2023-04-21 13:25:09 +00:00
{
"Event" : {
"analysis" : "2" ,
"date" : "2018-09-23" ,
"extends_uuid" : "" ,
"info" : "OSINT - Poison Ivy Group and the Cyberespionage Campaign Against Chinese Military and Goverment" ,
"publish_timestamp" : "1537726199" ,
"published" : true ,
"threat_level_id" : "3" ,
"timestamp" : "1537726146" ,
"uuid" : "5ba7542d-feb4-4a10-8aaa-4f0102de0b81" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#ffffff" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "tlp:white" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#00223b" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#043600" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:tool=\"Poison Ivy\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0088cc" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "misp-galaxy:rat=\"PoisonIvy\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
} ,
{
"colour" : "#0022d6" ,
2023-05-19 09:05:37 +00:00
"local" : "0" ,
"name" : "estimative-language:confidence-in-analytic-judgment=\"low\"" ,
"relationship_type" : ""
2023-04-21 13:25:09 +00:00
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692732" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5ba7543c-0d9c-4c83-83fd-494f02de0b81" ,
"value" : "http://blogs.360.cn/post/APT_C_01_en.html"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692766" ,
"to_ids" : false ,
"type" : "comment" ,
"uuid" : "5ba7545e-3354-4c48-a16f-47c202de0b81" ,
"value" : "Through research, 360 Helios Team has found that, since 2007, the Poison Ivy Group has carried out 11 years of cyber espionage campaigns against Chinese key units and departments, such as national defense, government, science and technology, education and maritime agencies. The group mainly targets military industry, Sino-US relations, cross-strait relations and ocean-related fields. It indicates that the group\u00e2\u20ac\u2122s interest is similar to that of our previously published OceanLotus APT Group.\r\n\r\n360 Helios Team captured the first Trojan of the Poison Ivy Group in December 2007. In the following 11 years, we have captured 13 versions of malicious code, involving 73 samples. In the initial attack, the Group mainly used spear phishing emails. Before the attack, the target was deeply investigated and carefully selected. Contents that are closely related to the target industry or field were used to construct the bait files and emails, such as specific conference materials, researches or announcements. The lure documents contain 10 vulnerable document samples, including a 0day vulnerability. Infections of this Trojan are distributed in 31 provincial-level administrative regions. The number of C&C domain names is 59 located in 4 different countries or regions according to the returned addresses.\r\n\r\nIn this cyber espionage campaign that lasted for 11 years in China, the following points in time are worthy of attention:\r\n\r\nIn December 2007, the Trojan associated with the group was first discovered. Involving marine related fields (suspected to be related to a large shipping company)\r\nIn March 2008, a key laboratory (a scientific research institution) of a university in China was attacked\r\nIn February 2009, attacks against the military industry began (a well-known military journal magazine)\r\nIn October 2009, the Trojan added a special method of combating static scanning (API string reverse order), and the methods were used in most versions of Trojans and continued to be applied to 2018.\r\nIn December 2011, the Trojan added a special method to combat dynamic detection (error API parameters), and related methods were used in most versions of Trojans and continued to be applied to 2015.\r\nIn February 2012, the first modified version of backdoor 1 based on zxshell code was discovered. The key function is to steal document files such as .doc.ppt.xls.wps.\r\nIn March 2013, intense attacks were constructed targeting Chinese Academy of Sciences and a number of national ministries and commissions in the fields of science and technology, maritime affairs, etc.\r\nIn October 2013, carried out watering hole attack on a Chinese government website\r\nIn May 2014, the revolted version 2 of zxshell modified version of Backdoor 1 was discovered. In addition to the function based on the modified version 1, the search for keywords such as \"military (\u00e5\u2020\u203a)\", \"aviation (\u00e8\u02c6\u00aa)\", and \"report (\u00e6\u0160\u00a5\u00e5\u2018\u0160)\" w a s a d d e d . \ r \ n O n S e p t e m b e r 12 , 2014 , e v e n t s a n d s a m p l e s r e l a t e d t o C V E -2014 -4114 ( 0 d a y v u l n e r a b i l i t y ) w e r e f i r s t d i s c o v e r e d . \ r \ n O n O c t o b e r 14 , 2014 , i S I G H T r e l e a s e d t h e r e l e v a n t r e p o r t a n d d i s c l o s e d C V E -2014 -4114 ( 0 d a y v u l n e r a b i l i t y ) . O n t h e s a m e d a y , M i c r o s o f t r e l e a s e d r e l e v a n t s e c u r i t y b u l l e t i n s . \ r \ n O n F e b r u a r y 25 , 2015 , a n a t t a c k o n a m i l i t a r y i n d u s t r y a s s o c i a t i o n ( n a t i o n a l d e f e n s e t e c h n o l o g y ) a n d t h e C h i n e s e A c a d e m y o f E n g i n e e r i n g w a s d e t e c t e d . K a n b o x ( \ u 0 0e9 \ u 2026 \ u 0 0 b 7 \ u 0 0e7 \ u 203 a \ u 0 2 d c ) s a m p l e s w e r e d i s c o v e r e d . \ r \ n I n O c t o b e r 2017 , t h e C V E -2017 -8759 v u l n e r a b i l i t y d o c u m e n t w a s u s e d t o i n i t i a t e a s p e a r p h i s h i n g a t t a c k o n a l a r g e m e d i a a g e n c y w e b s i t e a n d a n i n d i v i d u a l w o r k i n g i n Q u a n z h o u . \ r \ n I n A p r i l 2018 , t h e 360 T h r e a t I n t e l l i g e n c e C e n t e r d i s c l o s e d t h e a t t a c k m a l i c i o u s c o d e o f t h e g r o u p , e x p l o r i n g C V E -2017 -8759 . \ r \ n I n M a y 2018 , t h e a c t o r l a u n c h e d a t t a c k s a g a i n s t s e v e r a l m a r i t i m e o r g a n i z a t i o n s s u c h a s s h i p b u i l d i n g c o m p a n i e s a n d p o r t o p e r a t i n g c o m p a n i e s . \ r \ n N o t e : T h e a b o v e f i r s t a t t a c k t i m e i s b a s e d o n t h e e x i s t i n g s t a t i s t i c s w e h a v e . I t
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692947" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75513-8d64-4321-9d74-487c02de0b81" ,
"value" : "03d762794a6fe96458d8228bb7561629"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692948" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75514-19f8-4938-a95d-480102de0b81" ,
"value" : "0595f5005f237967dcfda517b26497d6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692948" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75514-3468-4f0e-b157-4efd02de0b81" ,
"value" : "07561810d818905851ce6ab2c1152871"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692949" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75515-8350-4248-b1dc-4ba402de0b81" ,
"value" : "0e80fca91103fe46766dcb0763c6f6af"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692950" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75516-5374-4f20-9954-4a7902de0b81" ,
"value" : "1374e999e1cda9e406c19dfe99830ffc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692950" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75516-d968-488c-86da-46cf02de0b81" ,
"value" : "1396cafb08ca09fac5d4bd2f12c65059"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692951" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75517-f0ac-42c3-bbaa-424402de0b81" ,
"value" : "1ab54f5f0b847a1aaaf00237d3a9f0ba"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692951" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75517-8688-415c-a25a-41d802de0b81" ,
"value" : "1aca8cd40d9b84cab225d333b09f9ba5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692952" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75518-8e08-4974-8f02-49ab02de0b81" ,
"value" : "1dc61f30feeb60995174692e8d864312"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692952" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75518-3684-42e0-9664-4aa402de0b81" ,
"value" : "250c9ec3e77d1c6d999ce782c69fc21b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692953" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75519-c0c4-4066-b5f7-4beb02de0b81" ,
"value" : "2579b715ea1b76a1979c415b139fdee7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692953" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75519-72d8-430a-afb7-411302de0b81" ,
"value" : "26d7f7aa3135e99581119f40986a8ac3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692954" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551a-e758-4cda-bb80-444d02de0b81" ,
"value" : "27f683baed7b02927a591cdc0c850743"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692954" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551a-aae8-4004-8052-404402de0b81" ,
"value" : "28e4545e9944eb53897ee9acf67b1969"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692955" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551b-e5e4-4fa5-936c-4eaa02de0b81" ,
"value" : "2a96042e605146ead06b2ee4835baec3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692955" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551b-6ca4-432d-8435-491602de0b81" ,
"value" : "2c405d608b600655196a4aa13bdb3790"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692956" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551c-1928-4424-9b39-4c2102de0b81" ,
"value" : "30866adc2976704bca0f051b5474a1ee"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692956" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551c-70cc-4c30-9d27-4ad002de0b81" ,
"value" : "31c81459c10d3f001d2ccef830239c16"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692957" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551d-8754-4d37-b9e1-402702de0b81" ,
"value" : "3484302809ac3df6ceec857cb4f75fb1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692957" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551d-b6bc-41f9-96fa-463202de0b81" ,
"value" : "36c23c569205d6586984a2f6f8c3a39e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692958" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551e-6aac-4be4-a921-401c02de0b81" ,
"value" : "382132e601d7a4ae39a4e7d89457597f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692958" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551e-4cc0-4e06-8f7d-4b7d02de0b81" ,
"value" : "3e12538b6eaf19ca163a47ea599cfa9b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692959" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551f-6d48-4469-a8d9-44ad02de0b81" ,
"value" : "41c7e09170037fafe95bb691df021a20"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692959" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7551f-a21c-4222-9e53-4f0d02de0b81" ,
"value" : "45e983ae2fca8dacfdebe1b1277102c9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692960" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75520-1948-40de-84e4-4dcc02de0b81" ,
"value" : "4e57987d0897878eb2241f9d52303713"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692960" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75520-7b34-4a4b-8a51-480002de0b81" ,
"value" : "5696bbee662d75f9be0e8a9ed8672755"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692961" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75521-237c-48e2-8cd5-4d4402de0b81" ,
"value" : "5e4c2fbcd0308a0b9af92bf87383604f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692962" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75522-ee70-40bb-81a9-4ef402de0b81" ,
"value" : "5ee2958b130f9cda8f5f3fc1dc5249cf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692962" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75522-4808-4dba-b379-428502de0b81" ,
"value" : "5f1a1ff9f272539904e25d300f2bfbcc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692963" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75523-4408-4b23-8d60-450d02de0b81" ,
"value" : "611cefaee48c5f096fb644073247621c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692963" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75523-6f34-4894-ae0c-4a6102de0b81" ,
"value" : "67d5f04fb0e00addc4085457f40900a2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692964" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75524-f540-413f-b081-4e5202de0b81" ,
"value" : "6a37ce66d3003ebf04d249ab049acb22"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692964" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75524-e39c-4bd2-b9ce-4b7202de0b81" ,
"value" : "6ca3a598492152eb08e36819ee56ab83"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692965" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75525-8d84-461d-b669-473b02de0b81" ,
"value" : "7639ed0f0c0f5ac48ec9a548a82e2f50"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692965" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75525-59f8-4e6a-b320-474202de0b81" ,
"value" : "76782ecf9684595dbf86e5e37ba95cc8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692966" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75526-9088-4c9e-8f36-4f8102de0b81" ,
"value" : "785b24a55dd41c94060efe8b39dc6d4c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692966" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75526-d584-4717-a438-4b1d02de0b81" ,
"value" : "7c498b7ad4c12c38b1f4eb12044a9def"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692967" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75527-fc3c-466f-8e9c-4c6602de0b81" ,
"value" : "81232f4c5c7810939b3486fa78d666c2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692967" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75527-cb78-4fea-a215-463102de0b81" ,
"value" : "81e1332d15b29e8a19d0e97459d0a1de"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692968" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75528-6e8c-43c6-a78a-4cb702de0b81" ,
"value" : "8abb22771fd3ca34d6def30ba5c5081c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692968" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75528-71a4-4a5f-92e4-4b6902de0b81" ,
"value" : "95f0b0e942081b4952e6daef2e373967"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692969" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75529-0b74-4b25-b17e-403202de0b81" ,
"value" : "9b925250786571058dae5a7cbea71d28"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692969" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75529-3bcc-40db-a081-404702de0b81" ,
"value" : "9bcb41da619c289fcfdf3131bbf2be21"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692970" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552a-6244-438b-a943-4cd902de0b81" ,
"value" : "9f9a24b063018613f7f290cc057b8c40"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692970" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552a-e85c-4d3e-a972-4bd402de0b81" ,
"value" : "a73d3f749e42e2b614f89c4b3ce97fe1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692972" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552c-c2b4-4524-980c-4b0002de0b81" ,
"value" : "a807486cfe05b30a43c109fdb6a95993"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692973" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552d-6ea0-4ee4-bbd1-4cd302de0b81" ,
"value" : "a8417d19c5e5183d45a38a2abf48e43e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692974" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552e-4508-40eb-b87a-4aee02de0b81" ,
"value" : "acc598bf20fada204b5cfd4c3344f98a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692974" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552e-cc5c-4b71-bfd9-444302de0b81" ,
"value" : "accb53eb0faebfca9f190815d143e04b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692975" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552f-99a4-4d29-af2f-4caa02de0b81" ,
"value" : "adc3a4dfbdfe7640153ed0ea1c3cf125"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692975" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7552f-8b64-4cf7-9d6c-4be002de0b81" ,
"value" : "ae004a5d4f1829594d830956c55d6ae4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692976" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75530-bd58-4854-b302-404002de0b81" ,
"value" : "b0be3c5fe298fb2b894394e808d5ffaf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692976" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75530-6c34-4207-88ee-43f602de0b81" ,
"value" : "b244cced7c7f728bcc4d363f8260090d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692977" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75531-c8ac-4c88-bf91-451902de0b81" ,
"value" : "b301cd0e42803b0373438e9d4ca01421"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692977" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75531-e86c-4258-8b84-45a302de0b81" ,
"value" : "bd2272535c655aff1f1566b24a70ee97"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692978" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75532-beb8-4c04-b86c-485a02de0b81" ,
"value" : "bd4b579f889bbe681b9d3ab11768ca07"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692978" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75532-153c-4d73-99bb-406f02de0b81" ,
"value" : "bfb9d13daf5a4232e5e45875e7e905d7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692979" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75533-22e8-4df3-864a-401302de0b81" ,
"value" : "c31549489bf0478ab4c367c563916ada"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692979" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75533-b618-4f98-8ef3-4bb002de0b81" ,
"value" : "c8755d732be4dc13eecd8e4c49cfab94"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692980" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75534-02d0-4475-8d60-4b4e02de0b81" ,
"value" : "c8fd2748a82e336f934963a79313aaa1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692980" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75534-5ef0-4f07-816d-443b02de0b81" ,
"value" : "ca663597299b1cecaf57c14c6579b23b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692981" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75535-88f4-40c9-b2d4-426d02de0b81" ,
"value" : "d12099237026ae7475c24b3dfb5d18bc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692981" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75535-a53c-429b-a0ca-465c02de0b81" ,
"value" : "d61c583eba31f2670ae688af070c87fc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692982" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75536-5520-4f4b-97b0-44de02de0b81" ,
"value" : "dde2c03d6168089affdca3b5ec41f661"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692982" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75536-2fa4-43be-be6b-4c3402de0b81" ,
"value" : "e2e2cd911e099b005e0b2a80a34cfaac"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692983" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75537-40d4-47d3-a79d-447402de0b81" ,
"value" : "e9a9c0485ee3e32e7db79247fee8bba6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692983" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75537-f63c-419f-82b2-4b4502de0b81" ,
"value" : "ec7e11cfca01af40f4d96cbbacb41fed"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692984" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75538-d950-4d62-a6c0-4a8f02de0b81" ,
"value" : "eff88ecf0c3e719f584371e9150061d2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692984" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75538-d6c0-4da4-b7f7-4c2102de0b81" ,
"value" : "f0c29f89ffdb0f3f03e663ef415b9e4e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692985" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75539-8fe0-4af9-b7cb-4aaa02de0b81" ,
"value" : "f1b6ed2624583c913392dcd7e3ea6ae1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692985" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75539-0c58-4218-8fad-473202de0b81" ,
"value" : "f27a9cd7df897cf8d2e540b6530dceb3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692986" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553a-b698-46bb-bb0f-43f402de0b81" ,
"value" : "f29abd84d6cdec8bb5ce8d51e85ddafc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692986" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553a-6504-4a1a-b521-496902de0b81" ,
"value" : "f3ed0632cadd2d6beffb9d33db4188ed"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692987" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553b-7d84-44bf-9e51-464302de0b81" ,
"value" : "fbd0f2c62b14b576f087e92f60e7d132"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692987" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553b-cb84-4d8c-94ec-443202de0b81" ,
"value" : "fccb13c00df25d074a78f1eeeb04a0e7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692988" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553c-0c84-4837-9c17-478002de0b81" ,
"value" : "0fb92524625fffda3425d08c94c014a1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692988" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553c-2bd4-48ff-86c2-4f9c02de0b81" ,
"value" : "168365197031ffcdbe65ab13d71b64ec"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692989" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553d-f74c-4fed-802b-40b602de0b81" ,
"value" : "2b5ddabf1c6fd8670137cade8b60a034"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692989" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553d-64fc-4b6d-8292-4a9902de0b81" ,
"value" : "517c81b6d05bf285d095e0fd91cb6f03"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692990" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553e-5804-464c-88af-473902de0b81" ,
"value" : "7deeb1b3cce6528add4f9489ce1ec5d6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692990" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553e-a1ec-4541-a0a1-421602de0b81" ,
"value" : "aa57085e5544d923f576e9f86adf9dc0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692991" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553f-3b30-4abb-98a5-4b8002de0b81" ,
"value" : "cda1961d63aaee991ff97845705e08b8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692991" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba7553f-a5b0-42d2-b3fc-4bb202de0b81" ,
"value" : "e07ca9f773bd772a41a6698c6fd6e551"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537692992" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5ba75540-a484-4baf-82dd-409402de0b81" ,
"value" : "fb427874a13f6ea5e0fd1a0aec6a095c"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693218" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75622-9ec0-4f9d-9dd8-4b7c02de0b81" ,
"value" : "126mailserver.serveftp.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693219" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75623-834c-4e3d-91b2-42f302de0b81" ,
"value" : "access.webplurk.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693219" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75623-4004-443d-b493-42b702de0b81" ,
"value" : "aliago.dyndns.dk"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693220" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75624-d6b4-4af9-96fb-41d202de0b81" ,
"value" : "as1688.webhop.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693221" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75625-6a54-4dd7-b02a-4d3a02de0b81" ,
"value" : "babana.wikaba.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693221" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75625-da28-4759-b425-4d7802de0b81" ,
"value" : "backaaa.beijingdasihei.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693221" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75625-a1cc-401b-9169-459502de0b81" ,
"value" : "bt0116.servebbs.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693222" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75626-bf4c-43a4-8892-4ecb02de0b81" ,
"value" : "ceepitbj.servepics.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693222" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75626-1654-4f13-98b6-45ab02de0b81" ,
"value" : "check.blogdns.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693222" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75626-cd88-42db-bee0-445402de0b81" ,
"value" : "china.serveblog.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693223" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75627-0af4-4240-ac08-48e702de0b81" ,
"value" : "chinamil.lflink.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693223" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75627-203c-40ae-95da-47ca02de0b81" ,
"value" : "cluster.safe360.dns05.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693223" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75627-e59c-4aaf-afcc-46f302de0b81" ,
"value" : "cnwww.m-music.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693223" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75627-2edc-4f6c-afb7-4b5002de0b81" ,
"value" : "fff.dynamic-dns.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693224" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75628-5ae4-4097-9238-40bc02de0b81" ,
"value" : "gaewaa.upgrinfo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693224" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75628-4a80-4d3b-a1c9-48aa02de0b81" ,
"value" : "gaewaa.upgrinfo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693225" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75629-1600-4f1f-94de-499f02de0b81" ,
"value" : "givemea.ygto.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693225" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75629-4890-4a1d-afd6-40ea02de0b81" ,
"value" : "givemeaaa.upgrinfo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693225" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75629-8178-4319-9824-4d5602de0b81" ,
"value" : "goldlion.mefound.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693225" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75629-eb20-45c0-8540-4dd102de0b81" ,
"value" : "gugupd.008.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693226" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562a-acc0-418c-944e-4fb502de0b81" ,
"value" : "guliu2008.9966.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693226" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562a-6220-478e-9cd2-44a902de0b81" ,
"value" : "hyssjc.securitytactics.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693226" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562a-7078-42ad-8f69-4e3e02de0b81" ,
"value" : "jason.zyns.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693227" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562b-bd60-4a7f-b51c-405c02de0b81" ,
"value" : "javainfo.upgrinfo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693227" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562b-b6fc-4f7e-80cf-422002de0b81" ,
"value" : "javainfo.upgrinfo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693227" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562b-8090-4578-98d8-42c202de0b81" ,
"value" : "jerry.jkub.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693227" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562b-8fcc-4ec5-bf4d-43fe02de0b81" ,
"value" : "jerry.jkub.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693228" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562c-5aec-490e-a359-4bda02de0b81" ,
"value" : "kav2011.mooo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693228" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562c-e984-4cfc-ace6-43eb02de0b81" ,
"value" : "kav2011.mooo.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693228" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562c-b120-42bf-82f0-4f3b02de0b81" ,
"value" : "kouwel.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693228" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562c-251c-4174-bc36-4e4502de0b81" ,
"value" : "kouwel.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693229" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562d-ad5c-4973-8e75-486f02de0b81" ,
"value" : "laizaow.mefound.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693229" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562d-e0e0-433f-95f0-41f902de0b81" ,
"value" : "localhosts.ddns.us"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693229" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562d-4c90-4791-a825-44bd02de0b81" ,
"value" : "mail.sends.sendsmtp.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693230" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562e-a7a8-45c0-aab4-410502de0b81" ,
"value" : "mail163.mypop3.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693230" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562e-401c-43af-a401-4eea02de0b81" ,
"value" : "mailsends.sendsmtp.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693231" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562f-7974-4304-9148-421502de0b81" ,
"value" : "mediatvset.no-ip.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693231" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7562f-5be4-4e75-8f5a-4bae02de0b81" ,
"value" : "moneyaaa.beijingdasihei.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693233" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75631-5524-4277-b1b2-478602de0b81" ,
"value" : "motices.ourhobby.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693233" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75631-df44-4595-a4e5-43be02de0b81" ,
"value" : "motices.ourhobby.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693233" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75631-6dd4-4ea9-9992-40c202de0b81" ,
"value" : "mp3.dnset.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693234" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75632-1b2c-45ca-b0bc-42d002de0b81" ,
"value" : "netlink.vizvaz.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693234" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75632-bf44-40e6-82cc-402b02de0b81" ,
"value" : "operater.solaris.nu"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693235" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75633-9a2c-4258-904f-43d702de0b81" ,
"value" : "pps.longmusic.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693237" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75635-0448-45ab-93ef-49c402de0b81" ,
"value" : "ps1688.webhop.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693238" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75636-56d0-483a-9ba4-418a02de0b81" ,
"value" : "rising.linkpc.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693237" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75636-7a58-4aea-b821-402a02de0b81" ,
"value" : "rising.linkpc.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693238" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75636-475c-4449-b40d-4be002de0b81" ,
"value" : "safe360.dns05.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693238" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75636-3228-4f8e-95ba-4f0802de0b81" ,
"value" : "sandy.ourhobby.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693238" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75636-19a8-47a3-84f5-4de702de0b81" ,
"value" : "sandy.ourhobby.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693239" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75637-6340-418c-b15c-427502de0b81" ,
"value" : "soagov.sytes.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693239" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75637-94dc-41f1-b43a-421702de0b81" ,
"value" : "soagov.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693239" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75637-4158-4157-8926-4e5502de0b81" ,
"value" : "soagov.zapto.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693240" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75638-9f9c-4696-8282-4f4202de0b81" ,
"value" : "soasoa.sytes.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693240" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75638-b344-4acb-a896-452502de0b81" ,
"value" : "ssy.ikwb.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693240" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75638-8844-41db-b47e-4d1a02de0b81" ,
"value" : "ssy.mynumber.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693240" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75638-7f24-4774-8831-4af902de0b81" ,
"value" : "ssy.mynumber.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693241" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75639-d1dc-41b2-a5bb-49e002de0b81" ,
"value" : "svcsrset.ezua.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693241" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75639-215c-4c18-bb09-4d4e02de0b81" ,
"value" : "teacat.https443.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693241" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75639-b39c-4106-9a15-491402de0b81" ,
"value" : "tong.wikaba.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693242" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563a-c8c4-4c2f-8b78-48c202de0b81" ,
"value" : "updates.lflink.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693242" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563a-01f4-443a-ae9d-4a9902de0b81" ,
"value" : "usa08.serveftp.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693242" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563a-11c0-4ecd-b118-406202de0b81" ,
"value" : "waterfall.mynumber.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693242" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563a-f950-4389-9d06-4f2a02de0b81" ,
"value" : "waterfall.mynumber.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693243" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563b-2d0c-4a7e-944a-428202de0b81" ,
"value" : "webupdate.dnsrd.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693243" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563b-e010-47a0-9954-446102de0b81" ,
"value" : "www.safe360.dns05.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693243" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563b-401c-47ba-9bd0-4c8602de0b81" ,
"value" : "www.ssy.ikwb.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693244" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563c-8af4-4ae5-b4fb-4c0502de0b81" ,
"value" : "www.tong.wikaba.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693244" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563c-6a70-4eb3-8127-4cb202de0b81" ,
"value" : "wwwdo.tyur.acmetoy.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693244" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563c-5d48-4164-bd69-422b02de0b81" ,
"value" : "xinhua.redirectme.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693244" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba7563c-3c10-4d2c-b903-4c2302de0b81" ,
"value" : "xinhua.redirectme.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693245" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563d-0f3c-4e80-941d-422d02de0b81" ,
"value" : "131.213.66.10"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693245" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563d-1638-4fc7-b92a-437702de0b81" ,
"value" : "146.0.32.168"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693245" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563d-19c8-4eb7-bcdc-49a102de0b81" ,
"value" : "165.227.220.223"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693245" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563d-0a40-4c76-b470-488802de0b81" ,
"value" : "188.166.67.36"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693246" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563e-c6e0-48ff-973c-416d02de0b81" ,
"value" : "199.101.133.169"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693246" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563e-06c8-45f6-ae4f-45e502de0b81" ,
"value" : "45.32.8.137"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693246" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563e-265c-4d72-852e-4fc302de0b81" ,
"value" : "45.76.125.176"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693246" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563e-0be8-4300-9fc4-4d7302de0b81" ,
"value" : "45.76.125.176"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693247" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563f-7b84-4936-a564-456b02de0b81" ,
"value" : "45.76.228.61"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693247" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba7563f-5210-48cf-9e26-42eb02de0b81" ,
"value" : "45.76.9.206"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693248" ,
"to_ids" : true ,
"type" : "ip-dst" ,
"uuid" : "5ba75640-3cfc-49ba-a6a1-4a2e02de0b81" ,
"value" : "45.77.171.209"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693248" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75640-1628-4478-97a9-48c702de0b81" ,
"value" : "bearingonly.rebatesrule.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693248" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75640-15f4-4436-9c18-404a02de0b81" ,
"value" : "canberk.gecekodu.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693248" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75640-3e5c-4118-85e4-409802de0b81" ,
"value" : "canberk.gecekodu.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693249" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75641-beb4-46d6-9d10-43de02de0b81" ,
"value" : "emailser163.serveusers.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693249" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75641-93b8-433c-8c24-4d8102de0b81" ,
"value" : "emailser163.serveusers.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693249" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75641-20c8-42b2-998d-450c02de0b81" ,
"value" : "fevupdate.ocry.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693249" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75641-bef0-4008-ae99-42d102de0b81" ,
"value" : "geiwoaaa.qpoe.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693250" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75642-a83c-4913-a8f4-484b02de0b81" ,
"value" : "hy-zhqopin.mynumber.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693250" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75642-76f8-4a10-96ae-440e02de0b81" ,
"value" : "l63service.serveuser.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693250" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75642-a850-4277-8ce1-44e002de0b81" ,
"value" : "microsoftword.serveuser.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693250" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75642-6a78-4802-a753-4d3402de0b81" ,
"value" : "office.go.dyndns.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693251" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75643-b364-4b6d-95cb-4d2e02de0b81" ,
"value" : "updateinfo.servegame.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693251" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75643-f824-4d23-a3d0-41fd02de0b81" ,
"value" : "updateinfo.servegame.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693251" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75643-ba2c-48d4-bb01-441502de0b81" ,
"value" : "uswebmail163.sendsmtp.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693252" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75644-4ad4-4c3f-b3c5-41e802de0b81" ,
"value" : "winsysupdate.dynamic-dns.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693252" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75644-cb58-40b3-a6f8-436002de0b81" ,
"value" : "winsysupdate.dynamic-dns.net"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693252" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75644-d000-4740-adb6-4f9a02de0b81" ,
"value" : "wmiaprp.ezua.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693252" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75644-fcc4-4a3c-811b-482d02de0b81" ,
"value" : "wmiaprp.ezua.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693253" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75645-11f0-43a8-8459-456002de0b81" ,
"value" : "www.service.justdied.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693253" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75645-a694-4393-8856-4da102de0b81" ,
"value" : "zxcv201789.dynssl.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693253" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75645-4e84-4b35-98f7-4f5902de0b81" ,
"value" : "officepatch.dnset.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693253" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75645-7314-4534-a21d-418602de0b81" ,
"value" : "pouhui.diskstation.org"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693254" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75646-1a30-4f42-8042-4bf202de0b81" ,
"value" : "comehigh.mefound.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693254" ,
"to_ids" : true ,
"type" : "hostname" ,
"uuid" : "5ba75646-38ac-45fd-9c14-4f3502de0b81" ,
"value" : "annie165.zyns.com"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693254" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "5ba75646-2444-4ee3-85f9-46ae02de0b81" ,
"value" : "http://annie165.zyns.com/zxcvb.hta"
} ,
{
"category" : "Network activity" ,
"comment" : "C2" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1537693254" ,
"to_ids" : true ,
"type" : "url" ,
"uuid" : "5ba75646-abe8-4da1-9c1d-496802de0b81" ,
"value" : "http://annie165.zyns.com/zxcvb.hta"
}
] ,
"Object" : [
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694548" ,
"uuid" : "0cc22f92-12a5-441c-8abe-c99bdb9963e6" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "0cc22f92-12a5-441c-8abe-c99bdb9963e6" ,
"referenced_uuid" : "da0d86fe-cc52-4aa1-ac49-81aa420ba0ce" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694702" ,
"uuid" : "5ba75bee-4f90-4952-801e-4f9202de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694545" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b3f32277-fee8-4e7a-8ace-b982928bb147" ,
"value" : "f27a9cd7df897cf8d2e540b6530dceb3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694546" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "82002517-5209-4aca-b6e7-9b64e167bd09" ,
"value" : "17ccec0e99fd122342b6b3171b5fd9e2482f246a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694546" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "b52d755c-cb4c-4958-9408-1b2e3c9e8f59" ,
"value" : "e94f5c5f56fd40e92bc8d73b2e8182d924df6ca3105bd00d6af67b4362597f62"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694547" ,
"uuid" : "da0d86fe-cc52-4aa1-ac49-81aa420ba0ce" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694547" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f7477f7d-4224-4dca-9a68-3662d09cd33f" ,
"value" : "2018-09-20T06:20:40"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694547" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "18b74f46-8c41-427a-8104-f9194b06d85a" ,
"value" : "https://www.virustotal.com/file/e94f5c5f56fd40e92bc8d73b2e8182d924df6ca3105bd00d6af67b4362597f62/analysis/1537424440/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694548" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "b39f638c-136c-4fda-8ced-42df7ff1a3c2" ,
"value" : "36/66"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694551" ,
"uuid" : "459914b4-6906-4498-bc5c-f8f6120bc810" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "459914b4-6906-4498-bc5c-f8f6120bc810" ,
"referenced_uuid" : "8623016d-644d-467c-8602-ff74ee05f7f8" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-0c58-4189-a40b-401902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694548" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "0578001d-8b3e-44c0-85f2-81c98b2bb4f9" ,
"value" : "30866adc2976704bca0f051b5474a1ee"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694548" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "039b6974-6aaf-4914-8e6e-786657a529c4" ,
"value" : "aedb48dddf563a061612d4fcb4d6ffff7fb488ee"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694549" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "ce20da7a-771a-4496-85f2-494b3203287c" ,
"value" : "cbb14352ed58821ecb25fd65f2b56347adba26dfd627a70a170e16268a207c5e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694549" ,
"uuid" : "8623016d-644d-467c-8602-ff74ee05f7f8" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694549" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "aa9a9308-5091-4579-b33e-8b0fb4b7a8ce" ,
"value" : "2018-09-21T18:14:10"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694549" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "92b50e42-dd13-46c7-91fc-09b5e623207d" ,
"value" : "https://www.virustotal.com/file/cbb14352ed58821ecb25fd65f2b56347adba26dfd627a70a170e16268a207c5e/analysis/1537553650/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694550" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "251f3de0-bf95-4b5a-910e-2cb1cb441544" ,
"value" : "48/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694553" ,
"uuid" : "6eff1270-08db-4992-b573-f41d1aa05b2b" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "6eff1270-08db-4992-b573-f41d1aa05b2b" ,
"referenced_uuid" : "13a3b942-0812-4f2a-a58e-f14b92b6e260" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-ff48-4f6e-aa82-4f0702de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694550" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "db2b2235-666d-41fd-98c9-56aabe5daec0" ,
"value" : "5f1a1ff9f272539904e25d300f2bfbcc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694550" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "31dc1595-07f7-44cd-b33b-acd2dce76a00" ,
"value" : "0d6884dc6079bc311e639d7480c7eaed4a895dfc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694551" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1b3c9791-c363-43f0-8432-a849c1705e9f" ,
"value" : "75f96a7162b6cb83d323822d80df64cbfeff44d1f64b4f72effec5e4793aecf5"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694551" ,
"uuid" : "13a3b942-0812-4f2a-a58e-f14b92b6e260" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694551" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "6eb11188-9617-4e3a-9af9-0d37ca8a90b7" ,
"value" : "2018-09-21T10:51:31"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694552" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "69471216-9dc4-4caf-9378-4f6e126fc135" ,
"value" : "https://www.virustotal.com/file/75f96a7162b6cb83d323822d80df64cbfeff44d1f64b4f72effec5e4793aecf5/analysis/1537527091/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694552" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "eb8783b4-e6c2-4c81-a98d-ef0447e7d5b6" ,
"value" : "53/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694555" ,
"uuid" : "d9155481-509c-4342-83e1-fdb989fece74" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "d9155481-509c-4342-83e1-fdb989fece74" ,
"referenced_uuid" : "2cbdceb9-9582-4d00-9603-95e109d2a651" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-e154-4190-a9a9-43d902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694552" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "f0099ba3-9683-4825-9029-7887f08f3304" ,
"value" : "fb427874a13f6ea5e0fd1a0aec6a095c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694553" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "66b4c853-c533-4a9f-a0b9-6ba6b2beabc0" ,
"value" : "0b16345be744668db8cd40a40207b14ba6d85bea"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694553" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "bb701be0-be1a-4f25-8f48-d990dc9aeea3" ,
"value" : "f97af27e06b7d542d408034f2f8c5452bd236f520670a21721d2fbb2feb107f2"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694553" ,
"uuid" : "2cbdceb9-9582-4d00-9603-95e109d2a651" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694554" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5c8ec832-5a02-4844-b6c7-e76d6fed0489" ,
"value" : "2018-09-22T19:22:46"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694554" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "9f979a03-f109-4e69-88b2-0d49934288d6" ,
"value" : "https://www.virustotal.com/file/f97af27e06b7d542d408034f2f8c5452bd236f520670a21721d2fbb2feb107f2/analysis/1537644166/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694554" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "02d92cc2-7895-45cc-900b-d283d10a1eca" ,
"value" : "51/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694557" ,
"uuid" : "2f0b0487-3ff0-459a-a2d4-737449836d42" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2f0b0487-3ff0-459a-a2d4-737449836d42" ,
"referenced_uuid" : "784abc9d-1366-45a8-8d4a-5932ba6e86be" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-d640-4539-97d1-49ba02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694555" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "cb577ffd-cc1e-4116-8152-8889236e352f" ,
"value" : "382132e601d7a4ae39a4e7d89457597f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694555" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "34fcab73-085c-4bfb-b06e-8db0b3ced22f" ,
"value" : "08cceecd61ebddb1f98f8d9705a6464224607090"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694555" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "8a73f5d2-d671-4645-be55-05e7f74dd955" ,
"value" : "b78f456a4e0c453048635b647f4ccbfa4fdb0e28916ace81ba36c752b18d9eb3"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694556" ,
"uuid" : "784abc9d-1366-45a8-8d4a-5932ba6e86be" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694556" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "6e0115d5-542e-4755-af31-7c37a21928e5" ,
"value" : "2018-09-21T18:16:13"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694556" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "fd2cc4b4-c781-409d-a787-15fd673e5c28" ,
"value" : "https://www.virustotal.com/file/b78f456a4e0c453048635b647f4ccbfa4fdb0e28916ace81ba36c752b18d9eb3/analysis/1537553773/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694557" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "c9a45501-1771-40ce-9229-cc5da04942b1" ,
"value" : "43/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694560" ,
"uuid" : "d82f7273-8250-4f95-a746-79384c4fb401" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "d82f7273-8250-4f95-a746-79384c4fb401" ,
"referenced_uuid" : "a7240cf5-787b-4e31-8bac-1bae79aff797" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-b310-4a7c-a7f5-439c02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694557" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "347f05a1-cc34-44ec-bfed-36c7c10a2f81" ,
"value" : "f29abd84d6cdec8bb5ce8d51e85ddafc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694557" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f32281b4-c002-414f-af91-3c7a139832eb" ,
"value" : "9b45be84dc3774436d5a3f6a0d105e91b351c0f1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694559" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "91c386d3-4719-4ddd-8b01-501de88c30e5" ,
"value" : "22c79081068b05f92a1e3c7022905b3dd49efea03a79919aa2a0df626bf3549d"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694560" ,
"uuid" : "a7240cf5-787b-4e31-8bac-1bae79aff797" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694560" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "22cdd8e8-05b4-4181-ba3b-19f930d9b72a" ,
"value" : "2018-09-21T10:50:52"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694560" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "45402676-463e-49f5-b837-2df3b86025fd" ,
"value" : "https://www.virustotal.com/file/22c79081068b05f92a1e3c7022905b3dd49efea03a79919aa2a0df626bf3549d/analysis/1537527052/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694561" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bd2936e7-915c-40af-8134-592da36f11c5" ,
"value" : "39/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694564" ,
"uuid" : "a658fb8e-6a95-4a1f-bd72-bd6cc86b8d49" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a658fb8e-6a95-4a1f-bd72-bd6cc86b8d49" ,
"referenced_uuid" : "dd4cf0fe-bf88-4ba7-bfd6-660d9b012a47" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-d164-4161-be1a-48ab02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694561" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d2c8aba8-c45b-4aa1-8e26-42e668f0c22e" ,
"value" : "1374e999e1cda9e406c19dfe99830ffc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694561" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "dcbe2476-fb7f-43a5-b20f-92d433e0d348" ,
"value" : "928d22fb0926d92536d21f651fafe89d77e8b328"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694562" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "f9256f6a-2cb0-4e07-97d7-ede259a254e1" ,
"value" : "40904ec096c1e2b4f40f66f9bcaaa7a13dd6b62131b6189f06d6bdc7d36dbf39"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694562" ,
"uuid" : "dd4cf0fe-bf88-4ba7-bfd6-660d9b012a47" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694562" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "1b228e93-fa9c-42cf-949d-57e3b8cff1df" ,
"value" : "2018-09-21T10:51:12"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694563" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "1d74c2b3-81b7-411f-a4ff-8045815f9fd3" ,
"value" : "https://www.virustotal.com/file/40904ec096c1e2b4f40f66f9bcaaa7a13dd6b62131b6189f06d6bdc7d36dbf39/analysis/1537527072/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694563" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "ce14ff02-78a8-4c10-af4c-e732f48abdad" ,
"value" : "52/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694566" ,
"uuid" : "a9f0d30e-220b-4af6-bdc7-8fc67068f85b" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a9f0d30e-220b-4af6-bdc7-8fc67068f85b" ,
"referenced_uuid" : "5e031e69-d3b3-419f-a7ca-f7db193fb446" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-799c-480b-a7a0-4de102de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694563" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "7dd65b83-4d20-4dca-b5f8-5d500c560f2e" ,
"value" : "27f683baed7b02927a591cdc0c850743"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694564" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "dba54687-2501-4207-b322-2afec56f34cf" ,
"value" : "8493d51533b607548d8afecd48916db669986577"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694564" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "89bc6ee4-ae79-4880-a0f8-eee3cad40db8" ,
"value" : "312e4e9a74c3e55e4c30cf0bb507ad0678ad0a8495e80bc0d418e67e5d681a52"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694564" ,
"uuid" : "5e031e69-d3b3-419f-a7ca-f7db193fb446" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694564" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f6031b58-d348-4607-a4db-9ad5fcb940e6" ,
"value" : "2018-09-21T10:51:18"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694565" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "3d7cb8f2-f4d3-430d-9ed0-66ea52306647" ,
"value" : "https://www.virustotal.com/file/312e4e9a74c3e55e4c30cf0bb507ad0678ad0a8495e80bc0d418e67e5d681a52/analysis/1537527078/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694565" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "fbd14770-fb9d-4532-a6a9-b8f6b105ac2a" ,
"value" : "48/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694568" ,
"uuid" : "c2eda666-d5fd-4299-abcf-511caa91b288" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "c2eda666-d5fd-4299-abcf-511caa91b288" ,
"referenced_uuid" : "1319a600-571b-4028-aef4-eebb0e290869" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-d138-4304-a87b-485f02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694565" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5501367d-3e0b-4035-bb5e-b88b89bf8cab" ,
"value" : "0595f5005f237967dcfda517b26497d6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694566" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "279b4d51-e40e-49d5-b9c5-9db02430ef00" ,
"value" : "543558d709056451df0253fc0bd35ad4237baa6d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694566" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "38320233-ceb6-4e31-b704-5f147c7f4413" ,
"value" : "d40a7d85a9059a0adb1a2e19cde994938a30a205185d9d23f16b544ca92f6ab0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694567" ,
"uuid" : "1319a600-571b-4028-aef4-eebb0e290869" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694567" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "406bb582-cf0f-4d38-93a3-c9febed57f05" ,
"value" : "2018-09-21T10:51:08"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694567" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "709221f4-289e-4ace-ad3f-1fa6a163d582" ,
"value" : "https://www.virustotal.com/file/d40a7d85a9059a0adb1a2e19cde994938a30a205185d9d23f16b544ca92f6ab0/analysis/1537527068/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694568" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "cebf45b0-01b6-4038-b3e2-dc1412b06441" ,
"value" : "42/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694571" ,
"uuid" : "2c797c1a-3ac9-436a-a91e-943dc5b54a90" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2c797c1a-3ac9-436a-a91e-943dc5b54a90" ,
"referenced_uuid" : "92fd93d5-e716-4a3a-aa37-cdbc161734bb" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-2954-43c7-aa59-45ce02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694568" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1f97adbd-bb20-423e-b1ff-6dc57997b75c" ,
"value" : "168365197031ffcdbe65ab13d71b64ec"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694568" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "26c31230-7185-4ae9-b5f2-e7786697fd9a" ,
"value" : "6093534218644bc814afadf381194f74a6588f64"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694568" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7fa625a4-98c4-48bd-82c0-c295f284c27f" ,
"value" : "4c85aa3428d3c59e1a8c2279146f724b3e1c47dcf407a9ae35881aebfc82cf2a"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694569" ,
"uuid" : "92fd93d5-e716-4a3a-aa37-cdbc161734bb" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694569" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "81e9892c-99b9-4417-b2d4-7f9a3c28b604" ,
"value" : "2018-09-21T09:09:44"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694569" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "0056b7ba-2d2c-438f-9a4d-a984a01b510e" ,
"value" : "https://www.virustotal.com/file/4c85aa3428d3c59e1a8c2279146f724b3e1c47dcf407a9ae35881aebfc82cf2a/analysis/1537520984/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694570" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "f5531901-ffcd-4cb2-ba25-ae5773455fd7" ,
"value" : "51/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694573" ,
"uuid" : "72de1a87-86d9-447b-b11a-ee8083950255" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "72de1a87-86d9-447b-b11a-ee8083950255" ,
"referenced_uuid" : "b3912e6d-dc4c-4620-8781-0b1139f165fb" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-a8e4-4683-8b64-419302de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694570" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "679d7dc3-d995-44ea-8789-61ccaac83918" ,
"value" : "d61c583eba31f2670ae688af070c87fc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694570" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "09b62153-46d5-41d4-a855-7d1e73c7bf71" ,
"value" : "c27ead6b5fe4ed922b09ba7d1e6dd52131c4e27e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694571" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "33a2a96e-48e6-409a-9fe3-68b12f8be009" ,
"value" : "fb9fba39d3826b854185c355e36701c57a436be957074a394972bc18a546cddd"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694571" ,
"uuid" : "b3912e6d-dc4c-4620-8781-0b1139f165fb" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694571" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "b6fbbece-066a-40b2-ae07-185ef2c4bd99" ,
"value" : "2018-09-21T10:50:45"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694572" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "2cb38a7d-cdac-493b-842a-2c77a33d06c7" ,
"value" : "https://www.virustotal.com/file/fb9fba39d3826b854185c355e36701c57a436be957074a394972bc18a546cddd/analysis/1537527045/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694572" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4d33b4ce-376a-4c71-a3a0-a9660fa6dc54" ,
"value" : "45/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694575" ,
"uuid" : "bff4dc5f-b475-4eab-b39e-6d76c399bdf1" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "bff4dc5f-b475-4eab-b39e-6d76c399bdf1" ,
"referenced_uuid" : "af91b79c-b917-4d0b-8589-13ae63b09b55" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-8518-4320-827d-4c7402de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694572" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "3dc09a98-3b81-4cb6-b931-cc07427e8f24" ,
"value" : "d12099237026ae7475c24b3dfb5d18bc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694572" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "0099ba90-3989-470b-b8b1-bbd379190716" ,
"value" : "3262d76e9d57b9c6badd060f68af8e76f9009a18"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694573" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7056a96e-945b-4021-9864-7d626b6ae752" ,
"value" : "b15eb055fd2c69f3f593d28ae4744a4ca55c652cc73b9966cfd0adc0b5be7010"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694573" ,
"uuid" : "af91b79c-b917-4d0b-8589-13ae63b09b55" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694573" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f2a9c071-c90d-4381-8d61-c0f98399f91d" ,
"value" : "2018-09-21T10:50:44"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694574" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "f365c65c-63b4-42a0-8820-176399f2822d" ,
"value" : "https://www.virustotal.com/file/b15eb055fd2c69f3f593d28ae4744a4ca55c652cc73b9966cfd0adc0b5be7010/analysis/1537527044/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694574" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e045cc57-02a1-4a2a-9c5d-53c900bbfb0b" ,
"value" : "40/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694577" ,
"uuid" : "f735def4-50ac-47f3-b313-ae445d03de3d" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "f735def4-50ac-47f3-b313-ae445d03de3d" ,
"referenced_uuid" : "6a289522-91a7-4609-80d6-c4c109234f0a" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-2564-4b00-81c1-4bb202de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694574" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "45f89ddd-65b9-446f-9b0b-9bf9135039bb" ,
"value" : "7639ed0f0c0f5ac48ec9a548a82e2f50"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694575" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "0a2f0c46-48df-44cb-8d0f-8bf2fa6d23b9" ,
"value" : "24e64441ceab3bc0a6a292d68b2c90dfd90616c7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694575" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "504f0709-df0a-4bf2-a851-31dbe1ba369a" ,
"value" : "b00efb298d25d6e473f3d7cd2d52c939f3a1d54bc0f9a9ad9b119c46d7bcb5ed"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694575" ,
"uuid" : "6a289522-91a7-4609-80d6-c4c109234f0a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694576" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5b25448e-040c-41c6-9a58-66c79822973c" ,
"value" : "2018-09-21T10:51:36"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694576" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "643c8596-4c8b-47bc-8d9f-9d90d39e1368" ,
"value" : "https://www.virustotal.com/file/b00efb298d25d6e473f3d7cd2d52c939f3a1d54bc0f9a9ad9b119c46d7bcb5ed/analysis/1537527096/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694576" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "75434be7-62f1-4322-bf3c-4ecec2496bc8" ,
"value" : "45/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694579" ,
"uuid" : "99f47a6f-c1c1-42d0-ba22-f020fc3c9f40" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "99f47a6f-c1c1-42d0-ba22-f020fc3c9f40" ,
"referenced_uuid" : "1bf928af-721d-45a6-84f7-4be5aaa714c7" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-0df0-4a93-a0bd-4a5a02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694576" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "cc0e8c8c-5bbc-4d01-bb36-f09f0b7f6d62" ,
"value" : "9bcb41da619c289fcfdf3131bbf2be21"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694577" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "3f404450-c961-45fc-9d7b-aa98ad5a6507" ,
"value" : "370dc9aabb76ddae641cf18e13c24ae6bcb3660b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694577" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "bb5a82f2-8b54-45a2-b8d6-e10b4934023e" ,
"value" : "4c0aa63c95b3c0ee732c35a853ac18c988f3bf65bef8a2bcb2e963622b48c366"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694578" ,
"uuid" : "1bf928af-721d-45a6-84f7-4be5aaa714c7" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694578" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "973cfe28-e575-4fec-b8a9-bf899294c69a" ,
"value" : "2018-09-21T10:50:27"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694580" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "38aa7cd3-9d7b-4f24-82b8-25e692999435" ,
"value" : "https://www.virustotal.com/file/4c0aa63c95b3c0ee732c35a853ac18c988f3bf65bef8a2bcb2e963622b48c366/analysis/1537527027/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694581" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4aced3d1-230e-4daf-bdd4-2cc6fe17062d" ,
"value" : "39/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694584" ,
"uuid" : "1c11c495-f526-4948-9088-020b5e6e2d38" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "1c11c495-f526-4948-9088-020b5e6e2d38" ,
"referenced_uuid" : "e2aebd7e-dc8e-417b-9cc2-6a50637071f6" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-4840-47fc-ab26-4fb802de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694581" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "42cb7e31-089e-4b4b-ac9f-aee0e5b76b2e" ,
"value" : "67d5f04fb0e00addc4085457f40900a2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694582" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "2fe49c67-6017-4289-9f2c-63eb38d2934f" ,
"value" : "ffd993e5e86c1dad3dcb2aa97d92251b0d961ff6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694583" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7d7a19aa-8d0a-49f3-b7d9-31f6d4516c1c" ,
"value" : "7183fcea2b551ceb0f95968d29c81012a19e80e43336fb6e3f6a0aed8458ba99"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694583" ,
"uuid" : "e2aebd7e-dc8e-417b-9cc2-6a50637071f6" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694583" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "50b69b3a-5a63-4dd3-9fd5-91131d0a9f40" ,
"value" : "2018-09-21T10:51:34"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694584" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "a8d7ac15-9a7d-4179-bf6d-983753fdd8a1" ,
"value" : "https://www.virustotal.com/file/7183fcea2b551ceb0f95968d29c81012a19e80e43336fb6e3f6a0aed8458ba99/analysis/1537527094/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694584" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "6105bdfe-7d8c-4fe6-9033-4479ef5d7504" ,
"value" : "36/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694587" ,
"uuid" : "ba0d3c10-f57e-4570-8e5a-55f03a491d87" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "ba0d3c10-f57e-4570-8e5a-55f03a491d87" ,
"referenced_uuid" : "4dc2689b-d495-49a3-aee0-4b2e47f3f359" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-2b10-45c7-a070-415902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694584" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "e0fe7957-4e3d-477f-904c-9b91bce63708" ,
"value" : "bfb9d13daf5a4232e5e45875e7e905d7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694585" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "970b0444-e1ef-4023-8ccd-34044ce7d779" ,
"value" : "75e4b344233a7cacebc093a94d5d56b8bf56ff9f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694586" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7e5c194f-8cb7-4cb9-946b-e5acff650eb7" ,
"value" : "d4d13196cfa047eaddfba3ac7b37e1e9318656b6bc6cb86488c0565a205a03a2"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694587" ,
"uuid" : "4dc2689b-d495-49a3-aee0-4b2e47f3f359" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694587" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "d72f60d8-630d-4568-afff-57a0a512b75f" ,
"value" : "2018-09-21T10:50:40"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694587" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "1274846e-e120-4100-98de-5fd4d53b0d97" ,
"value" : "https://www.virustotal.com/file/d4d13196cfa047eaddfba3ac7b37e1e9318656b6bc6cb86488c0565a205a03a2/analysis/1537527040/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694588" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "1c033929-84c1-49fb-854f-040ae7cb43b1" ,
"value" : "51/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694591" ,
"uuid" : "f21277e4-9713-45b6-b667-9babb4dcbd54" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "f21277e4-9713-45b6-b667-9babb4dcbd54" ,
"referenced_uuid" : "841e0c38-753d-4fce-a040-b602c82983bd" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-a340-4173-91c1-42d902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694588" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "cfd445f8-5f9f-4d70-9409-7ab0f2759b0c" ,
"value" : "c8fd2748a82e336f934963a79313aaa1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694588" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "44420c7a-fd89-4ba8-ab45-fe55a5976b5b" ,
"value" : "6271085a01acbd95a590f78728807e7033b27bea"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694589" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "0be46536-97f8-47f5-bede-701c9f2c30c5" ,
"value" : "0d3af97f8c80b68e879729f40bdaa2a10b0c99d8f3540c5f62700a88ef08f98a"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694589" ,
"uuid" : "841e0c38-753d-4fce-a040-b602c82983bd" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694589" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "91867087-a710-4096-afc4-062911b1508e" ,
"value" : "2018-09-21T10:50:43"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694589" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "674c49eb-a80e-48d8-927c-dea95a9390f7" ,
"value" : "https://www.virustotal.com/file/0d3af97f8c80b68e879729f40bdaa2a10b0c99d8f3540c5f62700a88ef08f98a/analysis/1537527043/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694591" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "27e13fe6-7201-4a2f-b063-95cc2139d1a3" ,
"value" : "53/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694594" ,
"uuid" : "63ff17d8-275b-4310-95d2-dc943fffa9f1" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "63ff17d8-275b-4310-95d2-dc943fffa9f1" ,
"referenced_uuid" : "526826c7-3e74-4e58-9b6b-22a80d3a9ba2" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-1074-4ccf-ba70-4fe902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694591" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "a0d765fd-4211-4aa6-987a-1c3f206a2c4c" ,
"value" : "b244cced7c7f728bcc4d363f8260090d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694591" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "7e8d3fbb-cb2a-4ac3-b3fd-a6144cb62ba8" ,
"value" : "616bd68ae7f6168df32009a679a2970399c437ae"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694592" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "57c94c52-9aa8-4a29-8ab9-7ef98261c207" ,
"value" : "2a63a346a26f22d980cfa2cb863d0c91e62ea90d81ced1c71501725ec516de1e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694592" ,
"uuid" : "526826c7-3e74-4e58-9b6b-22a80d3a9ba2" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694592" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "880ae873-df7b-4de4-8404-9495de5c4ff1" ,
"value" : "2018-09-21T10:50:36"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694593" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "2bd60883-5707-4b1b-afea-e41450787d7c" ,
"value" : "https://www.virustotal.com/file/2a63a346a26f22d980cfa2cb863d0c91e62ea90d81ced1c71501725ec516de1e/analysis/1537527036/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694593" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "b941ecfb-eb9e-43e1-b3c8-12f730b6e89f" ,
"value" : "42/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694596" ,
"uuid" : "12bd1d1c-2a46-4e79-98d5-eae0dbe24a99" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "12bd1d1c-2a46-4e79-98d5-eae0dbe24a99" ,
"referenced_uuid" : "4768255e-5d81-42c8-88e6-3898a9ba5e48" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694703" ,
"uuid" : "5ba75bef-8ee0-4575-a9c4-48a602de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694593" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d68b5d80-0d95-47b4-b68a-32af51fdfb6f" ,
"value" : "b0be3c5fe298fb2b894394e808d5ffaf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694594" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "bd7fda1e-ddad-48a4-85a7-c35e93f91a50" ,
"value" : "e9651427d918b6191a49f3ef0dd0b60645bad61d"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694594" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "088f01ea-2421-45f9-9a25-d5fba1ba244f" ,
"value" : "c8a25dc2f75bef7a29ebbf657fb5f8e8f8c29716cc0a2c20e1babd405c3ab030"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694595" ,
"uuid" : "4768255e-5d81-42c8-88e6-3898a9ba5e48" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694595" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5488f9b8-b338-4455-aa1c-f8cb9dc814e3" ,
"value" : "2018-09-21T10:50:34"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694595" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "b715a309-d793-4907-8641-c9d09159511c" ,
"value" : "https://www.virustotal.com/file/c8a25dc2f75bef7a29ebbf657fb5f8e8f8c29716cc0a2c20e1babd405c3ab030/analysis/1537527034/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694596" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4c404547-0977-462e-9b87-83f32e164cca" ,
"value" : "52/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694599" ,
"uuid" : "2a2da217-2a5a-49eb-a6b7-5d3fcd1ea2f7" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2a2da217-2a5a-49eb-a6b7-5d3fcd1ea2f7" ,
"referenced_uuid" : "ed58894e-580c-40a0-897c-80b7b475b9b8" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-0110-4d35-a370-410102de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694596" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "9aaa5c10-22c8-41b4-9f84-80362b3c8683" ,
"value" : "4e57987d0897878eb2241f9d52303713"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694596" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "145e1ccd-44fe-4280-ab7b-2361605bd1a5" ,
"value" : "984e4f37cf5c51623110dfa908bcefde86241f96"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694596" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1deddfb2-249d-43f8-af37-6b6a50add0f3" ,
"value" : "547044cb73f1c18ccd92cd28afded37756f749a9338ed7c04306c1de46889d6b"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694597" ,
"uuid" : "ed58894e-580c-40a0-897c-80b7b475b9b8" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694597" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "8cdaf742-8fe7-49f8-a1f3-8bab58095a4c" ,
"value" : "2018-09-21T10:51:28"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694597" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "84034c2f-137b-40eb-a2ec-395a067a273c" ,
"value" : "https://www.virustotal.com/file/547044cb73f1c18ccd92cd28afded37756f749a9338ed7c04306c1de46889d6b/analysis/1537527088/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694598" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "68a78e19-e9b3-49ca-9814-2a9b9208e934" ,
"value" : "53/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694601" ,
"uuid" : "401d0cd8-f794-4bfc-9e5c-61431a13da43" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "401d0cd8-f794-4bfc-9e5c-61431a13da43" ,
"referenced_uuid" : "6a919fd4-ff22-438d-ba20-cfa5a8afa461" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-4ae0-4168-82db-453502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694598" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5bee045e-79b5-49dc-b3b3-5d3b0f9fb1ee" ,
"value" : "785b24a55dd41c94060efe8b39dc6d4c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694600" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "1b32469c-b0a0-4020-b330-578708777919" ,
"value" : "ff2044144f2ad4a6d98dd94da1d0f53f500351c6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694601" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "894e4891-a617-4fec-8d40-94588464f7c8" ,
"value" : "ce2c2d8be3dcbf71e191d4926a0362d67586fc607ceb27fffad18278fe721de5"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694601" ,
"uuid" : "6a919fd4-ff22-438d-ba20-cfa5a8afa461" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694601" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "4e40495f-f951-4c9c-902d-7dbfab86d8f6" ,
"value" : "2018-09-21T10:51:38"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694602" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "7b92a444-c328-4d26-884b-50e462b2cc92" ,
"value" : "https://www.virustotal.com/file/ce2c2d8be3dcbf71e191d4926a0362d67586fc607ceb27fffad18278fe721de5/analysis/1537527098/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694602" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "42a29693-f1ee-45c0-8b22-0f15beb929de" ,
"value" : "43/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694605" ,
"uuid" : "8f3ce353-a61f-4425-a1a4-1e01f04ed4ad" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "8f3ce353-a61f-4425-a1a4-1e01f04ed4ad" ,
"referenced_uuid" : "5eff387f-c392-44d6-bee8-659b30d49041" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-faa4-4973-8be0-47cf02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694602" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d456bb53-d802-49b6-95d3-28fcfed3c199" ,
"value" : "a73d3f749e42e2b614f89c4b3ce97fe1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694603" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "2bf12e7e-ce30-40af-b760-069c0b64559c" ,
"value" : "d8936d694837a5d399c0c83ea3cfc7946c356f1c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694603" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "a6c76f04-71b5-42f8-a39c-fc4cf45b4e0d" ,
"value" : "c6f43fd39a89aea67895598aaadebb39ad18135541cead0f67dcea7197341fd6"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694604" ,
"uuid" : "5eff387f-c392-44d6-bee8-659b30d49041" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694604" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "bce0cc6b-5109-4bee-9c05-8035981d5994" ,
"value" : "2018-09-22T07:20:52"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694604" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "f299a54a-4ae7-498e-a05f-ce2cca0ee8f3" ,
"value" : "https://www.virustotal.com/file/c6f43fd39a89aea67895598aaadebb39ad18135541cead0f67dcea7197341fd6/analysis/1537600852/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694605" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "f6b58b35-bb94-4340-a081-6c5d37e47c6f" ,
"value" : "48/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694608" ,
"uuid" : "c12a9ac4-cdab-4f7b-b273-de78445ab0d8" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "c12a9ac4-cdab-4f7b-b273-de78445ab0d8" ,
"referenced_uuid" : "547d81bd-058f-4817-9acb-a062287e5b5f" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-7b48-44c7-b9cf-49be02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694605" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "76a0d9db-427e-4fd7-a69c-f4371da55cae" ,
"value" : "9b925250786571058dae5a7cbea71d28"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694605" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "dc02db89-3b39-4294-85d8-85afc3de6810" ,
"value" : "e45f44ba4e791c7bdeea06d7426dab4210caa73a"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694605" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "48de07f1-2cf7-453f-9f73-b0273c436c02" ,
"value" : "442fa4a30d83c78cf13a42e8f5ef8ff09709ed2c5c14952a7f22edea00e12ce2"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694606" ,
"uuid" : "547d81bd-058f-4817-9acb-a062287e5b5f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694606" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ba7526f2-a0a1-4d65-87c1-60b19cc8845c" ,
"value" : "2018-09-22T06:20:55"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694606" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "17f8fb14-cfcd-4a24-aa3a-027dc3643a3c" ,
"value" : "https://www.virustotal.com/file/442fa4a30d83c78cf13a42e8f5ef8ff09709ed2c5c14952a7f22edea00e12ce2/analysis/1537597255/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694607" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "f76f47a7-edfe-44aa-b7d9-69a81875ee6c" ,
"value" : "21/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694610" ,
"uuid" : "11bced4f-9039-4e82-838d-5688c1bddb37" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "11bced4f-9039-4e82-838d-5688c1bddb37" ,
"referenced_uuid" : "f600dcd4-6430-4be1-beeb-a60e806f90c1" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-8f70-4567-8330-472802de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694607" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "0213cfac-4b48-4523-a7fa-1b3f7e833588" ,
"value" : "7deeb1b3cce6528add4f9489ce1ec5d6"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694607" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "cef8c74e-87fb-449b-bdef-6284985bac1f" ,
"value" : "70d5e2f4364457bd9ac93ba63e9b872c0b0871bd"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694608" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "09bc4811-71a8-4727-934f-c7c554d55eac" ,
"value" : "820c116a4ae66866c68e4538bdbecef902c97450b8f0356c62df937a4a18cf22"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694608" ,
"uuid" : "f600dcd4-6430-4be1-beeb-a60e806f90c1" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694608" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "fe3c4a25-2850-4226-9004-c3c7ec24418c" ,
"value" : "2018-09-22T00:57:45"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694609" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "c6dd2e99-e630-40cb-ad5f-8d0d66579cd0" ,
"value" : "https://www.virustotal.com/file/820c116a4ae66866c68e4538bdbecef902c97450b8f0356c62df937a4a18cf22/analysis/1537577865/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694609" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "fb31eba8-6d45-4873-99c0-a0a7dd2dd1ab" ,
"value" : "50/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694612" ,
"uuid" : "49f6313e-e099-4213-a317-6d85c224e83e" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "49f6313e-e099-4213-a317-6d85c224e83e" ,
"referenced_uuid" : "73cf0468-dea2-45f7-90d3-4c207761f92c" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-f81c-4e49-82c0-4ecb02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694609" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "964bede0-a0c5-46c5-b157-781d232db108" ,
"value" : "f3ed0632cadd2d6beffb9d33db4188ed"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694609" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "8aa936fe-1181-404a-ab5b-ee0bebfdbb5b" ,
"value" : "552080bb79e365712708eab4bef9096aa24c5ba2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694610" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "2fc7ec50-a212-429e-8f02-59858fd223f4" ,
"value" : "f00cb6e8e88b57d23cc45f937ab96e67ad6a4c75fd61a4e4f86ead1187c53dae"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694610" ,
"uuid" : "73cf0468-dea2-45f7-90d3-4c207761f92c" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694610" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "96ad75bf-75cf-479b-b3fb-c7266b40bd0c" ,
"value" : "2018-09-22T05:54:46"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694611" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "72bf76a4-c8ea-4557-881b-16251170e0b8" ,
"value" : "https://www.virustotal.com/file/f00cb6e8e88b57d23cc45f937ab96e67ad6a4c75fd61a4e4f86ead1187c53dae/analysis/1537595686/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694611" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4d5624b7-6a15-459c-8ad0-bd4d3e81716f" ,
"value" : "47/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694614" ,
"uuid" : "33541140-082c-4308-942a-ef0d299c56a5" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "33541140-082c-4308-942a-ef0d299c56a5" ,
"referenced_uuid" : "408e6466-ddd8-4840-ada2-14ff5c5163b5" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-0d30-482a-9d1e-461302de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694611" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b1bd9043-85f6-4545-a903-5d2166f63aee" ,
"value" : "bd4b579f889bbe681b9d3ab11768ca07"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694612" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "7233bf09-b4f9-40ca-8c32-b25252f7c4cd" ,
"value" : "753a6fd11eafd17d4aa79d9f3825a256e444ba1b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694612" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "08619410-605e-4523-aa3d-565966f45074" ,
"value" : "6f8b7a9483441f87e1aa17808432feb8db1eb7a44fcd9c1023effb27acd3e249"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694613" ,
"uuid" : "408e6466-ddd8-4840-ada2-14ff5c5163b5" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694613" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "8d964669-4cc2-4a73-811d-db08f8d1a08a" ,
"value" : "2018-09-21T10:50:39"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694613" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "8b4ae7e8-b161-454e-b5e3-3da5d4298e73" ,
"value" : "https://www.virustotal.com/file/6f8b7a9483441f87e1aa17808432feb8db1eb7a44fcd9c1023effb27acd3e249/analysis/1537527039/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694614" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "dcbfb9b3-a021-4859-ba1b-cafdc1ff99b5" ,
"value" : "52/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694617" ,
"uuid" : "40baef43-65a2-44a6-a996-68b5cb71c8a6" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "40baef43-65a2-44a6-a996-68b5cb71c8a6" ,
"referenced_uuid" : "8198ecf8-eb74-4d87-a6b7-16155bd5901b" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-aa34-43aa-b047-4d3d02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694614" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1552c58b-81a5-4cf4-a9e5-6cd68bb1bc1a" ,
"value" : "2c405d608b600655196a4aa13bdb3790"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694614" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f9e3bb9f-3574-4b8b-9a78-831db0eb2f87" ,
"value" : "4fa96ef13030265a11f04c8ae486764d55d9a409"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694614" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "9a9887ce-f0ca-4d2c-b7e2-7430ddf98d45" ,
"value" : "96cfe4961aa1eb44c6ef1b0bf07dae771b9dba32fb8c0ff6a20f1cc6acfdcc14"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694615" ,
"uuid" : "8198ecf8-eb74-4d87-a6b7-16155bd5901b" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694615" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "9d462747-6e04-4f91-9d03-66ed0a7bace9" ,
"value" : "2018-09-21T10:51:21"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694615" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "912880e9-9f93-4d0d-82ef-d4eddd3406ac" ,
"value" : "https://www.virustotal.com/file/96cfe4961aa1eb44c6ef1b0bf07dae771b9dba32fb8c0ff6a20f1cc6acfdcc14/analysis/1537527081/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694616" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "92805593-8893-4841-8951-33872c182a0d" ,
"value" : "50/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694619" ,
"uuid" : "86d0b603-5f6d-4561-994e-23ed074fc952" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "86d0b603-5f6d-4561-994e-23ed074fc952" ,
"referenced_uuid" : "18076f4e-3c02-423f-9441-f5cba4f88f01" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-4d38-4fca-95e1-49aa02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694616" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "46a774be-5414-43a5-8be3-d30556b4fcac" ,
"value" : "0fb92524625fffda3425d08c94c014a1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694619" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "fc7fd435-8258-4445-9a96-0631c64da4b7" ,
"value" : "53d6219113eac8740ed379d6512dffea4b44b04b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694619" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3c68a612-34f4-425f-a78d-022e592aefe5" ,
"value" : "31cdc43d47e72c34837ebc25c6207f214af5130d2d6b6d918e45064ed82f8e99"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694620" ,
"uuid" : "18076f4e-3c02-423f-9441-f5cba4f88f01" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694620" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "c7f43192-c139-41e2-8d1f-351d9f803d93" ,
"value" : "2018-09-21T08:07:44"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694620" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "4b84f5b5-612b-4859-ad7b-ef3c4459cfed" ,
"value" : "https://www.virustotal.com/file/31cdc43d47e72c34837ebc25c6207f214af5130d2d6b6d918e45064ed82f8e99/analysis/1537517264/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694621" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "c83ef59d-0368-46e7-8d03-d7416351abfe" ,
"value" : "53/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694624" ,
"uuid" : "60fef33c-fd9a-4bdb-a962-d3004d1de221" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "60fef33c-fd9a-4bdb-a962-d3004d1de221" ,
"referenced_uuid" : "74fab901-678d-4742-b4a2-d8686e4520ae" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-b8a0-4b08-9216-4f1e02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694621" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d3f6abcb-3aa3-4508-8ef3-2d9011afce4f" ,
"value" : "517c81b6d05bf285d095e0fd91cb6f03"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694621" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f4ee88a4-e30b-467c-968b-a0afdd2f44c9" ,
"value" : "8bc85a1d0fbeb8e936477e689a1c189cb02367f4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694622" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "b5e848d6-7a84-475b-970f-0103ddccd982" ,
"value" : "5a133f744e772a3f0f9c4edad20cc8d9edbef12e1f3f7ef69c44b262bd6fa637"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694622" ,
"uuid" : "74fab901-678d-4742-b4a2-d8686e4520ae" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694622" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "311b9cb0-0ac4-4b94-a93f-40f358c077cb" ,
"value" : "2018-09-21T18:02:29"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694623" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "3cf25b6d-d436-472d-a527-96a5c5e3c6d0" ,
"value" : "https://www.virustotal.com/file/5a133f744e772a3f0f9c4edad20cc8d9edbef12e1f3f7ef69c44b262bd6fa637/analysis/1537552949/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694623" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "a025846a-23ed-419b-9533-7f30ced3d442" ,
"value" : "50/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694626" ,
"uuid" : "2eceb572-6770-4ebf-84b5-f91e784adbf0" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2eceb572-6770-4ebf-84b5-f91e784adbf0" ,
"referenced_uuid" : "b3fda510-d265-4f97-8b83-6b4a848eb34e" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-d7fc-475a-aa9a-41e502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694623" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b06c707a-9a79-4612-a82e-6b295d9cfb7b" ,
"value" : "2a96042e605146ead06b2ee4835baec3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694623" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "ad432906-3c25-4bbe-9150-70947eb043b1" ,
"value" : "a402cf9d79cd6918ec23b526908557e7cb38ad0f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694624" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "8132c7e5-07ee-4682-8e74-e05f82061fa3" ,
"value" : "9fb0b4f9f841b8a5f9d71bbbea6c58e79fdbf7a35aff91486eaaa9eb214a52b2"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694624" ,
"uuid" : "b3fda510-d265-4f97-8b83-6b4a848eb34e" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694624" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "aae8e05b-4f43-4b6a-957b-b77f9a7dd6cd" ,
"value" : "2018-09-21T10:51:19"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694625" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "11aeac13-0021-474b-a37b-22417bd0cff7" ,
"value" : "https://www.virustotal.com/file/9fb0b4f9f841b8a5f9d71bbbea6c58e79fdbf7a35aff91486eaaa9eb214a52b2/analysis/1537527079/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694625" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4365abea-d575-4222-8bda-01b5e2517e40" ,
"value" : "52/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694628" ,
"uuid" : "9ee93194-67a8-41fe-88a4-3092be74a68f" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "9ee93194-67a8-41fe-88a4-3092be74a68f" ,
"referenced_uuid" : "46e1e879-67d9-453d-8f4c-12052e0a72bd" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-0cf8-4ed8-a91d-4a4b02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694625" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "c9f44055-4555-48df-9ca5-4ebfd1da803a" ,
"value" : "26d7f7aa3135e99581119f40986a8ac3"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694626" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "6acf7597-7bad-418e-89c4-4ee1bcbc973d" ,
"value" : "1fc17289ac0b7bde86d565e488d66c526ee2b5fb"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694626" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "24a1153c-e912-486c-ae25-71138b7e79b4" ,
"value" : "1d713ad7ee3a43432d6188707943ee9ef07241bbc7bda376a068989d7a248143"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694626" ,
"uuid" : "46e1e879-67d9-453d-8f4c-12052e0a72bd" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694627" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "04f75a60-f331-428f-a2b7-18e37fd3dd05" ,
"value" : "2018-09-21T18:14:57"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694627" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "2cb22900-2efb-439c-b7c3-0fbf5fbfea53" ,
"value" : "https://www.virustotal.com/file/1d713ad7ee3a43432d6188707943ee9ef07241bbc7bda376a068989d7a248143/analysis/1537553697/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694627" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "38040505-7ef5-4bde-aee2-141556d4d8de" ,
"value" : "44/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694630" ,
"uuid" : "9062c8f4-f246-46a1-8371-000255b8c458" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "9062c8f4-f246-46a1-8371-000255b8c458" ,
"referenced_uuid" : "654be604-ab9f-492f-aa60-356709e29b03" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-5eb8-48ca-a36d-4ad002de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694627" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "45a8fb7f-6501-4616-bc3f-cb274abfe2c1" ,
"value" : "41c7e09170037fafe95bb691df021a20"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694628" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "4f2e02ae-c402-4b0c-b5db-dfe1c5b3d04c" ,
"value" : "7e975f194907e3038614ea0f08f7da9d0a5b21f1"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694628" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "28318a44-b772-4fa5-8ea4-185171a1ea7d" ,
"value" : "3dee749aeacb71e9f62b61d261619fe2e823d42565d8238a76f0ba25a3683cc0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694629" ,
"uuid" : "654be604-ab9f-492f-aa60-356709e29b03" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694629" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "78a91379-6c11-40f6-8ed0-335e2ff8f1b5" ,
"value" : "2018-09-21T18:16:31"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694629" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "e5010591-fb57-48ba-a389-2fd7fe0ad078" ,
"value" : "https://www.virustotal.com/file/3dee749aeacb71e9f62b61d261619fe2e823d42565d8238a76f0ba25a3683cc0/analysis/1537553791/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694630" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "416cea2b-1b73-4bd2-9fac-d93a85961a87" ,
"value" : "50/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694633" ,
"uuid" : "a03621d4-1dee-41cd-be0b-f06db29d0474" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a03621d4-1dee-41cd-be0b-f06db29d0474" ,
"referenced_uuid" : "4d7091dc-cbcb-4122-9e7a-b68faa0e3671" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-b6b8-44e0-b4e2-4b8502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694630" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "6db01ed3-0667-4b22-9399-ce98d24f8d61" ,
"value" : "dde2c03d6168089affdca3b5ec41f661"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694630" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "e463a228-960c-4948-90f7-0bed5ac8fe21" ,
"value" : "5dc1ab28af6baf74bebff6c33a4d4cb59b6bb6fc"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694631" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "3ed8855f-409f-4bad-aa92-ed33017007a0" ,
"value" : "8de2bf21916db6691f4e56b11e000d0c1b898188b54f39284f16f9e4159f776c"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694631" ,
"uuid" : "4d7091dc-cbcb-4122-9e7a-b68faa0e3671" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694631" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "691d29c9-ae7d-4c16-803e-d7f32a1425a2" ,
"value" : "2018-09-21T10:50:47"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694631" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "8853bf99-a715-45b5-992b-d5d6b0404dac" ,
"value" : "https://www.virustotal.com/file/8de2bf21916db6691f4e56b11e000d0c1b898188b54f39284f16f9e4159f776c/analysis/1537527047/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694632" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "59af1045-4916-4a59-9970-63f6b8754473" ,
"value" : "32/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694635" ,
"uuid" : "9b8c0002-f7e5-42d9-949a-d744ff60cfe1" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "9b8c0002-f7e5-42d9-949a-d744ff60cfe1" ,
"referenced_uuid" : "6b2ca901-bd60-41d2-b81a-7cde3dded069" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-bbc8-4eae-9d9f-452c02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694632" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "16306094-bc67-430e-a3c3-84436950718b" ,
"value" : "cda1961d63aaee991ff97845705e08b8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694633" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "fb893592-fb87-4eaf-8e95-ef40c67c884c" ,
"value" : "207689ed6e7ca36b13475fd364f08844788d769f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694633" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "61fd0ed9-7e8b-4ae4-9d14-45226bd4542c" ,
"value" : "408bb7ce6e84fa8a368287b4f8ea07d6d710e5cd07de897dc6e33113ffef44c9"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694633" ,
"uuid" : "6b2ca901-bd60-41d2-b81a-7cde3dded069" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694633" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "b256de89-23f1-43a8-a028-31100c5c186b" ,
"value" : "2018-09-22T13:23:16"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694636" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "42763bb0-e74e-466e-bf57-5fbeea7c1a5c" ,
"value" : "https://www.virustotal.com/file/408bb7ce6e84fa8a368287b4f8ea07d6d710e5cd07de897dc6e33113ffef44c9/analysis/1537622596/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694637" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e00574ca-f4db-4c87-9f08-daa4fd526985" ,
"value" : "54/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694640" ,
"uuid" : "216519b0-9afd-49cc-b1f2-5079ced8ffad" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "216519b0-9afd-49cc-b1f2-5079ced8ffad" ,
"referenced_uuid" : "8edbd400-2aaa-44aa-9c12-9fa86f18d5e9" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-9f54-4936-adc3-43cd02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694637" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "faa1c628-7fc7-4709-ac5e-ad07f28f2951" ,
"value" : "e07ca9f773bd772a41a6698c6fd6e551"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694637" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "5383cd8b-d5d1-4f2b-adc0-c4f9789e6d66" ,
"value" : "bcf831adb7da755f5bd94796004956235da191ac"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694638" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "a5845877-c667-4bc0-bf37-cc8c1d41d0bf" ,
"value" : "1fa633c329f814971afdf13ceea18f13a017a6b7aacf3f8c3ce02a8da4b09903"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694638" ,
"uuid" : "8edbd400-2aaa-44aa-9c12-9fa86f18d5e9" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694638" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "5ba3be12-a6b8-4f75-9342-b8c55a0a277a" ,
"value" : "2018-09-22T16:03:39"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694639" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "01825ddc-761e-49cf-849a-804b37033285" ,
"value" : "https://www.virustotal.com/file/1fa633c329f814971afdf13ceea18f13a017a6b7aacf3f8c3ce02a8da4b09903/analysis/1537632219/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694639" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "40ff8b70-4827-48d1-8d16-85ac8e5868f2" ,
"value" : "50/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694642" ,
"uuid" : "893909c7-2fe3-4d5d-970c-c7c98307aad8" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "893909c7-2fe3-4d5d-970c-c7c98307aad8" ,
"referenced_uuid" : "de329633-daf0-4348-b3a6-eed567af4abc" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694704" ,
"uuid" : "5ba75bf0-6c94-42a4-a478-421a02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694639" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "df2bf505-803d-4e04-8deb-727fb39c0337" ,
"value" : "0e80fca91103fe46766dcb0763c6f6af"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694639" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "b24247fe-8d55-455f-acff-0f9426bf259f" ,
"value" : "cef1805dd588debbc513771540c8613c631a57ef"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694640" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "aec1cbd3-b81e-4298-b14c-a67aa3d487aa" ,
"value" : "c3109787f761b043dbbaeb5b5db1ab949d74149eb751c99936f8cc7c43947ea0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694640" ,
"uuid" : "de329633-daf0-4348-b3a6-eed567af4abc" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694640" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "17cdcef3-8561-4829-afd2-da32a324a47c" ,
"value" : "2018-09-21T10:51:10"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694641" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "f4fd084a-4db2-4bc9-aa4d-0d14b5e1f512" ,
"value" : "https://www.virustotal.com/file/c3109787f761b043dbbaeb5b5db1ab949d74149eb751c99936f8cc7c43947ea0/analysis/1537527070/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694641" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "005854c9-dfb3-488d-99ab-afd2a59acd36" ,
"value" : "42/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694644" ,
"uuid" : "200176a6-d502-4898-950c-b5f1ac32f33c" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "200176a6-d502-4898-950c-b5f1ac32f33c" ,
"referenced_uuid" : "dd666867-c1e8-4f2d-9ada-d47a2b83614c" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-8c6c-4589-9611-4b8f02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694641" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "10b84faf-3135-4d05-9c34-383ed28245e4" ,
"value" : "81e1332d15b29e8a19d0e97459d0a1de"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694643" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f3dcbc2e-da9f-44f8-b85d-105a7362d10f" ,
"value" : "0f11eca9d2b8d9e8f5d3cd2865ca2751ae8743d7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694644" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "b7c7a057-1ae2-4e03-a3a7-870eaba84cca" ,
"value" : "6465d869d3eecaed3f9093afaba14c78b46de0ed6783a6277f1e81b75e7862c0"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694644" ,
"uuid" : "dd666867-c1e8-4f2d-9ada-d47a2b83614c" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694644" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "1d7d47f4-ec42-4c47-a98e-d4243e8356a5" ,
"value" : "2018-09-21T10:51:40"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694645" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "a95d28db-33d1-4179-909c-144115d0fbd1" ,
"value" : "https://www.virustotal.com/file/6465d869d3eecaed3f9093afaba14c78b46de0ed6783a6277f1e81b75e7862c0/analysis/1537527100/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694645" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "735a7655-3838-4409-b979-995cd47bf900" ,
"value" : "42/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694648" ,
"uuid" : "d4363749-0e9f-48ab-937e-e7eece93189c" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "d4363749-0e9f-48ab-937e-e7eece93189c" ,
"referenced_uuid" : "5403d646-770d-4cb5-a224-bd7d33f29a39" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-db5c-45a2-96c5-433e02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694645" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "e2109215-8b35-4c73-984c-0c51151aa5cc" ,
"value" : "6a37ce66d3003ebf04d249ab049acb22"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694645" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f194e706-677a-41b9-83ec-cb1096760cb7" ,
"value" : "0f17f7607993ab7c7091aba196b9f79061203841"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694646" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "c5c63242-8dfd-4258-a3e4-6a863fe9d5ec" ,
"value" : "69025136e1845fffd9f2f35b087aa5a9423791abf3c259516332c141048d7231"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694646" ,
"uuid" : "5403d646-770d-4cb5-a224-bd7d33f29a39" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694646" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "b21a4376-2532-47a7-905b-00d0c8dea519" ,
"value" : "2018-09-22T05:59:46"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694647" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "41f43c56-2a3b-4068-9ddb-6818128423ca" ,
"value" : "https://www.virustotal.com/file/69025136e1845fffd9f2f35b087aa5a9423791abf3c259516332c141048d7231/analysis/1537595986/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694647" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "01cc3396-18f9-4194-8849-944b95875039" ,
"value" : "32/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694650" ,
"uuid" : "54431c61-b7fa-4db5-9ddd-fa46b90871e5" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "54431c61-b7fa-4db5-9ddd-fa46b90871e5" ,
"referenced_uuid" : "1972ab26-0e0f-472b-b3a4-05f32c6a32dd" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-1880-46bb-bb50-4d8b02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694647" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "512f304c-f280-48f8-b416-3a84261fbc41" ,
"value" : "1aca8cd40d9b84cab225d333b09f9ba5"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694648" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "fc5ad458-7bc3-4dba-9d7d-e161c034b27c" ,
"value" : "349e3085536de1ab124149e94efc4c4008545286"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694648" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "0e57f7f0-cd88-4225-b5d6-4df41ec88cf5" ,
"value" : "431f1baea52dfc8a2a23493bb55889261908bbd8f1eefe2fdf8ac569937f9f8c"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694649" ,
"uuid" : "1972ab26-0e0f-472b-b3a4-05f32c6a32dd" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694649" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "57ce629e-64d5-42de-b69d-11016ff1a91f" ,
"value" : "2018-09-22T06:51:53"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694649" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "2986d076-2350-41d7-bcbb-2a93dc02304f" ,
"value" : "https://www.virustotal.com/file/431f1baea52dfc8a2a23493bb55889261908bbd8f1eefe2fdf8ac569937f9f8c/analysis/1537599113/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694649" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "7102094b-3f06-48a7-b2f6-7ec8ea325a42" ,
"value" : "48/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694652" ,
"uuid" : "d3b9b550-70bc-4b05-b507-a7911c258e24" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "d3b9b550-70bc-4b05-b507-a7911c258e24" ,
"referenced_uuid" : "57bc1a5a-7459-4e99-9885-3bc537d052ff" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-24a4-4fc4-be9b-436502de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694650" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "96ace909-fe73-4af5-a495-682b4a1d9325" ,
"value" : "ec7e11cfca01af40f4d96cbbacb41fed"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694650" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "476f3410-1538-493c-8190-727b738d08c2" ,
"value" : "462bf1962f02c8c357c0940364cd70997dc7776e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694650" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "41540a1d-941b-4484-8626-7a06e0eebbf1" ,
"value" : "d7e85833739dc6ed8a3f54033d61cd30c4220ecdc2eb4d8f091b0367bf64f59c"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694651" ,
"uuid" : "57bc1a5a-7459-4e99-9885-3bc537d052ff" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694651" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "20114871-1d39-42dc-aedd-85b6f54d6244" ,
"value" : "2018-09-20T15:02:09"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694651" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "43e0fb84-6f36-4a31-a1cf-03655255013b" ,
"value" : "https://www.virustotal.com/file/d7e85833739dc6ed8a3f54033d61cd30c4220ecdc2eb4d8f091b0367bf64f59c/analysis/1537455729/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694652" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "9974c89d-b28f-4d29-a0c1-9cd3c54b43e2" ,
"value" : "31/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694655" ,
"uuid" : "08294d45-b4a1-4194-b9b4-bb765dbd463f" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "08294d45-b4a1-4194-b9b4-bb765dbd463f" ,
"referenced_uuid" : "99192dc5-3c81-482b-9e07-2e6f5eae5b33" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-9bfc-46dd-b9b6-47e202de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694652" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "3ce69009-badd-494e-b381-1eed3cecbc51" ,
"value" : "fccb13c00df25d074a78f1eeeb04a0e7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694655" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "56d625fc-db9b-4cde-b51c-0bcec8b85916" ,
"value" : "f72279b94387f073976cb7061741d849ba2a263f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694656" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "6a8c8e12-9565-4142-9638-1b7e9b47fc62" ,
"value" : "f704bd6f49ae93b350f0d90fdd761ab4c7574f2c4d290bd2c1282e23fe88f58e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694656" ,
"uuid" : "99192dc5-3c81-482b-9e07-2e6f5eae5b33" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694656" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "d4b119b4-581b-4439-b5c0-ae911413e771" ,
"value" : "2018-09-22T06:23:35"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694657" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "a69ece83-d944-47ee-b8a0-24746a1aa5e1" ,
"value" : "https://www.virustotal.com/file/f704bd6f49ae93b350f0d90fdd761ab4c7574f2c4d290bd2c1282e23fe88f58e/analysis/1537597415/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694657" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e8bf04d2-f79c-479a-a764-80ff37dba0e0" ,
"value" : "26/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694660" ,
"uuid" : "2f36441d-4dcc-49e2-82d7-c7f4ffc4d3f5" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "2f36441d-4dcc-49e2-82d7-c7f4ffc4d3f5" ,
"referenced_uuid" : "1666fac9-c4b0-469d-adab-f8e2dc1ca905" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-3a38-4bf2-8656-4f9902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694657" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "88689976-19b8-40e3-8e6c-98150853513d" ,
"value" : "2b5ddabf1c6fd8670137cade8b60a034"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694658" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "33b4b64b-9d6f-411f-9ecf-f60334c6c7b4" ,
"value" : "738278d8a376ad572aa5583516c0909c0089b7ec"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694658" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "d86cde51-5310-4fc2-8537-c76be1ba4f84" ,
"value" : "91bf714310d5e9a42122b41049072965043e1701c9aca3578e16876a886a68f7"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694658" ,
"uuid" : "1666fac9-c4b0-469d-adab-f8e2dc1ca905" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694658" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ab3f3848-5e7c-4476-b014-fe47608df2cf" ,
"value" : "2018-09-21T12:14:36"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694659" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5ed76317-4957-404b-ae58-f8e2fb822c82" ,
"value" : "https://www.virustotal.com/file/91bf714310d5e9a42122b41049072965043e1701c9aca3578e16876a886a68f7/analysis/1537532076/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694659" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "b2b89d80-1ba8-4f0c-aed2-c48e348bdf69" ,
"value" : "52/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694662" ,
"uuid" : "5606b9ce-f33e-4d9a-85ac-70a6bd0e845f" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "5606b9ce-f33e-4d9a-85ac-70a6bd0e845f" ,
"referenced_uuid" : "595c71e0-4fc9-43ca-9468-981dba632990" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-9764-4156-96f8-435902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694659" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "db95c5f4-3210-4e30-a1e1-24dbca47ab07" ,
"value" : "7c498b7ad4c12c38b1f4eb12044a9def"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694660" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "97d27f49-f2d4-409d-9e21-fde314358675" ,
"value" : "763f147337c71aa9f08a30b3626d40f870727195"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694660" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "8839d81e-1e82-4e28-943d-01bc94b9baab" ,
"value" : "994191fb7d00a7158931a34c26726574462253ff2b2453ce48591ab76f59444d"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694661" ,
"uuid" : "595c71e0-4fc9-43ca-9468-981dba632990" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694661" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "818ae21d-f82f-465b-8aa2-4613e89924e7" ,
"value" : "2018-09-21T18:14:47"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694661" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "54811721-96a2-4501-8d97-dea510bb1a0d" ,
"value" : "https://www.virustotal.com/file/994191fb7d00a7158931a34c26726574462253ff2b2453ce48591ab76f59444d/analysis/1537553687/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694662" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "d79190da-e590-4a59-8599-d63178992879" ,
"value" : "44/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694665" ,
"uuid" : "4d772880-84d3-4f35-a5f2-51e10ba2eb64" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "4d772880-84d3-4f35-a5f2-51e10ba2eb64" ,
"referenced_uuid" : "79093120-8a60-4b1d-8695-3071390f3c2a" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-eeec-40a3-8e70-4c2602de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694662" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "e3ff640f-d01b-4434-bdeb-bdb8d8f481d2" ,
"value" : "8abb22771fd3ca34d6def30ba5c5081c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694662" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "ce6e0130-7b52-49ae-b095-420dbe51bfaf" ,
"value" : "271d9ab0cc11dd45e8a85c8a986d70677e95f97f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694663" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "52c49dfb-17c3-45ff-b80a-748674ea0ba9" ,
"value" : "ee57f9e1319afcf4b37ca46ccf777cc97da94044059d794708817310d0a6bb9e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694663" ,
"uuid" : "79093120-8a60-4b1d-8695-3071390f3c2a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694663" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "d89df763-5687-457c-92f2-767e3455bada" ,
"value" : "2018-09-21T10:51:42"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694663" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "fbbefdf2-9b7c-445a-a49b-375db769c7a1" ,
"value" : "https://www.virustotal.com/file/ee57f9e1319afcf4b37ca46ccf777cc97da94044059d794708817310d0a6bb9e/analysis/1537527102/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694664" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "2ea8663f-b278-4024-bda4-bcb4eecbec7e" ,
"value" : "37/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694667" ,
"uuid" : "e328e0a4-924e-4b83-8c1a-ebf29203972b" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "e328e0a4-924e-4b83-8c1a-ebf29203972b" ,
"referenced_uuid" : "f68d805d-2ca3-42e5-abd6-b1f811644985" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-15f8-4924-a8f8-4c9402de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694664" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b919ae6b-8f30-4dc5-bd2d-adb33607a6d1" ,
"value" : "03d762794a6fe96458d8228bb7561629"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694664" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "dc4b5ec7-01aa-41d3-9e57-e6abd0ffc2a1" ,
"value" : "40c74e8748241099ed88c0b5e5a59591451c5f62"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694665" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "e22167ae-cb1d-4f83-89b7-59006ea9ffe9" ,
"value" : "95881013ec51a1a156ee32b5bdc43b108dc7494fb03472020c05ec1025bebe28"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694665" ,
"uuid" : "f68d805d-2ca3-42e5-abd6-b1f811644985" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694665" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f9a79c4d-f477-4dbe-b6dd-70e603030897" ,
"value" : "2018-09-21T10:51:07"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694666" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "d077e984-f5a3-4264-bc15-8afc1ab14de9" ,
"value" : "https://www.virustotal.com/file/95881013ec51a1a156ee32b5bdc43b108dc7494fb03472020c05ec1025bebe28/analysis/1537527067/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694666" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "4014253e-6237-45ec-86d2-4d1b348fbdad" ,
"value" : "52/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694669" ,
"uuid" : "aaa932f1-27fc-4b69-99e4-e9527513add2" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "aaa932f1-27fc-4b69-99e4-e9527513add2" ,
"referenced_uuid" : "36342d4f-ebe7-4272-bd15-6abd88981366" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-afb0-4f87-8a56-4e4602de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694666" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1577dd20-18d2-4eb1-8ae1-f0a7160f6cbe" ,
"value" : "250c9ec3e77d1c6d999ce782c69fc21b"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694667" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "40439b17-6145-4925-a4f6-e6cefe337393" ,
"value" : "b160ca664a5d3ba289a23cc4d3c66e9675975e43"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694667" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "83b41ba6-cbab-4785-86a6-d2be2a8b3e85" ,
"value" : "d5f6dc5af6665db971f1e5089bbca7bf6248e6639def261f56acfaba0da1861a"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694668" ,
"uuid" : "36342d4f-ebe7-4272-bd15-6abd88981366" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694668" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "d389151b-4a2b-44b4-b63e-3e8e6232a882" ,
"value" : "2018-09-21T18:14:39"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694668" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "d7223e27-fcc5-4d18-985f-b606d65ae736" ,
"value" : "https://www.virustotal.com/file/d5f6dc5af6665db971f1e5089bbca7bf6248e6639def261f56acfaba0da1861a/analysis/1537553679/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694669" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "07ef57cc-3095-4913-b26c-28c115e93324" ,
"value" : "51/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694672" ,
"uuid" : "e3c08415-3761-493f-ab5f-46a60c2b5830" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "e3c08415-3761-493f-ab5f-46a60c2b5830" ,
"referenced_uuid" : "d1dd2986-4d7c-45d2-b177-2a5ef49a1f1f" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-f4f4-41b1-849a-481702de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694669" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "378ea4cf-dd4c-4333-9e80-1a59780c0afc" ,
"value" : "ae004a5d4f1829594d830956c55d6ae4"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694669" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "aa8267da-13ab-4599-9709-449d64b7babd" ,
"value" : "a9baf3cf77485c0dfe3fc09188092aabb5f55bda"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694669" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "ca1cba75-85fe-48a0-a76a-e9f9155d66b8" ,
"value" : "0985e033c75049f93a6f07c9b2dc1e399ac9e6102d6058830776205c3ff32393"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694670" ,
"uuid" : "d1dd2986-4d7c-45d2-b177-2a5ef49a1f1f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694670" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "40bb842a-f4ab-44ce-9b5e-5a1e3bf38017" ,
"value" : "2018-09-21T10:50:33"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694670" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "bd662f96-080f-4e76-983d-f1381d11e10a" ,
"value" : "https://www.virustotal.com/file/0985e033c75049f93a6f07c9b2dc1e399ac9e6102d6058830776205c3ff32393/analysis/1537527033/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694671" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bec06257-8c73-46ac-a1a7-90c0e097d730" ,
"value" : "48/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694674" ,
"uuid" : "df0dc30f-3ab6-4bdb-97fd-61b70e505147" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "df0dc30f-3ab6-4bdb-97fd-61b70e505147" ,
"referenced_uuid" : "8532e44e-c664-4319-b177-4062d5e40a07" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-010c-41e6-8180-496202de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694671" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "5f011d58-7843-42f9-9aec-f08f99f208cb" ,
"value" : "5ee2958b130f9cda8f5f3fc1dc5249cf"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694671" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "544287ab-caa5-49f6-8e0b-4d0066119397" ,
"value" : "2786f2723c295212df70e08b07b5aafb584ba128"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694672" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "bc5dea12-469b-4b1b-af59-c89f175a0934" ,
"value" : "2a909e555249dc15fc8cb178da2526212c784cefde7f4fbc22eee089e11d060e"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694672" ,
"uuid" : "8532e44e-c664-4319-b177-4062d5e40a07" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694672" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "79d41dfc-041d-4155-8b81-e292cd1b9b33" ,
"value" : "2018-09-22T06:16:07"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694673" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "dc1d5b68-7e91-4ae1-924f-fea103db1a80" ,
"value" : "https://www.virustotal.com/file/2a909e555249dc15fc8cb178da2526212c784cefde7f4fbc22eee089e11d060e/analysis/1537596967/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694673" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e9998100-adac-4900-b3eb-7542ef8ae2e9" ,
"value" : "47/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694676" ,
"uuid" : "93fae3f6-e720-457e-a48d-2d3251e9047f" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "93fae3f6-e720-457e-a48d-2d3251e9047f" ,
"referenced_uuid" : "e6d14f75-48c0-421b-b621-16e2d93917c0" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-f0e0-42a5-a2d6-400a02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694673" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "3c462cde-91d4-42c4-b503-0510e49fac30" ,
"value" : "36c23c569205d6586984a2f6f8c3a39e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694673" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "c605a116-f327-4ce6-9cc7-c4cb218b2c6e" ,
"value" : "5e1e23239c8fbd89bf874ba64e696db4bb9fa44f"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694674" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "11715609-5d1d-481b-84d0-829aeb6b8c29" ,
"value" : "c84a6b692b472d78e0142d115cb09d15dfe4f2547686bb26c3b16c0f945ee0ae"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694674" ,
"uuid" : "e6d14f75-48c0-421b-b621-16e2d93917c0" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694674" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "c5809754-34ae-4fc9-8bac-91da2836a740" ,
"value" : "2018-09-21T10:51:24"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694675" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "97936639-3524-4b6c-99cb-cf2f62a93a40" ,
"value" : "https://www.virustotal.com/file/c84a6b692b472d78e0142d115cb09d15dfe4f2547686bb26c3b16c0f945ee0ae/analysis/1537527084/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694675" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "7d7fca0d-26ed-4945-9d9f-52816139112f" ,
"value" : "50/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694678" ,
"uuid" : "f721368d-152a-4a10-9f40-c1c015a8385a" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "f721368d-152a-4a10-9f40-c1c015a8385a" ,
"referenced_uuid" : "145158fa-6c29-415b-b0c9-b91bab07747f" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-c260-472b-a785-49f902de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694675" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "2d79691a-32f6-48c7-8edc-9d0146c5ca7f" ,
"value" : "b301cd0e42803b0373438e9d4ca01421"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694676" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "c7e728cd-557e-40c3-bf66-4e3eed6e3012" ,
"value" : "8ac255415efb6768a2136ff25aed6d32980a12c7"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694679" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "a0c1e57f-1eaf-4208-bf5e-c40baab1df0f" ,
"value" : "ee64447d7d51a0d474a6a363580c7e2f2b84143df30e5ade6152e9f6db1f4b16"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694680" ,
"uuid" : "145158fa-6c29-415b-b0c9-b91bab07747f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694680" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ceefe017-631d-40b5-b139-953c3deebb1a" ,
"value" : "2018-09-21T10:50:37"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694680" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "cd20ce2d-d4a5-4389-86c3-3b0d36ee27bb" ,
"value" : "https://www.virustotal.com/file/ee64447d7d51a0d474a6a363580c7e2f2b84143df30e5ade6152e9f6db1f4b16/analysis/1537527037/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694681" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "08493676-604e-4fa9-93cc-e358826c08a8" ,
"value" : "48/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694684" ,
"uuid" : "096d4d0d-d240-47e6-8f38-f27e8bbc8b42" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "096d4d0d-d240-47e6-8f38-f27e8bbc8b42" ,
"referenced_uuid" : "9dc55be7-4b0b-4242-8d39-af30c40210ff" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-a78c-4f65-ba60-46ca02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694681" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "a89c13ff-5cfd-4fdb-b950-493464e3ffcb" ,
"value" : "f0c29f89ffdb0f3f03e663ef415b9e4e"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694681" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "fc48f899-9ed8-46cd-ab7b-11a11bee3ac5" ,
"value" : "0ea9c43d6c99f7c11a4408fa9683421a42c6a2db"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694681" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7971e4a4-2296-4d2b-872d-a2c14c536c93" ,
"value" : "ebd1d8c2a5cdd803e4b59606feb9bc79f107983f9891855ac8c1e101f13f466f"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694682" ,
"uuid" : "9dc55be7-4b0b-4242-8d39-af30c40210ff" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694682" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "914fc52e-a7a9-4aef-8173-2fb01d37864e" ,
"value" : "2018-09-21T10:50:49"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694682" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "1e785c4a-36f2-4c39-9456-64c230c96d18" ,
"value" : "https://www.virustotal.com/file/ebd1d8c2a5cdd803e4b59606feb9bc79f107983f9891855ac8c1e101f13f466f/analysis/1537527049/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694683" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "a048c253-d3e9-457c-8a41-9311d77fd490" ,
"value" : "49/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694686" ,
"uuid" : "3712a790-eff0-4ee4-beb1-a56f89ce034a" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "3712a790-eff0-4ee4-beb1-a56f89ce034a" ,
"referenced_uuid" : "5e74a189-6e48-4dd9-853c-250b3832f28d" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-2e28-4890-a10d-4bb002de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694683" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "b5df7e68-6d49-4f31-8c03-e0a34ae88f2e" ,
"value" : "adc3a4dfbdfe7640153ed0ea1c3cf125"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694683" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "7bf5131e-2b18-42a1-833c-d3d3fe0788e0" ,
"value" : "6df96e6a5c25eede231b919892d01533f9507de8"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694684" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "1ba2e2b6-eb8a-4d69-85aa-cae829b1b16f" ,
"value" : "772a6005bd2a13ccd2f1e90ac4835c2a90718a9b7f331b9e822886ba6aefd6df"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694684" ,
"uuid" : "5e74a189-6e48-4dd9-853c-250b3832f28d" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694684" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "153f23a6-5806-48f7-a58d-61ec5ec29106" ,
"value" : "2018-09-22T08:09:08"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694685" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "8935fcb0-c586-4bea-b5b8-d8aa04cab820" ,
"value" : "https://www.virustotal.com/file/772a6005bd2a13ccd2f1e90ac4835c2a90718a9b7f331b9e822886ba6aefd6df/analysis/1537603748/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694685" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "bb89cf15-5539-4b7a-9bb5-bb2ea040e3f6" ,
"value" : "43/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694688" ,
"uuid" : "7410dfb2-70ca-4ad5-b3ee-08638d9953aa" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "7410dfb2-70ca-4ad5-b3ee-08638d9953aa" ,
"referenced_uuid" : "40b9a0ba-ec89-4ba3-ab9b-f0748c4e2a98" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-fcc8-47ea-b5ce-4c2202de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694685" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "a0c1b29b-d8cd-4ce9-a8f9-96ebf52243fc" ,
"value" : "9f9a24b063018613f7f290cc057b8c40"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694686" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "f3756ba3-c068-40af-900e-c39c085ebb5a" ,
"value" : "6e4cb7bc37185459006dd43c7c4ae9332df8466c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694686" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "b1e239c2-bd13-41c2-ab5c-fb2d30462f6d" ,
"value" : "2c2198a5e6070c1eefe7e8b0b7dfd2ca88410189c23c1bb55c7c37f092c2352d"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694686" ,
"uuid" : "40b9a0ba-ec89-4ba3-ab9b-f0748c4e2a98" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694687" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ce0e0300-168e-4d43-aa27-0f6a8fe33cc9" ,
"value" : "2018-09-21T18:15:35"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694687" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "39d7640e-d615-44ab-8472-0ce45c5b26b6" ,
"value" : "https://www.virustotal.com/file/2c2198a5e6070c1eefe7e8b0b7dfd2ca88410189c23c1bb55c7c37f092c2352d/analysis/1537553735/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694688" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "fd190951-615f-4d88-9995-ce86d08d6ee4" ,
"value" : "52/69"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694691" ,
"uuid" : "a4670dd5-f9d8-4d19-bb2a-dff62216e44a" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "a4670dd5-f9d8-4d19-bb2a-dff62216e44a" ,
"referenced_uuid" : "0739d18a-e6e0-4bed-a3a9-fee46f321ab5" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-5d2c-4ade-b8c4-41cd02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694688" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "50419e7e-d5af-48f4-948e-98f03b01b5f7" ,
"value" : "611cefaee48c5f096fb644073247621c"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694688" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "76b87e43-2333-493c-8488-0d3ed11930f7" ,
"value" : "3ea9e4a1a80d669b2279b563fccf4975f6e8a926"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694688" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "68cb7599-ee24-48e6-bdf2-6de5672e600a" ,
"value" : "93b821ba549a0817a9b4d1a5ee71ae94303dc12c3cae5f69109ec53ec467a149"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694689" ,
"uuid" : "0739d18a-e6e0-4bed-a3a9-fee46f321ab5" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694689" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "002a2269-8e22-4179-a104-00a215b425ac" ,
"value" : "2018-09-21T10:51:32"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694689" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "96de1a2c-ed2c-4f18-b203-c21e94ecda70" ,
"value" : "https://www.virustotal.com/file/93b821ba549a0817a9b4d1a5ee71ae94303dc12c3cae5f69109ec53ec467a149/analysis/1537527092/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694690" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "f832003d-bdf5-47e2-9393-ac13403831b8" ,
"value" : "46/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694693" ,
"uuid" : "302ff607-05ac-448a-9eca-9d105b53c7bc" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "302ff607-05ac-448a-9eca-9d105b53c7bc" ,
"referenced_uuid" : "466bd179-9a77-4b81-9711-4a8cc4618965" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-1cd4-4ec6-9dea-468a02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694690" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "329f585c-4299-4d8f-af20-05212f4813ab" ,
"value" : "07561810d818905851ce6ab2c1152871"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694690" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "06fc9d60-44e1-4da0-af21-8b36984d09d6" ,
"value" : "900804af148968f3bb18f94bc005b6bd6e7b0010"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694691" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "df024cf4-a8d5-4f4a-8071-3c37f5cc74e5" ,
"value" : "bcdf41a52496b9bb01b88b74bedba23b043380950109ec609c0c0a39ef708497"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694691" ,
"uuid" : "466bd179-9a77-4b81-9711-4a8cc4618965" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694691" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "f54c8fb8-3116-4fe7-8a93-572ceae6130a" ,
"value" : "2018-09-22T05:51:37"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694692" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "a75d89a4-f6c5-4c24-a197-04512cc83706" ,
"value" : "https://www.virustotal.com/file/bcdf41a52496b9bb01b88b74bedba23b043380950109ec609c0c0a39ef708497/analysis/1537595497/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694692" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "6b3d9083-f8cd-4bba-afb1-674b8cca381a" ,
"value" : "50/67"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694695" ,
"uuid" : "79cf1dc1-d9e9-4767-88b0-771dc3f40f51" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "79cf1dc1-d9e9-4767-88b0-771dc3f40f51" ,
"referenced_uuid" : "2e50616f-6b22-4dc4-b68c-202538996bbe" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-c890-4267-b434-43d102de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694692" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "ef638c63-8267-4be0-8f15-92ec4f9d48a2" ,
"value" : "c8755d732be4dc13eecd8e4c49cfab94"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694693" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "93b60e60-1d85-454e-9d7c-df2177d61c87" ,
"value" : "9578fc14ece54551022a72430f5ac0d0cc60b191"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694693" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "7ed50019-9e6d-445a-ad7f-94c934ea43c2" ,
"value" : "86e4f1d0e875d6571509477dfc73f2926b67aa0b47909bd9cdd778b4d3491404"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694693" ,
"uuid" : "2e50616f-6b22-4dc4-b68c-202538996bbe" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694693" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "ec46618a-9986-49df-b286-05a397ec7379" ,
"value" : "2018-09-21T10:50:41"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694694" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "e50200ff-fced-43cc-8954-022f3f5d6a59" ,
"value" : "https://www.virustotal.com/file/86e4f1d0e875d6571509477dfc73f2926b67aa0b47909bd9cdd778b4d3491404/analysis/1537527041/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694698" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "802b2b84-d12e-490b-bb60-b35c8bace9a7" ,
"value" : "53/68"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694701" ,
"uuid" : "7fb46cf4-5efc-4ca7-af99-e953213bb25a" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "7fb46cf4-5efc-4ca7-af99-e953213bb25a" ,
"referenced_uuid" : "1ccd1d7c-30d0-4939-b17d-986dd346f9c3" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694705" ,
"uuid" : "5ba75bf1-6510-44b4-b6df-473e02de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694698" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "1124be3b-afbd-4aee-bd92-889abeacbce4" ,
"value" : "31c81459c10d3f001d2ccef830239c16"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694698" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "0402acdb-7ac4-42bd-9c36-9093e1a79689" ,
"value" : "ad1bf1e9fb6fbf68a7961b1062c522f801772db2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694699" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "9512c9fa-65e6-4ebd-82ee-d06feacb782a" ,
"value" : "330ff6ce812231aa91fd25e00ba5e9bf4b371484643258ea44474651c6044904"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694699" ,
"uuid" : "1ccd1d7c-30d0-4939-b17d-986dd346f9c3" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694699" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "6b1f8f6e-4913-4952-a4cc-c80cc34cbe93" ,
"value" : "2018-09-21T07:16:08"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694700" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "bc779d7d-dab0-4eec-8788-6d6741b1e77c" ,
"value" : "https://www.virustotal.com/file/330ff6ce812231aa91fd25e00ba5e9bf4b371484643258ea44474651c6044904/analysis/1537514168/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694700" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "e82e2ce7-bd48-4403-aaf2-c6b445c3630b" ,
"value" : "38/64"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "File object describing a file with meta-information" ,
"meta-category" : "file" ,
"name" : "file" ,
"template_uuid" : "688c46fb-5edb-40a3-8273-1af7923e2215" ,
"template_version" : "11" ,
"timestamp" : "1537694703" ,
"uuid" : "bdc39116-dd56-4658-86fa-724720005ee2" ,
"ObjectReference" : [
{
"comment" : "" ,
"object_uuid" : "bdc39116-dd56-4658-86fa-724720005ee2" ,
"referenced_uuid" : "d339236f-6ff9-4a44-9d14-63fb3017a91a" ,
"relationship_type" : "analysed-with" ,
"timestamp" : "1537694706" ,
"uuid" : "5ba75bf2-f3a4-4f26-a55c-4ff702de0b81"
}
] ,
"Attribute" : [
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "md5" ,
"timestamp" : "1537694700" ,
"to_ids" : true ,
"type" : "md5" ,
"uuid" : "d7b30bc5-67d5-46fa-90e6-5053a67e5647" ,
"value" : "aa57085e5544d923f576e9f86adf9dc0"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha1" ,
"timestamp" : "1537694701" ,
"to_ids" : true ,
"type" : "sha1" ,
"uuid" : "3d47bc0d-3f69-44df-b575-69a1b9ad3bfc" ,
"value" : "7ffd8d6e12fb0e76b6364a648ab4acac39bc4dd9"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "sha256" ,
"timestamp" : "1537694701" ,
"to_ids" : true ,
"type" : "sha256" ,
"uuid" : "06216ca4-cad2-43d8-9d49-6d59a8b74562" ,
"value" : "d1a39587b2ca36f4b82c1a498d5ed4b1cac4da0961badf5c133f322cfe386231"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "VirusTotal report" ,
"meta-category" : "misc" ,
"name" : "virustotal-report" ,
"template_uuid" : "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4" ,
"template_version" : "2" ,
"timestamp" : "1537694701" ,
"uuid" : "d339236f-6ff9-4a44-9d14-63fb3017a91a" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "last-submission" ,
"timestamp" : "1537694702" ,
"to_ids" : false ,
"type" : "datetime" ,
"uuid" : "7492a876-caaa-4569-9ee8-d9661a2729b7" ,
"value" : "2018-09-22T07:57:06"
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "permalink" ,
"timestamp" : "1537694702" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "3ff093fd-00e6-4fc1-b946-46b18606eab3" ,
"value" : "https://www.virustotal.com/file/d1a39587b2ca36f4b82c1a498d5ed4b1cac4da0961badf5c133f322cfe386231/analysis/1537603026/"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "detection-ratio" ,
"timestamp" : "1537694702" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "68c7ae6f-7766-4a08-a07a-5b7cb499a68c" ,
"value" : "53/69"
}
]
}
]
}
}
