6 W l 8 K V U C N 5 m Z m t D C r f S O Z X o g 6 C X T r X d x 8 q M U Z N u G j I y 1 I X c o m V O C v 33 H J V 2 b J 6 V E v V h i A E U m G r 9 w u d Q J D 6 m o p v k m p S k 2 W 8 t s 380 M e w S d v j 7 c Q m 0 G w T h 5 q 8 c h x L M N s m b 6 O 3 m 9 u M Z + P a 7 J m + u M r o u Z 67 m L j F 80 k W b P O T i 2 v a 434 W + e O 5 n u u 5 t 84 N z E g V Y U 66 N o M u e K 4 Q x B z P J Y a 6 M o x M m n F R B C 3 P M j 8 I g p Q g Y 2 K M 2 S Y L y 8 k l J Q v z g 6 o W h L r C G r l K H I J I C r X 54 X I D + U v 6 m U i X V W A 0 C M t x E j K N q m M i L S C V L D c l b C u h l Y n B 1 l j V p G K 2 O b 5 t 2 i u a t G 4 H l / c P 235 b f z J 5 N n 6 R T c / 13 M X A t Q X X P M O 5 p k 2 + X / 2 Z E 6 a r X J 7 r u Z 47 d 9 x A g f m n L Y N p s D G Q / a t U P U I I p a Y A b Y e g Z B c p k a T T q Y v G e Y l G y q a 8 E Z A o t c d x Q m T 3 a 6 b p H V x V W e A V x / I V c L N i p n b m h U t Z A 1 D X q g U v K K t o L a j N 42 P q Q z K j Z c M D W d I I 5 d i c B L P t m I 3 d t Y / H F c X / o b l 8 M u U T b J E f r a T z X M / 9 O H H N i c s W f 7 M 2 X W n M b c / 1 X M + d O 66 + 5 G 1 G c u O m k 87 B Q + 4 P o z K C M N H v Z 9 Q L i c Y K m L C J x V R / 5 f j 6 V T h S j J F K L d R l W 50 p i 1 d a l Q A S D q 7 W s 0 K b y A l r K Q J t X O k N N z L n X M H q N P u k v A 3 i H i B 90 l w Y Q l z v g 9 a I R q 2 z S + W U r i o H 6 S 8 R 5 U R t Q e A n I h k 2 f x L C G 54 t r 8 s O j z N 9 W U h c M 87 W h 1 q Z e G 0 8 z / X c x c g t m m d s / d Y 2 N 9 l s 3 I w / n u u 5 n j s 33 I a n v F 0 G m w O E v l w b h A G A A M T E i L q H M A 1 y H 9 s j 1 M V X K b S 0 s 0 p M M k 1E2 o K 0 K R
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927434" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5b9ba6ca-7d00-4c71-a955-42e5950d210f" ,
"value" : "figure6_1.png"
} ,
{
"category" : "External analysis" ,
"comment" : "Screenshots" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A p Q A A A B T C A Y A A A A h v Z c Z A A A g A E l E Q V R 4 n O y 9 d 1 g V R 9 s //lmqVAELKKgoihUbdo0RjSXGGGOJ5THGEkskYhc1EaMxajTGGI3GLljQqLGjxsTYjb2BEYJgF0QE6X1/f/DuvLtzZmb3AD7Pc31/731dXOfslLvN3WZ29yBlZmbKoECWZUiSpLkGAEmSSB89hh6rjGeBCJ96Pg8Ha74e7yycNK8sHmj6LHw8fo2M5cmtN8foNc0XS988HPQctUy8Pj06LL2w+DBqazyb4c2l8fP0RNOhcfN0UJo55gLPTkV6M6eNxitqF/EoigM8fykL3eitiREejdJi4WTRKgt6Ivw8fzSXrrnrb65MpV17PXq8WKSmYa4tm8tPWeqKxlNWuHlzePHKHH8uDb2Sgjm6Kil+PbsV5T4eHh4tFt8ieYzahSh+KG28GkHEt4VIGDrhKtesTzUxtWJ5c1jCqOfzlCgqJvWAFVx5xSULaBmVceprWm9qXLRc5hSnLB5ovPSi07T0ikgWXyy903LSMvMCN8um6HFq/CwbEK0TrQO9gpG1jiybpe1EpAOe0/HsQ+RTtAw0PZ6vsGRVr78a1Lag/uPZql4S5/GgZ+ss3KJ15OmH1aYXm2hfEAHLhnl6YrWLYqpevOTJwuOTZYMieVi2RfNgbsxkyayMZ/kZbx4v/rP61LLTeqD9nUeHxqe3biyZeTGYBSx8vHjC40UEIvuj9cBqE+Gk57D6aHnoMXqxnrcGItw8v2fxZYQ2rRcj62BUlyx5aFq8mMXzTzWwah81Hr24wosJNF8WPCF5BZNeIGPhoQWgBVRf85yOLjhYOERtrEKKlTxFgYNVsLAWhAeigELPpYtDWhYWbnqsEUNTj2UFWnrNaRloG2E5kJGATq8Nq/ii+eU5GE2TnkPrhrfGLCdk8UXLR+OnZaRxsnTPAiPFryhgi/ylpP7NwqXQZgVHdT9PV7xYwbM7ER+iYo83Tg94wVzdR9s+y6bofpZviHxf5GssO2XZC8umeDyq8dDXesmSBXr6Z/Wz4iLrkxd7RDRYfay4z8IrymfKp8i3eLLSMYcnl5H4L6LLy9E8PzO63jReXvxnzaHlEtklz19o+xfJy6LFyoEsOqy8wZvDygM08OIyj45eXmPFYhafPF5oXbL4BAAL3kAWU3rIeP2idpawJU1ovIApCi4sY+IZuHoca6yoaBAlC7qwYDmFSCeswpaWl6UfHn2ewfOSp8gYzQGenCI74xk7LxHQvIt0S+vKaKEgChgi22LJzOOJloMFLByiolrEp5GkpW7T82FRcNbjRa+dh7+kcUWEn+VjrBgmihssEMVdmgcWH0qbKKHRRQo9Ro+uKCGx7Jy+5sVcPd0Y8Q1zCiBWotfLH6y5LH70ihp1uxG/0eOb18+TgUdXz695eYq+5sUgHvAKIhbPLLpqGWn6In3x7FXEP51fRDbPyrv0WNqPRLpg+S8vp7N0w+NRFIv15gLULW+RcdFtrAQqcmgW0ElfFGj1ChdWole3q5VPG4GefDweePLqGbxe4GMtMs0vjze9IoouhOjvvHUQBTsRLb3kQM9hySdKrkaCpTn0lXks+1HrV80vTw4aL4tHI2DEr+hAr5dAWcFDlDx5+HhBi04+LDwinObqjJWc9eiY00/rReT/LGAVXSJe9GyMx7ue3LT98pIYq00Um9X4ab5ZBbaRNTbHd9U0WTzz1o01n+ZHtLaiwoNVfIl8jLfWevlCjzf1PJavsvxTJA+PFi9+6+HmFaN6fND5nI7ferGSxRfLXtSf6nGsGCCax5or0okRG1T7MGs8q0/hi5UDaN55c1k0AMCK7uBNUhMAADkjHXmHDiL77GkUJiZCzs0FZBluu/fBwt6eKTwLj1oYvUKpNIZCt9F06QTIK6yMAF2gsfihF40Geiz9KdKVXlAqKxAVU0b5MKpjI0mAp0uRvfDWR8QD7YR0YGPNMyInzy9oHKKCjYeH9h0aL4ue+lrPRo3KJNItLZceiPAaiQXqdh7Q/OjJzIuX6msjdmKOzlj0RTbAa+PFQjVuXsJl4Rfxose/UdDTlZF4YI7NsebwbIRHk8eTKH4Z5dFoDDGHj9L4pJqWyI94cUfEJ4s/I3lVxBetK17804t59DiWXsrC1kVxjVc7sOocWja9uoTHmxXNqJ6gclERspctQeb+XyHJhbBt1QRWvp6QrCyREb4fKCwUBi6esYqMWFQpswqKkjh4UVERioqKYGFh+p6SXgJn4VQCs4KPV1QYSYQsGXk8sopW1jWLH9a1HvBk0gts6k9z6YoKWSNzWMmQBawgxyvmRbhph2aNLSoqYtoXL/DqJSBlrp498YKOiI+ioiJi2zQfLF9Vj2fxrvQD0PgLS5+FhYUEP+1jRgIlSy+8ZEbLxfNpWres70bXRQ/oRKgXD9R0eXiMyE7rlpeYWHbFk5PFIy/O8mySh0OEk7U2ar3RNFm4RDlLL5fyYq5IFh6PorhnNA7zZGP1sUDkBzS/RtaRN1akb1bcYdlHSfxCZMMse+flOZEueDZpJE7R+GicIhvg4eTNp+MhzYeFejJLAYTZzEwUHD2ClF7dkXP2BBx7tEH5IQFw8AUc3GNQvrU1qoy3goWNlsDLly8RHx+P/Px8AEBubi7i4uLw6tUrjfJ5i2sk0Cp4Xr16hbi4OOTl5Wna1X80bkXW999/H87OztyAwZqr1hXdNmTIEDg7OyMtLU1oYOpreh3UdHkGQPPGcjD1XFYwV/PBSxz0eGVcVlYW4uPjkZqaajKHZ3Q0X6KAyNI/3VZQUIC4uDi8fPnSZL5aLlawZzmaLMvIyclBXFwc4uLiEB8fT2xYPSc1NZX0FRYWAgCys7M1c+Lj48l1QkKChg9ZLi4kjx49Cg8PD3z33XdCHah1pXymp6cjLi4O6enpAIBHjx5p+E5JSdHoIj8/n/S9fv2a4Hnw4IGGV+V7XFwcKXYVHAsWLIC7uztOnTqlm5AlSUJYWBicnZ2xa9cuk7VLS0vDhAkTULt2bTRp0oTwRMstSRKSk5Ph7OyMTz75BAAwefJkODs7459//mHqjWe/vGQnAkmSMGjQIDg7OyMjI8NkPXh4WUUpDcqYrKwsxMXF4fXr16Tv4cOHePLkiQavXlKkx6qvaZ3Q43l4eNesPt54XnHESoysOMjLESw5eWvBKnZEeFn80niMrIUaL02X9119rbfOrO9G+kT2QY9j5Tq1XLy5eutIy25Uv7x1YxVHrNzKAlFeEuUyUeFPx3xWXWHUJnn2TtNRrnkFMUsmkZ+w4jwrP5scx7EMuOjVK2RvXI+07xbBpnYVOHaqB1v7WNjaXoON62NYV7OG5FYOUmVHQMW7LMtYsGAB/Pz8EB8fDwC4efMm/Pz8sGrVKqGQLEXT42kjX7JkCfz8/BATE6NRDP1dLStLWSK+RLzwDEuhxQucLGOnv9OFBM07L1GJkhjNH2uOyLkkScLFixfh5+eHDRs2CJ2KJR/LaNW64BXXtMxJSUkICgrCzp07dYMJS5esIHjnzh34+fmhV69eCAoKwttvv41ffvkFRUVFZNyaNWvg5+cHPz8/PHv2DAAQHR2NoKAgBAUF4Z133oGfnx/GjRuHoKAg/Pzzzyayp6enY8CAAejSpQumT5/ODSS0DpTPK1euICgoCJcuXQIAdO/eHa1atUJQUBAGDBiA2bNnIzExkcyPi4sjPG/ZsoXoZ9asWQgKCsKQIUPg5+eHvn37Ejlyc3M1fMyZMwft2rVDr169yEaRx3NKSgqio6NRs2ZNuLu7m4zZtWsXtmzZgmXLluHOnTsoX768EB+tB3qMyF5oW2P5lJGiQJnDSj48HtTXvEB9/vx5+Pn5YdOmTaR91qxZWLx4sQl9XoIUxQMjMvHw8a6VNpYeWMUEC4+RQpOXBEWy0PNEOFljWcmbV+jw+BPFRB6vrNgnymWs73rrzxqnlx9F+UskE0vnenzyCmwWfSP1Agu3Ggfru3osK0+z8iQLL02bZxeiHM7jm4WLp2P1WtF6Y42h9cWzM/V3K3Wn2omUz6LUVGRvC0XOgb0o16oB7GrZwDL/b1
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927438" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5b9ba6ce-cd60-489a-8016-4f1f950d210f" ,
"value" : "figure4_8.png"
} ,
{
"category" : "External analysis" ,
"comment" : "Screenshots" ,
"data" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A l g A A A G l C A I A A A C p 4 B / R A A A A B G d B T U E A A L G P C / x h B Q A A A A l w S F l z A A A O w Q A A D s E B u J F r 7 Q A A A B R 0 R V h 0 Q X V 0 a G 9 y A E V s b H l u Z S B Q a G 5 l Y W h a y 0 t l A A A A I H R F W H R D c m V h d G l v b l R p b W U A M j A x N D o w M z o x O C A x N T o y N j o 0 O K 4 m w w k A A A A a d E V Y d F N v Z n R 3 Y X J l A F B h a W 50 L k 5 F V C B 2 M y 41 L j E w M P R y o Q A A / 0 B J R E F U e F 7 M / X V 0 7 H l + H Y o 64 L z n 9 x x D / B z b s W + S 68 S O 7 Y k p H g 83 T D N 3 n z 6 M O i B m x l J V q Z i Z m R k k l Z i Z m a G Y V C i V W A d 65 n 5 O T / J e 7 l p 3 r u 2 / X t b 6 L a 2 S W i 2 V d F S //d37s/f+/IphLKMbO/9f4TKPXLBVPY8f3y199uDTN9+49dV7laVZmIZqYlMZpjYfU5PXUJJFbCymt1TRMdWUlgomsZZFquGQamjoksaSe2x8hYqLEpArCPUP8dX3Wcg8EaGSgijANxU01zyltRShKh+QETnVedeayx7K6C3NJXnoiiK7VmjXChw6oYyNM8pZSj6JS0ZoeBSHnNtlUTqNEouWp5FSLVqOVkKhYmoFNIxexLSImUp6i0vD6zGLXHq+lk82SZgdekm/VdVrkndohHYpa7rbPDdgWRqxr462TnbounRCE5/CQlSqCA2TRtFqn2mhTz/sECz1ajb6tAtO8dawfbHHsDFqH2+XtSpJnQZ6n43dbWR0aWhqWq2MWDlg5Mx0KBa61Z4Z1+aYY8Klnu02zvaYN8c7ErvTuzPt+/Ptc72m0VbV9lT73kybb9614FL2q1jjJtFUq2SxS7k1ZFjtUW0MGiKrg/7loe3xjr3Rzr2JrtUhR2R9LLw8uNyl3x20L7tUK93qxW7VsIULT2+mTdKrJO8OmbZH9eHljvU+XWy5PzjfvT5q1XCbqIinSkqliYdW83B7axPnR+FUzHN6GEpH9y/S/uTeXK+GZWIhPXP9pzHPyWF4YdgpxpbKkPkaVB677JaoOcfIR61NdWSS/tN0+CQeuEyFIpuzIzaZllbPR+azm3Mt/BYzB6ekop1KoXt14cV55puL05enmcuT48NUMhE7uDzPXJwmj+P+oHf5xWXsOO07Pw4fpwKZZOA8c3B8GL44T52eJI4P4+eZ5Hn6IHPgPU35r47iL04zmczB4WEoE/edHQRO49HLk6OLi9PTs6PnV6dHR9FQaOcwHTjOBI8zgavz6Nlx8DQTODn0R3yrOyvjh9Hdo7gnFnFHgruHydDL5ycvrk4uz44uzzLHqfjVeeriLHR2FozF3Ilk5OQ0fXgUOT+O/+ybi/PzI3j3/Ozw9Ojg8ihykvafnQSjofVMcv846TnPRF5eHSdi4ZPj5Pl58vw0fpqJwm81Ft5NRfZPU8GTePDqKHqW9J8k9k+T7ph/Hd69SIePontXxwfwLZ5fHj+/OMnAN02HX5zGrzKRk4z3PLOf9s9H10YjG2PejdGjg52r49DL8+jFSeD5Wfg47T4/9j+/iGTS/ufnscujYCq4cRTePI5tvzjxvzoLXmU8R/GdkGclkw5cZKLfXKQOI7sp31rCvXh8sPXyxH+W2j3wzp1E17459jw/2glujx94VgLbq0cHwdNUNJOC35sv5J7ptgll9BoVq84mxZrE2FYd266hMfHFchZqY7IvvDF/5Fs/9C32WbmkqttKYokEW6qh14iJhRxMbmhjJLQ+cxxZm+rRcjBFTFTufL/mKDAX3BzZWehaGTVlAjPx3SFW89Onn/8tMu9Tes1tETZ/bdgw0yUecTDdc5bJDv5Uh2ixXz3VoxhwsJzqhgE7sl1Tzmu5buWXTVgZ063iuQ75ar9mpl08bGbMukTLvbKVXum4lcFFPBu1CjeGrVPtCvjj7zYw+gwMWuMzMrKgwymZHW+d7bcOGUUdIqKeVuMQtjil1Il2o2d5yr+5sDI1OD3UsbU4NjfS2eNQ99jlnSbxRLdhfbJjrFPfa5evTnYujLTNDDhmB1s3pweG2wwyJqnDpJCxWvjkBgWnpb9VYZJTrSpWu1XU26rscSoXxzsnum09VlWHQdbnUE0PWobbVVo+lo+vFOGr2hXUAQPXKSXpOCiXhmWXUtrV7G6TaKhVtTzaNuxUdun5Y22aQausWydoV7AMbKyJR7TJGAYB0SyhstCVQmKjSyto0/AlFHRLRZ6EihSRGiWUJgUTreEQxCSUjkPUMPEcdK2YgJSRMXIKjo9BsBH1mKLCZ19+evv9N5pKnzZXZLMJTTRMvVbEoqIb0VXFTaW5NFQtBVGBrynCVedzsA0MVK1BRNfx4KniKfWF5Pp8Sl0Brbmc1FCCqc6ryr7TVJyFrc7DVOVVP7uVf/2j2sc3C65/1Jz/EFeZi60rQNflt1Rm1+feqXj0demDr4rvfVX95E5z0TNSbSmyKrexPLuh+Fl90TNESUFTUcHbf/3XP/iLP31y54sndz4venLz0fUPs29/kn/v819Rj18pxr/5X+HSjjzn6Abv3r9x/cO3/+IP/+Av/uPv1pdmFT68XZL1dXNpVsWTr+vz7+KqcxDFDxsK72GqnokoDfiGPEZLKZ9Yia64z0TnsVvyUWU3iHX3peQyHateQiin1GdTm/L5xBpy41NC3aPyJx8W3Hu3oeAWvjq3ueixXcruMovMMqpBTGrX8yxympqHVXExFgkFXmcaHqbbKjQpSHoZ3qalmuQEJQ9nlXOcSq5ZQJps1zrlVLMIp+O36Pl4p4LZqeMu9pvmerQzXaqZLuV8r6pDT6I0PrLLMT0G+nK/dswmmLALl1vF80bWklOw1iObsrN05CJh7T0TvnDUxF4b0M93KhZ71dMuyUyXbLxdMNUu7JJjHLzGCQtrwsJc6ZJ6JyxbA5rVXoWFUz/tFCy4ZGt92nEre8rBHjFTl3q10y7Var9uc8jQJceb6LUDSsq0mTfr4LpHtJ4RdXDScDBn2x3RhRZc6d2x3fHWtQHzUo9upV+f3hkNzXV4xmyrndKtfrl/0rg9qPSN62dMNE+vwj+gDs6ZvdPG4Ix9Z0i/1CEb0FFM3Foju8rGqtbRql1qetK3fJLwvL6tHwaTgbXE/ox3vpNd/0SJL42u9GeCK8ngmk2MYdXc02KyJTU3JTU3LNRiA7My5R4/im1fpL1HwY35PptdQGwTYO2sBiO10sapbxWi2kT4NhlzotN2Eg9fZFIXR8kXx4en6cTVWeY8k0rHglfHsRensbB38cC3dJLcu8wEjhP7hwe7B7413/bcUXw3HYGvH4TrDBBlF+62S5cxz2HAnY55T46C+2vT7uWpmeHuUGDn8ur46ur45CQRi3mjoZ1UzB32rR7Dz3XkvzqLXJ1G4sGNwO7Cecr3/CR6dRw9TgfOjw+uzpLHqchxKhoLeY8S0dPD2MVJ9CCyGj9YP0x5z06SJ8fx87PYy8vUi6vU86vDFy+O4S188eOEe3d19Ci+fXHie34WODnYcq+OJQNb8fD+cTqUONg/PQrFwlsnKe/LM0C1UCK0HvMux72Lga2Ji9ROzDt3mdq/THuj8EMF118eh0+SvrB3I+zdzCT8qfBedG/uOLK4v961PmWa7xTHFjvD8x0H28NXx/sAjcepzcP4ylF8KRGeOU0tnh+uPb8IXwIiptxnobUT33xieyTtHk97J6+O9xLBpbBn/jTtOYxte7cmE77FQ8/MsXviyD32PLZ4Fp6+iMycByYO9wYzgTn38lBkd/E46oXDDZwz4ABxeRY6T+3vLPR2GV+f8FwaklWC1nIbrZIWE7+ZgypSUhFL/fZj//JJaGl1zCTBZ6uIeXpquZldraEXURtveZfazyLrp+Hldg2VWPuQi84z8ppS+xNJ74xvuSvtHYpsdkY32yfaaAZ2oZKcpaE8VpOzDYzilR7eQidjwkaYbaXvDKumHawpJ23Mhp1pR1q5dwf1BX2K/GF15WIrea6NO9PKHjGR+jQtUw7aer9oqYs772LOtNKXugRzbbxuFXbEQh+3M5Z6xaNmmoZe2a4lb8y12zXU6S4lHBM3utWjRvKCS7g9bFnus3jmhsbajNO9zqle29pE5+p4+8
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1536927441" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5b9ba6d1-6394-4ff2-b5a7-4b26950d210f" ,
"value" : "figure5_6.png"
}
] ,
"Object" : [
{
"comment" : "The main reason for njRAT\u00e2\u20ac\u2122s popularity in the Middle East and North Africa is a large online community providing support in the form of instructions and tutorials for the malware\u00e2\u20ac\u2122s development. The malware\u00e2\u20ac\u2122s author also appears to hail from the region. njRAT appears to have been written by a Kuwait-based individual who uses the Twitter handle @njq8. The account has been used to provide updates on when new versions of the malware are available to download." ,
"deleted" : false ,
"description" : "Microblog post like a Twitter tweet or a post on a Facebook wall." ,
"meta-category" : "misc" ,
"name" : "microblog" ,
"template_uuid" : "8ec8c911-ddbe-4f5b-895b-fbff70c42a60" ,
"template_version" : "4" ,
"timestamp" : "1536927169" ,
"uuid" : "5b9ba5c1-9ee8-44e4-b15d-4d2e950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "post" ,
"timestamp" : "1536927169" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9ba5c1-2a0c-4b9f-94e6-4843950d210f" ,
"value" : "njRAT v0.7d"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "type" ,
"timestamp" : "1536927171" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9ba5c3-da00-419a-be68-4c2b950d210f" ,
"value" : "Twitter"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "username" ,
"timestamp" : "1536927171" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b9ba5c3-a768-4922-a9bb-4413950d210f" ,
"value" : "njq8"
}
]
}
]
}
}