2023-04-21 13:25:09 +00:00
|
|
|
{
|
|
|
|
"Event": {
|
|
|
|
"analysis": "0",
|
|
|
|
"date": "2019-06-24",
|
|
|
|
"extends_uuid": "5d108ff9-9c70-4fbe-932d-acd8950d210f",
|
|
|
|
"info": "Related malware samples",
|
|
|
|
"publish_timestamp": "1561371130",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1561370873",
|
|
|
|
"uuid": "5d10a039-8c58-42e1-b663-4f85950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#004646",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "type:OSINT",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0071c3",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "osint:lifetime=\"perpetual\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#0087e8",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "osint:certainty=\"50\"",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2023-05-19 09:05:37 +00:00
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-e758-45c5-8eea-be4f950d210f",
|
|
|
|
"value": "68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-cc98-4df4-9b90-be4f950d210f",
|
|
|
|
"value": "e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-933c-4b80-b3ba-be4f950d210f",
|
|
|
|
"value": "fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-a8e4-4824-aa3d-be4f950d210f",
|
|
|
|
"value": "20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-3468-416c-8e0c-be4f950d210f",
|
|
|
|
"value": "42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-1650-4efc-9404-be4f950d210f",
|
|
|
|
"value": "fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a065-82f8-4a57-a0a5-be4f950d210f",
|
|
|
|
"value": "c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-ec78-4ac0-a1ed-be4f950d210f",
|
|
|
|
"value": "2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-a648-495f-bdc7-be4f950d210f",
|
|
|
|
"value": "d539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-1f30-4585-b9fd-be4f950d210f",
|
|
|
|
"value": "15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-8a58-47f6-9e3a-be4f950d210f",
|
|
|
|
"value": "f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-4750-4d8f-a53b-be4f950d210f",
|
|
|
|
"value": "d4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-3dac-4f3a-935a-be4f950d210f",
|
|
|
|
"value": "c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-3960-4e07-bd00-be4f950d210f",
|
|
|
|
"value": "06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-f440-4456-ae4a-be4f950d210f",
|
|
|
|
"value": "5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-03bc-4379-bffb-be4f950d210f",
|
|
|
|
"value": "74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-7c74-4dfa-b8e7-be4f950d210f",
|
|
|
|
"value": "75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-3c4c-4b6e-8554-be4f950d210f",
|
|
|
|
"value": "f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-19f0-4d1e-8ad2-be4f950d210f",
|
|
|
|
"value": "c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "5d10a066-12cc-44bd-850b-be4f950d210f",
|
|
|
|
"value": "b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Object": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370781",
|
|
|
|
"uuid": "67ed59a2-66f4-4c95-8b12-7679358cc061",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "67ed59a2-66f4-4c95-8b12-7679358cc061",
|
|
|
|
"referenced_uuid": "68ee7f9d-3892-4898-9f9a-27eb405ea646",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370793",
|
|
|
|
"uuid": "5d10a0a9-f388-477d-997c-487c950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "8586d59d-c51a-474a-974e-b884bc465958",
|
|
|
|
"value": "ca6924653317bdce9630b9489b4bf2cd"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "f6402c5a-9d0f-4e14-8c1e-9f6711817327",
|
|
|
|
"value": "41fb47451bf90062554d943e46c5658c17fec0c4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "c1749b59-bd4f-46f9-92a7-eef874eb535a",
|
|
|
|
"value": "d4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370782",
|
|
|
|
"uuid": "68ee7f9d-3892-4898-9f9a-27eb405ea646",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "2175b7c2-8d64-4b21-aff9-1aac433a7466",
|
|
|
|
"value": "2019-06-24T05:12:11"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "61210eca-a58d-46d7-8a3b-aca95eeb537e",
|
|
|
|
"value": "https://www.virustotal.com/file/d4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650/analysis/1561353131/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "f09efb6b-dd17-405b-8d5c-abdf89fd3e22",
|
|
|
|
"value": "14/71"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370782",
|
|
|
|
"uuid": "6b7dc6c8-405a-491a-941e-0838ac468eb8",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "6b7dc6c8-405a-491a-941e-0838ac468eb8",
|
|
|
|
"referenced_uuid": "27f8ac92-a4ae-40ae-8106-a2a1d3289cac",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370793",
|
|
|
|
"uuid": "5d10a0a9-7628-4c10-83a1-4d88950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "7eac7590-292b-4a09-9380-b08c13a1b970",
|
|
|
|
"value": "6af4f7d24b875d20966f5daff5fc531f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "b493c46f-21e5-4786-89e9-818b3cfe7a86",
|
|
|
|
"value": "99aff96b4a14c4ea03a62c73033db059d5b389d4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "bf0299dd-e94d-4700-89b1-2f57e42f7aa6",
|
|
|
|
"value": "15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370782",
|
|
|
|
"uuid": "27f8ac92-a4ae-40ae-8106-a2a1d3289cac",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "076476b4-bdf6-47c1-a5d3-5e4606eb1a4c",
|
|
|
|
"value": "2019-04-28T23:00:04"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "9547870d-47ea-40d8-ba0a-5edd03fdca6d",
|
|
|
|
"value": "https://www.virustotal.com/file/15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb/analysis/1556492404/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "280f530d-5636-4cd7-8d41-c4fc77b07e56",
|
|
|
|
"value": "0/73"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370783",
|
|
|
|
"uuid": "dc9a1181-16f6-4df6-ad77-b57aa97fb01b",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "dc9a1181-16f6-4df6-ad77-b57aa97fb01b",
|
|
|
|
"referenced_uuid": "02f369b7-41f1-4700-87fb-dc09d8e8c079",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370793",
|
|
|
|
"uuid": "5d10a0a9-b64c-4880-acd3-44ef950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "ed8e9983-29d4-4faf-a6bf-8969c325f56a",
|
|
|
|
"value": "f4f761d3bd528c62e654d6d781d52c15"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "ff618626-9840-4e9d-9f53-9583e0ba69b3",
|
|
|
|
"value": "c4238ff628940b8a6a043ceed83a1557cd8a672b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "8b350ef7-9be3-4357-8830-9933e366b208",
|
|
|
|
"value": "c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370783",
|
|
|
|
"uuid": "02f369b7-41f1-4700-87fb-dc09d8e8c079",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "dfd170ae-4fc0-42d1-b107-7c72e4bc34f0",
|
|
|
|
"value": "2018-03-07T12:27:14"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "1450d2d2-ca82-4fcb-bc64-55845f1f63f0",
|
|
|
|
"value": "https://www.virustotal.com/file/c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080/analysis/1520425634/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "4e0f19c4-7b1a-46d5-81d0-45192b3c5258",
|
|
|
|
"value": "0/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370783",
|
|
|
|
"uuid": "7efa6bfe-0403-4c88-9574-51082d33ae16",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "7efa6bfe-0403-4c88-9574-51082d33ae16",
|
|
|
|
"referenced_uuid": "db7648f2-19ba-4594-9798-579a888aa535",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370793",
|
|
|
|
"uuid": "5d10a0a9-34e8-46f4-b64c-4e77950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "c26b06fd-7dab-4086-9c39-7bc2e56d855c",
|
|
|
|
"value": "9345fecf6526dd824c4554a965fd8ed0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "55ede064-dcff-4f59-98f3-0817b2cbaed5",
|
|
|
|
"value": "b38f7ab840943d90886a11344ce5113405c57391"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "6c9e6c0f-d1d7-4cde-8c1b-2e51b606d97a",
|
|
|
|
"value": "5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370784",
|
|
|
|
"uuid": "db7648f2-19ba-4594-9798-579a888aa535",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "62dfe760-984e-4eb5-a5ff-b40f060b1640",
|
|
|
|
"value": "2019-06-24T08:14:05"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "aa2f957e-ddb4-4d0e-8ba6-4468225bf27c",
|
|
|
|
"value": "https://www.virustotal.com/file/5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0/analysis/1561364045/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "ab245b26-f046-49b8-b0e8-bc9ae1130357",
|
|
|
|
"value": "16/70"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370784",
|
|
|
|
"uuid": "90a41b1c-dd6f-4264-abc7-31372e4cb611",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "90a41b1c-dd6f-4264-abc7-31372e4cb611",
|
|
|
|
"referenced_uuid": "3b0fc520-fc60-4042-a9c3-0ed308468809",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-67a4-4c6a-ae04-4ef0950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "69f17482-7ffb-4cd5-8b65-62132693fad7",
|
|
|
|
"value": "236b4c24d8c21081b2d4555c97caf81f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "5618fddb-f4c4-4642-96e6-ac09a80505fe",
|
|
|
|
"value": "77c3f37021e1389f7f37942c1ac739e3d59903e3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56c52f04-95b1-4c79-a4af-6540fff00235",
|
|
|
|
"value": "42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370784",
|
|
|
|
"uuid": "3b0fc520-fc60-4042-a9c3-0ed308468809",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "971c0648-fcc4-41f3-abc9-ff1df83827ef",
|
|
|
|
"value": "2018-01-28T17:27:08"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "a58c70bc-5d01-4817-89ea-aea12d3be3a6",
|
|
|
|
"value": "https://www.virustotal.com/file/42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a/analysis/1517160428/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "a8fce262-c9be-464b-8e1e-bb25b2956003",
|
|
|
|
"value": "0/66"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370785",
|
|
|
|
"uuid": "c58b70f1-7199-48e2-9325-242b34f59df7",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "c58b70f1-7199-48e2-9325-242b34f59df7",
|
|
|
|
"referenced_uuid": "2363af85-ce15-4491-98ef-b5109c7f9e3a",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-9388-4868-aac7-4ed1950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "34f63394-7e14-498d-95b2-9573f78de733",
|
|
|
|
"value": "604ee583a7afcfe26850722702dcf71c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "1c63cafa-f886-4fba-976f-2b5b3f9b29a8",
|
|
|
|
"value": "4f94e277bb93dfa35b9aa9e7fe3fe506a60b2579"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "dfc4eb94-cf8b-4650-bd3e-6f1c60c99c64",
|
|
|
|
"value": "74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370785",
|
|
|
|
"uuid": "2363af85-ce15-4491-98ef-b5109c7f9e3a",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "275d7278-b07d-4caa-ada8-7692e08208ab",
|
|
|
|
"value": "2019-06-24T06:20:48"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "d48a2b53-ba80-4d2f-90a4-9211dba387c4",
|
|
|
|
"value": "https://www.virustotal.com/file/74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb/analysis/1561357248/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "4bd24e8b-cc6e-44af-93ed-6bba2a97926a",
|
|
|
|
"value": "15/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370785",
|
|
|
|
"uuid": "6c35f8b2-be3b-4ee0-86a4-44cadfe24502",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "6c35f8b2-be3b-4ee0-86a4-44cadfe24502",
|
|
|
|
"referenced_uuid": "db7ffcf5-82f6-4062-9e71-117cfa5e11bf",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-eaf0-4ffc-8b10-4c28950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e736d936-5e00-4896-98c2-0358f661d66e",
|
|
|
|
"value": "b4abcaa84aa2b70b029d875179e89a52"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "47f9620d-13e7-4425-83ab-74fb02a43006",
|
|
|
|
"value": "cd5afa7d5fb1976267f7892f530c90898463267d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "cf509beb-31f6-4547-a216-209d9d1614f1",
|
|
|
|
"value": "c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370785",
|
|
|
|
"uuid": "db7ffcf5-82f6-4062-9e71-117cfa5e11bf",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "55c7ea9a-022e-4858-a901-4ec28c62ed66",
|
|
|
|
"value": "2019-04-27T11:37:47"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "33e035a3-5323-40da-bdac-60c272341b93",
|
|
|
|
"value": "https://www.virustotal.com/file/c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8/analysis/1556365067/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "9e4db766-f7f1-4a86-b359-8787fec3abec",
|
|
|
|
"value": "0/72"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370786",
|
|
|
|
"uuid": "a3d8ece6-076d-4e93-817c-e52f99d7bc91",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "a3d8ece6-076d-4e93-817c-e52f99d7bc91",
|
|
|
|
"referenced_uuid": "ae889334-b1e2-420a-a6f9-fa7b9cac3dd4",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-5cc8-4bab-b828-43b0950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "3422d3b9-eb25-4481-9184-b9a3120f9df0",
|
|
|
|
"value": "29e033f7c1617337d8cea7e9b799b73a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "26a5f7bc-0968-4134-96c1-bfa16a6c3bb4",
|
|
|
|
"value": "26bb3217cbb55820aeb4a0b0769178646a96c7a8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "d5f7942b-df94-446d-b79f-35770926922d",
|
|
|
|
"value": "e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370786",
|
|
|
|
"uuid": "ae889334-b1e2-420a-a6f9-fa7b9cac3dd4",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "8959fdf7-2fdd-401b-a528-34d7382063c9",
|
|
|
|
"value": "2018-02-19T04:21:00"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "0d396da5-90ec-4157-b5d3-65ac0dbbd59b",
|
|
|
|
"value": "https://www.virustotal.com/file/e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb/analysis/1519014060/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "b24e2232-b534-45c9-a424-0120603d130a",
|
|
|
|
"value": "0/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370786",
|
|
|
|
"uuid": "c65542a4-ff6d-4b6e-ac43-250a1934f1ca",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "c65542a4-ff6d-4b6e-ac43-250a1934f1ca",
|
|
|
|
"referenced_uuid": "065b2da9-fbc7-437d-9f97-12708be65916",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-d79c-4569-ac89-4d70950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e1160f96-c01b-41bf-b233-1482dc9dd545",
|
|
|
|
"value": "3fa74cef2a744af4658a8a637079fdea"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "be42653d-37e9-4e7a-bb0e-ceefb42f91e3",
|
|
|
|
"value": "dabbca5b727e1778bcea0d0c7064ba0e582c8dc3"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "fdde038d-8bef-45db-8b3e-dfb74d981ed8",
|
|
|
|
"value": "06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370786",
|
|
|
|
"uuid": "065b2da9-fbc7-437d-9f97-12708be65916",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "2ce98037-8e93-47c7-8ce0-d90847571b9c",
|
|
|
|
"value": "2019-06-24T07:23:57"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "8a2245af-145f-4f8b-b0db-b637337c8f60",
|
|
|
|
"value": "https://www.virustotal.com/file/06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e/analysis/1561361037/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "48b46bda-a8d6-4f5d-879b-c9dbae138dff",
|
|
|
|
"value": "9/70"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370787",
|
|
|
|
"uuid": "ca75b7ba-1603-4c52-8509-c0416e6a8d75",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "ca75b7ba-1603-4c52-8509-c0416e6a8d75",
|
|
|
|
"referenced_uuid": "52acc3e5-56f7-4a09-9b95-111eadc88a30",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-1b44-445d-b323-4591950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "befa21f9-9b79-428e-b568-700b6093de21",
|
|
|
|
"value": "8989672db4d283f6c8e5b97eda426ef4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "747c753f-de52-4f2f-88fd-1762dcb6353f",
|
|
|
|
"value": "7cae4abd0b632e822d3163bf62435e658cab76c4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "0124b086-09f4-40b1-9cb1-152082f73346",
|
|
|
|
"value": "c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370787",
|
|
|
|
"uuid": "52acc3e5-56f7-4a09-9b95-111eadc88a30",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "42011254-d61b-4f92-9e90-b80437193e7e",
|
|
|
|
"value": "2019-06-24T08:53:28"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "1835e037-f81d-4163-a750-6bcc104b4b91",
|
|
|
|
"value": "https://www.virustotal.com/file/c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3/analysis/1561366408/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "8812b962-73d6-48da-be8a-657181a5aaba",
|
|
|
|
"value": "9/72"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370787",
|
|
|
|
"uuid": "b7b34087-2523-4f90-834c-4c39d1f9fd80",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "b7b34087-2523-4f90-834c-4c39d1f9fd80",
|
|
|
|
"referenced_uuid": "3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-af10-4af6-9318-4e59950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "192c900f-f0c7-4424-9b11-465c403ede4e",
|
|
|
|
"value": "daf9990d0087f355bd48691d7aa7fec2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "df7fe1db-8255-4604-a76f-3acaf6e47fd5",
|
|
|
|
"value": "42663d524bc1d0e061544a7d441708f632cc5b0b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "71e0c89e-e7d0-4222-b1c1-b7abd391edaf",
|
|
|
|
"value": "fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370787",
|
|
|
|
"uuid": "3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "dd981624-faca-4657-86b9-ea74065a9534",
|
|
|
|
"value": "2019-01-31T13:31:28"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "d36e55a7-e915-4592-a1f6-b12f80d964ca",
|
|
|
|
"value": "https://www.virustotal.com/file/fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae/analysis/1548941488/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "43784ef4-34c5-4325-b1f8-be94f3324b99",
|
|
|
|
"value": "0/71"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370788",
|
|
|
|
"uuid": "c8c8015e-e4f3-4972-9e38-68844fc75b94",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "c8c8015e-e4f3-4972-9e38-68844fc75b94",
|
|
|
|
"referenced_uuid": "33dd33ef-deb9-45a1-86ef-a95c874fe704",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-792c-4346-bfa5-4ad5950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "f9f03165-68d1-4df0-8502-81031f43be43",
|
|
|
|
"value": "785a43c266110a23eeda98d025ee8355"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "e41f8c0e-758f-4023-82a4-04600cdb99f5",
|
|
|
|
"value": "e361ccf82aeacc043b6b96a4d9bff52e2faabce8"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "9fa7cf2f-5c8b-4731-a3d1-4ee2d8cf041e",
|
|
|
|
"value": "2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370788",
|
|
|
|
"uuid": "33dd33ef-deb9-45a1-86ef-a95c874fe704",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "cf38cd9c-89f6-47d2-9656-884640682d9b",
|
|
|
|
"value": "2019-06-18T23:15:53"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "dd0cbb07-4ab3-4c9a-a69d-2ddd63446f33",
|
|
|
|
"value": "https://www.virustotal.com/file/2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a/analysis/1560899753/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "b026bd6c-d16b-4765-bf2a-f1b2ddd0c436",
|
|
|
|
"value": "0/70"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370789",
|
|
|
|
"uuid": "6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd",
|
|
|
|
"referenced_uuid": "21605925-6731-40ca-839d-27014ce56478",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-8394-4377-a827-4618950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "83c8af0f-be9d-48d7-abf5-f923d9f662bc",
|
|
|
|
"value": "e51f59de0ec12c91bfc0781c19b56d46"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "3f75bb5f-bd35-4c5e-a4a2-44c191ce1f94",
|
|
|
|
"value": "0599bcee54874f5549c9ec322ce39958fc940cf6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "d2749c68-1837-4d16-aed2-30895bd5cb8c",
|
|
|
|
"value": "f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370789",
|
|
|
|
"uuid": "21605925-6731-40ca-839d-27014ce56478",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "e0cd214b-b04b-4df9-84e1-8456e27ae039",
|
|
|
|
"value": "2019-06-24T06:02:33"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "c99de52c-6122-4026-9416-4599a493ae3d",
|
|
|
|
"value": "https://www.virustotal.com/file/f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4/analysis/1561356153/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "4d61cfce-0b8a-4d19-a2c4-1c82908fd964",
|
|
|
|
"value": "18/69"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370789",
|
|
|
|
"uuid": "fa65035d-0778-4816-b10f-b68db668549c",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "fa65035d-0778-4816-b10f-b68db668549c",
|
|
|
|
"referenced_uuid": "74c01042-8a35-49a1-8d8f-3bf768d9ad88",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-a53c-4184-bf87-4b4b950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "88067f32-c618-491b-b518-f7ccfa602149",
|
|
|
|
"value": "75c404a2f5ec2bc7fa97609d6f3cd79d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "c46aebfd-5ee0-4cf1-9fdd-0b59b85bf4f4",
|
|
|
|
"value": "111041a42ec79e4c585ad21266a0d0642f892017"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "d9db3264-827b-4f40-a0f1-0456c352be09",
|
|
|
|
"value": "75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370789",
|
|
|
|
"uuid": "74c01042-8a35-49a1-8d8f-3bf768d9ad88",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "7cf1c4ba-f81d-471b-b6e1-d2ebb5b74820",
|
|
|
|
"value": "2019-06-24T07:33:28"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "30bb1459-9ebd-4deb-8245-4a73daef88e4",
|
|
|
|
"value": "https://www.virustotal.com/file/75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b/analysis/1561361608/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "5c81c225-7d7c-4fbb-912e-8bff50a2773e",
|
|
|
|
"value": "15/70"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370789",
|
|
|
|
"uuid": "1ce52f7f-f76b-421c-957d-461143d8f1db",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "1ce52f7f-f76b-421c-957d-461143d8f1db",
|
|
|
|
"referenced_uuid": "6306d01a-00de-483a-b6fb-b82582968cbd",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-c934-44d2-bd2a-4ea1950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "bd2680d2-0746-4e62-becc-c1a74a3f8b1e",
|
|
|
|
"value": "469012ef3f2f35bcdbd0b72e8cffa0a0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "055e3f40-9f2e-4fac-aa16-684ae4f66bab",
|
|
|
|
"value": "4d983189d089865b14a7870d59a761bc352afd7e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "66f9ad65-2195-468a-8d21-f33d65fd3772",
|
|
|
|
"value": "20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370790",
|
|
|
|
"uuid": "6306d01a-00de-483a-b6fb-b82582968cbd",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "49f7b085-7537-486a-91c9-7424b5aec7b2",
|
|
|
|
"value": "2018-03-28T13:26:47"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "39e8d20b-60c9-4372-af38-9eb6fbadef38",
|
|
|
|
"value": "https://www.virustotal.com/file/20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596/analysis/1522243607/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "a274d2ce-f7cb-4e03-ae3e-01a11b934d98",
|
|
|
|
"value": "1/58"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370790",
|
|
|
|
"uuid": "ffe83192-dacd-4f72-a61b-b20d25900bf5",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "ffe83192-dacd-4f72-a61b-b20d25900bf5",
|
|
|
|
"referenced_uuid": "cece1d62-a9ee-415c-b2d2-f336e70d73c8",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370794",
|
|
|
|
"uuid": "5d10a0aa-a510-4fa9-bb4e-480d950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e7b72d59-7839-4fb0-9fab-5690c1887c06",
|
|
|
|
"value": "810758799934c8a3b6560e572beb303b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "3fe0f6ce-f12b-4090-bf6e-5305e0da399f",
|
|
|
|
"value": "e1d16422934f30f35427acd7b044537d01c5392f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "fff548ae-1072-4e3c-a9d5-6e92ef7f6e12",
|
|
|
|
"value": "fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370790",
|
|
|
|
"uuid": "cece1d62-a9ee-415c-b2d2-f336e70d73c8",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "c79f56f3-fd19-4ee0-87c9-deda5bfbd0a3",
|
|
|
|
"value": "2018-12-24T02:49:43"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "03efdde6-41a1-430a-a188-c9f6e4e2074f",
|
|
|
|
"value": "https://www.virustotal.com/file/fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1/analysis/1545619783/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "c612000d-f886-4fb5-9b38-6f65356b010f",
|
|
|
|
"value": "1/71"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370790",
|
|
|
|
"uuid": "c10ef3c3-4023-44e9-97bc-923cce79333f",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "c10ef3c3-4023-44e9-97bc-923cce79333f",
|
|
|
|
"referenced_uuid": "47d0ede0-654e-455f-88d8-a9437d6de5ee",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370795",
|
|
|
|
"uuid": "5d10a0ab-57ac-478e-83ff-48a8950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "992acf85-0d84-4342-bb7c-499d7e387c16",
|
|
|
|
"value": "047ea9967c5a424401e2363a00420b9c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "0eefa996-a99f-4dd0-bc75-3c0cdd5b85bf",
|
|
|
|
"value": "7b69ccfa700fab951c964a2b58e37245a0c8185e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "d8d0725a-8873-462d-8bb9-4e5eea190a09",
|
|
|
|
"value": "b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370791",
|
|
|
|
"uuid": "47d0ede0-654e-455f-88d8-a9437d6de5ee",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "7ba9b985-86bd-4a6e-a487-7e63c7a796dc",
|
|
|
|
"value": "2019-06-24T01:45:48"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "0eb9a820-da56-4eae-8107-aa57874b34ed",
|
|
|
|
"value": "https://www.virustotal.com/file/b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230/analysis/1561340748/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "69d3c2ec-4045-48ee-b2e8-f1f29fe44543",
|
|
|
|
"value": "10/67"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370791",
|
|
|
|
"uuid": "88ff7349-f299-4e93-bbd6-e20983e8ed8e",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "88ff7349-f299-4e93-bbd6-e20983e8ed8e",
|
|
|
|
"referenced_uuid": "d91e91e4-1a4a-45f6-8711-5d1490d26630",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370795",
|
|
|
|
"uuid": "5d10a0ab-7b04-4083-a228-4cef950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "7eab2888-2edc-439a-8533-afc840fc2d3e",
|
|
|
|
"value": "fa0cb1b4b7ccf8b8103961bbb3389799"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "c209d110-2bc5-482d-a32d-d21a96648a7d",
|
|
|
|
"value": "9434b5c1961f80fb309686f055cf5a6fca33e584"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "90262cc4-94a4-4160-ba2a-faf0161302bc",
|
|
|
|
"value": "f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370792",
|
|
|
|
"uuid": "d91e91e4-1a4a-45f6-8711-5d1490d26630",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "a090ceea-b605-4cc3-9c8c-27437e17c6f3",
|
|
|
|
"value": "2019-06-24T05:12:05"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "892baa9d-d0ba-4a2e-9da4-078533e365fe",
|
|
|
|
"value": "https://www.virustotal.com/file/f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac/analysis/1561353125/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "6e17e7c2-db13-4da4-a44e-1398a232bc83",
|
|
|
|
"value": "17/71"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370792",
|
|
|
|
"uuid": "f644c6a7-515d-4dfc-8680-17f45d376d0b",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "f644c6a7-515d-4dfc-8680-17f45d376d0b",
|
|
|
|
"referenced_uuid": "81d23148-fa66-4de6-b534-ca97bc2763cd",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370795",
|
|
|
|
"uuid": "5d10a0ab-f944-468e-833e-4803950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "c9e370b3-bce1-42fa-ad5b-479724870caa",
|
|
|
|
"value": "c756e930fe90463d8cc05eeb791b7003"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "6ec02db9-b7f7-4e2d-a107-a85e0fca049e",
|
|
|
|
"value": "bd1ccc005b794e8e009c347837bb2d520de222fa"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "6ff57838-caa7-48cc-a4fa-115bd4c9c8af",
|
|
|
|
"value": "68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370792",
|
|
|
|
"uuid": "81d23148-fa66-4de6-b534-ca97bc2763cd",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "21b67394-c1d9-4e0e-bf9e-2ea93014d08e",
|
|
|
|
"value": "2019-06-24T09:11:31"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "d5e34d6b-e6c9-419b-9be6-fd4d6a4f51a7",
|
|
|
|
"value": "https://www.virustotal.com/file/68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602/analysis/1561367491/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370725",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "2b4942ef-85a4-402d-bf1c-a7cebf289d06",
|
|
|
|
"value": "14/69"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
"meta-category": "file",
|
|
|
|
"name": "file",
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
"template_version": "17",
|
|
|
|
"timestamp": "1561370792",
|
|
|
|
"uuid": "ad82fd5d-18fa-41dc-9415-0c43b49f757d",
|
|
|
|
"ObjectReference": [
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"object_uuid": "ad82fd5d-18fa-41dc-9415-0c43b49f757d",
|
|
|
|
"referenced_uuid": "043507f2-5a95-46e8-ae78-ea3a943a5dc5",
|
|
|
|
"relationship_type": "analysed-with",
|
|
|
|
"timestamp": "1561370795",
|
|
|
|
"uuid": "5d10a0ab-1348-446b-832b-4c53950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "md5",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "e9667606-4b35-48f2-bf77-7298cafc09d7",
|
|
|
|
"value": "b9fbb85b713a6a9df88592fb0a66cf20"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha1",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "58ee3dd9-6995-40f5-a20a-e3ebc29d06c0",
|
|
|
|
"value": "5773cd6c7300a18e3b2e60531f9033ad7a047563"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "sha256",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "9406935d-eb75-4b25-b535-1b3427535115",
|
|
|
|
"value": "d539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"description": "VirusTotal report",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"name": "virustotal-report",
|
|
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
|
|
"template_version": "2",
|
|
|
|
"timestamp": "1561370793",
|
|
|
|
"uuid": "043507f2-5a95-46e8-ae78-ea3a943a5dc5",
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Other",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "datetime",
|
|
|
|
"uuid": "4c906868-98d4-40b8-8213-f3754a672419",
|
|
|
|
"value": "2018-03-03T05:33:38"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "6fd2097c-6a87-4a21-a372-a4678498ee64",
|
|
|
|
"value": "https://www.virustotal.com/file/d539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983/analysis/1520055218/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"timestamp": "1561370726",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "text",
|
|
|
|
"uuid": "a6b829f7-6716-4ad9-8b6e-cff5973d7206",
|
|
|
|
"value": "0/68"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|