2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
|
"analysis": "0",
|
|
|
|
|
"date": "2016-03-02",
|
|
|
|
|
"extends_uuid": "",
|
|
|
|
|
"info": "Malspam collection (2016-03-02) - Locky, TeslaCrypt",
|
|
|
|
|
"publish_timestamp": "1456928315",
|
|
|
|
|
"published": true,
|
|
|
|
|
"threat_level_id": "3",
|
|
|
|
|
"timestamp": "1456928111",
|
|
|
|
|
"uuid": "56d68f5a-adc8-4d6b-a688-5e5d950d210f",
|
|
|
|
|
"Orgc": {
|
|
|
|
|
"name": "CIRCL",
|
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
|
},
|
|
|
|
|
"Tag": [
|
|
|
|
|
{
|
|
|
|
|
"colour": "#3a7300",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "circl:incident-classification=\"malware\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902057",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d68fa9-67bc-4e3f-9d37-4df3950d210f",
|
|
|
|
|
"value": "soclosebutyetqq.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "(sic!)",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902058",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68faa-ab68-409e-acc6-4df3950d210f",
|
|
|
|
|
"value": "ohellowruff.com1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902058",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d68faa-4b44-4bce-9887-4df3950d210f",
|
|
|
|
|
"value": "emotos.ru"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902058",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d68faa-2284-4e80-9d56-4df3950d210f",
|
|
|
|
|
"value": "thisisitsqq.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902059",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d68fab-3090-4d0b-867a-4df3950d210f",
|
|
|
|
|
"value": "ohellowruff.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902059",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d68fab-ff04-473f-a8c3-4df3950d210f",
|
|
|
|
|
"value": "rmdszms.ro"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902059",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "56d68fab-c684-4c89-8890-4df3950d210f",
|
|
|
|
|
"value": "zarabotoknasayte.zz.mu"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902060",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fac-b164-4815-80ff-4df3950d210f",
|
|
|
|
|
"value": "5.101.152.80"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902060",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fac-e368-4932-babb-4df3950d210f",
|
|
|
|
|
"value": "104.232.35.31"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902060",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fac-9264-4a71-9150-4df3950d210f",
|
|
|
|
|
"value": "50.3.16.250"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902061",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fad-6bbc-436a-b43a-4df3950d210f",
|
|
|
|
|
"value": "89.34.72.228"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902061",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fad-1638-4f79-93cd-4df3950d210f",
|
|
|
|
|
"value": "173.82.74.197"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902061",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d68fad-2c0c-4dec-8273-4df3950d210f",
|
|
|
|
|
"value": "91.196.50.241"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902062",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68fae-ab18-4d06-81ff-4df3950d210f",
|
|
|
|
|
"value": "http://soclosebutyetqq.com/69.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902062",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68fae-6e20-48af-b6bd-4df3950d210f",
|
|
|
|
|
"value": "http://thisisitsqq.com/80.exe?1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902062",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68fae-319c-4c84-a168-4df3950d210f",
|
|
|
|
|
"value": "http://thisisitsqq.com/69.exe?1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "(down 2016-03-02 08:05)",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902364",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68faf-e818-4eb3-9677-4df3950d210f",
|
|
|
|
|
"value": "http://emotos.ru/admin/model/87yhb54cdfy.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902063",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68faf-53bc-44db-a32e-4df3950d210f",
|
|
|
|
|
"value": "http://rmdszms.ro/2/87yv5cds"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "(down 2016-03-02 08:05)",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902425",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68faf-fe94-43b8-8c65-4df3950d210f",
|
|
|
|
|
"value": "http://zarabotoknasayte.zz.mu/7/sh87hg5v4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902135",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d68ff7-326c-41b2-81b3-5e5f950d210f",
|
|
|
|
|
"value": "http://ohellowruff.com/69.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAFw4YkhGQwjPBwQAAH4IAAAgABwAYjU3NDI0Njg0NDE5NTYwZjE2NjM1YzQwM2Q0ZjkyNDBVVAkAAyCQ1lYgkNZWdXgLAAEEIQAAAAQhAAAAW70Tx/gfStewGpkfXyh/fAQzzK3EVsMNgEOABlCQ/oxjTDSnhT1A90R+SqPy4qLIlnHYJtREPevA3zGwD/+f1uOa31h0AZ8cVcTra9SvBAe6SGM9rr3Bx3LVSSU3gLZCOw0E62TaXa/epLYypPahtfuIAkbx0a5UtVMg0lDDSH8uLdLhwQSn8dFweFsNhi7+z3vXhFNhviMlN1zEyXEWaVbs4WE6EQVXJapzSRbLRnN9Ih519hnT8UDkVXy34v32uZhKW888wWmq+avx6lJAqd+RsiLUNaW6v7QyzUoofW/3jUx4sL3NYedXDGS1xTBfIvcWt13/GxUP+BsdH/xLds2uZrZpdyI4b0nDJlKTkWt4cyQ8ydyt/mEGWymSHtnI1q066KGY8qanQIlwnvQ5wxwbEcDR9TDnZrIzIVFYewXDiQOwBnwHcvHVQTPFPT0SJ9Va1WXYQnH2zvDt6MsBG7hwcUaOyygJRJvFHJVZ+U6+73D0Ed/LT+jSr+jq9l/CMRTV21TXWuPgORxjMSwZ7BOy7MtDQoJf779O7HrcO+x3O5w7AZuyLSR6ZyDrEBVMSFEoSFgD/i1IJCUnmbJwY7Wggcp3aA1vLU/HvilvmccGSTmoCQavGZrZS6oYuiLDYt1ZoyA3g2skgs0awNTCHswVHuwDNYo6G2sihQG/dOSU1NgQkI6QpPhAyvqWBgxi1sp7GCVm4zvG10Ya3Te7Untch4Skz2wGBpzya/qz3JHB5Qm+5A5JjHXtozMYi+I+Dwt1LczIR0PW1kniEZoVSvMvGZaWEnuzJ0X1A7WOFMqFrHA7Xrb2CFHSM9myYKox98vcm9prkcfzuNqGAWsgJ4CK9v3FN9abRpyliYDfe5tu16+HM5TSCrQSL0zHX+RVZ9iFLS68sa649ip7fWThB1CdIE1B8ar+dZjMM7Yh7kFSdUqoX+95R/d7kvYI+QOJNoyf43TnNmrarOH7VCClPVqFZJDKqsrBqLgioje2PCgXgHic8G7LCasdSYuTh2RaizUD8p5Kq0Z6D+kuvftb6VbPS40tr8ZTLOHKnnqgFF/ObOqqz+cZCCme7TcQpP7IUpvNi/TUndvE0JmK3Egz0VybJS8WBOl+xXBSXVQPuDoVBym/o9M+UZBEKihMsgp+jEF0uOAqpAKl+093hsooFNG3P0R0HWX7R5EIrQYlbuPXRerMt9OZjgJAopnUpU95H1kBpNK0wwGfJt39YhZpRZv/aEAMOQH9ZSncWNtKYgsveeDqLKfVZXnvtofAAoSjNoSA9/jEEjTb9ZmJdPjt3abywc1uWlqf1yn8q2cDdIRQQaukXWkQkgCV95O4ZVXhbilGxk3L/DsxvJered8ia20yrlYPL2dQSwcIRkMIzwcEAAB+CAAAUEsDBAoACQAAAFw4YkiJ8juaHAAAABAAAAAtABwAYjU3NDI0Njg0NDE5NTYwZjE2NjM1YzQwM2Q0ZjkyNDAuZmlsZW5hbWUudHh0VVQJAAMgkNZWIJDWVnV4CwABBCEAAAAEIQAAAGhKQh1tp0bWfTg+YshK5S5vODq17Pgld7M02llQSwcIifI7mhwAAAAQAAAAUEsBAh4DFAAJAAgAXDhiSEZDCM8HBAAAfggAACAAGAAAAAAAAQAAAKSBAAAAAGI1NzQyNDY4NDQxOTU2MGYxNjYzNWM0MDNkNGY5MjQwVVQFAAMgkNZWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAXDhiSInyO5ocAAAAEAAAAC0AGAAAAAAAAQAAAKSBcQQAAGI1NzQyNDY4NDQxOTU2MGYxNjYzNWM0MDNkNGY5MjQwLmZpbGVuYW1lLnR4dFVUBQADIJDWVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAAAEBQAAAAA=",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902176",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69020-93d4-4925-bf67-4df2950d210f",
|
|
|
|
|
"value": "msg.476085627.js|b57424684419560f16635c403d4f9240"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902177",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69021-f46c-4774-b64c-4df2950d210f",
|
|
|
|
|
"value": "msg.476085627.js|aaf4cc77baf04b2eb528dc78a3da63315bca2e83"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902177",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69021-2e78-4ef4-94e6-4df2950d210f",
|
|
|
|
|
"value": "msg.476085627.js|84cc775d34761e2f653b883abbd6af770001888258baa01cc18bcdc5c0079b85"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAF04Ykh+IgwlIwQAAFQJAAAgABwAZmI1ZGI0N2IzYTZkZWI1NWQ0NzY0ZTY5N2JkZjUwYTFVVAkAAyKQ1lYikNZWdXgLAAEEIQAAAAQhAAAAW70Tx/gfStewGpiOeZRYhU3lOalJ/H5tKq4cx0+T2c+9vP1kWxPYgdWwK6YS6uLaf1Biqwn7eL28Fbz7ETZfQcVFZfjWtF3l1IjJXCVfnoHz07ziT9Qu8n7pQuPgvcQZib0q+qlx/hzzMkPSXRS7sP9X0fT6XR/6rtdczcHJ6ypbp81PS9neyHnBO5eBogGw9HM7+cH2be75vNXkpYIKqfMM7uTrIV5BRfMmszOBvCS2Plv75xe+Zm+mwvok3drXjkZrWrjknfkDAgPMk4uLhYRTU0vmGZT62vBHLfg9VP2Rnps30uV3Vwn5CH5Mx691UQGSMA06ipSfPWPAjIvKWi8zn3dIEQpeBxfDaijkjlhKuD8CCGfPpgozzTLLv5IRDEX3JCRiZnz6XF4I7PGwBDLdtHYnBrXupJPKVqnZEXls4M+FRM6AdjV4tRJhjEQxTZOe8qHYKM4al/fmtOK+1k+ZChDTW3CwbKif4l93J4bUsDUhuYytVlYzKrgcp7Zf10WezgQ9OhHXbNNNoR4joZ0r5zfqdfXhReD9VJG2+m9rpscperrXFLTIE8H/7plf86thtsSrIR1teVhb9xFwpQ+cpPCQT0av9/6TnBRC8AbCDXh/otjuu7iezoo5NYBts0x9gynaEGOFC0/mpQS2b8UTaXO8F82xYHp26zQvrOafaiGeRuVDOpAbIQuKpMDf+gUYEpuBIxkYfVSBIsCrPkAV2vNaMaM1Kv39xXf2jFfGLXRfwDxsmZq6L3j9GJXs2SGJbD0U4MpjPkHVl1zdY68BAE6FjOx9JnDH8J1OTZ/Uio1gaf1kWNPprOCsrkf8s6Qswe5jHlePhU6TpLGV0SLN+ggeoiTkQyorQCtlEpAH9lh/u0xtqcGK8qoX8KfFxNANrGcKEe9Uo1ui3DG8nP4/zz0/l1J5yxSoKQ4ajIFXJrVvb7egw60T4Em3jrXm2mAaeE89MZES6o3CP+Px40uR0Uub45kV+0KC3WQ4mjkwDg9tJvCIhp8TN2lZJrS31Tp3EmnwhuTbYP4cIUdhcEAFzJ2/Od12Z+5kVlH2S1zNUyXutb/OUbEECMjTnYch99hUtYHS10NdZgb9xhrfXjnJh0WJFk96uMbdXRxIk1wpCVY7DZYl2ISwfhwM0V7N9H+SErtSZ3Rr0BIbEg7pITpFCEM80Cy4aslZb80x//q7/3VTAQjSJC7FPO6oHK6NDJrPEAy9zWsJZvQ+GEknX1ekuPVdiFt3vPoGNxQbYrvaSVW9pt4YZPNd6a9aoeQxWcohQqXxilPDkDaTYXkQhn+TbjazgqQGaKTIJ7YpO8GjDMQy2XX7RxXkr1pCbfrWUbbnCGmTFJYkvGI0qM/wjAWFLh8qK+Ii4tY7L3pMoFOvDG6kkWS9+ZntFAdngR8Z1EYIUEsHCH4iDCUjBAAAVAkAAFBLAwQKAAkAAABdOGJIkHwN+BwAAAAQAAAALQAcAGZiNWRiNDdiM2E2ZGViNTVkNDc2NGU2OTdiZGY1MGExLmZpbGVuYW1lLnR4dFVUCQADIpDWViKQ1lZ1eAsAAQQhAAAABCEAAABoSkIdbadG1n04PwLnvoZC049oCnTz5n/ek4keUEsHCJB8DfgcAAAAEAAAAFBLAQIeAxQACQAIAF04Ykh+IgwlIwQAAFQJAAAgABgAAAAAAAEAAACkgQAAAABmYjVkYjQ3YjNhNmRlYjU1ZDQ3NjRlNjk3YmRmNTBhMVVUBQADIpDWVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAF04YkiQfA34HAAAABAAAAAtABgAAAAAAAEAAACkgY0EAABmYjVkYjQ3YjNhNmRlYjU1ZDQ3NjRlNjk3YmRmNTBhMS5maWxlbmFtZS50eHRVVAUAAyKQ1lZ1eAsAAQQhAAAABCEAAABQSwUGAAAAAAIAAgDZAAAAIAUAAAAA",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902178",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69022-46fc-429c-99b1-4df2950d210f",
|
|
|
|
|
"value": "msg.057080059.js|fb5db47b3a6deb55d4764e697bdf50a1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902179",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69023-3170-423d-8c07-4df2950d210f",
|
|
|
|
|
"value": "msg.057080059.js|6221cd2a493a3c052e7374aaaebe8d7e84730b1f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902179",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69023-e538-479f-b141-4df2950d210f",
|
|
|
|
|
"value": "msg.057080059.js|2c5759d570f298b373c19bbb94b4ff0f12de337efb44bf671e07b37aefe778fb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGA4YkjrFOUsHAUAAMUMAAAgABwAMTExN2ZjNzBkN2ZiN2U2YzVlMDBiZGQ0ZmQ0MjE0NjZVVAkAAySQ1lYkkNZWdXgLAAEEIQAAAAQhAAAAW70Tx/gfStewGqWiSrC/M2JU5GxpZGUG29JwssHcG75J67zRANYSJlTrjyFFePH/jewAMlUomLFBGnYpV1FdfjkaarHWU5/mH6hLdTfM6Wy3+IWhljZpWEYjvC5dSQbslN8QV7w92EJcu1A6j7L+Pulf2soJO6OGAviuBfmoKgHRZocHMmZ+WU9dejqvHGFA4LtTWyByrw7nYAp3SxE511tFPwFWzr+xjADo9/nJjrF/MU06+atjls+J0x40RhYQ6fOaU43w7sG8iYUArP8kt4hAJ4Aa9eG1SYukHVdnhIp1SraqKx60dns3MMdiPSfc0onzRnqRtr9kJh2atti6NCB0emWl8A6L6FbubFksJDbjI+Re56htlJ0U1bwvcujS2mettf5neFGfcCsAGYu73A6pbDp/IPZCvuSmYt3ev/6tVlVGIHYaCwI8uBHTPkaBvKsfD7qwnRkjCrwSrqC4jBcO5tAtwBCOTk5/EE1gRZsmgQ1ayHBzZJY2MKRVwEwJ0fZ1OcasXl6NGqWLS4TP43QatN0kDR3ZAoH/1s7Cja9Fo6/UoHVLKdu+ZFrsNdHRqYwmuzS4U0+a2MkJ1CoOx6ruKCwjj0BMThx0M/JjWs7AXhq46K8tGhnYIiCLnDsS6JL1kckT87QOUyxBAy40N7LPLesIsZjZ7qLaflrLFc5/93Mdi6HyC+YjlnTFDpKTxuJnAVUKN7odPkQuyUFPR1N1uvciQsosnbBqJE3hfMU1QScakby/mdJafhsJSJEVn7t7ZVW0Jy1BsZtPXEi3SHZl7/fe4dCUXA+g18qDhDpDdAu60iBhkdtiDogB/WOtvtvq6FOmA/bVG3V30gM3CKdEiG+hcNtXtFSMaC06NhUzHcOK1q7giAbGMT/2UNWGMNXQzqAksaqJUaMaYl1KW+A4qV203rsOD0Z9HQ5qh9jzFkOu+3xllAk0pDgsKkqwwkWygtEXc4NBITC3gutBEGy5SZPnK35C1C3THNjIgeIa0sBuTp5+ztRMLN3al8Mfh/jW3qYyiLBUjfDk1rJF+jIlO7wO/GPyexk68Mu6oLT6/avdCCJ1TmUYjATUM98YNN/8ALlC64BM/HX70WmwTJSATZZupEq/jiLILVmH+I9OwFNehbyApvK6iPvwCQ0kIit2RsUkhtDVXzQ1MkZEbzJig652Qd4gGOPJz3NyE3bDX7FCqX0KqSsv7XR7Q9elvXVAxTE16UCGNwFricPseMwvUUtCP3xlIWBc5sPNBoJzin1hRwTwj77mpU1D0hh1gQOcSJPr5Sj4fnbJ3kgDcxUUUHTvjqFElIVyNq71kd+9whq4P9A/D0QO1/Q1vSYjWlXrgdhozTledxb6IlZqx3A9nlRjGsgjN1TCjd+KBkR/du6chYgZd1FpFOIR1DZ0j2ZI7K1m5hFB80vi228ABYe1Ox7JFObvGs2rCBOBJW9OJExqblPahh9EagnWf0cG8rKSmTAAfvZPdZMyfPg4C+iDC2XflQEQm+FXrpQBMoQdw1MTSQ2dtZ/xIOz8g6we2YQK1Ob3lUiMxu069fJ8G413IGG1kFbxq8H5hizagkFyPeBdShxy6NuoAoQcoN13Qsi0rNr6Rt2tT60LNohqSAH24toUewjtqJGU/Et4SXmVuJsE0CKOQdTVySF3JfOHMNbOR/As5xVwl+du1mdpGp7B1eekADVQfgnS6YPYN37+cZhH8YldqRvg+LwB1NRGqLx3ufRDjrhrqTqUUEsHCOsU5SwcBQAAxQwAAFBLAwQKAAkAAABgOGJIIqDOriAAAAAUAAAALQAcADExMTdmYzcwZDdmYjdlNmM1ZTAwYmRkNGZkNDIxNDY2LmZpbGVuYW1lLnR4dFVUCQADJJDWViSQ1lZ1eAsAAQQhAAAABCEAAABoSkIdbadG1n04AttP6TeZbmKsKDZhUBZUo+mUCYdaUVBLBwgioM6uIAAAABQAAABQSwECHgMUAAkACABgOGJI6xTlLBwFAADFDAAAIAAYAAAAAAABAAAApIEAAAAAMTExN2ZjNzBkN2ZiN2U2YzVlMDBiZGQ0ZmQ0MjE0NjZVVAUAAySQ1lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAABgOGJIIqDOriAAAAAUAAAALQAYAAAAAAABAAAApIGGBQAAMTExN2ZjNzBkN2ZiN2U2YzVlMDBiZGQ0ZmQ0MjE0NjYuZmlsZW5hbWUudHh0VVQFAAMkkNZWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAB0GAAAAAA==",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902180",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69024-551c-4e49-ac5b-4df2950d210f",
|
|
|
|
|
"value": "message.597341230.js|1117fc70d7fb7e6c5e00bdd4fd421466"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902180",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69024-32b4-4d54-8497-4df2950d210f",
|
|
|
|
|
"value": "message.597341230.js|46ab9ef7a911eb59650f74ad5dc292c2b63f1d9e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902181",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69025-8b9c-4e4d-abea-4df2950d210f",
|
|
|
|
|
"value": "message.597341230.js|79a6f2ceb0f095b57fb59fd38a8c040cbc48542498641aceeae599c78da587f1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGE4Ykiba2k3iAcAANkPAAAgABwANjNlYjQwZTFiMTE5NTg1OGJkMGIwMGE2ZWQyZjA1NzFVVAkAAyWQ1lYlkNZWdXgLAAEEIQAAAAQhAAAAcyBLD9K9F+bBPu/k29lvYT0BBVOe+rAZ5QdqFVBLvTGc3urckfMirQTmPJ/tKo5083B3Qx9IPF+F2m97Dm1w0h7oCBLFplNRWRWq2xK6xh7pa8mrSiF8IDxau/vwkqnSLIJF3WyW5BgXLvKWmX04IVz/YnGNJKqzz+25aHNaYViGRFcOF+q2gBhKgdED4D8uly+aoboIvsdRRpvqE7BoWQYy5WeNSVOrGs6h15KsQXUCDWHRXPfQAPsU0+JDiAmCuoIFST5d1GQCcyX/BDbkoflxkZ9hbNrQAOhCsNHIDvtnVbI4uLg2SMrQoknYz8dqLChDpnnEEaGXpOzsjsPoAdSRfZ/QX6vKOLfSyhqpMw9SCc30HfOpKns/9CZU5Gmvw2YuaU5WHALoq7E1GgT9gcFKC6BoQ05uQZ876UrDTleLMR6A+3n/wXYawJm+MZJJmMZA68y501KQD81QGQJEf2EXWDo2hCRDXuM1enwPlJAxsDfENqeGvTe5BO/ItsNGgljq/Uqr77XUvTfIzBUxyXA1ZM6qjEhIV0Y5oKA8BfQYWmOhpueQU+BjcKHbZtmsMZx/PkkKfquwKBJdzWS9GC5s68Buub7YjnI6Xq/vt9E+ppi2seMpgeuF/iF4PCl4Hu4g/Giu4UvSQxC8L89U0l4UH63y5w/Y6cnNwfQySNNDFTNntTqrSmRQvgsLCBeA7fKFbApP+KhVjdTCLgVT84xX1V0MZ0sXIp/Dk3epPOUL5jB/b1uQyhK9VnDnpFjY7+gd9HhjWw7As8f494EHSQhSXVYEvcc0kSbJEFOQqU69mW1hFT8AzxnWL91eMVxHYg2hNyB3P6GcxST4CLNd1nJ5aL2ydVFPvaawiZWf3Oc0JuNoKAt/GI6gExbsWB0Bhq/qgPU2bSMEXfpuNRkRg8RkG/loJcyHOyB/Xbx1wnWF3by7uupzTuWRGYFQQCU4HwfqYPFytM2OWASf0svR6VXJWv/hJgBwx8g1vpOIuw1R8I+DddnMpCrhI+Sw/HxIk+Ggk73aom8pOXlmCtnL2jXJKBLxJ2Ku0UxHXwJaM6PojXmLenj62IQ0gYvRVfEAJ2WwT/KNiTCna+Kqha1ZZRydDNYcNgUdgMYX+xHw7t+Ga5uJGiQMk58ry757NsTwSReKZrIpo7Qyuwa5f6XVHGOQ1UIU4CnqR8Xuq1gcst5cvT+pE2Qzm13xW9qVCcf4JfAheJWruSAmF1Fm3Vv+y3ohmy+tZdGv89/gS8FKazmMk7Ba0SN6WFzZ1KIv1/4T+BhfhsoMxEdqgJvNMBDBYTmU8ihiPbXsHZp1/j2RkdcXSlwHOYb3etv/UR4VksgTgf5X0kNNt1buEVPH57Ovpue0gYkEVwM+zEBs7jAZDn5zilraHqBMRn6PWizbq19piGVB5FGRnR+j0cZ91OXXTR/rs1C4tPDBJc/bzFONa6oUa8EKLc0WKywVykztV2wXGPPnhrlCHmHOsqdSS1nNkLEY3h/MzbYIkdGirSw8ruWFH6HwmJ4x+8GMQR6OFBx18Gm/QYfyRsR9ljhDlXxk/yiEIQOIzrJknOZJCbqDF32/1y//VPGYXT5HDsaGILgcRkr194IRrBtk5K1ZkezxrJn40hOUp/Ztg05wYtDk2PkWbwcO1wHc2wmbZFa/Oye7OGc0DKt+5UVs4Jm3YVPo4lH8rybMKH8nLIRu/YBqMGMQSaxfDH+2m3iwIQVThDO0iYH9sfVUwIZJ9L7vms3FsHYiRtYLdHhNho03Fg0G48YxXEinXr66b/xZnWmPm1Fi8L3u4VECh3kEQNfMEfgtV4lc/bnAiLsi+XDssnduoK6raNTQg7ZIyqmrQheQEg6y6HZ66GHMy5dzV0CvY2I4Tqv3yEGx8PvYr1/dap+0x9LGeLsxdh8lrfL+hn56oIPAD6lyP4MkLvVh1SsTUSG5yGeHifNGISMFdY594Be6AMp9akO412NvVGzC60LSbgDiza3F0mouMTM10BlBeTJhDv4sFf5OgpLL/vDKiEA4B89kA9MWIGqhP3FX6SwWLojZAr9OyiStrtIVdnUxKWMZNII7SaVfAKevA81oiXpG271M+eFxZxCTAkIuX5jOkZyS6+4yIOnXw3F/XJZ4egJSTux2pSZyu1FTH0H7uP9bgqzjkePB0atBp1JLBZn12S7sAC4frb7Xt5nZkiV+btMZ4/a9UOc7i15m29L3EfYOJ1FvUTjkQFqQRyAdS9wjWY86oYpiYqMitjVq45ihIiG5yKDhtV3Dv61zFo7iZ2/5+Haui1926sTW/DRbrP6PHexPfZbYbTlGKEkuC8zwdzJiMjAJFmNrWkOI9YZN2ZjIk8zSQ31XVm5qPEk4N1TjOYl4ZhpnfLN4AWL+26ugILCnyK/J0ma53BIVwMOxX4pv6efdC6ln90OCLKDzsvqnKumgdE3dbf6o1frmp3hY99597F6JPwj9PG45Iexp/TOkOYeYOInx8oimabLhLK52iNEKOZQlOief2DuHEypJ7wtX8KPxx75lL79hvptLue70edk/tNhKpyi+K9/nO9UlBCx7R5o7RMdKDKxQSwcIm2tpN4gHAADZDwAAUEsDBAoACQAAAGE4YkhL8aNOGwAAAA8AAAAtABwANjNlYjQwZTFiMTE5NTg1OGJkMGIwMGE2ZWQyZjA1NzEuZmlsZW5hbWUudHh0VVQJAAMlkNZWJZDWVnV4CwABBCEAAAAEIQAAABPAs5vzWkgCH205s+j0K78ra4+MSkj6N/vaclBLBwhL8aNOGwAAAA8AAABQSwECHgMUAAkACABhOGJIm2tpN4gHAADZDwAAIAAYAAAAAAABAAAApIEAAAAANjNlYjQwZTFiMTE5NTg1OGJkMGIwMGE2ZWQyZjA1NzFVVAUAAyWQ1lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAABhOGJIS/GjThsAAAAPAAAALQAYAAAAAAABAAAApIHyBwAANjNlYjQwZTFiMTE5NTg1OGJkMGIwMGE2ZWQyZjA1NzEuZmlsZW5hbWUudHh0VVQFAAMlkNZWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAIQIAAAAAA==",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902181",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69025-62d8-4ba1-b4f2-4df2950d210f",
|
|
|
|
|
"value": "KC5559709096.js|63eb40e1b1195858bd0b00a6ed2f0571"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902182",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69026-9a28-4ca6-a6b6-4df2950d210f",
|
|
|
|
|
"value": "KC5559709096.js|3a14d7b8e743df7d62493bdf44ecc45a6f82ee48"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902182",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69026-5e94-4ad3-a5ac-4df2950d210f",
|
|
|
|
|
"value": "KC5559709096.js|2fc2428db623b07280953034a11d92fa45b990c11cf945bb6853e4aee094ffcb"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGI4Ykjx1SLKmQUAAFAKAAAgABwAMWY3ZTdlNzA0MTM4MjA5MmI2OTkzNjI1NDhiYWI3ODlVVAkAAyeQ1lYnkNZWdXgLAAEEIQAAAAQhAAAAiz4CR4H0+AMwlUQMy2PI+KmTW+Beqy89Q///M9iQclLEUHwCary9mnsII02jIuTZOENkXwrgq2SzOOUiwC9NxcPZVyr6AfvLgugbQpdlH23GNrOLR2ZETlyKLypqwZWREUUCt8PqqnQt3aMx8YKmQnxtyhl9jlfCY0vk06klKofwRdqI7/W9iowiV8wOpSm9wkZQr1Nk7zxA6jMbts9jy3gWDQmROVFWQfClcR5L1YhbtM5Y8un3SdDNHB2z3N2YH04kHGP3kFZzCUFRMufJjS6mVPE1BkKDR5BG4Mtx8UZ/P3X8BeYOIOaXdH7jO0NA7Ggev6XkABQGw28aWC2eEnVcn1XqLfYBehvklQznZFJVKNoR5ROgFpxStrP3c8d6ha9opKaR5yBIenp7fONsNrZjEeEOIusBDK6jcxGVj0457BjRCSPOwidKTfJpqJw+m87SnFKWMX/YMGrCtyzMhaQQ8GkbJjWnsH+lE8KPBIOsbO0fTlEXOvHtQOjt/6YLYTLjyrn7wMt7ffcGYtHFJm0ifuIbnrleenvBFa931Kw2sW2PYjTfTcqUYsWhyvPQLHDkHL5Kdx4c0tVVuWU5qTcJEZeaja83Z09gGyGRoQjef7m038eafgSBmae2f0VlxrZLrdq6l4xUhUsar+5U0Q+eKwONrFGeN1vxpC6jcTNL2z08YqlZrjbtEPIL7WxObSbFyxHQibHnlXm41J5OrFMLUrPe1+cOMtbH+Y78rU9+pzqB/bjfUtMIlqRFqDUmsCjOtUCSwCTiskJrt7hkW2tpxy3aiksEbPKDRD+txTMY2tYf1fVmITLYgwVna/FAtxBOjhd52nMwP01fZXZezIE4JoNUfG9izMfSnrgIr6IkLaxK2d1t6XD/+hiB3rQ/PwUnxVcrQWQCallMYlMimc0cBy81QEBlTpTgcXuNTBs6Ev9i1IkN/XvPkD+/GfGMLVaURMrkKbGL5WMD4lZlVkgOHLxuO7gYmocME8GHlUrXQ9iF0ZsOOnKp7JRY9r/m/+TxelMH42OEdBOI0nu1r+bGT3krRcWyzuk+BgAPE77aI/DC6V9gh51eoTfI0inKGRh862/d4zT8cnVVNLKnmGe7kLNvlu7SJKJqI6xcM97TrOTqo1y2+gK1h7QZwjAAUXFfi6poKvuMC+nsuqAvH2m8W7a9tR2bigUAVouQHXuuulSpBc0mYx+MlN8sTBxJUpS9+GTzBCaQrBsAvpLZKc1wqKSjKSgNVIaFYIaJ1f8NIpqlR1/FQCpSIQnYf4YQpbmctIUgkcuWBswMhk6Snz6eW2orgALww3YqelP4C06TyHAmkHOi+Si+rEZw5N83QfN7BKKLDBbXtruv5U5PxYNJggFdhsvro3TCRjbGY7MbJ4Hp/p7ti0w8pcrwpkmda9LiVvpi+R2VVRnEDk7q7Zagp8wY7K+t0zAbFGqUjBcm8TmfEasVw4Up+MoXE8mxOgabFWkZP7Yfd1WGUvcRd9bvZMiwMaVfNdZrZK8JLoXLcQ2hzO0dkbJngcKTYJl6yWhb9geBIZDVBpcyH5hQEj7LcTQk2paR2ResBCOrpiy4ESpaPtjVICG3YwXfi3rUixMAFv4VZn+ASGXIhVjo/JLlvSbS2qhXx6K7aGRdEDlkBDDuKLHK250skFJXbX4CpvdU8lNkRfhKvIcnnx6BOVLiK/qQAnGC0je3faxdxv2tsP5Ww0aS6ljNBISOBgpfOWqoQWPEt61erkDCbXh3mlVbD0VCa5rRsVxwRn4roixy64ZPzRIFKPhvo3CspKyDw2Ueo1u08vgAfIO7kjkwHT1sMDP3Epn//sMDGcCzTaDLFMcumgZwAJ5FSmA9sho6DC7Ai48JxG6gIa7raToOwPkwPK5Ze0ndZVCc3Kn2NnyH018vpCLwoOxQSwcI8dUiypkFAABQCgAAUEsDBAoACQAAAGI4YkiGwwcMHQAAABEAAAAtABwAMWY3ZTdlNzA0MTM4MjA5MmI2OTkzNjI1NDhiYWI3ODkuZmlsZW5hbWUudHh0VVQJAAMnkNZWJ5DWVnV4CwABBCEAAAAEIQAAAOODX384NzhiYEv772KrgG0Q7y8vA/HXuaUuMeKhUEsHCIbDBwwdAAAAEQAAAFBLAQIeAxQACQAIAGI4Ykjx1SLKmQUAAFAKAAAgABgAAAAAAAEAAACkgQAAAAAxZjdlN2U3MDQxMzgyMDkyYjY5OTM2MjU0OGJhYjc4OVVUBQADJ5DWVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAGI4YkiGwwcMHQAAABEAAAAtABgAAAAAAAEAAACkgQMGAAAxZjdlN2U3MDQxMzgyMDkyYjY5OTM2MjU0OGJhYjc4OS5maWxlbmFtZS50eHRVVAUAAyeQ1lZ1eAsAAQQhAAAABCEAAABQSwUGAAAAAAIAAgDZAAAAlwYAAAAA",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902183",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69027-68ac-459d-9e6b-4df2950d210f",
|
|
|
|
|
"value": "invoice_ymUgem.js|1f7e7e7041382092b699362548bab789"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902184",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69028-7f00-4382-851c-4df2950d210f",
|
|
|
|
|
"value": "invoice_ymUgem.js|c0211950b4b137f74df845e64544ab7200c88b17"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902184",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69028-c3e4-425d-a5e8-4df2950d210f",
|
|
|
|
|
"value": "invoice_ymUgem.js|3dab5300dc33468dc19d3834d7d80d8fe2128b042bcf11da2641cc30cd0bcd6f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGM4YkhB6c+GkgUAAE4KAAAgABwAZTEwNmQyMTI5Y2U1ZWYzOGNhYjFlYjlmNGQyOWVlMTNVVAkAAymQ1lYpkNZWdXgLAAEEIQAAAAQhAAAAcyBLD9K9F+bBPu2+zRANiP4kcazOYxA8Ee3QKETFh1DzBDEwzlI/gRkXyIxaquN2aYNv1I/NFpvK5kYs7MWdevRjHMDCi4GQG4J8PlMfdLZyc6klUwHu3eCM2R87KCAAhO3XsPlaCFioF6+sdAjRpcOXrq6zi2XeQKJEc0CQKt+dTPrgaGuSYB/7aSvq97Xgd+4BLxOXKj9kGTidPDxvyV0yg9/vJDDMmujFxMr59VeLjFrTYa2/ll0nq0985hzvwLk6MIED5T+H3VqdE4sKutPHDxSCNO+HBy1z8LiuDbsupkUfd3ZxuOpcpxCOhO55mG321q91h5Zqt9foghaZRXpN6hMpvFEjMceY6muvNSgZmycy5cYdLQmEJpCcvdVDvhbX5DTMbssUoj0n+5bvsPvIqonhR1ccjD5X3ofSE+DixeEXuoe11vT8TqsQEPj6M98tmNkegfA9OAGENW8PSWytaLbminW+0d3gpedHRDD+tgKRgY6aosS+bD1bqmxkNhD6DsXaIR1BS/+HW6bx9LebPWsPJM0AX5+t2AHnAfG1gILRpXzrM7W5yx/hh1fo67ADMWUrvOzRts0wfC0lPpaTo6zra/mlbFD5mGRV+FeTMV01lWwohiSwEduZ7iwwLU+KuyXUYvseC9hjIVpj9oABxl0nSdbehQFqKWfBEI9cSLvJo0YITQzAPNWqZLdIPB5/LJt/8CTxG7AM6vkS320/bLEKcAf1aQDjDjAuo5s+nA4xuo6djt3WXh4+syg+vyerNLgOj/GzWAl3JXvWMYMMq4z8zR4Ntcjh5NRhwkLHHp4QVrgaHAkkzGOu4dsrE8QuyR7avkrQjx0HGy+RdVblbO6jx6QTpHG+Bbxyu8gB9tSTlcrNdWhJOXr888gvR9rp778nqdWkdY9ztjERCclkABcfYdIMxsZVzOZ/8QxvL9kkDIwXOepqE3n35sIpbKuFHFBs1QuyCFefMHxPxUqKdo0V2zkbNANt6YHSfCKiwJLmOBet3tFyXzuJFz0jas5RESzooLqBfqYH9iWAoBmQlIlDDy1W7xpG6H0OCMnenAmKTvIioad1DErxnsDNGzJ7k4p5Yk2diHtiE3+fLtSBENUdQJIPf2cHmzltAn/4HJv8A5BT+HKb3OvaIkLe05K1ZvEUW9HSGkGl3zClWLgIfdSZpCGLoq+TJ2YvNNpkcgyoG7Rtjlqcsu4EbkaSf8TjHIwrzEjb2NuDDy9/KiCge2zyDBOa8MTE5V6i0RG59wisx+yGaX1WVR6z317gTQP0BYT/wKsqovsgDJ8Wg2yhe+ooJO2HQo3O/c/QuBK4YN97ayXO+oW9nWNxU/CramXqTqDD8TiRGWI1O+fpTDa/JTadwIDiZyylqm8L8sDK3SXaguLCVI7onjyo5Fc5tDPrfj92vFw2K0tGKsWLJyiLJ0iYfosu19aCBGk/hB7Vzk7bMP/Stcw9WqpioOZzw0XTKX4YabwPaxESUAqZAZnXreqRjF/1OIlL5FW73fZ1JZfDcmHS+Zy0dvc1SAD4/aglTUjwrl3bGzCM5GhBbgIrua1oAZOZB9LL50/6L7YT5GMQSrXsk9eEGZUGpP9CVXCIqOckb1Lh64aEBOXpV6TP5QPDeBET3A+k4HfGAy2SkhGOzgoJvR7hDhegEf+3Y7q9dMKichiFJE9nV7PuFawumUPIH4V/cKMeDZsreERbI4+SWygNG6T3wlziPM5cbpFsy1Jn4/qw8bWmtEWFO+QyXOdvpfCgmPCOdTXnffu5WbsKibkGAINM+L2OHLK8L8AU8ZfqAJwckX020EfVj3TrrN12wqyTHw9LxO8pYPepjNikKuUxJbSXxNU+DXyvq/su1A0B5RsuMsYDOKYK94GlpLGueIztYKScucnjTkNumlBLBwhB6c+GkgUAAE4KAABQSwMECgAJAAAAYzhiSIpMyggiAAAAFgAAAC0AHABlMTA2ZDIxMjljZTVlZjM4Y2FiMWViOWY0ZDI5ZWUxMy5maWxlbmFtZS50eHRVVAkAAymQ1lYpkNZWdXgLAAEEIQAAAAQhAAAAE8Czm/NaSAIfbTtjiT/+VM1DWB1rDGxhnGmCxG3C3VvH+lBLBwiKTMoIIgAAABYAAABQSwECHgMUAAkACABjOGJIQenPhpIFAABOCgAAIAAYAAAAAAABAAAApIEAAAAAZTEwNmQyMTI5Y2U1ZWYzOGNhYjFlYjlmNGQyOWVlMTNVVAUAAymQ1lZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAABjOGJIikzKCCIAAAAWAAAALQAYAAAAAAABAAAApIH8BQAAZTEwNmQyMTI5Y2U1ZWYzOGNhYjFlYjlmNGQyOWVlMTMuZmlsZW5hbWUudHh0VVQFAAMpkNZWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAJUGAAAAAA==",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902185",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69029-c3b0-4359-be10-4df2950d210f",
|
|
|
|
|
"value": "invoice_SCAN_wCMVzf.js|e106d2129ce5ef38cab1eb9f4d29ee13"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902186",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6902a-3d88-4961-8c86-4df2950d210f",
|
|
|
|
|
"value": "invoice_SCAN_wCMVzf.js|36929687ee709071209ec36ff2189f31712fcf55"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902186",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6902a-1768-4b20-852d-4df2950d210f",
|
|
|
|
|
"value": "invoice_SCAN_wCMVzf.js|033a171fa482b0729e05e605aceeeb9164519d20c832a912da7908b8370606f6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGQ4YkgmlF2XywkAADMeAAAgABwAMDFiOGE3NmM2NTVkNTY2NGEwODVkMWQyZWE1MThlMThVVAkAAyuQ1lYrkNZWdXgLAAEEIQAAAAQhAAAA5fbWNVTiENB6h9Z4O7jGdYVgD4Zndg7/aiAeEjUooPdRe9RU5iFKUDj6ZT9O0dhEClc8Qfr3q9LftWO1qsTCT+q2Pm5rxJfticOF9FqR4YUQc8bABtv8fy3uwn//kCb/YaV9UNeV87sNogOuHJOC+AWRn98MwDa6dqNYqC1KWNw6blLyj9YPns91NjscPRQf9yvSDsSLj4IeGlOA6scnBRHLeTPqjRlKIsc9u94O9mHushoJ6VOr1ktpEVVt67i3/bPDeuDzto8Mvuu2a6U7yIRLnDNC4WQtp9r9gsT4HtV2ZYuqq+2Le2+SRsx1L3pcCnYaj5DS5TPIycwiXXbQS/0FGjwZpJayw9xeEuz3i1KdGc38IDOC2UJgJ8G8SMqnVSDr3E96ccIJmepeJtbuqsnx2HtzuM3wvqCDQ0lJX9HtqEYcALi4DHOFwFDFAVj2ZR/a301eveAVjgga4oYa4b2eMfrtGSGuTn2Vlt1kuHZAkqv35uyVM/LixENUamtscGKuhGybVNUj6mVavZxOdKlB0P2iYc7SDSrgG0XkYZl8+sY///ze1jTVl/jQb3NpE2Fc2fSyhXmEf/hgNtMq+eSb+JH8k5e5QI3r3PWwVPYucVBzfuGACY42f8VHCvHzx0pCJ/BeNNlM2tstoPYsvW1g5KP9ImohspBIVqkNAUw4I3f6oH9h2n3XMQvZcbODRYY3Ndj/aQfFYLvMIZ2OdPhQ6xaCLkkVMNuMZBaZAFkQ9br1xIJu4I1MJhEUWHmil52VlUlB2/KtCKseku5Q0Km5EWh/AlRlURqoFD1r0LGoTYF0wqKlleG1njKBkUUgPPRh2bvKeS1HzDLDYXRM2FmnsLNp68uj5LTdJ2J8r/OGmKGhbyhueQDAgxpA5UMbAjO4H/7AjM/t7DTbW/5nyGhBGEKbN8q/b6rSvNenY8JR2Gp2FJUVK0Cj4wHeTllzherT3/6Wz6jOlUSltd92pfcZdeGWWDlMQt+3Q2iirZHTCLNnWg91DtIGBKwT8ON4zi1kaLqRT6ifi1JF9+bsL3+Fw2M98oA5PypD/4gAkHPaabvUDcn2iVh+Vl33htpyYFrX0nTR8UZqa5+IGEmTtF/UPJNb04J9nA/If5KJRi38KCZGphpqgrFQcYM5tZ8ArtPA8pcLtbDNnWPRJh2uEv/0ae/bEs1/2+H/as8/FiYLDnKsrcS95Y2jLZBBWTw3joV1CmCWJ/2Im8gP7GjZZm+EWFpLTRKeKH6t9nidasY/sn5Pk832c75AZqXsjWbRqZYkNU9RvqexHuiNPYP1I4+u4XA1Pw1tU5IU8rnvHrxe9aERr1we7jKHrVdGFztLO2f7BZB2eag/FaMSMA60axSV8G5aBD5IHVAne1Zw4gPEo7IzGe2Fpjaark/nzyq4uSRDVwjUZCDgmHwz7MdGbQkccWNEaz/crnjq1tfJV3EVpDrBLtIeDWJ5QMepUYGAAbbEvFh2A/Rol9DIHI/oZXI72jVBMyzmJ58PrSPlNzMunsdAASaRBn8Ki1WCEaJvIrjLwTG/XO42q20yPezdDQO42yS3Qyfivr5aVNXYkHG4rC99AY6gUbcB+La9rmi4zhrZJxIQHtdLNW9HVSMzfApajpjSfpcARzeEWfYFEwXVCcc27g952in92a+4JTePkA59S3CtsDGDFRmtUdTGFH8kmu5wig/YMiHehknAt2VxPz+faqWpmR0mJ56kok3rAJPf7iZKqDCV1JYPKliKOqWa3m/hDWo4Af+uHhsI2W3ikCXK4TJESdNCaA7ecxruhwV1wzvg2LcxWbx++SK5CUNamvu1qC/nD8s3zaSKq6k1TRVMM7ZYqdKzU9lkMGW07wP6Ii/MsROuwEa070W4UgOnnhktKZRk3v09XV1R0GnKe3/XWAGTsdpRQZluDxzx3geqDQIwX/bWAvUfpKiLEx66FJRJxNSdjKSqrTV+qisPqGrXRvDJ5QzjnX8lOF3G20xxmtsPshboZZLfmahuasXp1whROcRzmvEKETTZfdl6xCnvPmh6DKVFpbs9M69jaLVKU4FqKly6i5YkfiNHYvxXfZJwwGs8AR6qMB5DL1WHoKOcp5GoMTZr4nRmFDiPzfb0HdP7d3ITVdP1UufxiXUegXUgDtiEMVzbZe3E1GGkOJ2EMWXJeFuCdvmhCwsSJoTcZ5vNWyLfNEd73OHXD6wPldKoFWkvfSdIHlgmM8V0u2w98o81SmVkR1PzypvBnkZCfP+T/94Dt4aHH2XobHJMK5lOuGTYx6QhqXA/rEoQf4umYii1xzPLhjM9MPoCIwCJHVWOXpiu6saD42r/izNOuua4kQfTYicL1Agp2sNH1BVltq/nk45+fSf4Pwv3pZm5pmQcygMtXcVthjGilBlxJ3boRimaS35tNObA3PYdYLkEG/V7ZaabdRsTSfoYvwWnuj33bvCeXYZZYPLFuh1XxOMr6dhEN56blmwIkISxrQ8DI3Wsi741R/LFF7RWQN9ehZGVIb8e4ygbMCVmdl/qfN1VKjpCGzDlGR2nt/BlWpElLgfzMe6aGPhHuW64OdfZfYuv0UyInN2Ec3881aSTru4WNk3eFxjGe/F4TVKnigzFXWNPyCKecYvhL5nRW7dek6QQgWcUa+BfMs/qb7kPkdq+WutpPJHWXZTVA3HUB9D+ENwM+iN8WqCcAcxxyVf15Zv4dniARYD6/8gMq1YauVuQ3TzYAlTzroBVdWuWsf5lmFghRejUHSwXAeFA///pN8LzRtgj5DtIAWBjvD97rRgXBBVLNwm987nmA8rSQV/Km2NsGsXc/gT0vf1rTmU4iALnIUldfjB3sco91PndSPnrthno+Xu+XKC8CurVEcLH8DvLUApF5pSHqBmMUziaMvFhA4WlvnMWHWkitlpuGOEYdx/WK0O1eUwPWcV5U6XUq/NMYaHfTRT7PTHYWmQj4FvUk/YcvP73Nkzp0oJvUstxCEWUghK1djPTjMNA04xK72ZBYOJmrGme7AqTtLBXNpK5wwDDOhgmYAERWx0PgTnZvW9534TZiTt/ngW6wgOfm9n71KRs1ORuVfod9T2snAYRQce54ajf6tR4zD7sfJsXdm8DLLQsTLdoJxUstlLDkMuS6zEVClCTewLQBZ0BGnQG2u9sp1Ocso5H+vo10QjCc1Kz/y0Vk5r77xB763zSUMUGHTOZeS/OrKFWNsvss/+OwGY0xia/V0FLORQrf9672DFIIasLGcoezQiCNH6WfxI3pQ0ChI10vPwQugvhVyR07xQzqdGY+oaxiQzwuH1g95Lp1lvwfcpxfZ8VRnrXDz69F4nMvfOiujyDWpVfOAgLQtPfVadQSwcIJpRdl8sJAAAzHgAAUEsDBAoACQAAAGQ4YkgJVIEEIgAAABYAAAAtABwAMDFiOGE3NmM2NTVkNTY2NGEwODVkMWQyZWE1MThlMTguZmlsZW5hbWUudHh0VVQJAAMrkNZWK5DWVnV4CwABBCEAAAAEIQAAAG2oGR/RRzlN4XIL2FjUAJc8hqEqGJ04TbNDQ7W27rJeVhVQSwcICVSBBCIAAAAWAAAAUEsBAh4DFAAJAAgAZDhiSCaUXZfLCQAAMx4AACAAGAAAAAAAAQAAAKSBAAAAADAxYjhhNzZjNjU1ZDU2NjRhMDg1ZDFkMmVhNTE4ZTE4VVQFAAMrkNZWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAZDhiSAlUgQQiAAAAFgAAAC0AGAAAAAAAAQAAAKSBNQoAADAxYjhhNzZjNjU1ZDU2NjRhMDg1ZDFkMmVhNTE4ZTE4LmZpbGVuYW1lLnR4dFVUBQADK5DWVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADOCgAAAAA=",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902187",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6902b-a6ac-455a-a500-4df2950d210f",
|
|
|
|
|
"value": "invoice_scan_vS4vLm.js|01b8a76c655d5664a085d1d2ea518e18"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902188",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6902c-2548-43a4-9a7f-4df2950d210f",
|
|
|
|
|
"value": "invoice_scan_vS4vLm.js|3f958e7462e270a20e5cc12f1e6f328f6b5071f3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902188",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6902c-4c70-4c6d-8225-4df2950d210f",
|
|
|
|
|
"value": "invoice_scan_vS4vLm.js|8594666eef9df6025293b81778d56867abdb7949ddb0ae05481a5d7079093bf5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAGU4YkjSI5kRjQUAAE8KAAAgABwANGE3ZmE2NmU0ZjJhZjE5ZDBhYjgyNTgzYTEzNzZiM2FVVAkAAy2Q1lYtkNZWdXgLAAEEIQAAAAQhAAAAcyBLD9K9F+bBPuvDlJNlgTpRLd5x5Jfadzv2vSS9RmtQyhyfL7ZY80P3B41WhxmMcf1448/0P6SoZX5GO4UA6d+WOM6kLSPmKeKhJjdYQyLfeot31+HJQ/PvWSvuuV3czxJZTEGtbJtb9smWiWpXGlHItYHTH3WdyjiDybrtB4pLKHqSCB7oHeWv8XxhflXCassmwZ+eJqZESDGWHiiLhDpvP8uAqTOY3hIeoXk6U5ShET+LCxuF3/p9uS6SPCL0tQQjZqV/sNWNn+BK//t/ye+h4T+W9vPe30S2PGaZ7g0A3/pZ6HsF//3c4upAvvse0EOVcwRuMbBTKjjuy7xgE70H8YHYgtYSDJNf24EJZtXfgVIyiU8nJIdqjv1WBGlSKRcNAng7jghnPiCTWR+XEeOgsrP86l4+PxqlBBdaw31DZ/+va7GwVICMj9jJJjZhCt6EjrZ6rgeU2fUOD6NhlFuf/Cv6EYLMG/aNUGiMBiPFqEGDlbSK7vyIFZKl7FaPF5sD3DzQIbuUo90GUYYz2ql8WfI0F0O0bvR65cA0AFG7HiWTFPNPAyLL+VTs/BFc4JvEnF1G2Zg3RfWDpw/DDw92paY3kKvSQ8iPGVblFBjp5A0EQYSLk1b59O9BM9flqr13YQycP5zEauk9iWxPFv23oO0OT9aDPkF7anb1THWYMN0SKctXy76IRXUnirZEld3WsufklqqgUrh+3v+kwaySnXh8COpWCIsTV9ZX6RRpXVQMvNrVJlhEv4ByuMpolHhAguIYVuFwWRTrMBvoCQbJ8MHEtOWf6Hy8anq3dtczI3H7mRrCZ8EGhTMZ9cy8Liikoa6tuAY6XQSrYgYlAE0cfT1ZOgogMVL5bsx+xK/NnPb9Z5ZKlOHq5g9ZS31ulk3xh10tOxc9OEXw1kXh/JkMImWxMCZ3vydOMMG/k/qXoB7idvmUhbs6DgU7bbKW4F6tb/P4W5bz1Sv7CAwJxOnfEzt231Ve5jnAtCVMqgj738kN5xbIMDtQCUyg3Aj+bxafTbX09yXbMxw5n1Jur9tcgjgEeF+guO4me7rz3wuuocwrzdCc6a4pTvjdGmiXpYS40HlOu+Blsb3X/eIqWpyZ72bLFps+MKYsbkQLpVLNTLw9Iefb5pIE3Thfs1E3Vwto8I0qIJ1q2TI3vVhe/KtqQpN97EmZzyG4BOjjcmwcgI5VB2IAOGtQhhenKszPvvmVa1ko2GhUZExBqJ3abwvGlcMMuPIGpUssYEEKR6El7OWkcsQ5WjinOpt6+Ctv8S+ybzewy6q+0sU7yHyzAUnnhBxbielUyFkKpXJ4q/Lthiw8SFpYeRMkMKIGeWFnDs1ab/+TcNAWZ/QuDC9tcyfIX4NAOGTw1AJ7gyGyJtBCHKhb01q7Oie4+iF5FYYA6+mvaKxdG24RFH05uutkIbhdUTK3amfXdp6gzv44MVPtpbv1cdRgA48LDFnxuflfVSnuxaTxO5RkIjD6dbS1n0bxZWJNPoXUofqI8p/+1RygGBmIiWSKJ7wuGWEI6TIgV4StSEbv9oZP6Drt/bmiHmfJ8aEx9xF+PHoEbcFxy7n668a6SfaZ+or9Kd+8NgblrIyCEQfo+8d4rQjjZckmTgRDNyOYHQ81le1ho4GDecPlWyrWigEsyD/PDBe8GrG3Z7ltRuSIrDGh4nCaBSBt1mBWxpDne9Dt2nuj8ZxePXrQExxumjs+MZflXRt/el0n7bNWlvK/ZWFhd2dyWgWqjdQY+O1kuNmVLlbyrltZyt3EE8ysIUxczmcug01UxULcm9RjxNUxciRfNVIYN25QJua0nSWZeSUMjMaEhFsg8n3bGElVer9/yKbD7HBkjnEOiJDw0hWO9R6oIyg7YUcEZLFOHFYK9L0fbEMdfSBQSwcI0iOZEY0FAABPCgAAUEsDBAoACQAAAGU4Ykic49Y4IgAAABYAAAAtABwANGE3ZmE2NmU0ZjJhZjE5ZDBhYjgyNTgzYTEzNzZiM2EuZmlsZW5hbWUudHh0VVQJAAMtkNZWLZDWVnV4CwABBCEAAAAEIQAAABPAs5vzWkgCH209nQ3NoGUjbo/oOku+JZ7rx4tWzIbo6h9QSwcInOPWOCIAAAAWAAAAUEsBAh4DFAAJAAgAZThiSNIjmRGNBQAATwoAACAAGAAAAAAAAQAAAKSBAAAAADRhN2ZhNjZlNGYyYWYxOWQwYWI4MjU4M2ExMzc2YjNhVVQFAAMtkNZWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAZThiSJzj1jgiAAAAFgAAAC0AGAAAAAAAAQAAAKSB9wUAADRhN2ZhNjZlNGYyYWYxOWQwYWI4MjU4M2ExMzc2YjNhLmZpbGVuYW1lLnR4dFVUBQADLZDWVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAACQBgAAAAA=",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902189",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6902d-0b78-41fd-925a-4df2950d210f",
|
|
|
|
|
"value": "invoice_copy_aYDIQr.js|4a7fa66e4f2af19d0ab82583a1376b3a"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902189",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6902d-8634-4d97-a8bb-4df2950d210f",
|
|
|
|
|
"value": "invoice_copy_aYDIQr.js|80c82ba29490ade575e7e06ce80f299c3d38ffc0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902190",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6902e-0de4-4ce9-95a3-4df2950d210f",
|
|
|
|
|
"value": "invoice_copy_aYDIQr.js|94b8e25230239bc32a04aac47d5f176edf4b0ec11017f0c3589f34d1162e4dac"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIACI5YkjhQ93T5O4BAADyAgAgABwAMTIyNGJmN2Q0ZTJkMjg5YzUyZDQ3Nzg0ZjdmMjgwYTdVVAkAA5CR1laQkdZWdXgLAAEEIQAAAAQhAAAAVQIFqwhz8NmbdQil+38KzuvdJT0kM/FORsIlls26r6bin6ZLjHO+b0D1fVOQwCeeIKHxUAjZBcCF2IW+BZ2Xev4a79iIIAsBhSRZ5kTi/rwKWr//Yc/kYlN3EmdsAQ4u5CDr8u2TnFt9Z6YHH4bk2SC/L8sMAokwlp2znIriL5bJnFKZrTU3a1dhGzDmBhkhw9vsq45XWywQqWfH9jBnx8Uv2HjxewAF10gqeB71D6KnDyS0Xa3dRkwgHRLBOnwmy00wmeWNJsRNHnfLmqpNQFSe5t8kzFWLrRZ5r7J93t3riDnmTdsoephw1/5jn3g62YrkUzBbwiAlYUCWOXgeyOBSvbZ1UbF5xO+JWs5LoSKGsQzeeBImeIlCwD3aaRtyfLwkXA/a/kZOWNLqLMYSDrWN6ofqsjxDlwukyntxeSJhpNP78R1hlhSg5F9CAX9pIV4RZ9aW0P2IkYXdjmIiEiCSXEUGsIGdeQOGxgdoQLzior90fTjPVsodK3G2qyRXJYq6WPvBeMmr3aiyk77Vd7MFFi+JcvJySVrCnugn99PPS+ORv+KyS/Qcod312htaXLP5xAq7+BHIe5ZWFqxlmcmqEGA9Rm9PUAKB+/gBRdp+lnCkGmsRIJX89Tj9qqauTnSYQWjxcRKYJFkterPKWCVtMreJNBUhm2lf7Ab96SUJPlubLyNYDUZfEh+1x6k8QkrsnQSJXrtH5IVAW0UTWRtYsXtcRZ4332u3gqIpcs9KOWCYhQO7jDMEJ1mnYfZYiqnNz+sWrWwD8SNV3Rlh+e1/x+I2gfkFZ9yDwylW0CeqTDbbur7cIaxcy2XpBMvi8Xq3MBrEi8agtptuQ/NtfGY4tZIvwhPOW89Nnsc7sOVxH73lF3DrpbvgwAS6IMvfrH3rA0h6qA6vuT27UFGLfzk1dkBGCzE3dx1mJtWNgV/QBt5voyEbAIQUitmccelsrrE2zhniSIBUqXMkBhVSes5XYNcTpC2wilcdtNoc8L8NhosKMi/AC05xUupvxWtp2MRBw3N3tVRwMJDd/HcXa92+J7llyCFy7vu10liaqrAdulvB1ckTzDS+4gOlsvyvp6KjkR6PPIx82QoBNxWJBqpPm28233gOpZqWZXvU6KFWxHKB0SzPY16KKTjX+6M2ByCPQ+QpB3wgD/H9uAAgZiPhVW4YRCCBtuQmA4RQCl9IVGjbpFLiFfLPjunGxDcSVvEhl5wi7eSlfp+vlbL2mOlV/p+hYlTptF2mwrthQxqN/erAkYrEHoYy3mD4bXKZosErmVqYMmKmW5ostiSx0ioAvZBY7oiD1uNfgM/356dNvpuPCHDVm4K7ZJe9WnfWcQyg+1BGAFS/goWKQ8TofrnhVYmLiG4fdrNlCOB9zixNJbs2qyCAeQECgMP/G5+vo0AuaVtjoPXHrvyJnCPokQIOLdO48zYrUKWRuKzarEJvX9QqdbfAQdXCU9ANkoNtL0GvJ5xqg8w4L+2Rs2CuZ90+XI2HrbthD2cpwecoF9blda4Ju2K86+AuWfQI/GHbvCBakee7aFQ3N/JSHQVdtD4anVncFYW9Xt6toOvmUP5d8nVx4YRa0/sCV71lMuA7vZgEkt+hXfV9bX8gMaVbBH+g6VzN1f0HMfHg5QfhomysaOzhxQR9LqQJd+84GryzD+A71kXf1YUZuqsW2sPlQh9G34rCsbmRLvtoI3jRE3Vaa0zcoIGUd9aBbCQ0JW2Va9ZI0SQYOBWIKeja9uY2C08iOhMqjPXIgl7eGO1iaYYlJMlRlIQUc2etMkE5rE2l72WAYbv9nSrl4rHZzXCusffazwQYsAh594UTdc1fh1mvyNgBgelvD8WF7Qa183cUH3k3RDvXH3mnE+UmI0lGSPNmQYOOgIRt5Dmpm7I1NgFiBCmz2bt+UGtflqsKZ7UMiRvKCzwBAKRw8fUaC1AVtPNbYkcK3dxgn13FqRMIhpHhaS5H3XPgGEGqEMvJwIH0zt4R/5eRY6KjN4umN8d4XcsJNlwTKovmxvAARqjtEQgVG1DZkZdGJXYESVO60TmjL5wwItuHf0637fatkpukWxzqEhMNdZWMOC5ftspd+AOhH/C8svvdhapx2vqbG8Wk6jfc7c9lTpCabqDeWdSij5b+1LHTTLMxI+L7mIAEDuFg2L2zMx0t/0LdDQXyfx++Mk9NihbhUH7OlUoUE7GMrqipR3o+mrZ5TABrGF7KNuvbwr9IF5CTFq8/MhbJ2fjQMRdpkYK8oryR7ATQ0jIA4vOWOwa0t/vTowMw+SeNDOhQbZRheD6hrgEZOW2IlZW5PHXiRa2CcCSST0fhwaRjzVN2U6XMnCL/jJ7std54at8NnKtIR1uNZxUpgUF1/ylPxaWlbyvhoM/Pin0zh/ZNDbUFxyoWU+m0HbarCCy1zOk+0wRbuNODylKwX/QMTUMVKWNWZ5aNSxl9iRYLhDCSP5ipTa1KjB6u0aKzt7+lLuKixFNveOCxL2AfHHt/NfcFHSdl6+H8im1yyJjHLUoOBAmGNaI0a4yCv5f6YA/3dfRHu8GdCq55eAWtl/uFhJju/u957X6V87NzrCpbXTqHklIsEUJ880FKGDE7MlrbCEVz6fBxJ7wvgTFAGzug2n6oH2dHlQZ9NLxy9uPNO7mvraT0S55ud5ZBWKi+iyGl2XE+Fk3qkkc9wnRvlMU3+gEsatJx+p0kOSGlhMYa+qB5nxeK/dE2jEu456RtOc2b5SD3y9TD5oWpT6HuQ4Gs1OiG/mVjeTROlNu4925oKv+PN9uFpZj1SEVo2swrB9EmyNMP/AP156Qo3RYVFTlBfBP4hUDK2F71flXEUxvqsO1M8ASmgxjX9RG7MskN3HLt7RLZvwQtdIsPAj1zLUrqPQGkvxSqIhVAjSSppwTrkzJ/dsH7AEfGSZMEKOK7FJlG7R/fGggrrfPMslemeFbDD/wkLeUt6W99a2+utUycy3fE9EAlJ47Vl5pL0HN4fbwijY2eaCruOuV7uNEgSWhewN5uIZA4ECPKBS+Xq6vOCpcx+84f17hRT4DyZixZZA3Rw7HsHh9AVjE4jbL/GYrOc6Fm7E08gLSQ+wzs3dlbcA/5qoYACddpuvvpRhV8k4fX7TpYm3OjyID8k8Rf9wOr/0vwHkaSAybiQ8S7hNBy5fbTkUn/W2r5/KMtnBRhl8sbzOV9I++WhwU34X39W9ZAI0y85R6xIU4F9m221m8hzAEGP30VxvGQ9UoK3D8XqgEwCRKV0TPsQiIOjVI5CqWfVy8v3gZD3aI3lrC5SUVVaH+2ePltSObb8H9Mpz3GhrxQcMe4xPG2WKUkNZcNezdUKtp7bTrVxZ5M0SYmbiYUr/yWp8euwWvxbtyVsZdiwB7yRASeqiblZlpcPrcLOgxoG+muvjHmU4NT1kJ3urjogXcDq9cw59X5t+LY0PvJWKAzPH5nYc54NE42x+ZBw06X+OIxBFLhJLPxV1Rzw+dgOUyIIB7EnuqONsvoO62cFShkH6Tam+E/05RwMFRlWO7oX1glIteM96Nwb3pegqTok4rhuw7wAoEs3nCy1zq2TwUGAlfESTSi8JR8Z3AMINKRmiEwszyAEftttdvBLeLzGypOTHHFzF9bpdTDIl2OkwhAyeILljN/weKUDhRHuTHGD296vVwME2VzhQxS5kaCtECxrwSMIyVFNeEEiAFT6u+FlI9CaeW4DnVawgnggAJ7BZz7h0mz/L3mI0Q0K2IJO2vlVoHsRDFR12wYvfTNwRu05o99rimxqWqthppF5/p8Y/6Zoa+KHZ7XpSyGKSFFCjALCYmi3BwqJUQ/8pwoB6emlT5JORuCHDBZ7Lc9ueHKjw9W/uayLloolDRWDdLSLWomZI2ohsbeRwZaljlUdf7xFIJnOSiJrPRORoHKmTNtGkq9AFfIiMOcZZgFVhN/7r2hN1f7TcXQC7wvuhRcAzk+nLmOBjun+qPc/W
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902544",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69190-d6ec-4808-9d03-5e5d950d210f",
|
|
|
|
|
"value": "87yv5cds|1224bf7d4e2d289c52d47784f7f280a7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902545",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69191-3fd4-4639-aa22-5e5d950d210f",
|
|
|
|
|
"value": "87yv5cds|00f49ef0c6ec348788e6b47eed8a79f0ca0184ec"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902546",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69192-fd70-4313-a3bc-5e5d950d210f",
|
|
|
|
|
"value": "87yv5cds|776b90d3fbd639ca8e8d5f198669c2e9c5f81bb2d2471e320c2ec77e6a455248"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIACQ5Ykj7hKLYV2IDAJZjAwAgABwAOTY0NDgzMjRlZDFkNDJlNWE1MjdjM2QyYmU5ZWZjYjZVVAkAA5OR1laTkdZWdXgLAAEEIQAAAAQhAAAApTo4v5IOs4nTuNs/Em/DJqSabtspxHt41JNyirWb/ERBeqdBUeZQDM1esUCYNAHPWLl/8ZTO8U1Ymnd0pYfWtjiE+9ecst0DnIELOfBA/uZKxKxKE3BzmSCZEi4NMM5ygsIhPeeiMsFrbAJpjcXXZulBdgqtHzF7PFSMkfzfbzMTB6MYxGVBkmT34AkV1QUMFYvK0CpiGg4Rri6awUcr8t6rIc/k4qXf3IpVJtwShjAh8mk0OiBiEXaieUvotztTP0Habd+D+DKdh1gn+1wVkod/IJ7IIHHT9R2GuSA5edeMAwM3Q08Tj/EeMbZgxtjfvsfSEpPC+/uWs/obC1f6e5r+5MuWB7bOx1+bSNKSxRIhABGbEoQ6jOl+KbxT4P0F18m3X1qHFJm5GeiSJxPGlhIlXWMJfiuhqs4NU3XWrHoFZqcgD1Xv9RXMnGV5CarzU/sdEDtTBSdkiJrIIe7jTOJWCPKdL1HTQxn0pWRo5WXmtsbiTozOAGfF7zPdLDTVi8nFHhY9Tf0JP1Ekswp8md0uu4zJZDR1ZPw6Vxajg8GjgzQ8mwzdoQWpnMdKcKARMps/5v41V8CR8OjtrvqVaLQptupEHHkuqENAKCsrXYpF6VOPFfn22nlXtT5C1/veUnWErQmKj+4YPxyvc9Pwzo9nYBrBj5TmgwgI9SaqgnCVRhySNGqrB7Hh/kWDYyakuj4Ed9Bq0BmlEJ/3s8G2uSHgVg0cTtI5OZxtLRVG7bpl6p4AHKwiT5II5HBZWdgnkKACGckQaBFP6cCx4K0pvR4hGUe0QFbJ6CXxiCHCQyj04qMcVZYMz1fofqjLGrXpEXWEkrxAcaJMsiy7/e8Hzaa2vOGyZjzhM2MnGDPq/BDXtdDclDiNl3hLbCERgrb+sz104ju3bx3D2rsW9iNKGd9MYmgXmhxLr6P/wvAyTrXyiHCXS7BgUdq2BLKLjVFet/VXUD4lAqJsVFIX+SaDwWU80fo6M6r2kbNxqPP0SICGCgmcxUJ6p9FGXrt9jA61V/9X6gA7LhmoisRzsf9ppO4abhW+hy2DEGd4Pw8o/13GfL7/oNa+4W6fy+Ug+xikpYxNkdVVecTRZpd2+mNN2/oHdeMNuwlQnoXW92asEYuh4Ez4iTRX9VJ/726ecgZ1qWl+3gAP0BFqEWlqhLY55ywDY2Up1sh/5QKHiJFRv8mMnNgsWVMNLmKUxQYrsUpar03NRvjGlA4qYt7FRmJ0BVRrbjzNJRAvpmHlf80jSRsat96AjoELR3M9j9qjkEboUzGp/tr+nMpfxPmcPxBcEWWWDX8UUL3ekSPXFRk72M0XWbF8ACanm6N0izc0DPYa7dpbII59ZiI6UTg7gRz042uVCArcz3mEHr6TFHDLgpGpDCpVzSDgxRkIAY4JWNZMdkuZevQoEc5Hq09fHpzDJw79zfZqNpu8eacmlpAvwyskZD7uCzpIz9vyvUSr17aBfqPVoFz6LvGYNsLLAGplVyaYBQymj66BrwiE0CVbqPCb8wNZ5b8V/q3gfbDBL++yD/fNXO1m6dpE+I7ct7ipgIaH4VcxQF/WEoS780YUCUUpkLVWjCiQVD7Bcnr157ux8XFHhmxzPKXAizlGvCi6Xe4LIgkgZrheXvfHEYK0mB/U8n2jiPRujaVnCH5WNJrb0btNLYdORtfCLI7JjKezoBktlBUO2PIMPDdvtIXhJPuL2UA8Xqp3aSPVhezvT/iV16rkFqlPNqaJ0cimTL3w84BVjrLsX13P50uIL8dAMFGuEPSOa9AEXvrA0xPaW178uvUJmM2x0z+HRWYYnIGk8tc2MSYvDpp5O5lp8KiXBOpCeMcg8fT80hSrC7BOQSch5KYZejbeKtASYf+Sx0wWxtZkF6mPNwJIxTDJY8FEwlSbfqJAl9oOEdBJl09KMcnmH/XbqvuT+eIg7Z++0yDrcG8x+aIUqA/bF6I86rF0fWYHXzPC45IoEagrVYeLWZEHL6fS3RAP0Z46ugI95GRDlwDUcrf2RYb/dgnE7dbpzmOcsdgmRzje38OCQYymmI6wM3ZhBZjhAeG6bjHsjrA90zhTjjDj6PsCvSWzg/OCVO6zXUlWmtz5OZCkhSit61x/Y9FsA4OBhcjWgToI+2Qv6qTJO6wBSi1pfTPZIkJUb7HVeSbuufDAo5fO/89GctvUP8Ui16uZJh8tnVAuBhdelc/NmdraievwSSflIx6clSnLu3HuAAlzZ8e6TypZvgFl3peFKQrx+gEs/TyTRgWnu6b5SMaqsL4BFgBCN+SDEavnq6AzBAL1GyYZOsAEF09Th3XvTc9Gfp0kN2ogisQvgUFaSdupzsiw4BC6Xfp3tu+fP9nTiiy++iJfXc8VM1RJIdmq5n9LIdv7Z2hEl7bjYY32Zjz3Ald93NKFyB/B227/KBOAFkIkMwnyuJs7QWA46+CXXcmhh0+gacVHyTdbwnNyb65kdv0iGdJByDi3AHH1cWW+vUiWnhHIiFYS1MxiizEUQtGP7nvSO3ZiXkD+yddl8vIZ0DKRMjfiBW3nge4Y890K8bGNFJdvW6eO9Chgbkua/UX0kxuZVMrubi2f75a8WnxXSw6NMxC4BjIRn9EJHcRln0RdSTXejzgNYeiPRB5gxlvtwEQ5Ry+vjNk0Vg95PahWi1giTDI0cyOubh2baQ0Lpz/KlzhunGb0BQAF1SY1061tKHMh6etp85s0PF4YQMYOYO/zT1o+EqadaH3Ydekjo1of1evNihYHFoDzq22j5idKRtd0XwwA/Pg3xkydzhtMeM6CDQxDw5E9gAejeqVD1wWbedp2qb7IzkcNrmr9NYTxv/Zb44TZs4RGgDuwgUFAYLU6McSWJ3LBxgBp4zqi1shl1IuC+DoHM4ytMlUdYwdyxJJRR2yIqPt5SvJAJkbVcudMMWseps5GBGnVdhAlVDc8+aHyjZmAUrMyfvST5tbS75Wv8h+uAmb3LVG/sQY7wMvXu4XuNVDw73iFGdcOqy5XAN5DObaup2/j+/LG0KIbgnDCL3CZ+pnNbg5Xrg9tlCKGclAUov6dAz6c3DT65HtvWXSsA/GTVeMHScZbFq0ab5TjIwHYUq2BMct8xV5qQQdmkOmU1S7/7XGY/8wq6oP+wIx+1hODMRkCqMwGVE0UP0hwndQXPuT5YBMGULYFIxwmbmarQ3SxhzrcrFTlIiW7k5hrq1ZgP5u7TY2mbOIJw3/bMk9LyjDmSuqd/CgC/OdDVc9eDstfCZFLWNfihaGspKaLma9890FUccLW2Xn0K6Jq+hoKuMeAkYdw9bBhs/wmDE0b/1RTT9VIkWDoXUGjGZzw+51JfgBORiMDZZYYs2Dt3eWCPkPpbssMBROw86Rq2RARet6ogBQzRx+0BM4epON6H2DQHenPXua+3Agpz4g2Ob3jiYListdL6n4hsq1yoSQ5AvOzNNLH9Rxd+yfkga78yQaA2Mg7YgkS//61Wz/pq41dql10uBVNuUGd5O/QnRAApUiOxWZEttajpSQPygV4oG7mFqwNI+sAm1NsV2rpGkClLMrq7S3ZhvDuuDJXIw9dLNLb+39HzCXiHPoFGhbaTeJ0xvB1u/ouIyVN05jIQUOKi2Ia94frNeqMsVFO6Tqn3n3srL7gwFRVnbJfpR/L/zKoy4Q3/L67jWAlqVVjTSxe26eWTWlyQctMeAcvpnUsO68NieW+mHMAs/rcfGsQB4N03qrBF/1qrSbfzVGUJW3yqbnjvW4tcXXCopomjAX+fDUMnACCjB+2wW1pSwY4QNb9wSETH2uDzG+8XFnz3GjtctIYWXpXgHjq+Q6/n+E7X3Q+KnGPqgQCJjVpfc7cKbJP8o0Td5nHIvGqWmF+cnOh2xrKa0tiAeD4BBjk2UHzvQf0p10RXdIN7OJ5rqduoFj8DIODP/6VgMT/p8lVda3yU5WPGij+NPQI49juDTzMMyeixS0x7qHaLr5JJM
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902547",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69193-ea54-490c-b3b9-5e5d950d210f",
|
|
|
|
|
"value": "80.exe.gz|96448324ed1d42e5a527c3d2be9efcb6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902547",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69193-e088-42fd-80f8-5e5d950d210f",
|
|
|
|
|
"value": "80.exe.gz|4ca4ca2d037d7f97aeb2f0f1d65e77a8406efa55"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902548",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69194-5dbc-418a-a4b8-5e5d950d210f",
|
|
|
|
|
"value": "80.exe.gz|947705e0a69234c16bc2f5dbb01a91917f4264b6ef7a5710655cb255f87c100b"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIACQ5YkggJT0aE14DAONeAwAgABwAN2ViNzg0ODBkNDFmZGQwMTVmYWQ2MDNiZDUzZjk3NmNVVAkAA5SR1laUkdZWdXgLAAEEIQAAAAQhAAAAVQIFqwhz8NmbdQ5V8/cqLeZYNgenqbYiOeVLqjsIy3tonIrLvmLqFVHkqdTrSkdmrFaK5JzwWzpvHClo1LYwd8Q0YqGFobjT0Dnk+rswphKs0qrYXc08Kn44k/SZtn8WxBvKQmC8XBUGeMRoll8iCdnjj7zvFXvEH8L5NKav34XUcVigiRtfQotczFdqhc6g66LTmNjIz5AB2NGmTnVIjdzdUfLhaYBrGlMweXEq+06mhM9hLWCI3zoaEhMoUKcecquSQf3fenB1aHvOOKAkdJtkMA01lhWM1c9S7cdbEoiSzaN39+xfmV9KXrRaWWPbI4Fw1CHNhm4V+YRVT8SjAK/pVeGW90N1vyKkFf4IvmrMd/OTS2HpqZwC00T74s1eQKmQcTpS/HqiCV/41Qb0nZsXwIonqULzRxcc/08zwi3MLk9RAZayR2qGFF56ILZGQOej9SNZ/E3hsmGp7K7OSznLmxn5IMdHi6Y6fjibhAM8o7aQjcjCrc7enfAT6flWt6xr69D8ZgaLLWKCoTiM//qgocQNFHv7fDywiCwguNEMstsSwLqLlxESqBkECwpJlqZG4OtBcHJilnX8HqoDwPTTfVV4ByeQO5zZcaQNO7Vj3jQw8v7V5Rl2Sy5BQ3DD8U9tKG8IhziL9Y4vCeuScWBOOcZypK4ik4KKe38bqSs1RaqOxBm8U9pPvRght4tXMoUMt06SIRdIuRPF5XuuXfU8x2IaXBwpuislLvBsUlOjkgxgmQJyzmlcA8ICfAMTpHzPOQDag/0c1W7eDOzIPEmqa3pnQQQ+kdDrG+sVlnpjcgrfzrtEHSJ5wFDZMmSpS7MmsVLvyjcBllLyuDvrB7Tl4/MW4rhKuhfjUjk869IfLGUbiaG0FqLGNXGBuAtrOs50m8qE9wTo6w1xCq1cu0kFhCQlCjMOHux/BgtruqmodSOHa2cS81rfhocKSnNsyN6jy589/J3FhZi25Ag2c4JFW7sWSca4LMMgGcBbuqI7oL8GJ0lPQGWVr6EMCKWBkFgfLFbYERX0x9yUbLqMMRFJec+GgdctMKXzeQ9g7SAhxbqL4wEq5ZmvHh1zDHoncK7Jv/J/JYYkbW7cjsOc5LHuGeEohpAbhLxNgXUeZ5Xs3r2tBDlcfDC4av8/z6Smx/sK5g3ekVs4rUjifJIWRULIhHP5dvziF2TQzDAtosAuY8No15PZ/smFqrdFvG4JaBnG2JgWXf+TOXpYcCa4JYLJu9Ut3IyI1RY83gHacSqAChRxqWaE5fXLfj+2XJglZun077PpGT2frkmXWQ9pWc1YAUqWYFv8QtEqbUEWM5M/oqeSAWUzt/+hOZlcJ47ivyOYNu4sjKx6us3k7nC1OD95pUhb6TfJe7KdyGpWtwlKprp39qBiynakm8l86xv82kO3wjH+qakY3PuiJFa4xnwkQoCfmJpEXjvs7qyR5wcWm3C8CHsf1OUx6eJSoHqMCW7phQUcG+moGIAq7Z/tD5uxnpS4/fIkNskU1vdiICj5jNlldV82HmyxmBMMIMJ72WVHi2JIiX5WHvxONj1TpH2bO+14NralCVY77yeWAj8CaRuYDZ9JdrriKGThTJYB2Sspl1w/sn/m1/X/d/Dk48Tsbk0LFl9zHJUcAvZtSJNXUydRBMzUcOz47Dx47wJUR6HoNEq4GVbNLsna+k0fKvJubtut6kqVD+ptovLyOruuPaRnVxnJfSOh5PobNijd4xcQTeK4DqS1ltlOcsYdhN6ggo4d8/4wTnLpeKXnpk9iP5V6SatT2RQB9jPGy39nKQ2l86dM4Ht4NwjOi/OqeIPZBweL6b/cdq8J2+kMFEXv+lFDv1vEjhhmiQjoMwcqo7dlLRCzqE/uE5K/IkSPeP06o18e98ed8tPQh9+fGoi1NAKzIR1aEjianQm3azMC8NEgKHWV3z9hbPrCXgeOTkZ2CO0NFcsIFOuNhVQRdfjyS7TOQ37SFqfbGVsvxp4FIx+UVY5x+C7PDWayRaNt9vVFydlLiH51fmHuKSs36grj5P36l4bqNirxQAKuvMbyD6uUU5UdnIGUeD47n09Bia8gm+FGbx6S0Q7MoYbNQe459NHfXNsMszEbjwR0g8c/j+VYt/rO/nxfyCMJNJQgZaH/nIIqjkqKwcU0kksyE0a4GholLCSiTD5vRjOif7IZYXyxQjaof8miX00JV7KQfpM8NHpOImn0VmyLsHkyyUEunLhpJK4wuz2I8qz92bx5z8ysfUBp7cCOWDk5ovET2F221jraOhDxenfesNyhbvMC7P//LV8mJFGdlcaeieHJAW9LeC1YBb0sqAYC6YEg0G5E4HTaPSq+VmL4c4aqWHkCyjxv480RaYTYjLTWnlrmXBhp9lddNmZynVIuNr/B+skYmp37TnH3fDaUrnY91d0XEnq/Y9au9So0ewpFD/ocb3xCXRAHFHmKMzQeC50Eu2zc8a7UYSetFrT7NIH+GPjPKstIPwibPYJXfwZ33T5Gz9eacZCnp6+cJfCnXvwKysTSA255gINsYI4SrbZlscYK41CdAihqP9Q+1NYRtKarvXs1VN2pyFjHu4hBY3eAC1H1f8ctBwBUgDLz/wJKprskUXsqgPLag9sHipqMrT56oIyx6ELV/yklhy4tlXoCqh5D8F6obhQ7b8WpFPT2bp5/OF2CaNyTUzxTCgr5l6bZaCSXreeG7akfTo30lDrrKJ4x6ayjOSUrNVlet380UuBgu6lfln+KC6Le68U3gdKE6b+CWvrcB+DXYfbo1rdCfbiXBRIRQt7jnV0j9dWIT75icJlxD15WOny3QVI3cfPoAIlrGAdMAaqiCuI4Y/zmBNu5BH7TxEdTR/mcKbTIKESNVh1NrOQfk/50qpJOA2oNf2DkaT+r8H3EKWN78ZcqwonH0RFgSQTbcKe4m16vQfemIHY2ohBM2Y/rJhZ+288qAl9AINg4KUSV6LFOdb5ceTHEKXzQm45leu853tmIH0IwaIaDcxPPWd9uPYpc71o11qTYVtDVCsFg5V1Q4Tlk0EriVJ2S54D830xRk3zTiRoWJmkaVsDu0jPxMaXmlAGeD+b51AXD2enMQRJAfUybLFs09CkZmSKnRBmi1keeBqUHwm0Rt0dk3+MoJSJbH2ew+EA2TVcGDhgKjmThogLIPNw3I55IiqLwnSV3ThzctgLFuQDnDAeewMBHtsWUOXXB1PjhFmpctHsBwnSmsSn3BJfK2VAJDSPhhFbvRitVOVp8l8O8I/dMhbPWzS6e9vzguYvDMbtcGrZeN9+5mYLBpw+x1AxwY/lFs3Wto/e8VKNLdVkFUvc5N5IQ0uStYpI7erv5q710GGeZTl5ZNlyYnvAc1IPSYoUvLSaMaZJLFNFwnjBiT7Yl8OCieQglmo2okw97krEmb6Mn69gJRfonTr5/oepwqaJROjvDB34R0wJte+O3DPCG0MuQorU5Ml0dar+6/woOx7MumydjRD9SpB5gvAmcK0QsjIFrwlwxiSUY9g9WkQD+et4Mk37cWrLDxQJpcgPS0M+2qlS4Jb/9f27ylPN7v3sply3f6hTR8DzK+vMUOozwKs/hKuQSsIQl+DKF7NcFn0FFHVkAlEASJjVxU9xbe79AG7qUr73YpskyPcHvABFsUUQeTmKycP50GSkttaMBGDyizb/vJO+fRJp/RKc45ahgEaL8nImzxh/G+JmO5VvKrWl5ISwoWvSSAhC58TiRXl6mTmN67qZfQv9xQWKf8CAHZUnfN3Ue6RO8SJ/NsyfQQlAJIgFudyBGe8o0OmMTSYYGZSCen/wSo40VtnJ31fXci1AJ2MvA4jE7j/SNQW6NKmQ4eRfkxlxc6X37oQowmsQbS6J+ZjaPeTc9/wH1SAsu0coPeE1ucmzJlsVzgnVcCsfNO1LgRM+XctFiW9PdXUlo5PLnLtnyZgxkZrUinaVosU0IUxsXaozRxAFmVZkbZw
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902583",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69194-a4e4-4423-a58c-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz|7eb78480d41fdd015fad603bd53f976c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902549",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69195-bf60-434e-a17e-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz.1|a7d64cac94c32206546554f5dfe97c0ce271e19f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902550",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69196-64c8-4e4d-a2f7-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz.1|bb50041414408e2fe1f29fd8316c77790e85f5db00a1a0dd52326ce00e2112d6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIACU5YkiVvjLOaWMDAGxkAwAgABwAMjFhODY1ZmZhNGU2YjM5MDA4NzE0ZmRiYmE1ZmE2NTBVVAkAA5aR1laWkdZWdXgLAAEEIQAAAAQhAAAA9oTOKl1Zjg+ex/je/tBdlpm0NVCwN1v6744ID586nfnocJ/YL2j9P9kze6L2VIzXGG/IhLqeq1jQ+WDZ1sQ0hdxxcyQoIM8OKft3A4qs1nCwjCclB1QR4TCrzmwDn/P7VyBXrEdr9dcM3j/EQuQgyPyhxNYl4EHrtGm1NEP9W0xa8XGrIbhNB8J5s8xIUzIQ1SPHOUT0qDB3P/PxPXdLgkc6uMxNN3sEtbvpI3m+yG2uLHfLR42xW++vaEVo4aZnyT6Gqx59ISxpuEOgxwHjyw300K4D29pyOMRq60vKaLe8CZB9h7aDD/WKArhEs01wBdsv/y+deghwPJLqUbfbo2PE67S7FSOoJ72oAkfwe8l09TULGVLQs5Sauj1u3uo4NP4p2C/G2UjO0pgxVbs0DxrnUVzSR7t56tw7n3bdzRD4NiXOQuy6jp1znwN4++bgCG3IPcMk0fZxujOUnB0e3Mxv0QFj5jCOAu5Kd/DuiyRMGs5IEezHr67o/ZmDppr+g2TvmynBRIFvCQ8Z3J2dq3PYYnnZi5WeH34xCzGFbnird9THy/ozfy3o0ehacn2TmmvH8rJslKRzmDbklRmBNZhjksGzllFdf/AnKAC2TzGlGMbnIEFGhh1vyXLotY9E766NDfDavaanrvV7EnNnplzU89Cyzym5M7vkbGY8KmKoQ93ayknUZhYIS6S1ocgTGH76Zny7k64hCXGrgX25GTpetnqMJHB5SLvglV1AGq1zRkX6qh8vO8tam+aAv/BfJexhgQhVIBPbRbu6k+TLLErG2C0gGDQtrzicJufadfUcoJAMdFuegZ9BM3rvjiCqDHcdoUkR69Z1hDuG1OIKpwJQmhPP+B2QW6eQmgeK61HufINBTd5HTi8rOFK7A948RjCdc3byxE+VmR8wWVm+zq+TNxCkF2BQM+fBtMzsPQfCn6aOrlKImCKTY6YRDSDssw1I4MwF65xSmMnFENNWBQHIYv3fvJhhcsZUFl1X2GsKTsq1lHyDlcyurztVRS0wfQtiAGjwaGi9WQbtmmhEn+s/soHXwwLjnvgnASWnScjnWXraQLzQ8hyqN9BWhcANacU0n0bxMoApDD7dcwcIjoX+O8ZOn2ad296D7i+HXrrmfStm6gO0yiA19oBz0XxCZ1QTGJvkEmIgMiulhVtPLMuX7k+LYjcFvjJylkl7CUMfimbPnIizZe/PZngsO/m7te9lnrEib/bOcR8Uo/rXtVYIW/0FiMRRNfVAvhk3buDI7zQdXMecBzwXhO0RPBUaqsxnva3eTueMVi2QtFsKNww0Msr2py5+U+7H0TjNJuxf0D+EFBcWhxIIgTOuFmrgfHsDZhEJAVwNqCAiv3bwwPnlHGp6Fm4veAmq11MmKXarVa++QssdANI/ktrsBqK94Yv7w+oHgMzflxq7dhHMgbQlfgXSZKfvEfB7D+inengfn4yBVaD9qywrdICjpeijPC9niKnFHdAM5O6zI+u9DlpU6CxP7sWFahnDy3p0zrxltFlJ2IvXzn7cj8EBdw8G8IQ0eKIwrlIawv62BW1tiilI0Iulr2Q75D9vriOgDJ+XkrDCSz/+fL106oTWZozlGIdj8qEH5qkhocMoiaxxCxyhhJ69bqfiHQgkRdr7VWCkd18jverBW0x0b26SnWXJsaBZgFYGoobm2WEPfLuz/wFoQHWx0nvdKcGp1ucrAUblUn8o3DKv5AnUKnNq3uR9ErG0NXH2HfWzJCgrVeifyPac53+LM3/i202frFXwUEGvWpGqklNZ5ysOv2AMq7xigOkeB3UFtjvEFUFxCPkPvs5cfEvBFhiihIzBarcK7KJdCC9WYNzC8porYvFh3ByGcY5K9H6wn2/KG/D4n4m9p67roqoLqG+61J5cvFVYuMK4y7upuaGepw++3FQ8Gdt9UsaSCsPoQ91gPGEfTZ+0UFGYy8sdGTvgBShBwWktCsFS6u4WZuo2aeaC7kkSts3bXjPpYkrM2nSYYgjVYcrS13zakTqRjdQr5iTWXnoEkkHWA+beRKII64/Y7qajyoqHCriki5VSycrFI1obEndd1av3ZXTne5Adl483RdT1tcVeHWwIMA3SdIdQY2+DOLQ7//f0ouyIxGeh6IRVWtq4jJfxn9Fr46SYxmbhs8BLO7US4I+lx/HLwAtbOD/LrnhTV6TSx9W2dBJme9R1bC2mmI84dW/wITHBbY+Sa4/YT8xxI1lki7j023ZWlAob12RSfOGfSbu3fudsE9nwDotWXz+HL/8nkSYrnGZEjxoQOfy260YRYiffKa1KbWPi1BXtHSxWq86zcI4fYKjyI1WSOo4OalOzPP4ayf5vpJ7+Eu8QAvEpkOkyIoCOHr7NLT+7LXUuhGMdeUYj0TRBbbDFIIbMiS9UEA86ZHRW/eGNaL2IIxLyvpW6saALGhdqrAWTaBO0dqucYb+Gsj/6uc/n1/MJrdRNzQ+k65sax4zqEgleoDq7dVTZR+lMaBjhR1pBruEqulGO4sgBI+FpDmXDxsjihhk/95ZQDczKixZ5pFSOZ5ioFjEfdkZ33BZU5em3oHZgHGyttl3gosAcnJxlugZy9iwiIM664vFQZuJX12OfvbE7CzwnYQrX63nPdMbHBhwdK2qFhP/er0bOnqsRQgg/7r5ddxCIN6Z5j9UG/BueDNpR8riVRlWZVZzw59s2/rjT5ROnJCuIA33Lni6QoMv31CcHfFeyUgLjx31jBeig7sRnxGgRhOwMB2m3b8aVPKyxsmZAXA6er5Nr5VFLzVhFJUma7XODdDij1sK0pfzl+SYTSTL4+Zb434z9gXC1XkKd5m31rxIqXOqEX4vt8ohdWfJruUNWh4yxJEO18DNylDBelqG7ywGx6FWIXHMCrJ00qg1aDMyIKzdTtLHyVqV7MujFlw2eiM0KMfDLwwee4z9cP3flN4efFp74KKZ/LdoSvj5LbwKXuhjYapkA39etAvYBO4k2P9sGvEZs5Q8e1M9GvgIvxMoJTHaAKbg5QVwXx7CAEZq/6g++z8pYX/Cx4YK+6B8iJ534F3ztRmMEYa236V+Y9iT/KIAPzGsO/V81vGGVJGiRUYBjJN9WVPQjw+JcYWVKtMhi2bW7RCK8Xwlj3ADi74U9ao8byqM9Q06bQw2rzTxGMJjoQF119Sj4OBB33DlKmgjYMJ8TJxRO1nn4uc3dWLr/umgseAerSRfCS3yoW+/PqUYq3eCtQAj/HYV102u7yRD+0PW0u5p7OYldW1sbixJ9ua9gMEJzxse0/TJy14rCLfBiY4zlm1dS5UsB/BiXOl3a4XFxkqaKrm5Y4Y8Knhm3PMTEqEd8ImcfiLwRkVnup5a/s3jCgBl0+SaCacRk4/sPQnJ0cEjpoohXtymGuRk3uCJrcU+tiuGsXy1KyUzscliv7o2VfIXxc3noykJ/akNVue0gun3HFejXnXm89Mf2FtKAcKedObZ1c7VUsfeATNkiweIWXqliJUfGhp/oQ+SIKoGWuVRQG1zxbaeXW4RU/SB13IIKeO2PlmWYwJ64QOyDmJgCVcFhVaH0B2Z0gm5GwSqTf70RJV0/y0yovNn8vrRtYz7yuGwu7Hs8M+Oa0vA6TcionPlxt+sR4JaBok/LxojQx2/YjGkKMkQB1G7W99+Lgty/KAyleVwqKxYQLfodep2Jr6o0RdB3V9hIVxNTElx/7V7PCr+060xcLxYLK7/Cqo5nnNJRVk4pHzb+2BxlZbmP1mbhebvferFC6x1xyWqnlUjvu9P0WI84//vlXceBAaa9prHFTe+T8JEpOf8TYMCw2Vg2HZ9IXDTfq1GpQ2KluhbQLd3O+WZm4gIy/gWrY35gvtIKOOwwOTlsRYEsSaGdDFceBEwpj8cNqZJFf19rcsYBF5SaukqU3nZevQK+0N3KYl9MeBh5eyRjWRIumO9qlg9u2ETK5iF30Z7CKBdGyOd2SNF6v4d8gz
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902605",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69196-02a0-40fd-be86-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz|21a865ffa4e6b39008714fdbba5fa650"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902551",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69197-00ec-4012-b79e-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz-2|6b10df6b80dc8d6155d68951938d1ed8a4e6d993"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902551",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d69197-0de0-49f3-9f7e-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz-2|16954bbf5bf49c6e3687bf6b2f4556dd4ede018a52b7b5f62ea304a1f691a905"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIACY5YkiSp0jZXF4DAOFeAwAgABwAMjkxZjdmYTA3N2I3M2NjY2M2Zjg4ODllODlhYTI3OWRVVAkAA5iR1laYkdZWdXgLAAEEIQAAAAQhAAAAOo9mZ2g03MweIV5GoBmUhnN1D/89HHJkCxJBExTepiP6+Ki6rbbpIqgc93oloL4B9WTO0Cz4kXt2Ni3LrF2jUrR/yzJqXi0mkkSaCTRZJLBkAz1fh3rOgTh+OXsxCaoF9aJRcVyo4Jc7+J1lrlc4JQXPMHsYNqGsaxEjkt4VB2/zsG2pRVP/+LFiaSwOQ8Oulo9B8UbqDSDGHEHRGTAGmwxbQSC8+owB0RdBCmc1cY+C6toSIhGywS6B9jXoRRc8nN62q0L0YmGiQPAMAL2cQJTnoF+quF++PCquGffDGna7rchf1ILg9iOHJFjBIHhjZLkVZ21pur3t5STRnrOiD25i2a+11N3cT5ZR47W6SszLDi+4ms9DLsQs5AMAx0u0oE5SOde5RMhczGfoOW5NB0ryPa/O3+vc8rNkRbiZOFFKM5DfCTKLT8ToiKQRcxSErOWgSzsMB6YgWYIQ1THXDL42+MJWfoMlpojhD3FsXxYu/s+U2+G/8PxIJ7auCu+rspqlE9Tg9NeK1ZJCbWrf3RB9V01AwMXUPoQUn8G+p+l/ObQ7f50bm6d/wdIBMYC+ODmNBgofSQi9XhgInfsg+6H9zCjcjhMr+Olp1B9BtCyGD2xlJ9u6mv3GOfLogfMqiV2g4IsOKuRFZFjE4681JfqxUro4hLDPuwT2wKWHePb30GHok0f+S7OcT9vVYNZX5dkJtlI3aPq6B3p/OW6sb/NzOZB1EzKYrssgLHzKT38gALy3JAksf1Fatm5GglPTyY3tsmP+flWgzBXN3TlMWYRDszhWNWba+frUzJgxN5l1f9uwSBVEuG2g/Wntv6B0nurl2KExlx+POMYjcAR+N+JNi9rqQcTa88jP4ZFajxONS7gnWQlK2Yph7kKvc9vLdkBV0KccZiJqyfY4Nie1UCJHeoiEMCtLwkafHJPPWji86PsIGlUE0SpsGeyAAyQdK5pGkfKVH0qATsHnSUdVqHz3W+tXzqhad8kaQkDVbCPFDti4irWBIDy+3kd5pplWCLu29emO4637eih1in6pPafTtgW9ad+t/lnJ6jccssohZyat97Hi7vZUH8+A7ZX0XvpaiJ3PqvhrXaBFPgYuPt39frt9t2aOtP9GCXcfVrjzDad3sb2K3eZ2Me9kdyDjeNJThl2lmkH8xD+DFAQifCyWELhmbuYgART/5jC6pA8FYj5AzeRGTYL8FEoi30QSJLnwUljWi6xl1EzvF2amlrL4w/f0ihz7B9oowSOMb5FwsrnqwBvp1CjKn38yiuiP+riHtLv5FHAIhLtDXgavNy9QOeAvM8DCWgjV34HRdbwvH9mgpPN526bHVNVRacawJ8dP/SedC2uIl/UsEi8Qr1atC2RCkc2NtZzwTwvNBeHwVQvVMlelSUcHdheSCT01ogx4C3q9UEBED4FOV65eHo5O24j/AanQZcQb4BYlDcBDV2EgYsLkoq51vTZOciI5hZaZCxTZEvyn3WYUcsmqe5RU4yeGwcdqUILFA0Z+KjpRYyKuKOrUsKG14txWFeemfoC9XWpCc0cFqIirQqNckIMXyaSmdrrOUU2xdzZ0fWTT+E3xil6yjGRS6Ktlpe4xqGK058qY16kBiDY0jQ8BcL9STGxwKHqu5dsmuV16Av+L7Gu4D8IEOOpmXCCUZDZ1A0DWOgURmNkUJraUdD/8JBDe0w85/RfkXH0PutyFuhlsJLGaTCuCc5ez60vD7OAcVKNb2xcB75NAtYdd0OTRKwme5PDZTB8Nxn0arZ1Jh1dKw8O9h/dHFLyuTSMNx7ITtD9g6KC+Vphm8p16SmpRpX6hy6ggLWzUMWEkMC/0nd+ztqaafQFnYberbnu7BM4GtHvQ062yI+FO++wfyJCUhvWWQCTedo7qBu+cpyJ4c7wQRIjP6V5NeRT/Yg/hE28NU9suQAneyC4fLG6pPomE4fgw9neytlM98zRqC2tgEB0NX07qQgSWcd7YsgoTsTXh//Ix8mC6Lb19d76dY0jvPXt4fQ8yh33OXHhuXkN5BRactJkax9ZMk6zNBt0viuMd57cf6W9oCdwXZraN174/8Buzs4MhzbqIcz7ebt/4hbmNmjwmovy7Pz6rWCzaD1SH3+HX9NbbCeTZvDrxmgqEKXHoZGjXMyKENfj8NHr7yqdar/6vHj1NNKVQ5OaxW510/vkC3MXDsUy3k29ahTHvr8d1nzKoamcNx1qiCyBWWwg5xd8LaYgE8OnJT25AoBNGOqzw+Owes4mLiOyvPqm47I5EW/drVx22ZmeodbWCMbExryGY6YVFGTnh8bH9X14m0U7b4JXz99LLRJiIY4Yyk8SmTUjbIP14l8IhzQumaNhXtWR8GIFiy9Nd/OIgLlMEE6kf5tPTU7eoyhqD3XZHp9ckIMyffvqwBnpGmzNoxjWWtMBR8FiO4iJYv8gn2MXwDKQe34qaI/LxTpSUMEEiG5ORKE4gaTg9fnJCnpACTYoihgvWT5N3+8ifysVlJv/RkXKbebhrxWJFdsAiY0yPd8whVJkfyZHg4Q/7GMGnhayiM36iUXcxVpnNVUoRjwt0ogs+V8GjKTs3gAHCP4Ltv4m8Mg5CkZvyKdQpvL3pyCLwwPIZ74Fy4srcQcEFd2Hg86lyUHNtZ6MA7p1U81PYPm2UvOlnrR5N6xHTPuBlBMYNgSFWyjS2kBx4hZtArZ4WIDn1nSnaHNgZYvwysp9/jBD6/6/9n+YdsmAC0X7Za40OGUdrQ5B2Imm+Uvch2JQNjDcy0O+XEJUguCUPAkuKh8tTDVDjwGkWI7WFxamVR0A0jynwrTPPv7L6x7865iZGNOXkC+5tMNlKAzYtq6e8jTamPFu3I15vcNHqYTPu6Lo92PoAQEpQXfbpuxYB5d/BFMMnTmSFn8Pn1j0jhr+8qOD5+u0ZTKvLbQtGIoiyyVKa3S8yM7MU7YcuEY6FAcGz8bi8+VIUE4x6aDDoCPWN7b666z0frvORXML8l10rISEe1CKpMAXea3L6VMS0KVslHCNcaJMWIaHYiVlHXOiPPCGFbCaV+EgSEvMlKdyIDLM+zLK0nNkK4MOxW8+Ct0GbpDZTVYmQH45IkZtUdjcMCM99spPZEJq4LPP4MbFJzacwPkKmZQXUKSBU6TDus+HKh8olaofSOLWMj+uVFPnNjfkugw2DuOfqQzaiIIA1iZKy5rZCPkXE9TcfIOiWwyVY4Vel2BdA/Q1TWxKN7v0AqIzL0gBBjfAGxopKqQWui+EXxy+4jQFi0PIOhNaAVnOyt6f3HxlKAZ5r7Qzg98nUof/H6ydXgxlQLx5V0EQHfaRBUQWRfZddgMpZaxvXKtQQkTfZXvMjFvFHGK4BX5uKjC7SIJ/0IP5+drUm8WYJvFguDc1x5kst140R2U/2DAiQoCRbEpNUDbih46WnxrUVklKJ+PUFM3LHiqJ17PM1gccBMJqySmU7hh0/ELvFehQrmGZKDP8vbQRxrtq7dRDsl4SZfUSVNl7OMIn//o0U4vxrN6DRy+8pGzCXdzKHOgWS4A+yJWyGQsZ2F6153FPUdrHmKT9WaXIBo+kpnhYQqgyEkJa/SnEXozOSOl/O9XOF9CSDEzpmGzr3Tua4b7sSJQmrsab5yHza8MvDNnqDibOk9gZvbyQNEfQwHJ+T+OFrAH1jLEZPS9xSPE3JdXfQ6v1OPJuw+woA1VkrKTYqZ2Xc8VOLvGr3JEyCr52/AZi9QMxq999SZ+K/KU/aBf+ETAMLQDdAgQ55s0oAb0r5LgB92xyGOgyNLMAt3lNMzSwUdPuJ3aHtlbebRlnr0rPrX78dbnTC4Blti6u/f8Kxmyu+fYsfg/L3XSJGBpdAhyRSUMhtgm+wWPSQO7g/8WxG+B43e2uneDyGabSHxNczt4vtHwCxBPmPE8Xx9DJ5wrudOVRA5waDJ4penG6i8nRGvqvtUBVA9SKT/zeYbVd362SXlayJh3fUf5
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902552",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d69198-9400-4b0f-9aa3-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz|291f7fa077b73cccc6f8889e89aa279d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902553",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d69199-7230-4194-aa65-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz|ae4320b458826bd4b472381df11a7b2b9c49450c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456902554",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6919a-73ec-4726-87a5-5e5d950d210f",
|
|
|
|
|
"value": "69.exe.gz|75f89ad70b2dec5ceed26aa362d93b170ff2f3d9c8078ecb517ff255d753a58d"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903127",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d693d7-4ee4-45fa-b1c4-5e5e950d210f",
|
|
|
|
|
"value": "31.184.197.119"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903128",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d693d8-8cdc-4662-a83e-5e5e950d210f",
|
|
|
|
|
"value": "51.254.19.227"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903128",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d693d8-c608-4aca-ac7b-5e5e950d210f",
|
|
|
|
|
"value": "91.219.29.55"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903128",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d693d8-bc64-47e5-a04e-5e5e950d210f",
|
|
|
|
|
"value": "5.34.183.195"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903129",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d693d9-9e20-48b4-b7a8-5e5e950d210f",
|
|
|
|
|
"value": "185.14.29.188"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903242",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944a-c0ac-433b-8f54-4dec950d210f",
|
|
|
|
|
"value": "eukpecrm.pm"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903242",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944a-80e8-4b67-847c-4dec950d210f",
|
|
|
|
|
"value": "yehad.ru"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903243",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944b-ef38-43c6-a224-4dec950d210f",
|
|
|
|
|
"value": "bfpwefyrchlqlk.nl"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903243",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944b-b630-4032-82f5-4dec950d210f",
|
|
|
|
|
"value": "kdogpbkcwuxi.eu"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903243",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944b-4e8c-46a5-b97a-4dec950d210f",
|
|
|
|
|
"value": "fmlpyiywk.fr"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903243",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944b-7410-4a5d-9808-4dec950d210f",
|
|
|
|
|
"value": "hnumsnd.pw"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903244",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6944c-7108-4c8d-9a09-4dec950d210f",
|
|
|
|
|
"value": "46.108.39.224"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903244",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6944c-94d0-47ad-823c-4dec950d210f",
|
|
|
|
|
"value": "195.22.28.199"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903244",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6944c-df4c-496a-a43d-4dec950d210f",
|
|
|
|
|
"value": "195.22.28.196"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903245",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6944d-d2cc-46d0-b91c-4dec950d210f",
|
|
|
|
|
"value": "195.22.28.197"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903245",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6944d-30c4-437e-a1b6-4dec950d210f",
|
|
|
|
|
"value": "195.22.28.198"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903245",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944d-6364-4d21-8276-4dec950d210f",
|
|
|
|
|
"value": "cwycwubgpemsmmb.ru"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456903246",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6944e-4468-41f9-8c47-4dec950d210f",
|
|
|
|
|
"value": "eqgasctlppecp.in"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905117",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9d-3d98-4fc3-a2d8-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/776b90d3fbd639ca8e8d5f198669c2e9c5f81bb2d2471e320c2ec77e6a455248/analysis/1456900883/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905117",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9d-dbb0-4316-8e79-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/94b8e25230239bc32a04aac47d5f176edf4b0ec11017f0c3589f34d1162e4dac/analysis/1456885205/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905118",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9e-ada0-46fa-b861-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/3dab5300dc33468dc19d3834d7d80d8fe2128b042bcf11da2641cc30cd0bcd6f/analysis/1456879972/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905118",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9e-2b98-4e12-a684-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/2fc2428db623b07280953034a11d92fa45b990c11cf945bb6853e4aee094ffcb/analysis/1456897529/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905118",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9e-6874-4950-b15a-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/79a6f2ceb0f095b57fb59fd38a8c040cbc48542498641aceeae599c78da587f1/analysis/1456863204/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905119",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9f-385c-437c-81d7-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/2c5759d570f298b373c19bbb94b4ff0f12de337efb44bf671e07b37aefe778fb/analysis/1456858449/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905119",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "link",
|
|
|
|
|
"uuid": "56d69b9f-6144-41cc-920e-4df202de0b81",
|
|
|
|
|
"value": "https://www.virustotal.com/file/84cc775d34761e2f653b883abbd6af770001888258baa01cc18bcdc5c0079b85/analysis/1456861529/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905960",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d69ee8-c900-4ade-928c-4df2950d210f",
|
|
|
|
|
"value": "http://opravnatramvaji.cz/modules/mod_search/wstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905960",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d69ee8-ecc4-453c-96bf-4df2950d210f",
|
|
|
|
|
"value": "opravnatramvaji.cz"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905961",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d69ee9-c588-402d-8746-4df2950d210f",
|
|
|
|
|
"value": "194.228.3.204"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt payment URL",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905961",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d69ee9-a44c-488b-8cd4-4df2950d210f",
|
|
|
|
|
"value": "http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt payment URL",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905961",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d69ee9-cae4-4f0f-9fae-4df2950d210f",
|
|
|
|
|
"value": "http://pts764gt354fder34fsqw45gdfsavadfgsfg.kraskula.com/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt payment URL",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905961",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d69ee9-cdb4-457a-802f-4df2950d210f",
|
|
|
|
|
"value": "http://yyre45dbvn2nhbefbmh.begumvelic.at/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906661",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6a1a5-cef4-465d-a1fa-4ded950d210f",
|
|
|
|
|
"value": "http://suratjualan.com/copywriting.my/image/wstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906662",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6a1a6-aad0-43bf-a29d-4ded950d210f",
|
|
|
|
|
"value": "suratjualan.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906662",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6a1a6-0a2c-4927-9a97-4ded950d210f",
|
|
|
|
|
"value": "192.185.166.27"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906662",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6a1a6-c094-43ab-8d93-4ded950d210f",
|
|
|
|
|
"value": "http://imagescroll.com/cgi-bin/Templates/bstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906663",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6a1a7-0374-47ae-bf20-4ded950d210f",
|
|
|
|
|
"value": "imagescroll.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906663",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6a1a7-5f70-4618-8c63-4ded950d210f",
|
|
|
|
|
"value": "62.210.141.228"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906664",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6a1a8-c038-412a-951b-4ded950d210f",
|
|
|
|
|
"value": "http://music.mbsaeger.com/music/Glee/bstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906664",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "56d6a1a8-4218-47b5-9e10-4ded950d210f",
|
|
|
|
|
"value": "music.mbsaeger.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906664",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6a1a8-1be0-4af3-80dd-4ded950d210f",
|
|
|
|
|
"value": "76.125.213.205"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906664",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6a1a8-9dc8-466a-8496-4ded950d210f",
|
|
|
|
|
"value": "http://surrogacyandadoption.com/bstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906665",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6a1a9-1564-47dd-90f2-4ded950d210f",
|
|
|
|
|
"value": "surrogacyandadoption.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906665",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6a1a9-ebb0-4eb1-8dc7-4ded950d210f",
|
|
|
|
|
"value": "185.26.122.59"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906665",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6a1a9-0318-4269-8b15-4ded950d210f",
|
|
|
|
|
"value": "http://ptlchemicaltrading.com/images/gallery/wstr.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906665",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6a1a9-6b38-46b1-b94c-4ded950d210f",
|
|
|
|
|
"value": "ptlchemicaltrading.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "TeslaCrypt C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456906666",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6a1aa-a4c0-4d72-998e-4ded950d210f",
|
|
|
|
|
"value": "119.59.120.21"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "Automatically added (via 87yv5cds|00f49ef0c6ec348788e6b47eed8a79f0ca0184ec)",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456905499",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|md5",
|
|
|
|
|
"uuid": "56d69d1b-43c4-4335-beea-5e5e950d210f",
|
|
|
|
|
"value": "87yv5cds|1224bf7d4e2d289c52d47784f7f280a7"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926272",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee40-8bd0-4a40-ae34-4dee950d210f",
|
|
|
|
|
"value": "http://ohelloweuqq.com/69.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926272",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee40-df24-47b6-a357-4dee950d210f",
|
|
|
|
|
"value": "ohelloweuqq.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926273",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee41-e954-4e5a-a3ae-4dee950d210f",
|
|
|
|
|
"value": "http://ohelloweuqq.com/80.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926273",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee41-c514-4e66-8e80-4dee950d210f",
|
|
|
|
|
"value": "http://soclosebutyetqq.com/80.exe"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926273",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee41-1500-4be2-b933-4dee950d210f",
|
|
|
|
|
"value": "http://www.countrysaloonriki.sk/num/9987tg6v54"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926273",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "56d6ee41-02e0-49a4-90a8-4dee950d210f",
|
|
|
|
|
"value": "www.countrysaloonriki.sk"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926274",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "56d6ee42-fe38-4120-a37f-4dee950d210f",
|
|
|
|
|
"value": "sumiden-e.co.jp"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926274",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee42-7308-4fa8-b12f-4dee950d210f",
|
|
|
|
|
"value": "e-monalisa.ro"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926274",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee42-b33c-4f72-8f48-4dee950d210f",
|
|
|
|
|
"value": "147.213.4.6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926274",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee42-67bc-43b5-9c2f-4dee950d210f",
|
|
|
|
|
"value": "210.129.90.38"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926275",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee43-ac58-4fc5-9cd2-4dee950d210f",
|
|
|
|
|
"value": "37.251.140.222"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926275",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee43-68c0-47b7-acae-4dee950d210f",
|
|
|
|
|
"value": "http://sumiden-e.co.jp/num/87hn8bv6r"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926275",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee43-ce98-4b83-b918-4dee950d210f",
|
|
|
|
|
"value": "http://e-monalisa.ro/num/7yh5c44duyy"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926320",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee71-24d4-49c2-a626-b2dd950d210f",
|
|
|
|
|
"value": "http://95.213.184.10/main.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926321",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee71-d3e4-4469-902e-b2dd950d210f",
|
|
|
|
|
"value": "http://192.71.213.69/main.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926321",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6ee71-6284-4580-8e87-b2dd950d210f",
|
|
|
|
|
"value": "http://217.172.182.99/main.php"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926321",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee71-0104-477c-9a4a-b2dd950d210f",
|
|
|
|
|
"value": "yxeaibmydkliia.us"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926322",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee72-cf98-4e5b-96d7-b2dd950d210f",
|
|
|
|
|
"value": "byfomaukpakv.eu"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926322",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee72-54c4-4ae3-b278-b2dd950d210f",
|
|
|
|
|
"value": "kwaljxqbuh.pw"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926322",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee72-1fac-4c8c-98f0-b2dd950d210f",
|
|
|
|
|
"value": "xjrubdm.fr"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926323",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee73-8dc0-4892-89ac-b2dd950d210f",
|
|
|
|
|
"value": "hhmmw.ru"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926323",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee73-4d08-4926-8217-b2dd950d210f",
|
|
|
|
|
"value": "cqjbkxsdpgepb.yt"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926323",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee73-685c-4a14-b77b-b2dd950d210f",
|
|
|
|
|
"value": "ekqxlkjudmr.it"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926324",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6ee74-b424-4fb0-be29-b2dd950d210f",
|
|
|
|
|
"value": "npqdiicmq.pm"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926324",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee74-a064-4369-ae2a-b2dd950d210f",
|
|
|
|
|
"value": "95.213.184.10"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926324",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee74-97b8-4b70-9764-b2dd950d210f",
|
|
|
|
|
"value": "217.172.182.99"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Locky C&C",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926325",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6ee75-6f58-45e9-ae74-b2dd950d210f",
|
|
|
|
|
"value": "192.71.213.69"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANZtYkh57N/YVl8AAMLHAAAgABwAZjUwMjZiZjRjZDJlYWNkYjQyMjUwZmQxOTM3ODRkODZVVAkAA8Tu1lbE7tZWdXgLAAEEIQAAAAQhAAAAMOin0TCRdd56Pskx3HddPKx/D9i4eCZh/UCLeJa2ly2wk/hx4BTMxtGjaJVU/Rib3rH2fZYoipaz/4qgyiSSEF6J6ozu2jT6MJB4ZQi7G9Bxmxx56mp2Uw75LwkSABT56x6lUuY3cQ8u9mPIwO43MS8YCzW0EHxDH9jcYK0n0XWPledQLtI+gbMXS8f2/FgPYzvTznfUlQyKsPLa6jxjrjiQtZJHu6rKCvsaBlzOkTOpsTTD94sp7RyYcaRRmd4pNjhZj87qKsBAB7KhfXGa9IjriEiOy4PAAECmQXJ88WX01zMOzKT7kh0t1bEcQfBkYo0JFj1egmEVt7rU1RwhZCy51jHLr5wbZEPynKciPGiqH/R+f6+iUUfX0jEIqC+lmhLrLzW1KciEMX2bivPE6Toz6nDmbr2HIXKEBsK6xMlGxg9M5XgrZcjTmUY7eZLb3UQcrL80XYC6t2xh8wLcQy52zVlCxdofz1YfdHJZxMGBSATsq/+efIQGR6nzkIbRYEqq2tN/v5xhOWFP3zouJ8VYz2aiAk+K4x5+dPXbyip3p1hJVWrXD8JgH8/TZUYBuokXdEnpSTiPI9sxmd1HtoUQOcAe2JSw3//2N7COPfxxi7+Z/nOasbK4JZFQ9RkYer33tmF5tx+Bp6nDhNkW3s6I9pS0MSNkER+d0cI2YgOxtFrmNq46sRgNacaIxCphzRWYCLMDwcxhL1jEr/7TupJtuX5TCYGatos3bi0HnOnNA07ZElJI6WcfL54HnYGvElIyyMSZ15Ft4Y42TB2/hcR1fyDCUc6ddzEZgALJcKvqU3ROa+OXqoXi+zZQV867ahO6Kwv0bN6VaO9MZWXB7mjW0mxmM4aTXL+hH/2J6ax4YfkJGlbl4Pqk/4mTb17zZdTFG+0n53nZOA8YWQAl1nbWDuNgjwpQNyIXRbdirUqZD7E28jAYWWQ3GXDDGMBDSI0QZIXBqt9Udc3tZy/twhDUta6KZbxEUtBmlk82uiN43wDnIJB+CYHX3fprYzyF6E2c3wZQVrXaTcXzi+cLkuxSFjc27rldBHVs8IcDq3FRHoFF0sckU3st7G5OcjxhZafZ7w1sPUH6HSuwnD7ovRhoRez76pDTWRDdC+vRR3VizTyACqiLKRNBcg2Ot5X//+KnJ1RGCzRHkBgo57vpKap/o2pOO80vkpovHFGywwbereef8G/xPAG1E1wtyBzngWjI48KqvEK6Nt/c6pqrpcFfL9+jCDU7fK9EpQIrvHKSk3v0FATGMP1Cumh0p+Wd2m9+QEJlPK5E75baIyFQiwIObAO5Uxb1b44nSv3mLzzYQBdzGTYVuoU6PPEwgf/qPwHixYeFGsTqjHNCXtn0JpWVUeAvM5DYD1x+89ZISxTuY/z5gl/4cQSLGc3oXIjDdM+fZA/s9B9Hvr9IkOUIi8ys69Homb55/gr/6JA5++IMeRmeR7fHMZPW56p175f8o8AWNsPRJhOyBw/sS5dkTSpra9FyjdilkVYs/KeeOPj1lJoniOFV9bEU/jAZqHLolM8FJ/2bBZ6GzRXgsZm1pelOBXVWoBdoAItv8U0M2bqjeCLT/1yeeXxf/XrFlJ/320TPRmxI/+Xf/I907mQdOAZbbVgdcnskCO9sR9YL3AASH7G0NKven80d5O+HlYZyDfpZzOWm5rsu2Q1y2IZwCXuFcPEt1CLX4pnEdRj1SmoCi7dgoWAv8aBe2Sh3ldMj1TMz6gRZJqTx8PEMtBmaYeBTYvJLZ47j5D7XlYWAerIZCJTlwlyHV5Ninne6m/YXoRgwABw7g1KNfqOvWMfDOebcRUxrAvK1Efc93gCVXLiWagSb1YHjjynVRp/UTVcL0Eec3b/E8mNDAR06LvOF/agV9uCKcj/H0fNCr5fETgAoiNi18L8cwuuoWKxDnLPGZ5J6sw4ldK5W/EGYd5WCENgzuS80NVabnvhzdRAm9HJUWhqZCJ6goMrBtINZbLkOg60PofJR93lZERotM+BqjRxKbTPRSNe9fIWaaHT4igH7ztjFH/G4yHRe7wQRPEPaJETpIqtlUJ4V3iUi48HWX/+rZwn4yDrNem+xwu7fUIEHyk4Q0Vl4dIwkHgA0dYe0fOzFEiHfkF0NCIKQnqNCo57jLOlun/GZroabvGnpCwm81d0Pb3gPFZvHoRkrHPbscDkGDzGSvTJy6FG296hR8xak21+G/a7SBkTDBUYyvHWAxX3cy7sHJA9yGGhcaCGoy57dARoiysCDl9eiWX5aD0kg6+gIUj6Qckw5APStofyn9lUvlaiibPcbn3k5K28sB5Jq4hxZFHIN1BVJLhc/t6CFvkxPXwo4mWty0wZxin3y4dec/1Z/F2tYhVrJ78qpbDF713CnzaCQjTyT+bncdxqWG/9L99l8ftzzLuvlut11vQ5olRLercLW0sCw36J5CmbmdrtFn8MNMpStue67i7MNUgPGA39fPGeVOu/UvxMSKgkSXXfbMYI4NsntjQSef1YfpvE5s3MpwZXeL+q6KTce9hkPp1Y5GqSNspG3+hNVUHoOjEzM+ntpjsTHfRX96Fl2DqbofYwev81tDRPRRFPfb1iHqs4xTiVdcCFO7ewuzX6WJOkWWwQl+tl6cGqCs08a+4tyjD81HxevCM4tbiWbR/p6L4clfI/koHpK94AgpyoSsjBZKPnSlHv4W1Vl5lQwWBpN8ajVHqCLVFb03YtbWClhfGBhR8wm3tvqWA8WQL5yNzyfU1nEQtsxXOJtVXWgymanmN/6974xV0ZUaec13N4vK3RfAl8uAQUENlgUEmwHoitan5DJk4qz6BZlFuQ2bbYcIXCQIrWghZglRm/xxh9oZXJBMFoYcLykY2KTes2UXVNhpIfY3iGkYwmP136GJHciYRPdaVLTSh+EITrSGzKzj/BGg/cdixUtOG0g9Q452U/IN7Lh7gzYaCHi83T/GwJkaKrW6mcwlg2bwRmPabzN21x8XnaToeKawc/3XGJIULOxl9af1sEz6bajP+1vSqjWj91/IbOfWneRj7cOP+AsOC3dJNSFsf5l7iC3Dx08YfaCrDLGfHQYg0DBccsj2j8qtVI9cfDmLJNWf9dTJwVTCoRfb06QUnyZxmwH9ASqmjtS5ymQAem4PQV7RQEwhb6Vn5YciLRcbaFueoTG2oRQZumYqO6WKXE/BM3VBFKS8Kqbp0fcRX8gPG0EESyHeIs+BjIojiy/EYhtRbDNxtkgykh7b96YqWV+QLYlRlw6YDlSQ0oQ53J/LRKLVzXfKkUEi/ByNVKeNXP/f2GRydpivi7pj6F4eOqKKmH01dxqe/fcmLdbQzjLeCtjeMxMck7/xCYHfc6cqRirrFEbREe0NY0jlHRTF14afSwIpJJdPRHD3uvlZtxTRK9Nf6rtqXgm1OVcwb7ph5AYft6dT4YZ76cFFxr7sNHmvOMHIKV9etThRkRDJDLCyf2YWYcSmrgb9BTxo5HbMj9WhF7eSQxCKAYvTwpLKxmAE7OuRFk7vANEJwvPo2zC142tvS+11pn3myzu3DHP2EgQeS6SnvjHFPcfDOw/tV//ZSlfYXT6HHk8mSEBcihW5FwQJta7+6wkJU7AW20OAz/DitNBQaCJWXHmDXa0SaX3UBrr2Hn54gWuodHpipv8tOkJLULm6AFkmZEGmgnZuijwyBx/x8cfuumyWM5B/8c7hswES2ESugs7ctgOvnHoDlOG5lMC71veuWOboTzmAZc2x2EdSRcnDpqJnrYc5kOMqDPZ0cCuMG1mQlfCRYN1iCaOVXtKzuVIDyIsHl8xyEaBimkOqGH02RCEUEf3TL3Jf0EqNXu//j8P13K+svvnXY1dOKzvS7Vwc9wf0+5lGCr0SeyYoN/gLa2B/qEFubk1qW5wUCFtKgP4qt+9yIV2esUCImgpQTdbCDr7pjxLDn4qIPCp+gGZhf4hoc7Rmt7Xlz5wtrh2by/Pt2
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926404",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eec4-a29c-4577-b019-b2dd950d210f",
|
|
|
|
|
"value": "scan_614074.doc|f5026bf4cd2eacdb42250fd193784d86"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926404",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eec4-2028-45e0-bbec-b2dd950d210f",
|
|
|
|
|
"value": "scan_614074.doc|4a9180b4ab7376c5ebfe35c3cb28bd0cb8ec1b71"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926405",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eec5-3558-44fd-a22e-b2dd950d210f",
|
|
|
|
|
"value": "scan_614074.doc|87e7a4539ee55671113e0c75009005517aa0ee4438fb64b3d4c4ab13dbfe68f8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANdtYkgA75lFUl8AAMfHAAAgABwAYjk2NDhjOTYwYzQ0MDYxNjRmMGFhMDY3MjM2NDMxZGJVVAkAA8bu1lbG7tZWdXgLAAEEIQAAAAQhAAAAUM1d8WqAspqriWLmyqNh54DjuvNfQMLbKgJAlrj+BqPfNGiwNxiqej58f1KuFu6RCHqlwsF5xKCMCkIg93QTOda+xHR048j6M+IH5hP39s/opYBvTQhbVvl4mQw3VdaYuivv+Ziuyd0SOyEq6TiJPTWtoQkxTAzWcxndibqZ/2pEOIWbrsVnP5WvbtwlOQbtTOqNLiwuKAeoXD6Im++fqp4WSDEWBKJRGfzHDjOp5kiahS8VsjW3p11mNHHd/+dztfuVoBYuN1YW9YuebtXGsoWoqi+mWzbAPmYIWtbgKxuU768f2pLSiCfi328qjTUcePxs6v+phv81O0DPZk8LpTS4lDTm9hQtMb/DvZ0R0IoSu6fuFAKTs2a7YirQlSKAyOpk+F3pQodHxjnp9LzFukKDyOlP3NuBcz2QhSYVdnIXIaRPzHfgOJFkkJ010Yzq/l8zTg5nCnU+sJ7/TuYrhE8RUS96IYG99/QXlR2i1ZVJeQ4gBRcgPlvKobzYycbmCsu/Uzrcx4ZWuzrhKksj3S4mk4WpsvktL2tIr96OOYRTaFMWSiHTFH4O7aoZTIxLHnq4I4RmSl0Wt6/Re3I8U1VLYvhJSpxvCkq1g8sYS7m4YIgA+Ddq93qQmftAR4cmT1qwk0UQIrVHxNjMvR2z5ARFlU6aacXALWw8LuWJd7SHmUIeEftmzKZdOlJ/4OBTkvx7h9gr7WafTjDtR0n584LeoCzT9KuKlPgOpnHVCgAAwBpzcpLmGefwHOucBDohGUi0RVYwt0rkEFv03cm1aA3gCpNkgn8CQg2NiGfUlnvSHNexy+k0i4dAmJsC2bRy4Z/7XaHBecVLkobcke06kafs7h1b6zT7xAQiVgdy0uTSKvx7xo+3ZkuvQZXHS4aCUMmHM79wRf3/s2lbeHuE94SNzdzrAk2jLp824v3aesjfdPwt8yAh82ESJP6h1Z5dUIgMgqD5raqFl9ymx3kA2cJkzLFIWLVw6IwWMs7vrtUQ3pXwNYPj7cT5QqMXjvN26pJ3r1EtxhjSPh6SjI/s8HS6/82RGbCPJUC5m9ErrD+HuKGGJJxvoS35cxYAO1UvYl3IRPn3+EsUSPbAGnN1kadTAQeU37g5zUXC64daCci20qxL2ODJMLR0oGEAfWNO8XN4zhXB0PCaU0tPH4I2lLCw7sgiogkbCkQAJcoD7ojUHx1KQv0mv0ZszdJUv42EHZwVKhtJYZ+nCaXsSZ18Noow++k/SXE8faXdrz0Sdbold6y3bad/RR6dKnIDAnwrnsUKU/5+lfW2+HgONpNKDG3wp+lckKXpoeC0XZgmY3lORIDex0Yoc5bWzjgPqNfKpZHtUSNtlfwDGUv35xHhfcBx70bmNR8zII+CsUTogDECWRHJwAyhltwnVe4gsuIGDyhP2i29XAb9PwZsE6qhSQdFab+Z9i8IcGiiTY9ynM2Gymjqf+1f9ryZtw//QpDg0XuZhmhwTtxq9+kameL1H1lVv3S5HOvWqv8DoN19MVKvYQmdQApKXrzgzx6Y7urK5XBo09+HcR0ZEj4ip0z4pFndWuA7SirKyqX+lPcz6GZXoDfC7H5M/UvidFSkSuq+uWW0FUYHMquj8P5PpgOVsLECdbHja6WSVg+8C1yJUKyxn9z2XdxWyyhdm6gqRCUIHTo1ECXnkXxzPqJ4MOXfsJrOVtXcEfnP4OaDOqIZjQ2yoeHPtN++i14NJdXE63Tf51knA40TxPQS6oDhMHR/4X/3bNH9FtNn+o1u8z/wfuY2axn6T107AyeGQp5oDy7PtjUt+j11c/SeoQPT58Sp+wUD6Xe/nB/DyX1BMbayD0JPxuDAiwxEqRhWl/cqcYV8PHpRbEM94kROD+5Bj86Vsm5YFPl5dnSqo7+QDjHlQ8yeV+xcYjOYNCfdDv9VwFk1lxVBmjLmRnY1QgDEcrsIAwNIjasZuw9727PSKmNLVIAHrOxRNcyBwZxqNISarNKd4KcNX0SkxZ+uR6Zh++SWAB6S85LiFihmLMU9Uy0U4TqCVkzkxER6X1vjGu6N1K7kWh2EyeJAi9shyrHzFcPxOuwCikVBWuwzs04SQeo8Q+liqeU11szX9W/JQs7iihaJPT9ZG9G5X22HFuOMe75q3h4vHvsegCCu/lVlPIosTbooj301BMIzSkUFI0szA4Tc3iBqFxS4jZwXGiNcsaMh8+3T5HmmQIL3xjorTx6wun6TMA+CTIqavd5fjODcQE5dV3A6HG7dYnumgcY4YTcN6Lm9wIZGB2eK+3wAJ2omDM2P6NHgXClouxyLkY3tfo0cleKIkXr9vXcvRWdLiLi5jYo0L+rwhAAyVXOxk/Po7ULK+QcUwXQggA1dwo4m9EqqXLsoaQyDUDFq8szknwlX/iWvndtQ9wENTNSHAX2B73ZoJijBcT83seecVIrzO9mKUrv2LrpQvqmgLmk2vK24G+P3ihQkB+NwJavh9L/qUT20/98+Rd3DYwuO7KB1tpcX9Xq+kF6t+8q8xsTmDSuS0CBWnJhr4YERux7pitKERfM4AeU/f9G27KHCZ7oZ2+BGbBXHNrYVDJG8r5G0f3nMhdDHJUd1AKA715KTPnWMBTa8mM2fJWKU+PQejKWZZtzd8fz1FpS+X+wEaElMoOWCJHRClt1hIpDqMyIjpidOEmCn19WrCu5k420+hyzd/gfCgO+tC0mkZctURvEaFK/HZbC6ZEHohj3bgK4enRPKRNfirGAIDRmGz3SAJwI73asWaXndloQZ0+6VcHLoao/s2D52xHWps7lZxi8GsoY6tZEDg1mRAi4OCMtpYzEDYboSwyzeR6hBAz8sDrReXgopaO/st556Jv4QMoZQ5zH7ItUq8Lk39ekyRH7kfd52oZOCXX11R0j2Hif27S3Ru1qR/vWQ3vweaBZvVdGgesCVF8qWRko3h0fIfIjSAuFL/BDJtd8Qw4bTTD6haLJvjVW8fYOzR+joE1oHvmmKe2qbFDsACe7K07Kg5hnyK/ipmAqwdn8fDiLpg97fELz6DLPXFcN0lXgPbnX6pz0buy2a788jIOu9b3arJ7GEgMXhLly4F4kPNe0xjUiYbhwGLWwFrme2KfSjyQ/fFPWLx2p49ch8quzh9VMk0alseMWv71OIVoxlk+pYMe5tteWW+jxRvKJBweEi6LB7xkmKKXMJ+0dJMJNfwQB6JLOIDplT1ttVKQxvzr2ASa/zPDwMYbPSdOwfMyCyq+RhQaootCTB6AyVdnsE/Fc64vHlVJyM6bXmTgrS7RbuD9s/LdVG8ZwW2jITZSH078FvNSkOm98FPjbwwBA0O8atEE7RtazIsZCZ3umlU9iD16p0/oQTv6YOd/D8R95hWUfKm3BPyXpOrmQa+SduUihMRSjkrLFBKac0RcrRTdogyng7e/SUWe1ebZjUXwIflIIdtFmd+opOLAICc0XOenPNMU33eBz6AqDRKeVhnEHJ5bqCQHrl853BKrmQXY66wyNw/F/8wISQv9z1yVmHZA4CVyZPO18eLZwBGAoe4Qd4h4sWdaJxzYk7FYDeZlix5r0jLDVYCUHAGSEPPx0Kzp2D5jKQNcNR/x0nWac7Dk0f6rP/QN323ewnELJ6gdmIT8hkyZ7FdE4d+YkqwJN1g1/U3FfXS+xd3zns7i0mUbqjGBuUIw2RWrgoK7w9KF/1HxqdQP8EAfqLkM0NXirRnAkskEUBpJgPOp2K/d2rvmBtcQ6LJeW0HLpHrU9iWSEu5Cy7uzk66p2/LfR8lIJ0bIR/rbMyMrnbgbO4GSEcQu3B5iRD2tMACM/P8AXsSbY1Pyj4osTo6rXTGAwfxjE2phk6QofQOrMVOQkuEQh1gvLpNHXgyqicZIAv3Hk2s630ZmD4Yiub6CI9kvUd5PIk2vBUlaDf+wyVrBhkyHYkUAjW7kzUXMAPpFHLExv+/1HWzwjRDE8g4sf4xGFx7J+fOej62u
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926406",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eec6-d510-41bb-8b0c-b2dd950d210f",
|
|
|
|
|
"value": "scan_484492.doc|b9648c960c4406164f0aa067236431db"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926406",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eec6-0df8-45cb-9231-b2dd950d210f",
|
|
|
|
|
"value": "scan_484492.doc|a701439cf154dca916c9638464f7d23615a3e51f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926407",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eec7-cc64-489b-9079-b2dd950d210f",
|
|
|
|
|
"value": "scan_484492.doc|90ba881b1eefac353ff9b080ecb83cd360b2815ba47de9d9c07fa19af6461575"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANhtYkgMIc/6U18AAL7HAAAgABwANmFlZjhlMjU4NjhhODdkZTJjYjE0ZWQ0ODlmNjg5ZDZVVAkAA8ju1lbI7tZWdXgLAAEEIQAAAAQhAAAAAmps3UrmTGEvE4CbZmjwh17XG28lqEtsfvKf99V7ilCLbjjYt+Q084K4cGcrzOHV0ZIxjBg6FpZVZLHky9wxODBA9Z0NExtyStWYaUdw97wyxHTDuzZfU2wL5bsmCbiemNzl6u4Gle+ib+VWtTaSP/Bk6jk0eDx5gPMPqHXaSETYajzijcD+0z1VZouG3ln5c1aUGvlr+wxZCsBTwG902itwcsgeYl8zOGgH8g66UCd+l1BT9sMf8C+ymOMcLHnV2rptDrPsLmxQKXebPlQHxaz5+XeGVoMM1sOCJJvOClxLnQDAWj1E8yNruTouoo8D5vHY5vnS1FodLFp8GW10mlV44XuxXS3NuIpy3P/2iGmqApCy3kVqQqKz2odaIqx9SbZxTuh5SAWcgWHqi9LunNOX5zmtaQqoPjOOyEQhyhxkZbAlyRN0Q8H/AwFLAYOjcRegQMj1L0NaDvAuq0QAKewcrJXeCFc/IB4s0qEfxhz6qTnfkVetoiBYajeSa26qSgzHKZOi8Hy0xeKhyfIHHR6bKGLSZPMnRhA5P0uDaVEpL1IbmXYpKQrEbGzEz/uBqmFKiXO9gHwSrUoK9MAyYjoPBaYUpDBJMqYrOUCqVLCLtDFUVRV341OSivWKfMErNcOtfarZ39xV7y/LjOC/zf5A5K+pzUTIIQIIA+s+2xklAQq6NhDb6b6Uzf8l3wmvPbwygsG1TJGhfjAmhZrFsX4MsrRyihE/tcjg+TwFRIqgXqqk01BwcXp5eWDZAFwV4tE+yhWNvHynoUkfiyeDkdC+5fLExryve42CZovBVfCcu9zZhwPpGcLxzDMyVWeF2MLnqTvtPYx533a+TKlvj7HcYPqP1QHDcDRVUii2W4tUu+caWVIJQIUaVROsKdC/hGDh8MrjErQHG5y8VqHlhDCNu2B8tbn/t64f0HCDJdQfco0LfNGEKRwGuMvsjbYmz/QjcBvKDc2vrnmoInVXhvrHVc00MkHKkEImXrfgXRBPb9PIFJ51DJosp5o3Wwj6+UbY+HHZTfrNB/FjAtBiA6lWo4rrDIv+v6qM2QNLBiNDCUkbWTGmedGiCffE5gMbZBruRKaN1WlbK/GiaOIkgaJEiQMLT+omgvg/uEV77nl9xiLHI3wU+gC/OwFPL7ONhatvmS4Z0p751kHlJGQ2uu+gIKz7Yt5nhNCBc9BOwcxpcHPL/5YxnTc1Z4/iOnawhvT9b33nTLq+66sxnJNgcAOfndV60jIEycLg7BUqHznOKXXhVg2XAG9K+4GkByZblgFyHxuNOljW4HUWEzBkQvqmijoKAReym9qFOuGKZ9eKsmL41i1kv5Al1CH14IbVS6i3RD0vOiNQQ8Z+R2yzj5dBjCnFAVgK8zIt4K3w7US8lSAkxkI+ZQLCbB2Hw6Ztc1/pJYoRKtsQ5cpsSWaDCqMnCiSf0EkcrBY4SZqpczk2uPCT8tclSf8zvEeXes+f4fTITvNnhe3L+GBkzYTwMNabzMO2vTS0b8Vzw2dFLDxWbLlzkolctgYAtin5sOGRkpvUa+/6zllFj/hYYFdpC+/Spe8T6l0hHPNd9UxrQgZRFCOQ88Y6OOXJo4i7r7epFv7UzUu0IruiQVHexuFy7dvdfM9mgNOzmGmDIOvrs1eZ9efDCSJpWUhX9UhbTDWSIAcOnN0Rvwd656iD88VrnpJhiq/fvrx+ZyT6KQqQrMG0JCdIlSDcWYIuIDeX5yNN3O9qu1F2LEO47pYwdIGn+DzcYZjJLGmE59oqYQlJIGLNW9Jzy17H66XsskDbYQIf2wqQDqZ3Pd7pFUbirNC1Wr4CcEs8K3frQNEna7FbFkJKmOQIqTsAntTEwd31B2SG2fHVUJTFjvWIgZM29AQI6ZuM3dLbaeFD28LrV8MJ5pR1IBdaiSdfsDFAUyiCTkTnvC9StqWjw+/U8eU5vMDnvOJRoaRm+pAOHuYZEFMoRSa4Hb/rn8UGONTZMWnA48Ry8REyeGlDfIGxayHvt/o1uhWTMOb3JmZ+5/eqQEZ80oLGcz5voDXEiythjACVAOGlsDM0XMmvzVT+WEkeu3mpBa86WIQBCnwUkwrTBTvC9/yTA56/r9e0KRo25HWPKOwDWQJTFbkDBbdZwRca8hefI1Pt0qU5796gmEk/u+aaaCcGFgRIBymPc5dPpFkan4XCjhxrXnWa1IatS+ELLud0HHogpgDmuGGCGINvDPRV84Q8SE8JDjK8VHAcIq8WVnej+50dcJp2A6JtfjTFgHQyqjeR7uFWqHNaQcB5/briUXTrYp/xjSC97dac/pg1vN7xYwT5jXvi2sOD52wm/Q2ahunr6DZQ9vOeyb6t60YXpEVivzzHMZ7Xfja/KUeC9L+Jy4w7OwJ3+WCwVfWaFBZlKweg2pHb8GlmsvXMUGforX10XikW0HwGWUWdXYsZ+bE1mY8OnYfNmHHwYNf4i+dQhkYVr8iNzqVbsTCx8fUBAW8C7U5oGDz5zFmVMHhbLqy8zAlm8Ah/Y2Qg0/s+qz3365f/W/3xxyOU4Z4Qf1tsSD/uX1rcDwow51U/+YBO2KQ2lNrQGuy/iwUs146njdKbcv+S3pwe1cBCyYuu/CnHQLtQ3T3nJcSLVkhviKf8mDoup07A7PdwOACODUU99JcouBmtcVb/oRrvqMrjvGHVKj0rFvwx8eN6dp222uq5u0NUUdw+pNJniVwl9/4MYyErxZ76whkdZgI31KNKG/jEk5YNqd8tBkQuFTmneJSFpU0u6aE0T9Vjx7xuCDnmymKcYac++n/9tEHzI7/dR/qpeBS4Rh/3XuOQT6Bh3lG7fLeIR21OnNZYku9zoH+z7YdKy1sM226GkJryK4fU0OkcnC4AMOmOmd9eRTA4PmYHvL5CTtBfGqeAk9mP3p3e87JeRMEn9e7s1imXiujlmp6y3BrUV8VPYYd1qw1ThGqY9/hWJKvTCz+JlZwo1/jDSAvDUwpT3KJ5KSNK//cI4hfEX16H8G2I0ZFmzL5705Ca9FnHKQ1APTrJ2eAdbCNdyezFsEcsrFTDPcdQ+XcYjzcDAUwL6m6+bwie7MiLCkz9Cv0vXlzQFqCAULEdbjVUVjjxRXi4f1FJ7JYyubtWSyr6mW4O5XXtjXPmmz8MsQOdCEs4zG56lUFo9W67kQU3X/GMLIgkDFfjcTdCU8TFxwqIeVCJUTzElAyXo2Ln8s6PvLi6SOe+N73CTKagkoPwtFCjtLg6UVQEG2My9rrA51K3TKQTCWp1o8dKAybLDKujma7BWuIkMC0p+Bbhb1Zh/9Oz1cA1EhkP3UBgX/rzxZge5h6rNYjQ0PNQDadviikCMd0JPSkDRnL6PESgpxPU7OLshs3J69ZXMYHHkU/zK4JIxTAxFVc99sS80Scuj6wQdx9diQZPI26P4PKa/AI8z1TXyx4BtdYj9fOM6aNO7BMxzagIRfxSBjIH4Q4inrAvovxgxeVH6UGyE/vcYUx/usxLQXwSiVu3N9vtHc+gASrX85YgnLIOabk32sTEJrDHg3Bvn+mM9tSAXNH90rgWiIK5jTAAuCZlth36aQZZZuR5bS2MzguNSiOhLk9jVuZdpzNWvKPYAcB5k6QrdVOaMh/bt0CVCBDoE+9MGgWWyXsCpUrYZQMhlB3b7cKCUiDwMXdt1Ru0eHbi72D95GgaqEOBd7Yvz8CZWHRrl3crgi4ESM3EcMZUuUI9POzIJ7d7XuCoBzVWO3aVnpY8+SxyiWU3bxAOdoV361BqzQdoNSNngj8fQwgYxLsAoB5Y62OA++OuLc55vs8ksCItYpniyLYBNqO+qtBru5yHLFM+zJUERLXPxWR+Y4NvAysis121TafD8Epuv3dbg5VnSk+L1Ai7tjmgiPb0JrJNyRVecBKHTv1xdSO+r0dBrrqoSaZ41lrMgcEscOYgJzQ5Vws1HhqNlhb5F5CgfPK9O2RPnNdGZeSxiEUhLkmXJQ
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926408",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eec8-8a74-446a-980f-b2dd950d210f",
|
|
|
|
|
"value": "scan_480931.doc|6aef8e25868a87de2cb14ed489f689d6"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926408",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eec8-ee0c-4e85-bd3b-b2dd950d210f",
|
|
|
|
|
"value": "scan_480931.doc|1a193d9ed78e782a6df8202d6377d847cd64a2a0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926409",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eec9-72bc-4a52-a2a5-b2dd950d210f",
|
|
|
|
|
"value": "scan_480931.doc|6b96d6b7bbfeae9aca79b65ab5abb604a3800207596354e3edd15736a79984af"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANltYkguCZR/U18AAL7HAAAgABwAOTZhN2UzZjQ5OTMwYTQ5YTc3M2Y5YmUyZWIwNWZhNGNVVAkAA8ru1lbK7tZWdXgLAAEEIQAAAAQhAAAAPN6fZV8jBBQzV/mn/X3OLf1jncYUS49RDG/Rmeecbepoj38wJ/HQ385wcXBxAGcEsU2WxifhWEiHRKWnQ7mk5/jgX7y96IoXbC6RwyZYWpXhh88xx++vGnecaZQbtTtRVd81oZEh3GRSj3SG9lOK1sHV3YNWFy/D46SzRvsMBZBfR2//LKuPyrUsGy094Er5Ee9ZAWR1YNPJl83RFo4em/CUBdmpjqPuzDdLfTriAKdFoUQUPRV6i5dtI8evaWMnt84of2wQdOQzYdbMxQNTYn2WvWl9qA8jSFtix+tZjrnV5hxs90WAw4AzfbV9CpLYHFm757GViRIZIUoIHzrVzHj2s6nBUncucQHWzQKr52Ag64+rTmtkk1JfrLgrUxM9kG1itiya6KHHkRLANce0Swxngh3hOzjNskGQGi/Cf0UtI/EYFn4fUxFlnsocGvcC/oCJDp+zk9Knrf9acIHUVlzoc1qhhlc8KJ27bPtAxDF1Q6ZRvjzshCtgQFpRATq/Kiq1U93nX+C91MeXn+G+mUvKuK1X9SNZF7vUvjWScj0YdMUh7Xm0D+CyMoupRbzbLjdlgsc0RDeRt8q2jMVFuIHTIhh4MQ9p3SXb1/opO6yW7jC9opvz9s0kqBGg0EYuTKHBZsqtb05rTxtbZZUIUZSWXwN2cD6vQczNzBOWec9oWOrlmnDTqoJrLP0Ne5BmG/V2XeTUBT/yWHbb3BsGR6JNSnBDYxEeJFAQLnA5GV0JPm4H0GctcJH+HXKhVeTdRW+jtA7EqGZA+L3iBKiZbrDqPBfmxfoLz0RujsbcsgN71h/9Xid3w/Ep17VOZ+XXsXZ9TCkDPaIqT+tNSi8mTRg5aYI90nStAr7cV1ei+OVRzG11OlPzFxhnQfgXxVofXjWeSNWrP/SO3oqDFjMzLdX4qv4TbUckpMisPAHgzHHU6Ca9nnGwejBn37Xi3n5KnjD+j5HD0UAc/qlL3l3uI256DCRsTXcxbkxJQTnBZ/yfBoO9EJQ2a9H8hcbaywlxir8iu0bglo22iI3RJHN1oH+xgsxc3NDyF+kevgrvwd4o2FLrsv963NDubPKsr2VGHgWBmLctap7LXJAx75OKGLoI+zAvXZVqyBlfk07OwVHTzKVVbvNjnsYHOXoxiXr54mRJAoDAQ9L/Z/otO0hEUU4Cu6X0q4qjVVL8GEKNR6ncHTVyuu9Wm2tvQWhNBLsChhok2xdPgLl9IooSxL9VPEmDGqLbYoCJSGrleXsOGsyMHRaZf/zyAj2LDc3LrPUJK06VFoMCx5WVO9eW8znruMd7M71IiHPBvgeHwzW14q5OJkn5y1CxdOMICnX5E6dRZJu5RgytkmqQl43/RQna++kwID1f567wUvFUj4/dJoE3us/tYxuZw+x3fBByhxfq6V1vwj4wBV8kONveonTFiGXXUU/J92gr0c7vOJVeOeKoB4ILNtGlgVFlWv6469s7NnxP7R/7G9uPgU3WKsudXyQumb/YwRily7ETee48uvUTbeLDEqb3aS6dhi2HeSnHeX0hvu00QhAXzraI6aY7X08W498+eS55S+acQGrst9OkDQqC3aCsoCzxtlG4n5u2TrrQcfvfUvNdHHzITZyyfQCcvGVXGTER1ZrWhQDjPa+D3eW55Pp0FyhDogUAmjwUfjOncYLy4igqS+oPo6maIJEF8JzpL0djYEsN2xrJ5dzgNsuatvVM808UF9JvQmC5BJlc9xfNKCwbK8HutlRKW+W7rtCK/tPKtLNMsup21t4+GFWIGZ9nL5Be6gwYpcXO/+OqM4pA9ZeTimFL0R3MMuNuAaXk+k+YoIspZMZpGy10I2q92jadTufColA4np/3f9+8IrXXo25kYudUD2/524yabHHx8nhGyLUeZDiVH8dG3EsHptCD6AezrPhrgwybKDht+PIyUzhCnAMmApuDinVTePO3OZL3uiHlzeb4dT14TE0JWmA41d9SIGoOcTW6+syGqU+uceV1XwTufJpqBQVSK0oXQo13z6GxoaeXxGqFre/SLNWzY4thBFRCKCO0i1tUh8g6CRV0vJkmAImA5rtEH7i6RlgC1L2lP3w70TT9gjzFYym1nqBa74LQNAYuIs/xPavb5PGOg3zP9qJnR79CQCbbDs68uq3MMdoi4eLIp2/+tRKDODaiPj+mUa3cgyxs39V2BEPWGBRlXFsbZsZzyUaso+MqzYuItuPUMElGzHKkI972ohj9DYFlq9gQ53+vKMEOEq1edinbbfYpt0B79hJ3aZ7Ka09hHwgopy8yjKvWU4DGc7FIJw5zaHJdsxv6SI6YVfeakY19gOeBQ1YXQuxpWMQBUk0yv4NKY486gBVx1+rIrYiP3yNaJfqE75Y2C3YeRqa2kmG0XKZDPTG63WjXrb50fjnwTCnUizT8HN94pd/Uuyq1bsGHPYUOUGB8piHeZcacUFNGjemgNdBQvdaUHiZcCwMZT5HzaPdXm9aKVCUwIr4CajkpA1Ll2wIl/Fyoce7BoK2KnQyjK26y8BT8rSDSt6g5H8QjPXvJYB2PA9EJdLoNilj3+TpmSnRY7Y5UpUcPACzmOaKfm4vNdkp6rHsjpBbvWV8GKFmvGA/92CXKSgSGc29AmpZuNBQtGQxtVuhCgzGU4roBzE+5IQ5XiyEdXxlkXA+p9087qv5UP2NDBwL9afHuXTnPGX9DsBgIQN1vAnxOKhlQyIV/70sr1o7ylez8RVRCI1JSaJLeXUWYfC3Dx0tUQLuBHldnJ4RRQPF7MajFQwhRk5+Dq005uL7JRki1lFADQqlCu+wqzbM7gOpAA2iAnPThK3fiSmv2u6m1A6dWpsMRv94/zn8bk3BULLPjME359HLV60ptRsFGWuFRFPdM1P0Jrv8c5+047oaHdDD3+YJGef+jv4HNgqoiIANYa461QDA+ihRJKLm2acSpLVkZrbTirR/CqcMWjJbKaai79QBNzzipw4gN+K3XeOkprulOeVAqk+aFxBaPduvmndnBP/VC3SIlE6nXAZO8xCB2ieBpzfLxuSRxyxxSne6//AM2g8M1Z4s6I+cwB/cujQXMMwQufPsITIXRO75hQnyyvDxPTahWnnDh+VYM91nbCBTJauIuxTt5Vb0S4j27uGOEarFVkXCM92QNx8Z2ktzwhVf2nOPj6RGEImaXABlIs0KQKLCorwWW1Y8l13kw+2p0isgiYwCkL1HjaxovXbaaLjDdOy0ACSjCZannnoD0IWglXPHRxvoOs+ZNkUG8wsTGlrsibA537+M6YE5g3ajNUsS1UuxlNEM8Z3znL7socSDlrAttxNuI31n+yAujSJLcI7ArqfeXPWkrumFc50bhzl3Pusb695YBdUoh9smVqcspqMxOxVrnAeYshMpt/AYSoxyurUanxEP3ks2qGtWiebqc+Vep2sz8KG29XKqrpayYxivJrNIIbgYQ27YlYvuwXpU8PtfKZlsFhfuIXiTpjoUewtETxuOEAvUPJULk1IRrsJZgbotL2K2D6emITH9bUz5ZFsozvUsU6YlWydMLrHAE6WsNmlUvS0Xs8I4XaSr8zpnWG78Jn7cRzAiihxyoXu+fofg4cWQXnecjQ+fNnvee7kv/SrWFg7qS+jp2L9wbcNNi0W2Yd8Kz7mXWBxlxCyWLcGk/MGYrFBgfJoTmUUx3Jgvhmh+IhT/1UNvfcFlnuzfqct3ie746CIgchuzSVTS2Uon0NPa+nbsnKN4qzhvehiH4IIZ0jXijLJZOqaFMLPAwMKAjo+P8t5B5jD23lyJdyR7zjBdkdxKAvg9+oBvFZL6YlEwcjAP+MAltkiTgfW4is1ui414id/wonO1+wOdy8xSAJi98qiQogVrD2xWtHYDSTgkF2RTt3hj38dfuqBxVGvNVOaw1U91UpyJr+KVBQOpkwrMYZgPYUKGJeAc6v4LEcM0NS7yGsO8geKmgyGx/LNpgjKQ9h/
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926410",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eeca-b7ac-457b-980f-b2dd950d210f",
|
|
|
|
|
"value": "scan_297724.doc|96a7e3f49930a49a773f9be2eb05fa4c"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926410",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eeca-7744-4c5c-b98c-b2dd950d210f",
|
|
|
|
|
"value": "scan_297724.doc|3ee68896dcca97d8c67d757111f9fb6284cc3caa"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926411",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eecb-d6e4-4039-89b7-b2dd950d210f",
|
|
|
|
|
"value": "scan_297724.doc|1190569d24ef5c3bc38e9b7e1e1385c123bca8813ba4d178614559c292b50669"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANptYkh+xXvra18AANPHAAAgABwAY2RjYzVmZWZiNWYzMDNlYzQzOTMzODIwNzFiYTYwYWFVVAkAA8vu1lbL7tZWdXgLAAEEIQAAAAQhAAAAmOd92qCw1k9aKIWFjGh5LhGdhgWOSRz/QdtK/qbVc67jBkBAS67cDHLn1Q+F3aF7b3H4WPid1Tw4nIpjnAmIGPjHfVYNpXtCDcjmUgT+e3ejCBctOgyWnUVPOE6I9MDZaqtSBlafTEZrUjxm3Ps3Kc171f1qUu5M+/qzt4jGp67S87v2CKlbgAjwWDigmRdKDiclSAjSNuw4n/he5tLPr2fdeNvhGgDbq3/LoQvSx/jem8uhweFLLv1wM/7jbFE82FEj9q7DVMAupzuZ3+LnrufOfLbc0iZY6amAA21jeoyJhrTdkV3FPtY4XLeRhyrsrxRRS+iIUIBxQbC8kV5fIQwqMgQun3tWXDqmgP3+u4MribMdchncFtfuLrlC9I7FEdm0PYpuSz97PHabyqgz7ITacel514c9dDfXZqjFqTLeX2ZicaVv7qBIR6rARFXX8F3zPlOYJRxA1a022mV9dQDE+d7UomriewlvsWlk5SsDAHiMXsVvpqyl/CvpXVDTFuHmZeUDoD/Wb0ksa+7fq+QbqX207IffHeENtlKRRnakC5eWxC9c6+fXsbkWIUoFUbxWntaWBNcY3wDZO18mmYAjwH8ZkpxQmPLGTDjx2bGD+7mWcHk5P3B+tDEfWQSnOUER5GttYON9DIpnAHKrAwozeMOxnjSNnhxVEJrUdY7XmHrk0gwcZsHG6GM0NvIKWGddUyRZRjY/AH/Yfx9E3+tyLz3uLKqUuX2A1pFYdRQWEC0kWkaZmLa9ncyaMo1jLXQTek0jJrw4bLmncIGMUvvEU2yF9wLmlc2AiFKbrCN1mPl3jgER4zEO+zegeIaui4VENVyNp2zogeqoUnPtLVz6J9fwVorZV/RueNQIZpOAW3rC6h2IAB0kgnqrJmouWuoMk+3sQDsy8OMC6cQUJHMPNkZVUPOCuwB7SUYZ8rk1Cz857ecXK/XRttjt/+sSuKmQG/fGASqLBjJy/pmqjJL3YzRMkucxOjurspLWZxRfku3NoPc47e0fX2fug2iKD4ApCaNAx7sFJoDXp5qrId1OrGpGmgIZXb0Yqyxr/plu8Wo/ilQn7Mt7v62FD99xR9z54G415RUS/RF3rrE655WsZfm6COq/1b9p3HF7ZtEYqm1HJGosuG3f6eGccBsBuTzD/VDB79GkfEmior/AlGUT8qkl/1Qt8T8FoOraHNXk7aDseJql8RdgZwEuoEG93ydbs1O1Y0V06XZtqqJNyKJslR1SO+WvAODGQU2AStVbPTMN/nqlCVD7Q5Qve5yCB0d4hkzqn0ltbYVqpiKhhs/bRW3ppwdlseDyd5rCcE2ibGmuG7EcH15e9hjETZtatldmhMj78zyHn6Cv+EHtHokicxBkTlEapFGlOHKx4/srx1SIe6Pry0HccChH0w0uotTYK3j9j9BYCljG+uUUlGOY29bBPEQizvSMztajiEWpt8yhwTENtOk8MoCFy5MLA2jGzoNImRX7B7JagLnBcAexCxIOr3MhNxBKpXYDh7DijEe4GoFxQD4cH3Lh34PE+/usyA2qpcxO4LhKlv2e4lvRMahwS9y21FGphImjtazUswZyy9C84jECoBWfhAGXYyfH9T28hsib2HcIVaF/uG4Di7Y97j0+3OuAfjAoc05WMJhhguReuCy4iSCbClMr2KJVBFq8OenyHPtJY19XLwTfZ0LiMGGUMSkRDfX8uZGu2FAZqM927wvwWrlGTXMxXQ9EefXvvrqgnRNfa8Q19bURbfzklb6hD+g6jESsQja3GG5+uWvpyO8uLX/jYQiIOZ9SHqUWWcVkaoMIgd04uIUyAvBLKtGCWjDfNmQtr4QNdgUgR/j0FpzEG17rtWZC0A/4RbGFqIcL51aufkQEw7VDffsqM8PU0+AVEKkmg8F/DmQbhOpLCvfqdXUGYzRGq+o5nebsSHQH44vb8gzL1laTyeIv9LDx6C0fdOa1JL6fxNO5oMyq/K0taBmljzoNCVWO/surt9a/7a7At1xBhSnOVKPu9aVBmIq74WtuCez9sSDrCv+ocIfZ6t2oTLXAcnKeY+HBs9Q5Aznq5wq5/NAoV4MJW2mXrYd2zBRhblcJGer0afmv5nJSbsmF1TmaTaSNZ5AfmhD60LPecnS0BDMqrIhExD55Tbal9TJh48QnT/6AbsfU66sfz3011Ee2qcWtNfXQ2oywCWDXZBfPf+b/JpoIzdoDfOxP93OC8mC/lI+FsamLAZr0JwLk9sKEgf3RRNVA1cR8scIN+1XDFv80vwJ6LFUzZ9Vo3KJDkuMJkTPZpjerAI/Mm93JDDW/56DJSx6PV+XdFI+kpHt7DzUtkDUXKP51PXjKeCQrRGWlMxvGXUw1MypuaEpmbRYop0WRFhffmvyh7NR/cDcdkoy2y7lAfTH0a0H/5T/fUEpYyds5sNyw6lwd1KuuyFGm6kM/yLw6vQzIk5+YLRk8zPaQ5ZqMtg6wJrCnBQVGVHQT/1e/Qc3nXAhIbAskmHleJYx3P9+yD6bgSLzfDXL1LOcOJT5xp17IycKv8/bOm5siu+17KC9dgUPYTzXULvnRzT+YoxXwLMpUd/bILBkMa3/vtCMXingxz5ex2kRO/qKJM9OpLU4QkUkPg0XZJNhfQWLxnz4hIJBkuFa6w7jv0rKTaY597byMsLMAU1PA/X1qTDC/rvnX83dluD1mbuRY8AFjd3kuokJ3sLIU8M9Al4MCA8MQtI1oFYd68SRE9DaqDCRojdLBQdOQ9GzvcD8kbDtiulB7Tb6RiGDjjffnyfN2KsD/Ef1UJfmy0aL6645UmaI0udYkEGL4fO6/XxQAhkK3MMg3GVg8BsItZxyzjiTAFjxrj+FuH4D/pTKvnc5oEACnURQeOz3m/hP5XDf2Y2djgNB8nprivVs7FB7RsybrxNhbO2YII59bkMXpHTAt5rTH7+iYeyhYUuDC25DgKIun8eUwxzdVeSB0NSn9iJ0shhWOX6l+SiVLpii+HiKEVM8QTGyaYbIk2Yx0hQjo/5y8UzWd/kKJqwOTazgvWVDuJ9OrEBLfAYsszXTlNA8LEiqBfPnRbI5v518dC5tsUGxtfaHO19nkfbeqf2Psv9cxhscf72L40myENuHqAB3WfdJaZeU5iiJlGTYW731HaWJr0BSTJsTQVLYwUxtd5+XzsztjG4/baLEtxWlHinmAOd+Ey8i5pjBM9BHmV0C2GUW3SgY8Kz6sr+tbNVHk+tmMkNo8QcQ9u8Cz45S3I3oSRCJQfzzJCoQZnSr4R9zEB46r5A0sNb9QpRHXktSHQKCfKkIGrsMjkQ/FASKnTu/au3H0IyMh5rGCUMq6Aa5bRiaZ6xvY2L6y2jAd6OTz29/OmU5QmHj4T2JPYFTQr+5ui4+FtGW4043/lYrTYWEE1EkcAKPkfMsm0lgj0emsrtvPrH17K57iJwbTpVWSRybk2oDR8qSJC9jpAvBSZ223sGG5I/SZRw/QDIIL/opdHf/PMoqmfgF/uXlS68WyW67+81lmQkNn0hkizXJpx9ptpUhcDvPovDn2tlofBskm7hX17jLcwZ3Jf556PzsNzV1IXgtctzFWydiR8PJkbpw1QTw92J4RDQpzv5PVKpROdZQw9C7u1FGSu+pwJD8MIWgh6l6eAIr7NgA5UC4qaLjmNgo8SdhOfnCBr0cDc+G7UPYJrRubZ5G6da51EX0j0yq1H+TXNikjmo9GqM7NMAKwPtnpUnuICwbsRCfJEA0FDLxYuXPx0VRz2oyAs5tCijM4BTMT5ARXOQTjuG74Ly6tKhwMWoQBwuD3ulF0q9ar13El/PhJa+yoKO4wjc8C3rqj6UyRLNr5RVKHXiz2xgBrjlOYFR/rIy6p9W2cPnfMkGDrtJ8ZwFjdw/M3ivR8qCPtPpgBYnt+jjgBkt1VB/B4wXNKl8dXcrKhyctLmsUWFdptd5FUEL7USsHT9VlMCnckE68unCz+Zd
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926411",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eecb-c108-4fd1-a07c-b2dd950d210f",
|
|
|
|
|
"value": "scan_253848.doc|cdcc5fefb5f303ec4393382071ba60aa"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926412",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eecc-d210-49e8-80ea-b2dd950d210f",
|
|
|
|
|
"value": "scan_253848.doc|8d12cb55052226f78b20d065694b2b250b7f8681"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926413",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eecd-9564-456c-aa1d-b2dd950d210f",
|
|
|
|
|
"value": "scan_253848.doc|caf91bca2e0822ca1f35578231d43290357d3e48abcb6a032a5d19c00df504e8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANttYkifDT2czgkAAG8eAAAgABwANjFjNGI5ZDNmZWE4NzQyYzcwMGJmYmE3ZDdhMTAzYjNVVAkAA83u1lbN7tZWdXgLAAEEIQAAAAQhAAAAmOd92qCw1k9aKIR6WU8DXsV0kjT60ewa1OITCzy2EgzjOXHqOWVTbpuBxxKnmW0JyxtXfhdw6VhoIM8dYrrATXEcqgOLdrQ38sCb/kRwRp/CQYF/kgWsN88cba5bOqkz54r8cFef3kMxpPTlqG0W5MpsCZrQCJkkEK0IsM5b0rgUBXEDlU0gx+Amzv4kjUpjPEXH7pLwZmICxblbXPNLrH6dTmdMmtsksMKl9DtHUa9vK9heAzBK6OX4lg5/TCtHlgmblV3Xi0tj0eCa9VQYESPVHIzV7UBulEWcxkjLJaIHVrEFBns+SZj5kwlWBLiWR2rCjgBaFUUfyxnE+HSpGfgmcSdJzp6mLy5a0x5w1mRAH8OmVWJRsOVi4VIvYlHsu/yuo8cEVkVDZVMw2W8ZpfDUFuBTcr96e/yqn0wT/ReDryZqpPfpDxWaTiWvhuSpkVgyDYHdMPqDtopOhkgI0t5PjR8Q+yxpWAeuEH/Ad4S46Ax9vGs7pXO8n6bi014cAEW8HvFcCSA1ZMDZQntHiOwfYTXBZ+fG0SwZVuVygak5qi+o9w9Qc7w5hOLz/XKB56R1CQmTP5u/lQqKBY/7/K9VUGYhlet2tY6B/cGq4/3GIKxqh1jig2ugPnnWldjQVy/9svTsFx8h7M3QqlRx2dmYLZtHK+Qkzn93QZgVC3SW2IqhX8wzisRMHgLq5HZCBCu9rU8szakzQ6rHGwoVD9SiPTOBQADTeQLNoEMp8iJgbuz4Zl/mmrxRaOEHp28rGqhS/NZmk+JFvL1VO+cBxST/Eg4TNVrBjqqfA9DL6CLfShk9IK0TY4eDu4PrpGHPT7kRUpwsfsEkImx6pxXyYTcHpUHfyo16KJYqz9w+O9YMNJxCC52yqcHJ449gwPZpywxS7b+inCjcCcwoP6XFU2sdNKNmVPDUj20RxuWoW+4r1tpnhYP3V9YzzCgABoWK32sb2tBAefu48E+BY4IcaCVAqpJy+zgcLBHORGxmwrIzBVW/7Y/MWZgNLSURTX12xTozcMP5vYx8+ztoXUE/PKv022KhxCCDPYnPLP/fuyh9KrYBRKyAGbl5CvD9CGz5SCMu+5PYt6z/2yJPly0j6bv7kPBO8+ZvWoAdDJJMWjtUTO7bqCm+315dnZKiMMKQummgiYlwiOV3Va0OE//iHJZiaP4LscqRxuQfCA+PE8ueK2de+zMzU32N94VBUdlpClymETz8jCwR8kx4Xc8meXi0HRKJE/sJDndaBx3MO7WWjjzoPu+j2a3xjzmHXV+lrwG9TwSOIHpLtUmAc7CwPYL6/EKu+ZbBZhuqIvIeMGYaAlEsTremho1VP2QRgFPuODAtJsQ6t3Tvza+L/T/VJUpVemrZyqaENWuII/bBIuQ3ZlZMozLncHrO7X06RJsQJBBLjNNDiv86KiToaz9K6GpdACUdZAYwApo3Pw5cvMpvSTmB8fpE8HcVjnSUN4NjXpiNU3Uc0n5hRprK2G933hqb+Ymj/mfFJ8b6hTu0bPjlg4tmxJSV9RUHcQkRIdPBjAVwo2oww3y60wmrVkJ+fN31BX+WMdkfxvzQeq1SOo1+AHxHRihwODJ8pAV7xDgLzSCJ+id9VH/PLm4b3rJ9eQ/tSDFO6jXW3Is1eTMctWDoFFj+Ew30a6iLWF1kg76dZAWgmDel+b4PXNIAhRTDuZG7e/UfP13BKo9JevzZ7pKHfIVvsiVWvMgkZ0x3VNSOOY+jw4bBBZwE8uLd3SN3IZkmU38d/FyUubHqL54rIsShJ3FRqitZZYBj20ykfoNMgyQ7MB6d5p+dUxeVUUtVTZxPISis4HkjakKObCYDd4ccBNFQiWcMv5yHLpXVfthwmYdgPz2z6hJ8OHQViIofjswA/rh0EzrWxDMQkbS/oyXzhE9BrxrXXi9zgCQD37tGzQoVxwsIT/T6qfbNafQV6Uz8EP5GP1NGKOlSpuv0fFIOUhNmo8zWPkN1sx/V0MF96v6K+YgEnmubCc6z5ppxTH99JnZru3/tx4oLsep4DhV96NboW5yX9VNbo1dRpC53nyTTsbhSPPEcHryiIinXXQZFVXQOJmrwMjraQ9ZuVmC7xSd0bY/B3KTz7++7lGhMOPrv+Ccif5a49RrKmbOGrgn9+3C3yJ+nt0bBenfa9XpojxGSTA5md55bQl0izEMsHon0cgRTZe9GpM4HxByKSsA4peMJJqzj88UaNLtlWdCxJQ6pI+A1ww5UQKoWUVfFV1Yx3Gn7ymNflfh9xkE3DE1/nhwSt4+rcHSpEkYPav2TG4spNJ1xQz8gCFd4T1m9b0pc7gf8vHEkwVLrjaTosATkjcZ17dYBYano0ygAsOEwtFxkZHMaoa984JJG/n3DU9OTcJoi1bEc0ENF8miL19UimmUVE6r/qZaKG08uE40oZVdO8g7+PfSFMC1qXMmrBIExcte307K5BuK0/fuGLjP6U/Sl9DJK6SXv6ERTIPG9LkIBTAsPdSqlg/s0JZ+VtQCl0KfPZuFittoq9fCxSCrRqHr9qOnxzPa6kZDE3FzW8dMpif3ZmtybudndWsPqsqzhF4O0nuuEsP9ZkRMFYFLjUNBVdXXpubyBxuRH+20qOr+0c6lIJH0ulp1XY1nGy3nxAIa0sRtTB+T8JufYYoq/maFWe4KXQkAm8Jw8Hki4y96gn6yZfcA4Q+YAFvsOEGvwCLZlwHEjyPYBv1J+KkYeHuPSILHO4swKF7rzz/PTb9um2aaWo5mLQj/n6W4WOwuJvBrcmOMLP4hpNN871ihW3hckDrGl+Kjdx0Ypaji93qtkmk6fB+Swr4gM2YO4teK/4Eq4ch4Ziwa+mb7+WqrWVRYlkfFh0zg/QQ56nTd8qDGllYTN2yO2faLHrN6HsOboLVlmzw2nHOoDi8FtFqAz5BlIoE7ufSLO5sz4ZdcrlXJbxiWofG51bgzNpxDAmNxioM+foc9/q399V74E2dKTt1HQ6Zruh74MsWa3WJgilCcJfL4LRZPnhSar1vtgFS7PTuYq1UJs45jB0pVgYrOI4xTmSrJ+SDQCdUhXtlUFCW3LNayNS/07/+VmouYBBzBvIDw0dtR4KV5GwFwDIgZN78/DBZN06BApieK7PQ1KA3jWWkGTkt78NbMCFhuOkp74XzomZlnpzUbhLj5F6C6sH5siHYiFtw1Udpkx6SBfchY/gyBJ2ISaef4TzI7py26hLiBSYMEKT/NEIx0dn2E1hlkbKX8Ma8m5LE1LqfqwquGmfs7Rlfb4mAj1zMeq6GsMfA1jS0bTUGn0BVZqazGyri56jBp6vEnsmmsnV0NmPhyp+FpKSrOsQV+MrPfNCST+fC8sJyiM1AxGochQSwcInw09nM4JAABvHgAAUEsDBAoACQAAANttYkhpNVf+IgAAABYAAAAtABwANjFjNGI5ZDNmZWE4NzQyYzcwMGJmYmE3ZDdhMTAzYjMuZmlsZW5hbWUudHh0VVQJAAPN7tZWze7WVnV4CwABBCEAAAAEIQAAAMfpYo3V99p48O8jLo+Z/wn8SW9NT8uwWc50VFe/T2NchU9QSwcIaTVX/iIAAAAWAAAAUEsBAh4DFAAJAAgA221iSJ8NPZzOCQAAbx4AACAAGAAAAAAAAQAAAKSBAAAAADYxYzRiOWQzZmVhODc0MmM3MDBiZmJhN2Q3YTEwM2IzVVQFAAPN7tZWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAA221iSGk1V/4iAAAAFgAAAC0AGAAAAAAAAQAAAKSBOAoAADYxYzRiOWQzZmVhODc0MmM3MDBiZmJhN2Q3YTEwM2IzLmZpbGVuYW1lLnR4dFVUBQADze7WVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADRCgAAAAA=",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926413",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eecd-2e5c-44a5-9376-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_xfjgad.js|61c4b9d3fea8742c700bfba7d7a103b3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926414",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eece-ecc0-4e34-9203-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_xfjgad.js|e3c27ae2d3b0e409e08948f175601502e45f9045"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926414",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eece-603c-44e6-987f-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_xfjgad.js|0f72f3035ff7cd4278854ab0a5e4deffa7bf41b5276558916d1bd9c48101dd27"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIANxtYkjAUVp3gwkAACYeAAAgABwAN2MyYjNhYjg1YmVhZjQ2Y2M1NjlhODhjNmU4YjU5M2VVVAkAA8/u1lbP7tZWdXgLAAEEIQAAAAQhAAAAmOd92qCw1k9aKIPaIjL88kgtC7rZ2jbXXaJZGy0sAvEW4fBleBFjHW/nxez7eZB0hfwwDmcnzOgoXquhb2wi3yzWloaByEmTKBFiTuP9vrpxQZuUjT9fGZPqe5CkBP/MDSeM+G52IhtStRt6I4BucW+VtONB9C45jTBAcyEtexQd0RSlEEEraNYn8vRXxD7xcuZ2Y+SQmMVXt5fKdTLvEAKJGUBDEJFX6/zg774EYQc4iAgQz0nYwg3b/m4nWhu4+NjQn458KFkd9YhgG++6G4TdWk6awTYQSDHi58eM+sjRmmazQJqcdeIhLJhm/BcxqxyaSn0iiAg1dShY0R1+YG+ldjwTnM1pSmVHz9VW5VDLEj/1OZIx3/iBcxCyGQevTJ5klvRjnCLcFhawH68zruZFwLPp+oKeXddv+PQIYOdHs6IkyMA8RNP7WU4IYqg9KHSZHQmLmReuCmCIFEDdbDx5thcO0AFD/O/LXFtKMCvK47tYopZqd7CYoe9wElGSBzocpyx9tlIHIw8Wo6hY7z0cmyMvn1f8ARXtc4MsYPvY0ke4uvypQjx6zXXKiTn+FK0WoG1KclRiddOTAaDrhxq8yJRb6TnizHY4PRRFZlVZoYx3nBQ73pmOEp+KEY2rwQqZ9Ib5E5DxniBQk9ozZ5GjV9nC0RtbmOsG4e2OIY47GlVn9/AoRroFl6cfYrEI/hAovMwuBQASDLbjIhfgELtWPPhjQ7O4gqXwzBbC4mxy9QgIuKNP7cZ2myfz7aJHaY+vmm+Su0KTqI5tZ+jr26WXWSsoafPwC88aJB7x6KLNymGck1lPKg3Fahx9/Nz5+BSSRv/phSSdgMiqJRXF8q+RJ9l2EncTNUD5QWAQwm16XV5qQPnmGPb7W2xE7nTMZXtu0FEwJjzTH3yypnhWbnAcNW6P3RB/p3TN8fjiVeSJQagFHRLdMYja4qbp2SLSNC5GGoGBnnJ8IND+4L9p59Xm57WSrkjSrVKiYD5IYCqm2syNdSR1oy+BvLWwWG6vR/f+fYPH6xQPwJW5GauwBlA0kN+TLRjWP4Fl4/d0mnX45lBp8xvqf/grNEbKCYq1ZQ+XAP+W0KFJ3Gp5hDG/8FIiEyjAb1ropDVDhttkpSQfUdHfQBUOrqJrpK6hUsTM9oSbD6b8nSzWhKOt8PiQ6Gnw7h0e+ztLuMZdlcP19MRwZCeA8T4vUkp/UApOwFp+F9fQ5E1mMd03pk/yrWdFnyxsFDOcJdWKa8N6uotRTprMOXodKDLLqtPmELtxcHUghVp0zpYo677VuU41TkkymxIY7/9wjho1YST1JZOy26VbyYnBdhPvUmWUfDp8mqQMz9d1q/o2xIndjY+AMLaJZXgitFA30WPxoINhRkrv75Mfnh8bb9ro/xzPAQkyIEtvSbv12IYRyrcxHy9TfJ5yZEWaIG7eVihdHInNeexYzyhvSQ3WC7OA0FyTalxcy7qrHrMxR8sctqkn6r1H7SawKZY1vsNq5CM7AgrvW0J8SRysm5xZZP351r7GS9POlbklhKh77z3Z04mRiuMFr6tWIIFw/EnBlhQ2NZNNHu6ZabnbfTAp55jhfoWrCIrBN7EZPVfjovD3a+cyo/BASJEd2mM3PvEzCzgRiE0grgabZzVAZSNqkeF1lkpujBmYZbksU3N2DjOuCtNVqJzWyf6Za9ysERn5mzMlHJZ/bXE/pCoVktnrZsb28GOvpbeCu3n4kX4RCs/BwqLYj5QX/1KPEQAc+4P8W90c5s0FfKZSNtkrGtplYI+/0s6VC5FnIzbBD0xvxsaJbU/xmnQAvrXWM2LWbfCzJdMRDf+ydk8LH8h/A/FNx+/vvv18shOiEm2Rtl1I/w33JlAsRteoqEgt5ECUl8fZjRXAgjTUhCPuC/7NQO+ARtaO6L8wCOSimcvqClC75E/sWzbFjHriKDW7MD/rSCzRl8zhfXNAN+YxpO256gpa5TqdcCE22QnILtbUnGE0lejvDiFXwdYU8VV1Z+6gs5n2H0GHVjeJ12SRD5bXP+mtWQwCOsoQ2Gd9CDV69kVQeKjzvraetSUPWoNwn2eOePlPc6vnRuudXzN68c34Ig0jwhMjIrBYCOGnPw4jV0z5CxiPFqnvMErpUBcNtQMRlMPQmUjL6hBrVFt9uvbVOhctArsTkG52ybJGGsl8l8rlVujiP/Xqu88OIySSndAVUR8K0M2Ewn1dRfwGoQieJg008cQ6pRWTh14PvOYrNwAB8Vg3BpnAjPO4s+oTaB7fSteze19scmCKeQEyIjeKpkhrITytf4Q3X58uZqkdXTkBvkp8f39p78PJKjbKK/46BteBpDIubVuLKmOxgqxQVviHH3vQv4+0mjrYtYHVQy9zd/fUsEr7WZN/pjMqHPVe2EPOSmmTWcS6e76hZySIkhzcLARDKiFp+4ZsAS80KlIC0JZvnPCXmh6uYorj3TfsJdO6AqXLly1F7LOArfNWdxT5JSoALThGhvkHBSUaFyw8ZYAL8L12/SYJlrAWILkU8ZboTmXcRguLDND1YfV42zFtodnojLgV6TYY68k1k1UYjCwHowjp8p6hel44BAx7CnYlwMq6sQwaHwLmu+8GOlXixTP29xu4aPirnCIGfW2LAmBAqYaFROZYARt4hzTdzJFB5DdpH3eTY32hLE/sDmbNm2jSm5kiNYRSNNqIFB3jQyQHYas5akQkuD+MnUxPMaOZss1StIOwiOpIYrgEEuo6FX9A9xo7nTWqBaQjq6Z7g2S4lCpd1ntelyG6avDoWOdAUpOLN6VUJmelLruVVgW8PY/cak4dJoTYDCHfA8pSNIs0qhWqLj/zR0tZybFEyDSk0+iD+bnD5Ej/+LU2zkN+qlxvHwABoEey6Nq66BJ2EjDxlgW2srnuxFaBAEf8TnlpjB6eURcDgIbL3VlMARloCxdFfJh99CZeGE0cFwrswYUPZib7NlHrnCJnYgGSFFmrn9YAEl5WLS3ViNnx7Sy1i+PtoOHHabDJgAC1WptnVhnGBcEKIsW/d2Yh0DsYl5Amhbn8DpUogt1r95wupBQcSDEh3xY469lVDWkMotGoP+kO2r+KIHQepP316KjXEVYws9T/Vlu3q/MteUa/MzAuNGb3/gj756pG4LsQch0WIt7wTYJM+5C4KB6wMWGRI5BtlBQU2Cv50FR2NckaNDxjrsc73MOaop7ATnFjQMts1sKYVlignNbKpc8FM07InIaxl4wwv3NK5/mUMuuQygFQSwcIwFFad4MJAAAmHgAAUEsDBAoACQAAANxtYkjyFN0wIgAAABYAAAAtABwAN2MyYjNhYjg1YmVhZjQ2Y2M1NjlhODhjNmU4YjU5M2UuZmlsZW5hbWUudHh0VVQJAAPP7tZWz+7WVnV4CwABBCEAAAAEIQAAAMfpYo3V99p48O8kDRUX4JrDGFqR+lXjCql83j7ba4qhZkdQSwcI8hTdMCIAAAAWAAAAUEsBAh4DFAAJAAgA3G1iSMBRWneDCQAAJh4AACAAGAAAAAAAAQAAAKSBAAAAADdjMmIzYWI4NWJlYWY0NmNjNTY5YTg4YzZlOGI1OTNlVVQFAAPP7tZWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAA3G1iSPIU3TAiAAAAFgAAAC0AGAAAAAAAAQAAAKSB7QkAADdjMmIzYWI4NWJlYWY0NmNjNTY5YTg4YzZlOGI1OTNlLmZpbGVuYW1lLnR4dFVUBQADz+7WVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAACGCgAAAAA=",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926415",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eecf-941c-4d76-a2ea-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_I4PvWF.js|7c2b3ab85beaf46cc569a88c6e8b593e"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926416",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eed0-cb88-4fbb-be14-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_I4PvWF.js|935012f691d8f77e906da81a4543a28140b25759"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926416",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eed0-9b1c-42f3-9617-b2dd950d210f",
|
|
|
|
|
"value": "invoice_scan_I4PvWF.js|aff055a7bfa22f87152c40a31a1dffa541854f4a21bd5f7d9f4fae4df5c40f16"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBAoACQAAAN1tYkgxpGClxAsAALgLAAAgABwAY2Q1Yjk5MzVhYTc2YjU0ZmM0NmZkMGEwMzdhYWYwYzRVVAkAA9Hu1lbR7tZWdXgLAAEEIQAAAAQhAAAAnWJHoFLguDIlpfgHJ8hnhdqAYZWJmG2SXmAp/QeuR2Kcagn+aIK9QcDgAIhIA+b4Z/K5S7UaVEnqrnTZeRjzKpdGZDilkyxsek22GxR9/uPa5eTNnTkLa79tWklGnRiEaSaUM1HMhNIHHJCCcrEsx63dDeDCdVqKfFY/aKqnfu6WmSSg0U5SfxKRk54pYaH+PduMRAZAtYLw29yI4vLjo0EEyyNOcPoOUb73g61uCT7b9XF1B5+/Hqqe0F6tZ0u9oWCTUG9fMXqd2yMLnlKmStlwSyMSkWDEcRnK5smo1g+zFDi2jr4h9rtNqsvhpLSRXynGyl7K2yxTabt3EVqPawNR9dQQMpQrbalxvNf47mp83F7Pir9muKmVKmBFgOC/ndiv97IiaE7v9ez7HodamPJNFjGOf9xEGStlApL8NwE4bg5ylEAWT1nldn36haXmE7HMCHZSAYeu61qwFX5ye3sR2ttcHyzF2/MdtDHcDg5nS0DdUfezba0vrG4KR/aRHwN7omGfbWIHgqDKCjXJurJcg5gevGfYdG4J6amHWup26Rm9bA/GC+aGbH7bibnzL6gX6dQjCkS/4kG94GqxgWlw7g0LFt54raVW8lcdJ1uW6sD1O5FtUMwpF5WRAxgtQdQDlAlsO6LROuOq6C6aVSCCCwvVKDVUUO5HZT7tevBcQet2SuSsa9d00nsXoyQFHiWsYtRX2Y+Ge2AOCPPdUxsYLToRk9W2luO4BIZaqzjg+9K9/qd+yOah3jb2y41cZ0ntXvsOoxq5d6QlCQpqKbq5hUl/I5sb6EUEe72ZFjA3ehoeSEhhLUK+15VkMzYrKM9aFdffdU5E1aEPsB/63VvKsMeZo4tCRBvXQSl3vNoMNMvuusKYAfnE4zxGOqxWsyN5o5jwrsTA/pU3GeNeB6JOoInLHgCku41YIvEzzYqbgOcU8ujQ1PZ8QulzhzJi+YRN79RS3+QMnrHfL1JiDV+Z4u32WhoUmPPVNo5oXeUpIEi+byxE24cNQbhoiAcF6FVmKfgYbSV5ZvgOckUhFzWfWi6PgSBGc4UETBX2RD9l5REJATmtGu/ZYk+rFCI1gSdCWcHjnKiS8RusdPO8zhA1VlQ47vhrr7F9b34LHJd9zDayH9c+3aSnWxDWIWsbYrKF8cknm33K9stoqU8lJWKdEDV4KSqyJIf+m5BCrEqoADOKlWtTLdMqgBUYgl4X8dR7EUiGhoZD012qVNSsqJyJtZXjzqlMFsH2gKkHev75Si58y/fU2Y5ZeZ8wLJuY6x8SjJIDAeoD1zzS35xSsUjn7TOhyQEojSPN8jj7BMttUz12FXLPfNYHdmedD1DnS1RPDmsOtoP0nW8+iAYCEjIimPkOkObLv93PQJZQ0m9dK+tdF4KZm3nAsmdkJsh6mT+nn7+oCpc55zenI5Z7K5Hy2VX4PBY4uDqBf1H+vxd+Q0g6oJDAcAisydrOJ+P08gcTTDez7L+iHcOnvEtxAoF/NUGv/kk97bdgwH0RzcxH+UvIutYmF+qimP6bYmsMcGcTv0sueI6EI1OKJ+PRZ5Lsm4qZ8BBdAtzsrbJNFkqlU5gN5ixFPg3pz7Q/aAFUo6GT6kr+zSISjvB1mk5UPdQpx4HQ+3Mz/U0sjWD9zuHy4XXzJodQdX2arIUbpQD2P249AaqetdSZb9wnS6Q48c958/GWpTVmD104uWZ/lFXXm1ETK30iuRRyagHzrPa5SkjDt2KDAPmKEQXou424Pka8wMIMnjKrLHHl2DIrJpViCssWWQib6t8pO98Ob3mxiy215cmrl2E9lTX0O4WU45SObNDBY+xJhI+02ypJwzuV+SkWA8vrnGk+/c6y686Y4nJIi9VFiuVlQufghg9IigGaGYrl9c8ooWEsjuQ2WKBmEzWxe3EkpfTxL/V4T66oR8PSCPH9xshN4ZirgXNO1Zb/W4DNuh3LApcntjXVldgj7RxWjnccCvBp90umMdHJULDa6uum3uZRZKDL3grvLIz28yI7oh/eG+ILX1i0pYOjlNJ82htezBbb4/fvPImvjshRQ+DPMOo9LUCgn6sTwBvgLJ/M0DBD5zYufvPB6KTwAo3A7cgIFzPDskd1g/iZLvwk2hIRKHK5auUi+sBJvTwlFaebZXCbIWgVmyFzj33/OuP9jfvSlv889dQgzBT0qZbXYm/eW29LN6iDrcpTVTmNQa3wW3EneASRASyydXQICZUJJuJ5ljtDRJMvbQdvB1l+LKyRdHS3ors+KTVQOTfo9gBxdtuQL6zY/hmzquQ4dshOiuqMmtKsLPghfa8MtVkl803Ig3ZwTWkxG2cz8ZNZ9SCSX/CfggOYb9huHfYywpvs7isQDeofIfGCvdTuCw18JsGpBUe40+5CxPVh4W+MdmZcztZ24qVFNu3PFA2YSN/zt2YmLqnY0lVdYSEE1d/ji42mfz5NEVeNueVtmhSvcpnUYcb8IqKObsAfrOTkG9p7cvfdlczzCNPX0SXSwgWKdqsIDmG/WYu1dGhJkCkVyeWqLQIoKRRVfUgrWyB1QvOq3nhGS/g/rcHt0cAFwegcPUbpjqbJ+uIrfHsCOmbJYx9kzR32wJOAIQD2k8ixkZMZ3J3vJIgiGfSH3ekM2qhbACCMtFBJk/vkHelt0DjCloo1pxaUqsksLg181mjAlvozpvZ44yEbs0OpPzRVSYI54KRR/wo4DEzNZwkv6j3U3QiT8+JH1X9PSDVV3KvlCNxiU48+UJfVkqK/0Wb/kRcfMHhLfN1S4TPzVVGWw9ahu85DO4HGYGWqS4gxXu70fjNvjZobypLwWsB0hNp0zJ76QcANbeihzznAkVjs/MAA6hAw5rRh4iYQzEtu2eWInqI4TkNAsuXFfVQMbN6CT7Xf3nePz5XaRM3jh17BtnsGiOH9dCJJ7J6PpG1sDwFr+sXvlVXn5sOB57K67QA0wbsMu0nrCfZ7gZgCUB2+lIJ4DjeKGr5rEbxMdlGUu5RRzFFSrU48v0AVyITNQl2uvephKWlMXqSrYi4+9ZupzDIkyV1/65n9eEhcMcgptBRcWHryFiiliBKXAM5ZDZbkgrmcEcjTWwqSaArH9m94lt5WG8C8lqRo8dswi1gqGVmHrfoVPdHJIPxzb4q4V4CAC3xhuGl5/6O9dU+6UlAcXcOpMa1a5NcfJpcjoypfAYZ9MZrAWLILLZES1zD4nxLpcSiuGG4Snh/EiZcni2qMT2i0qQJYchQHGj6d1HfO70lhgY3AF+0TS0QvJ/5FJXegSpnQM9/Pv3AKm7XZ8OXE/nGJY7hJJG+KwEumadiKLJy/CiBCB4dSOLDzdZhcL4aqSaDU0qnLLjMnKK7ztxfGxqZ75Lt3clPYkqReXZtcBWQKYwthUcm4UFCP/S1N2DOOS2eTPIwKnJayaNbY3P7bWcn8bR9PTlx+/BzLQrHbMuPnKSOLQaspeHsF/XQ4+lrAUw9+LtO+DRSyX2aAveLtBLANWVEOWf6hAtfKf6zpurqM7jUFxqME72+kxrRn5r3Lf7vCZ4eEo2fRCBIcMMgm8NFlG1iGSebluvk9rshMiZA+3tcA5BnyL+rhbG5D9/L0oweIfVSIODFD3f53sWcKlpSJhK4YAxusKlug6U68IshUym0FJ5VEnN/D3W+8CtculGyFTQKNRj4HBJFwwvK8Zb6SVGcWe4X8EI73FSUutvsHGBRKL5gc+UDyj+2coytd70tspdFEqS+O/g+S+4fe6rDwBcQ+bkR7ExVnEqwqvAGCHyS4cjbcAmHj747VgpM0q98DqtB9BXzoOHLa4ghMzd9Lf0+FLujTBrOVvLKRDdUub0iI/KGYVWRnDAHaHnRDM0JkqBGSvYBt+sx2BfRXATJnlgUlIPA5ah/suf6Ly2oZkitMzKovqwxRQkCN9v2gFm7X0JYonLtHPwZzIl4iVe1onyL9haONTq42PlcBX0HFcH4GWf+97s
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926417",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eed1-7d78-48e8-ba6e-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-96115411.zip|cd5b9935aa76b54fc46fd0a037aaf0c4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926418",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eed2-2880-4e5e-9775-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-96115411.zip|ff6f2b2fcf92e2b66e5de1874470c80fd54ca43f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926418",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eed2-5b3c-4480-a3f0-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-96115411.zip|2659b92943cd12a1a7c2fd6263de227bcd67c7d3469bfeb26f1c3d2ea99b43a3"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAOBtYki2koAkYAsAAFgLAAAgABwAZTcwMGM1NTVhM2U2NmUyZDFhZGVkZDg3ZWI0YzgzYjlVVAkAA9Pu1lbT7tZWdXgLAAEEIQAAAAQhAAAAnWJHoFLguDIlpcVnT3NKuEMSPn6Gj/8hW1A0fK9+EvOYNwGXtOQ/spUNI2P+pqVOhDqNwc8qJk9QuGMJ+b1Ym6tQLY8VM7I7zKwHGsWfg2Br2h2hVvzjrliw9uY+j7A3dZzkJxsKnrR0PsZP1MCtAFNlpO2qwnuf6wsFZcgJSSxC4BD1UKAyqhEx4/L69YU5eTWabTxMAuWInsakihxBZFqyiqp6APctYpUCo9ABshKp2lehDMOPQJU3ANB1251WAkHhVBLZY09aUceAFOf5mGry3NXoyq/j1LyVzDuCZ7Q0b8ONRA0KTyMpL2xi1yOVr01G7TGN5B73qqFTVc3R7cwfMKzBFYwnqv+zyWpYE3Gb08vOwVvLVL2iEq8XuCwfkhT+DWObE4ufW0vjYw4EpVeHH+vDlCegN8y+l4AkV4GREkzbtFQRaVidphWN+U+tyKjR6l7HhV+Xo4bHU/O0uybuib17mzcxv/bVCFFhyj72/gkTY04gcw/7ZffOrALI+0S39zMGrs2+tkmLUmqUrfCFHLZMV7Y4oT/m3yN/7/9mcnGG9J6AWiCnsQbvNVZ4ZYOQ6qOYfzFKJUZyDpZ2+IVC6NlyOGml8H4H5jE1XlDVwJXdP9PfYy8BgO7wQfsQQ4765AamOSrroeBqenX16hcdMuiXrtlAlaSzJ/7dsxhS4xh5Cq7zJyrQ+3Gfn/nMDjPxtQa6ys/S2L7BR0OYVdzAMYJtk9xUInW3/K4PW+2hGfhmEBq6f69t+xkeBEbpsGbPua5gwQWL5JwDDcD3laxPspcaZWXiniysz1Y1+eQxTiVxr4GQQHyqhVfLwE607NPQui7QUDFbQT1aPubr4P1q0gmLcIRNwlcERxwIVfRxkDjKG3qM6E84x89oJXox0EWzulCXysN2l2ZmHcxkRZG8XXxIo4abcxQ9bq2wP9lfIqV1gRkSJehBQlMBe5YK0Cd17Vja7zeByvNmjK75hucDDqWTL7xIRikPsXofvgdQti2f5yEPPDXyHXFHPkLdtt7WIbx9cikwm4Z//OIg5OM7gSADzQ6stuwonzJ6sf0rH2cy9TrZ0I39SXD4QrwNhcnUVQn0fHmL2QtTo8LidxKwAXFlMFiR/vd13MiKjT8DKSTRoBPyjukUlH2r2BkFdEQLHghObyuuofdgt9isNM2y9XsIVv/D3qUXVjbbOfox5QO2MafiRDokGOnfyDWv77DbrjtjpApkF4qOrTyFgzoLGrb0nyBBUulZgmQEvFHKspxoY1/wJLHM6QP+16p+5gfgsNoHUPe1bDpogxT8qjJY7xutX14tvv5xiVzWG+I5Jz6TkaX7VfL0+2GKLv7S+87l+9kbaPx1jA3qkqOPLy1LbykdarIehjgE9VuzXgLgYWraW20kbf7sDEwKkQ7HwVLeFyG6Eh8PeXiQ1g/ToRNioLtgBdzqwOoGXSDKF+vqtxCRq1RU+/MtD0uwSK9/dmwarGBa75m4232atg2o59g1E8aYvqOpBUQmXhRYOZ3qtc1p2BGjOyzxd1rLMQGweyAJ8ZxMbUUnkfrg6DvS9/9HLe1Qc6ZwIp5itqROlb6Usr7Oejgap7pVCVHNkHdtxxNX/wZIQxezOv9AQYdC2zSSLsYP2eZIOn+fEgZctdkjrANUzwRmyFph/0WQB8hY595F/kfZHjXK7/iX8ZCkjheiavKw2tW9s6/ZCE88N05fBengEP751M5ChLYPpXuNQkXRpvCrmkhHTX0NhlLsLF1jdTGBv1S37T0u/8VPiDvWSruvozszvUugvCpCUprcRfIhQPyEuUDhyeRYM/DIIKQ7HT8UP2WlnEsXA+hMZ4yLwC4uD09/t4pt/QIfyYGdanX17qCsp2oDqjL2ICERr5LzICX0v8Bke9fWR3IhO/bWDuJQAw4drxcxEZSnTpDtcri4lvT8Mz5IFPwcNK+ezGwmGCOHgV+uydCSrpp/1WWHRJKgq0AbVOao1a6lW4/j/awnWa2hBYhCJifT5yJ/RApl/PsoVjtbzNTOW3lOYcBDnIbr1vkHY4x3z9M3XosOSEdhm2BhTkFcdQv9dvnPzGR5A7QbMVQ1u/+HUdzv5335OreLEqYqQAPQaG7UtarKqyYpIXzF873JFcbbfJa4FeYI+W9ElDgZ1Gsr8k9Ok3HcYArR8IOqO0zk4AFptQntclv2r9Vhb76T/ab5YtIRpXYl0/suztCJ6vA7eyciobUAuUB9cAVkPPX6LK3WrX5P9b3DKgfyXIFxljDwiUuEH7RurUoMymd/87ZlRtyaMP+rC/TV2p7KmNUBhojebp5fRz/1QFeq/zO6JXh6YE301Pl/idYXpCl4IlSQFJn9pGMINOZfUNxpYwCjZboM0zpT0DiebVZ9qp3VQS+NZxuXq7Lu74Gs2oxDCJhm2an3UyIoJECsMWIsLR+ZjHC8heCgRVVYbcvoCHRjEVm+j4uVpsbTyPvMxJ/+1juVl3bZO3F4ZawVWNwdvpzTbqw/SXmcqoyCilU1WogyfClhTpIDJgqytUDuhTM8hwVxWZAx17lgyPCma2Nuhip9NptpYOU0+OuXvo8bYkbCVVRVHjChNWadZDG5nHbNdljZ2XsrPFY6nZryhvjuoNgQqdmBiJ6aY9I0/TKLybsMSPp/dPF08rc9bkdB9NsZt7NaIXW61oBCCPg/DWzjN2MJvPlHL5/g8xEi/Tmu+UxK7QYrdNBJTskhKAlaQBYyQxovIrDsShKK9VyOK9CxBJpaTR7y7nx6xCVw8ji7nEcctxLQsF+ejMp8KyZvnVHTMQhO4ret2+nacBGxuTOAYOXaYZa8YX59n9tzsP7V70EcKYnEUnbl2uKDHOFWmlIWdDQsnoUD87bpxjfPO0zUYvATFhziNHKn6ydvihCkl6ASVH8F0OtQTPzixfBjwY4LxSwyW5binE2ISMOsJUu3QbNFuXeT3Us38NSZKyECYhPumvflJrvuJOEjGd7P4hZKxEwewZCEQ5fbwmwSry72ujdKAUquJUmXBGlpoQXb3RaHi+VML0q7PyBgWesRGJaHlVskwGTl7hZtaqkEbue3J35dFq6GrC+DdlZnLR43/Mp4kdG0m9sJ2SvXTBAb61YU0gmaKh72ata8GIGr8ZzMZJrcUckvMeGhQltEAwLaNNxeKNnwJT3QFGjommKnYjk96+OaiVOhlTCkj43KfLWJO/pytxx1OHHKMReZXMY9eMCNnycxqcm9sZ9AYK7fv7y09jpoxVdRxpfKKklPgop9YpzW6UOy7eUnZDkFjiq5svyc9XYKdopE1f4wty0U59CjpCFt2QVeODFz+pMwwmjczSMwhS6HwHEA6G/cewuSQffrPjTOavmwfycgC+nLsfPKLFYVH6Ir+CskQV02mu/7DX4UgWLlTPm+ey3F61MyYN/zWyp1MqFwRRlKU2stSYyxfPQ77CpgNq6l4TuYu5Bug3asS2EeUQ5Q8pX1LSjs58FWThzz764twS1Kp3+2e7O0R0nM/MthDIo2lxp4/txwDHVPhlt6N8mA5jRrYHD8Bq/9RD3V+V9hxBSn4BqCs+hYvnnRfT/CjOqJksKB9D05p4Z/R+ZptJbWv7cz2eHbD/Mj4yyKGRX9T0I7ISNnT//Cph+L9f022jCXRGdMw/UNjvP8kpDWSHVDD7Wgm44NCeLDrw1z51LZjunoLi5haq+yzJuYYkX+sSYHBPrvWf2N2B+90EcbbXrjfKVBG81r0jZKdRtC7iLJ4xNYQGBUSVTK21mB6VdTHZ8u6hl4BSqGa+jOKyxKL1DMFhRt+d+lSvZWDslxZlVj0/8wI8tkSgGrHs1O3Ffh52S1AppTzm4ZPa6eSInA85yTHxiL9Z463HMoBrmLyCzchq4j1V79n3YYeMCp/tvnFHxQSwcItpKAJGALAABYCwAAUEsDBAoACQAAAOBtYkjuFhNgJAAAABgAAAAtABwAZTcwMGM1NTVhM2
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926419",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6eed3-9be4-41b1-8a84-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-10746155.zip|e700c555a3e66e2d1adedd87eb4c83b9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926420",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6eed4-1a38-4d13-a407-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-10746155.zip|41d59d8b935424e687a2c2f99df600ef43ca3fc8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456926420",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6eed4-b9cc-4ab5-ba8a-b2dd950d210f",
|
|
|
|
|
"value": "Invoice_ref-10746155.zip|99b5ceada762ba22e0ddf29c57eae2e2ffd8706fb319ae3a0ae7cfd1046d0814"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928109",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6f56d-3cc8-4ae6-bd56-4e74950d210f",
|
|
|
|
|
"value": "http://leksvik.historielag.org/num/887hb56f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928109",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "url",
|
|
|
|
|
"uuid": "56d6f56d-5dec-4576-bb19-4914950d210f",
|
|
|
|
|
"value": "http://cabanasestina.ro/num/5buybbtyu8"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928110",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "56d6f56e-1974-44d2-b247-4131950d210f",
|
|
|
|
|
"value": "cabanasestina.ro"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928110",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "hostname",
|
|
|
|
|
"uuid": "56d6f56e-a190-4f2f-904e-4fb4950d210f",
|
|
|
|
|
"value": "leksvik.historielag.org"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928110",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6f56e-fb84-4a48-a1be-40b9950d210f",
|
|
|
|
|
"value": "81.21.75.87"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "Download location",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928111",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "56d6f56f-6594-4eb2-8ec2-4969950d210f",
|
|
|
|
|
"value": "188.213.205.89"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAPhxYkjIOaEbXl8AAMfHAAAgABwAZDBlNjNmM2I1MjA4ZWM4MGVlN2U5NjRmZDE1MGMyNmZVVAkAA5T11laV9dZWdXgLAAEEIQAAAAQhAAAA3aI3POw90mxHA27PD6wYwToQfwRRn5yU2ymx6YPqF+NhFNbI3dUSUC6gBrPV7L9nh+KhYjpytrVBsedPhLneERlh2ZC6nU93QKKYPrTOA4Ql+jhEEBRtIsjShKeJKy+TMkN6cY7JQUjj7K0VA/L6EaUoCb6c1SYx84H38P7zFuZ8JpTr3nFmaz1bdFqfGAzsG6MrwuCm3qsuFGsphAXgvwnbJ/x8n6efEmrsQ1MxCtd5Xz/Tnqb7VlzWy/fyggXIGT+T29cz1F9WV/VqPte6Ywv56ZemYMzajECMySE3+Z1dWdvrk/3oWyZMlzkMGBslPik2F2plbYfp0G4wv8EKodhk5Wlfp7/cevwJSgWdvGNWXlELe0rxmvSItU//Co2RxeMtR2gJZVSbK3OuH/Py2MQAnbPDFrGJu6Ya8Xl5VFl5tJbynwq1NIkzGr8LcGF2ZSTXq6rsRYQmHdvt5b0L0PUj0sibqZU02Ka4b+il1yuXydUhiqhK/NFYQbPUJ1pIY9nmgbdNPdHLsFAmN+nznDxjEyQCzG+wJ1kCBihxKO20onA853QL4lwqBLvs6KV+OsowTHUE+Zmx3up1bwM1PkZqRUrF2pVil8pQ79Laq077fmfPY2g7FvMKo5So0perMUK3dL11XlOIgk/xl1qv84ZQv3tm4sRzhwDP2/u9BXn2OsEmfZzW84TGT/dtPUfAo/ayjfSAUyU51PAUX+JS02dTcTSnsDgbxoOWQLrJlHv2m6cbU76gfcHX3kuhWooSfWRqX3XJ13vH6uE5zqII7AiUnQM48oMTtpcsggt0dwAl6cVPh95SU+U9RtDPHXGmf28HhkefIT8gEc2IkU0HfRXIqKMofHo3VJG5v7bkzA9ZynkJKx/njo6qVae/SrZzgB0XnebI5rfiTea3FraG17I9sYZkOFOzaamV+XslurASqTtfTQfmIcQ3PPiPB4VafDpnr2BChhHZK2RH28MOQ+VAcRkv3e9j+cXYsh1cPJCMeKyuj2yFl4TV8VDvJmw4C3x0AwOXMHMxcTA4AHBgdagFLUjzdRoQ6y9E7UzWIHyGr3AKhPuJ2eHPhA+lbd1T8E9LchFE6gSYho5duhwvHn9L3oP0pWNDR8sHpk6kxhyqhsZ3aZu8T5ffUXtfg+tZYbXJXO7KIDR+cicLprBbiRgGOGp7rmSUWNOkAcd1ZYdAiQZfIn9wOVHb0tHJAiEmzRamlWjcytVJ0hdb1cuyHrjcxL0YCUnU33SmEsewNM6hjJjw/+SeqBpcLNpl8K0Fytc3Sdshmf1kErYTPRvxTu2WLXUm6x/mmehqyrat9B/qwStRuCslsxHob/UynBMx7Ksi+6p1cF5P9rG+ea5QcNRHGNhC3hifcQI1WpESdE89pz9QrcYtiTc7Y4UfxzkXraH83O5X3q3h7fEsue+VxBzi/szqPC2NUcMhkd1Q01RPkwS5D1g32Rrc4UlNVOpot67H02XSaTLf5UMcx13lq/bK0+kNxNkP7PRgJXJ8T543BN9zpjXCgodt2yslQzqK9/clLCYK8Ver+NkL8VsZi922mjL0K8UWZoqlrbnsdtYs8kKOuTSLTKiZfjhZNBuV6cT8NnmUc0r07hzUwcx4RZ8G8Dviyh8Dv6lDyu5bIVinYyWV9H/57xkakUpXDgsMuD/J6CvfrFFuNN1upoi9JNS9gkXLQMr1YuK/P5Iy1nI2E0BV4QoMQ8tmOB1MNihQDn39SRW0jwgKjqc9VVVpGV5CHtBxHkHkSqow4PVzA6N7SQAU1317vP1z4iTrJQuh7PJCu5qFD9HllbQqB8qwKnkkcY295w200ljaIHZOwp1AQ6EpKq9wdavdUxnut5WRqFXlieP6DL7+8KPZIe8SN6LYY5xSNJ7iffA837WfTApxxQkJ56U/eVMnvWG423FJWQ3mqxKcJGOZTcFLDPGL90It4ystfFXQFScgxfIAqjPAQrLv8mw0SzqRXz3NMbVZj2NBxxiT7xu3Zo+N0VwoTSWbnwXjE6GMV0Pfx9gLoHQFDhd5hU53Za4OG2z4zyJ5TchxqfKMQJtdG78GaFABOOgN5QkegESFBDMx/UWlk4dZ8vjQWrvdwiXApia3fctxCQidztHQSon/zYKcdO47Odvuqy2DNW5wC2Trwn2yPuAxmR93PS7VEnjdU7EXXvzopMdkFafwOHDaMp4tpbhK1rKP24YsvqiV//StYHjZPq8Ppd7jXMg21bqWynpnHhnV/0R+wM6AGg3bPNZpz7K0wOUiz4AqjzAgXkMTLY8rApkkWsYiEAtyBPk60QSG+ow+hiX+yqki1hcdmx5TyXI8XiSHT6KZ+caG10+wNvj6n+vATjaiKHncDrPeXrRCpAn8A7Myjh+qV8Q2+dvZfy+90i+6g/aBHwq4Qai6JwL7J8Myq6Uf7TbmjiLY2UtVe4KyqrOLfV+KhLBbUrtlTxNQ1CVJmdARUOuo6kpeDHlYJa2Qww4bt1kimecadxZ5NN/fdOE6tghwXByweshSqti5pcMwxHh9hzN3elsW3KU1i8E74LuVFzxaKibWCpb+NLUtnHmKMolIg0cXHiLo77uvxoVJk3BA2RaNTXW8100pHWAze0gGD4qu0LiCjo73C21t8LLPuDUUoHbWNvG7WVrjElWP8ZeSgSVbcm0uTgCgAd1nJdWRXNn99QCLJmczLHML5CljHpD3ABKUF/wZDb/9QCgnXcXIOmQWmJZncQM0OpXMpaR2sgQ8u0Ay7Hzz/EQ6B03PdP4ZK/TBxugivzuZOpfL+CKLfXUeLOWgM8zRMWGc8DSND5nB2vRxThMTL3DaFnyiRydmnweFC5K/QMEz/dX01O15gHr6V2YJr+uoict1BEWTzwACL/vaZ9eLax3EF6Fz5evdanulSOVWJsO7N6PI8ZdUx+yQdg8ifrBsT3jF8wrvCxPmmmMIwHG8gG5iGWs6Px+9LYMoAaQjXiXDcAnm6A0hvKabyY0xJbdv8jqux9Soj1UMAMVoTf1757sjjteRYkVwp+D9N2r9R6dhcwHiYlrk7ywsrWvywObB/fBZzofyZFnIUgy13Gd78RMh9LOBL6w1IIDehtMElErXGf5IGIZ/PoV5V35VDp+SYUoaIb5skZvRyniM7nvWQnQBlCKdXxY0ZAbRLdOhf/dxEXotTg2f023WV+2IrC318qnTXS0Kdr1nGakAcCeBI/M5BMsTl4cj9WC5JNghDOIdr5RSzS+V7rTZgYt0LTPZ584N5iwVaRTS2GWY8TX+Det3nvp188xYA2vldm+RMb72Uw/aeJVNDVakvry87PftlQdqAg6rhoCnUBjqOTdsWUOr+XEAXNUcPpu9Hy4jR6wEnvnVQp2TMBivqhIS1noaX8Zb5Y9HKWmLk1n5WZ/t/vHU56AfbmQL5Vn6qpkxtdTixKodP518nk5SntkkE0+ByxeDEWl8tirlH9Y2q0aNcpROqWSo8Iy3xvfRqzgpQuaocBokrethbUq99AGIy32eWFmGfxnxckr30RmensASyPbDO+a1CI80hhdhbPSd86dKRSerwVBeVFDHHAn7M0FLbcq2HxWLazgb7SN0szyxSvVyoBwTpGjE/XsnpEZsrRSaFtN2BEX3Zk6mUJNM1yRuEOL9zPj4Rp1uFUFQR0zG3CjCLNCD8e5HAfmRLCjFsltjUFiFoQidF/3JkGm0PdiLxi104KD1/PuGkGlxZ7HSz+J2mVr1fPpQfLTXiQYiABcm1twYbzf28jBib/UWldSY0XLWScbAzQhKZNTlBlDSO/jGcT5I6nfWxVXcTc7EcbV5WcTP1Gw1O8RyKDhS1HmrGN9VZHVwhUtZ7JwzHSa/2KHUcNo7LFbYomca48zxuMkWe8HrbCTVfUItVAuSSUegF9tRbnvsdDh5HZO8Hx73/QmJnvi0AbQ6KvNh/+aIW93DxukwckMGxyXWXvqYxzQJNu9RQ0MGlCz3sW
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928149",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6f595-111c-4c2a-8dae-5e5c950d210f",
|
|
|
|
|
"value": "scan_876316.doc|d0e63f3b5208ec80ee7e964fd150c26f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928149",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6f595-7a38-40bc-a90b-5e5c950d210f",
|
|
|
|
|
"value": "scan_876316.doc|5ffb344282a328de23d11a425b9d150157ca61a0"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928150",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6f596-2ff0-4f0d-9dc9-5e5c950d210f",
|
|
|
|
|
"value": "scan_876316.doc|1ac3c0605930c6b104fe7a6868b0643d6a20aa7ddde417189a3f13aacc184bf9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAPpxYki4ufR9W18AAMPHAAAgABwANGVjOTI3YzhjZjg1ODY1OWM1MTdjYzE1YTFkMjcyNjlVVAkAA5f11laX9dZWdXgLAAEEIQAAAAQhAAAA3aI3POw90mxHA2wKj7CMZPU+nh1+zcECHeronJ33NeWO9PFTT/vGwdnW/OdZ0HAWRKOucs5KDwBH7koLkdUABgZgFmuMA4iPOnFb+8fnyC1YGl/WeglC/xTBqkop2HFWZzzuXn/7KcItwBCxXncT5jv5hKtjDTbZTKzRP4veE3GZjDZp5pIsRRQxOV6ellX39/1fboY+nSnsP89iccjxw/qUN+mbXWHREzyLhlNCWZfeEg8Td67nFM+5XvgcuBVZqNw+Q+U4os5pYs7RSAxgZYCE4IFkOYfhLu96bI2BOy/RIlw3jhUd7ekkkqxMmwAaAJqok5RiFzgKM39eVcIw+6c2P48L4PirOyejnq/kjzRmKwyOGDPE9B4wOvy22jYOd5Zc3ccy18e+fHkvOJuNr7QJvAxks5vRi2eUeD38nHYSiy3/FLaY8F5DU5ngzfjlwKmITgPox8rVDyNDwOcoV8Ue5bBKISXKAtrTbJIbZspd/wIjsCzR0NGrgUtHNNv2tMhbu1NY8S8moPsH9k2ZD+2fPtslOLJAL3HpHUGnLeG7kxCmTVV7JoL1WAVx3xjNYDuNo9JZ1/ZRDPUIcoXY86CoUjTYLzyrQ2e15a56bYNJ+vy5NLeMk5sz1Xsda1CWIyq+IvDylfUlMfnLC/TAXNLiVsALUeuv1aH3yGGYHuq0MuSUVKLPuNO4cIoqUvDEMhcjyxEvRskEjCcKgTF+9Kn/uk1bF+59wF61YM/qaH6p9Q/SckDQ9DbmTtiiZsnre/KUDlUZQdYNukxEm+hFdx1agM2UpBVDtCouh6cuc/ipDo+EbOdZh7Nb154aDupLKoMNMFQqsBq0gGMJqlmNixpDUEM7KV/t4xrtDwXtearD2cnaYOfSoR+xkDWprKv812v1QDzsfC2MIzib3skYBVGKuKXf4rWFyJHA1mIp4cCmC6GQVMqw2mH3yt2/0XThKShRwsB/140EaC3xTgc5EmrYJV8EoocykPtR8jvGNozrfnRSouHtNMWm7ydJFl6nAqFdrnN+FGVbckW3vAp5R1T7SUdu66PlBIN+SUq4NSbR7sZvNocrj68ITWBv/wKi/wlir6GkHahbweCXSCbG6YHjydh1+mUfd022nMRi7m+DqRurBhkawvVdEhF8soxXc5hYHKQeh0Qzsk+t8137KwEMLJfUfevQjYB4IvIebNXMaDC9vcrS7ipJLCGwI/18mPU5j7t2VzRbbAAc8w5v6pRTKgHsi/6byuvteeL8Wbet02StBO6+WVk7/h+2xb9SRhNH7yFDA/o5XjEvguMmlSYGlhqphsTx6Ma4Lotbbsb3qYNaETQPFPJ7xWqVz8lGMHblZENzteaQ/TrZIJOJH7QeRkmb4h9cS3LIyRDJL4GjtiO4Ket2/Ss0eiLBMniLHLh1Y0jK8S8RulurjQDoxvba+8QREkMMeiGMx/NVOEGZ2DHWDvHfzm6Fry+mNcxGH073sgTykdeT0FGp+XSRB0fAM/Vfr4IQHAoIf9V+I/4e4olpr5PNnPaUDy+amM8cHz3DKKYMfTzo2ZKC8KYJcTqoG8udXaIEgN90Xdzi1ByOZG2Fp0OTMLEqlaMUzkBsMYJqbjH67BBVUaU3yzFZdBTLQ4v9Xiu+LhIp5rlIp30qI4bvIzuswrMW3fSaTnpPoobqNzJOj91SqG+ckce6HfgpEM/F4Ssq+lA+6VhDMyOceEgwF0bsKVl7KE0rsrVU5Cc1k08Eqfl1LRLNAtrisHqBilocoxOcV19GntJrcUWVPJShN2P9z0EGq65Wgnj3gISk+QPszdNT7ii8guhl0kEb6uxPNOUahRX4snTDxOdMDFTXNStm/+rou3RTvye/RSNioX/YTU9ipBZXUThTm/GLJZLi5HA3rF/D3AOt+h/eJHm/6PmaT2KNjOcGZzjEcF8CGIjKOAkz5iv8R83hmh2kfVR9AmbZVV+plP/NK4YSsAaLgAzAMQh4CxtwalNkaRCZO+Qs842GkwQzpm4MZOW2zKNpK1xFUc2YwQCn8Ub5oGhK5Waifybefw27au/8uVJvZoz1bKN+LrDf9rEV5NPZS6ZfGe20iU7OGxNt5kle6uvDz9hna+m4dQJ2a8kYnkZnmcluvkIPc75Gz5cxQVgzz+k6s/SzuLyBTwh787jdJYRccoXEBR9Yg50uPkygr/AhqnCxOu7IiZrlO+/tJ0WtLIrFXVpiCjSwdBymmdgLvAr6wdtgGabJ3ld6vivY/M1DUGG0i5ug0rT18L9HpKcP7xKSQkNCzuGv6/OpfjVrMZ6zcT8IxQHez6jiqksPvh78TIt+O6HDFAUjW8kRwvFmi6LGIIiBIUj5O1URj7G2ijBzn2cH2ZfO34spSRPCqvcyJHTsX9Xyds0wzd9lH+4lUbC0GDxKZpPeHrijRGUiRaMccvWSdcCnFPB2+hwjOoFZCFUdKrZ26a10xmdEmvsaNHCSYwqTEX10zLPT0Wa1SJqTOvGeBBsy+dlWBQOvYI4/vQG38rcECXLjYMcyvBU0ZWz7qsXqZsOFnqG5IhoiUwPXFuYSm21NpfCj0QMbnRBIDeRoxIjuj/onD4PcfAM74enpwFoDkvsGa2m5GfezS5HOKDgH01QlDESNaTkgY6AOlj3U+i9QgeafsKzHLAWjnVsgrraupaHSYwpTS3NLPpv+ey4sm6ShzO2sp/x7kyHB2IlkHFVZ8bWTmcwj2DkN/ti5nPhVh48A4t5LXIs/DMomnEIOFBPpFbM4YBWqNEnerjDA2b+tDOqblhUtY2dy250O23wqBiKnULeYXLBZJBWWVN2BQfMvt19MRDis2R93tEpFxkAi4TBC99Ti7EotqnjYgGumQmCvnxNY+jQdO/cbfsESgDKtlXl7qGPOkesJPkof11N6qumBs4KnynApr7XYYYlwOFYWU4exiuP5AcOQV0m77HH5A8pPhIaX+PKpKNaK56RnHbBQkOuzpEkUtHAa3xrrPmH7tsZKuy/buClnsk0VcAKWPHNV3De5GG5HNp1Y3Ndmf28o3n7BsFKYTx6hIEGDt5QkNS4XQT7Y01zBo+JbaYn+NB2wmiIVOFMgm+bK55Sh5wjjIDB7Bf1pVcMfEU/Ef10pysWj5uWkqgM48Ttm8az/EbovdsLLxDpzMkJwHvsx6SQaiv9BLWAxd43vOjwI67SWbPFgxEe+ApfWZURx7Uc8tPEjCOfGstycZkLFeO9Po5u36kWM7RetpYVMU7DVwvaK2ossuxC4oQRWQK8Eci9B2JON7DOQLSFL6hz5patESyhtpQu2Rz6wWIKuPT8U7w4woGTPXUPw2VPrRyNpWwq7qCbg1RUEYQDhRxrk4rc4t2IDV5dpybdYDq4G7AZrRr4XhQde0VNwaUxvkWNRoT9zqOJsjqSev/wutce4SaFycKKJ6RzfdfpeLfWQWxhSyHBvw0GXxryGhp6JgqbxBVV4Fa43fiGn+LdEF+2q/pFYS0+9A40f8thJUJ86j8P/C8wxwohiAwF0oa0547cRzL9U/d+hgNqIRFW3U0kAg2+rl8+U4AmXAwlWWTLCxfEWljifz8IMfejX40oG9Nr/njNKiQg1hcfIw0t2oAKJVl+2pJ2OVJKV4nuTGkdhCrqK+M+XSkJc3IqEHiA9fVb5Azs3yJDbPKiyH6r7+I/yu2Of76Tqb19Qg0ZbcJAUcuIpg8aHudT8Cc7kcoorRNVXhfw4Qq8Pt1SyE3XrHPfrCLkpjrOEpODIz+SPvqmKFU6OVSkPCagc1VM4x7f6I/dJg3sefam0MChLmtj4DyhWb/5TrnMj4jGBkkDINb18YCfsF4IaWyaHkkbC47lEeHYzO3aKp3fDoLJ8xWLd93xSmzWH0feH6yhAh8ti9tUJZBWg9TEpv98XvNH5eNObI1dw6Dy+So3mkUbZK5j0Vxx0ar0STgqJqrgdizJ8oWte97J0PHyQI3L3cFbGAN58hHDu4Q
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928151",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6f597-14e8-4d56-a732-5e5c950d210f",
|
|
|
|
|
"value": "scan_382380.doc|4ec927c8cf858659c517cc15a1d27269"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928151",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6f597-46a8-4a5f-9663-5e5c950d210f",
|
|
|
|
|
"value": "scan_382380.doc|494fbae0a9dbb80b1c080ed274ac732f54f79ffd"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928152",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6f598-cfd4-43d6-b85a-5e5c950d210f",
|
|
|
|
|
"value": "scan_382380.doc|fa25f0ec6c04e54b87f361f1668b32c03163a90b65c3c128965f224e0ec8c30f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAPpxYkjkoqDmVF8AAMHHAAAgABwAYmVkOWQ4MzMwYzExZWU0ZDdmNTRlOGViY2ViMzY4YzFVVAkAA5j11laY9dZWdXgLAAEEIQAAAAQhAAAAPKyaQY5LZgNn5NXWFyF7mgBnojnUFR+p1F/TxF6zzPet8YKT5l5sP1ImGFSk2aWUbzVZ59khZVcyUOwywcyXVyhsekTy0b+e5Sx1T33T+v0Zjwb8GECZ8OIpfTiTyZ8hT/G4i2JSssN/mgBjlevDpO+D1B0z0YdadtKuf+QiAaf8ZfU2d/8ytpKGwA1r68ZQKV/PnDqkFC+gzuKzyuJCP1U3SYzSXXFYCfgg/23CPgB2sFMjEcHV1pJxsGq+5Eod1sxCtHfR0ZkPXmDXn7rG2PRMk2WyETbDb9Wgx1qEt6iHr0pWgdjyxBmKsh6ysysiiXwVqNsii0aCAdMl4h3xG3NTIzh4TTr9lZj+s6dIaa3t/4IheLNM6b5fAMVVjKwjlbceZBxOJ+aTtRhRr5D2iipwD8iyD4OcQvVn6HFmsLgmuOKRVtvwNyUDnbyShbfsTfLhOmagQSQfQmCwIE6TKjdbtxc4BIP3YWbtMSxsuBVBQVLJYVsn+haOR3NyGD9mi0vcCX5ZPjo2LLGJOHZmRmGnKwMD8opXV40vKj/cHMh3SvR66wsFZMS1Ec9G/PZSrF5eMT1Ouj4rB4j+bMIUnTRPWYKVqw1XiVuo3h3/OVDeU9KMBY1iQ0WU9mOQjiqKUK5e+s9oZ6W/3FKCe/tuWnGh6lNDy182LE4xhuIbLfnCLLqtGuS5VNUwaJs6ar4M8PNHdVVlxN2tYt1Nn833r1ONKa7j81e8VJ0kyfkwQnudAcLBExB4MJm/7s8V2HurAj1cS10gVj9+OnEFK30KY2+SY1iWaphT/Ew9KhcQA+HUBwRO5cqCbZHbvI/zPkP/0jXPsnH3rcbCINSg28e9z2rTn4j2zXFOS8o+bVkvpThXC5JuJ/k9V83U8hTp+3IFcCZgzTYHFOKm4WME723hpVMFmbwg/ANG5IukCzj5XTV+pIhnpKpOhF6By5NXlA1vnTu/yTp02J5Mchzo8lWqj9DvAFdgZP5+/z74NZtOtzBXvHJobjQVGUCNWyg5HbEelQE/8T82VukjqLX7sQD/azqTwiPCImc03SDgE5F+0veZ+W/7EGUYd+BGGhjXMNTVvvdd1Isr9D2ZwXFALFgBD7XURIkAmwwU3+qjy4ImhlCPfFvAmwUDXPDpVD4uDrOFxDmGSF6wU2x0mEBfk+lmch4EVxLE6ma3k1onT1VLIJUmKsujjgMrxfH58Xoq3qKDVVmwPxUORzZEDj+V4P0Fl3EayP2oyxh1mDyVJC/L4r0TWkCBPHY3MB/qLll5pVzXy1A6dAGydiblPWfJxIXzCAjU5WsSVD0YZo2L4WWI9weBzP2kuUdw/WhilcQI6mkrDnjK3ocE05gEa0bWZPyusJRmWO7rHTnqlqw3FeW36Yvox31KC+1bMoJVOkknq1GGREKjpW9VSExpS2KFAvWR96scfTI8SZyyggLmohkHKGJJSeLEj7FdUmM6CdTT3BTCrF8Fm7uTUsE2wCFRbYyI/imfoJjNh8U5Z7Ea47EFVQ5uEQ33zYv44qvT5RQZHxQUmlB3q+XNOHHnm/eWV3yq2P4IproNhzcwNGIzbc3k9mOhmOZbeQ/24jsCMCQTdnrDssWyeh6nP8qolJP7+LsNtTJuVcqRZxLIU4lhnNPvuI7rxK/pTQqLeIDT0YwuugljzmoGfELjuRPE7GzKG8jkwz1IysBXFKn7+Lv+y7E3ShuU9axXVl/kSrcoHnvroPv1yO3bqw8Tug9/YOzKmdOb/rpUsuGAd674luij7muTZ6KndWK5G0gEjgDUCV2iLi99J6l8+OcHOvPP4AQo8mJ8ijklSlZk78BN7WZfLkREkFBSjJjU6UwtXiWhGxBZtsECGEUYxOxo5w8mm6pcp8yT+a2l9p/6/gONaTHcfqUualo1ZI0wJU20RSDZudqxZwJz4UqRNut5VQVJOCVqC/6A0EHyaXkl4pkaqZ4RXIDuevmhU9YdTeIErjLjxA99eKVewRkATlgoRE4qia2lUbHc8+RbIg8n9fT4pYYuB27gzEgzNF5PkfroHqyZJ8yNaVKvheuUnwvlQFpH921W58SQBgo4HKW9YC/T271/Ut6YChlp6+iG0xFauyEA7SFjxxumAZkmJphrDgYHzuwDKTDZFMZg7gRGpU5rehN3bX+ES1Jgze/nnY4K4gnOhqhSwvDpmEElG/0YjWQvQzAi30FeLplc1QuIFJvIAW0aV9srtebJUBDtVZ5YFK99XrHCuZBzWmTKuSeBccRz0C6lfYvSmGwa4Tcan9BxTlpfZCd2znzsRzOXWdjc1tBsheRtJHUE5NQ6UVuqLhecW44+rZUSF1Gbiitekt29GM7J5cPTI8gEUDAk+2U7/VdLb1aLHI5Pl3aX8tHuobs54qXjbJ7n4ifrbzVnO1dkjV1cFHPjCIQrp7PuV4AGdCpeQMBhVGa05plnFkanQuyZSE6YiIYJfNtsnunudjBgp4VauStP1IyG871DyoYeVMGpWCGxuOhAgYSgEBZwvigK98mtOz15VSfXINe1n+Z6KBJmwLhFJCkzF0xQ9tx+GRZqkgPoCYljr9d+0yfKUCmOU9h2w1Yvm55/EhwPNO180fr+UjbOs4SUEmC15KH/KVc6FA1mbHfuTwSppbdUch+0NZeSrQ195tHOPMpHTBlV7v1SOA1i103NDHL/Z8NNhFVSVtwOmwGel2nVhCMpFQoT9giv5R8AtPSCUh+I/GTeuC/f0OKCVwymrlRbRKM8hS3s/huHMxqVZpS4zXvB0H5Q3x7NmMO94eJOkfSHLJNU1/hgJueVLGEpcgWVile82D4Su95CzQuYHyLMex+46c7857yXazX7XNbrYwFEQIezax9ZH03s+vhPDHFTXAc64xlylLCv0rrItQBC6L4DSA3g5V1Vc6/lQWdWemg++moDPqaBhjo2qWbKeGw1gaKx/IEL3d9l7oU8cInMAVA+HuqAOFAh8Al/pkLCHWAgAETDPOQiNY2eiEdGCT99Ktbdzzxo/iUYGyxxtILjgBfiQE1U0RCWRfZPwHenNJeOLOa9c7d0uY5r0DoUocYVUvmbFc4zfg0hByWcVN3n5WHrH3pGbKKgw4y9swuUjhmueZTp/zDgjsh2aTwtcFLShCSfEuZOj5M18hDqweYdTSV5xov2fFkiyP6NmRByfqIDpRyh5AtAHCXkP0zWzp1aRT+q3cL9mZhxoivoMhbHiiRbjEqqoz6+2LwpM1T+S8jj4T3FstziNdjrxVq85u5ECQG29nbYWuUYX2IGL0Z7ixz7i7v5g6fATdDm5hnGmrNs8pPx08A2H06oOuL7TeXz6g/RDyOh7KBS1nW1F9S+d3FZJkQJQI1ExZpKdVcJzI4x5sqyDbG/6CXZDb9mIdwvrpG3PtGJGiUvNO4orTU7NiRslvhQg192HrCAmIU0XcFQMjzaOcm5F1Vet/3mWPc/aDVty2iA+FrzXKJm9Gd99CAmKICT2I0rrPbeKcq3Ufn8fk5v8qwrWHd4ggZir/eovHAuKw6/PllxUSRzTKuYYW7gmQzKIwec2ZTBDZbg0J/9Do33R0fAnvh6RJS0NMOX2Op4gJ+s3pYq04/eKdvHKBDnLPtM+S+bTg8pKwcFMdDu6GcC8H/p2nFvO6Yw5OwEgqBr4BdJdV26yezGK753tazCIu/RTcZWsSXwNJ2IS8FplY612HgSNKmVvju2tNHKHAbjsRsBl/WNRDLO4hhTPOCEwbF9H61bDu8ZX9+UgoFPSZNKjkxrvJhUGl2pF8e9FlkaCRo7BThmTpDjs1m1toyKl0MKnNF8pu/jsa50mI4XCV10U21IoDp95ttXjHBfY0NiiRdTtn0ZxuzsxIPzlmClQlwH2LR1bNWj9hJy67PaQU//UeTWxyuem9C1o2KAo/Ytd1JSjCf74qHXx4+9/Ek3GaUP1zmX7HVFBpwVLJ+TwmrberyVtt89YIDmnfkJq5q1DF
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928152",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6f599-b51c-4cfb-970c-5e5c950d210f",
|
|
|
|
|
"value": "scan_187429.doc|bed9d8330c11ee4d7f54e8ebceb368c1"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928153",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6f599-a888-4b95-96ac-5e5c950d210f",
|
|
|
|
|
"value": "scan_187429.doc|3c37da065c6329a2f021e990a8e85db97fd626b4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928154",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6f59a-9050-48f5-a6c5-5e5c950d210f",
|
|
|
|
|
"value": "scan_187429.doc|5c0093a77bbb366ee4e80abd38b966497fe71419d5c46cb68f05757078551ca9"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "UEsDBBQACQAIAPtxYkjwOHNTX18AANPHAAAgABwANTdkMjgxZTBiNDRjNTNiNDM2NTk4M2IxNGQ5NzA2NmZVVAkAA5r11laa9dZWdXgLAAEEIQAAAAQhAAAAPKyaQY5LZgNn5NSH+HW2jGA1UvoEocXc0Lz3JiRkDgey21xhzpeAOacfjvJXxRa+/l7MCsykYp6/Hu4JfmOXsFoIxFYOc35g+tiYwC7kW137tAOmur6AMH9HOtSZttHlJG7tvn3gR2q5lcJpGQ12j7rTiRRSFuZqS/F05P6yM1rPB55r0FQAG6BxfD0HURr8uQrvbn71f0tIvJeJIKR1rVKOSYbqF1F08SdgS14PbRImQilD2o2PpgobvrcuqVNt9t+j0c9G42+2jWj/1zDctBZ9Mn2GpYGFWkfYFHfUocppO9xihXZh+OfQTvSpJuWZTeJ/CoCQi+SqwK9MPH0njYU/te/9enhpyeqGFHqgJLu52h5MwtXNa5ujOgUscFVvOeNH5OXCp+6sDw9kng8Gh9lHc+dOEFCF27Z4tBujT9e+CABWuZCs18nDlvD4Laee6EbnARihE+CzfC/QDyBM5BfQUQJNpOzOgIWzgPgD9MBqbFSGUyMtVZCgwSN4gr8lGCrpUHaQvdUfj9eOZEBgKlzZZHQR8ep2m7avcKOA9XimqTI5fZ8jgbNkep2+sAnGlFoziI1zxKYr+uMuXSHoPWa93VX91SFCNank3XEi4JYhkLqX8RlrISBpxdJLhge8rf1EQDdEglwzbKbSqMAsXBpQZE9WJfIAt7hxEyiUkyUSpUkwjmj3d5jo1Y3N5uIqveeGzFIZjGuVcxA5+2MBEvCTG2SgMD0kdMy0TjIamg5R/tfPol3UDDAr7mP0Alq2BbtJ8070RozhN5fX9gWagU6kmbdHKETVso8SlqBdBBLDy1h1M5lpKUogtcrjV9t+XX/imCcpmo2oKaIS2mSzFomtc3XMluslMg2HHbrrCvepeweIE3AK9UVBrTGlbN4lggwE/wjEm3UjgXh3rWpMgi1jufa0LlLRT3nvYbIB4tsgazwwDiqfJPulXSY0rPcSwskUPrSGwKNF74lW1byzDa4A94SX1xlyvwE9Mi9sSTToVRlJ2Sdkz3Hw0RIDpOeay254PO6KvTNWzzOITYrKrwkJnNGSQSFGNvkdk4TbcFoDWHxak8aEAfAbX1EweDozoRlQOJArbRLcYBSli4GBRQ2LY+mUDCyYJ7T0v0TqPI9yIuO5QcAXReK6jH5I0fuZDwyJdy8vBNGZrcSlIoE/eChhrLmi7rdeOO/x/nHUP+LEKw5FGUiWZZ9ILCkNXYTTYt1Huwi7dJMe1ef265g/0OTZSZaMIz1FevwxaP9EI6Ib8Gjzi2Ta0F7+vT4/Q6pHmM2G3Fo9vDvv95MLFPiHNm5ybWjneFtgVQe45AIQx6X214fzrmnaQFxuXMMwNDj+/NIiPSaZ+FTaHExncpAvqzytmlq1Aj/c6SspYMKo3nZ1H7xj1B74VoRw5qq57XR6xISw4tuOkJxlJ/7EHQvGAVzTlKwfqucru6noQ5O49Xrp/KTSDbXVvnU3P6GX6nxJPX4HZz4oJP/UOr7J14FOnlpFSs42PQTPru+a3RLT8Ao4M1UsM60DkF/rMcWa9XWWXlF8qCRchLwMqu5ZF/26aXfJVQQTYC7OnXEPxV6sZTP1hOuGZptnVS8FI3fWC52soP7xmq36fj1+3r40hVN+9erNliwQiOG0wC0TNnJMn4vHmEy75AEQRfGt6g6s+JCnufT5IUUGHyYzqC4dF1JgJlJq90Rlyvw8fsGSX1YCwNzAeRbO/gMdw6R1UpFJ1pWzUQ8RHZGsgk/SYfQmB8OjVxQrlgeLQGery8ZeAmyrXbdXE/k94XcDxM3qnjrJQlQBS4U30vp1WoBeIObCiHw+ygLgaeEKtmvIC99XhftONVFwBRA52CZapvKj88oz12Yz+h4treMYI3aekIKemv0z/h9TK52P+EY+vNS8hvP267YCpQwo1yZWWr2F190GNYpDDp1QKVhXWVpGK8DPf2zLM5v8d60Qjw+gdNk2ZPAQWH4Bjwhdp9sw/i6wXK3AYBR5D+g4NhuLH1RwrIXd1Hd+CiDLgmpXMkcS6htX2/9xEO+ZDJAE8uWCdpWkRL8Xjkv2z4m8euWGivR5zZZB2Q+z5MZV4Uus07q3zEIsvOSVwgaqO6jPC/mI2EXNkF5VdfXDBt540mQ5PLskIfggZJmIBxC2scvMIFFppgyqunyKlObhAWWXdw5U/0SbxoY01fpv75KFnb1BwHRv5Ol0S7Iavx8UWJol8iB0WF2eW7+rHoUZZ/9T6y1JP1Z/dUlY9beHWz1yGENOVhDrTYh8gKqCSOZ5Ix1iGdHiqAXlzmvJAJT/p6gbw8GiKe5oQHiMa3qfmL4PTaRq5XQyERcJCkJG8PzqnLt3WwzHPE7gtiv5XoZ5da+tRt//XZxRU0wrwiaXBAph9bF8aHtHnmldsAtGkibUgrB9KFgpXJn8RKZFVRMrOWKtCGOV8HLyePwP7M3KyqFsa+1L/Epy99W0J6TQg/nxEESMjTh9B2a8KoxNh4859MFIv5wjYPX68dHdbeeVyiCjTvA4U8LzjCLWsNRn72b3l8GZhOJZBPBKrkx8faEp/YE4zZJKgeXPwU/5I+BBjLChy8DIQ0/BgsmcmEvzb/ATL3a5N0M6iMnRrH0Gh3cneEj3RolGl7Q+5LNYiRTexPSyokRQwBlDt73Mh9JVOuZUwOVA3NKuq6wMsXkMH72vHUmy8i0kKUhLRtIxUMUK0qS2Bqxcb0He7zM2m2jw7uFQm6TN0YE6bGpmSfmqSibiLlVTPOYy2O3dcHVK3Nk/cvtAl9d99KHr3vi5LsvPj0T5QcatNeUxEqHhde5rq4x5MdZMtovPd9MXG/Xzz4GYXQNihm42KuhbJL3CSgunARAhAClOcyb5D8FG9qVDueg3zyFjN/P5x2XPQ2q1gvJgFUVu2bZsE/3an3itmoYeVIFupGmL79wnWJvhzH6jrvSJGtU7y8ycgBm4XgNXPGfY/1+pQolszzJmY8CXI0zvq6B35DvfbE6JSl84H2N3t2ceobleaCoate7PIIDjzs4wnm193T7sgkDmCrDd265aQmnZSWJJVWa/LkVPO0vjiMRcFPJZI8TOjkFiBS3sjNtSV8jQVbAIPpVvi+J4+2x7uh18V0C5cpvzooV3dZtVX1JVJ2//jYFmkQQijorraYm/D1hnFr4cJGAGm5zzDGgDstCg8qJFUjEuv3xm9qWmscrADZPOZyxl7D888rgT/joontx3FJ3wO0sZ0T/9PgUD7onj0oTkcWaQIKmYp5L+5bWKjg7aBVaR5fgy/Zo0vAaeUv8PEhdt4N/8hGyJNYjnJjtcjmnVWwYLocslVBeog2y1zFlMsaji5X1PtBOlzztFui08gLnBZDhy9wLOje8yPuBehQLNAhnjLbn1YAM8+GPk8gBis7dl5gJ3Q/Qp8P0zy769X14ubqeRAbPwfiTFvnBUL+eqavK/nfb2fQTQnesMTLQqrDV8k6Sbx/9GfnbKq+ffHXQLeTDxalt/tLGA9xWTzS7yjQ7NJxiHU4WqKU23VXEmzfXsJUtiE/6HxJOOth3tfeiGxLOyumt5k0u7nXPjtrM895jbDXk5FXIfjRbZn2l2Qx9xYam/bmzuhIbBMdSzyCMsQGdcF5D5ZFvMmvrqx0guUPGx4twpGdNMUFuwmeDa2rxYy6pnSdr9uE2KTik+l2hBFLMRCxQoP4DtbFC1Gb++zlI22mUEJ2+nt22msNkPO1MkD5/iBvnjrEdYCmMO2KpEXTv//j9OeOpLO37Mvui40fB5R5wn9R2MubrrQfpQYkXJehy6dWvkmz2HyWSIktXyYi3sZbKBwAsGw/hr2yb/ZL22eq94VNgmL9R0qSvg4jBSMdcdsiWuTaaHYyRIO+sq3tbFrWxjSIsak2170jBj/6YuHI9hlJDKe7/cdBOtlYv9DEX+cz+VLFYke+pAz//A0+PYZrmaw/+/5oPVe1hJJG/Dg6zpwOqmfvMjOm2gisbwUI
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928154",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "malware-sample",
|
|
|
|
|
"uuid": "56d6f59a-0530-490a-ab7f-5e5c950d210f",
|
|
|
|
|
"value": "scan_135309.doc|57d281e0b44c53b4365983b14d97066f"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928155",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha1",
|
|
|
|
|
"uuid": "56d6f59b-8994-40ca-8c1d-5e5c950d210f",
|
|
|
|
|
"value": "scan_135309.doc|c01dc691c071c42ce2ed382f2106f3f0a4449413"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"timestamp": "1456928156",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "filename|sha256",
|
|
|
|
|
"uuid": "56d6f59c-c0e8-43ff-8d26-5e5c950d210f",
|
|
|
|
|
"value": "scan_135309.doc|29a7266f5bf6a7d1426ddc4e6d3fcd3f0452086a501b06bbfa9709bcfbdf0b9e"
|
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|
