adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/59cd5875-aac8-4787-9757-46fa02de0b81.json

1519 lines
160 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2017-09-28",
"extends_uuid": "",
"info": "OSINT - Threat Actors Target Government of Belarus Using CMSTAR Trojan",
"publish_timestamp": "1506630336",
"published": true,
"threat_level_id": "3",
"timestamp": "1506630312",
"uuid": "59cd5875-aac8-4787-9757-46fa02de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#075600",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:tool=\"CMStar\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd589b-eae0-40fa-89b6-1fad02de0b81",
"value": "https://researchcenter.paloaltonetworks.com/2017/09/unit42-threat-actors-target-government-belarus-using-cmstar-trojan/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "text",
"uuid": "59cd58c6-ec80-4dd3-8a1d-48c202de0b81",
"value": "Palo Alto Networks Unit 42 has identified a series of phishing emails containing updated versions of the previously discussed CMSTAR malware family targeting various government entities in the country of Belarus.\r\n\r\nWe first reported on CMSTAR in spear phishing attacks in spring of 2015 and later in 2016.\r\n\r\nIn this latest campaign. we observed a total of 20 unique emails between June and August of this year that included two new variants of the CMSTAR Downloader. We also discovered two previously unknown payloads. These payloads contained backdoors that we have named BYEBY and PYLOT respectively."
},
{
"category": "External analysis",
"comment": "",
"data": "iVBORw0KGgoAAAANSUhEUgAAA80AAAIUCAYAAAAg8M6mAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAXEgAAFxIBZ5/SUgAAQABJREFUeAHsnQecFOX9/5d2R28WmgUBRaUXNXZi+xt7YrD+TDR2jb0bC6LYe4u9R40t9hoVKzaKFBVFRFRAEZTeDvi/P+vMZVh273bvdvfudj/P6/XlKfPMU95z7MxnnjKxmJ0JmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJmIAJZEKgXiaZndcETMAETKBWEyjt169f1+XLl3erX79+W6wRrS3Y3/kVK1asxCaPHTv2LfpZVquvjBtnAiZgAiZgAiZQZwkU7MNUnb0ibrgJmIAJVIFAr169ujRs2HAwpw7CemHt6tWr1xDhTLAw3cqVK2OI5gn07hL6+eTIkSOXFWZP3SsTMAETMAETMIGaJNCwJit33SZgAiZgAtUnwOjyQATyaZT0R8RjqcRk6KLhMK2QfPrbgz5ejHhWt57APOJcSBfYfTEBEzABEzCBWkDAI8214CK4CSZgAiZQVQJ9+/bdEOF4PucfqJFllSOhjM0mvkBRpRWga0z/1g77RX/HSjyPHj36GdI84hyCsW8CJmACJmACJlBtAh5prjZCF2ACJmACNUagAYJ5H8TjPrQg/nuu6crYYwjI0aQvYcp2jTUuVxWzZlsvAlrTd70o2Jtwffze+EP79+/fYu7cuQ9PmjRpSa7qd7kmYAImYAImYALFRaDwnqaK6/q5tyZgAkVMoGfPnh3p/lYIxhaIZI0uf45dNWvWrMe+//77RYWOBoE8jz7uhpWqr3DYhBcG5zRr1mzhgAEDnvIaZ1GxMwETMAETMAETqC6Bwt0hprpkfL4JmIAJ1HICpaWlEs3rSzAjGCWaX2IU9tliEMy6NA0aNJiBF1/MrLgcHDRd/R9w2G/QoEGNf0v1vyZgAiZgAiZgAiZQdQIWzVVn5zNNwARMoEYJMKraHKHcOmwE4S/GjRv3SxgvdJ/+r3YP08sDRHMv/Et+/fXX/+vRo0dJoXNw/0zABEzABEzABHJLYLUHjtxW59JNwARMwASyRQCRrLW8DcLyCC8Pw0Xog2PlCizedVh0RjyfyWj8Pt26dYtP3y5CJu6yCZiACZiACZhAFghYNGcBooswARMwgRokUPRfQUAga2r6r9jbXIdR2Eql4TbEhjZv3vzAzp07e6q2iNiZgAmYgAmYgAlkTMCiOWNkPsEETMAETKC2EUAka5T5Rewi7Au1T8IZ686I84Vt27bd22uca9tVc3tMwARMwARMoG4QsGiuG9fJrTQBEzABE6iYAPq43pJWrVq9yFrnSxDOo8ke3ySM9M6EL+ZTVAcgnJsTtjMBEzABEzABEzCBtAlYNKeNyhlNwARMwARqMwHEcf3hw4eXjRkz5lGE81CE8xjaG1/kzLENiV/yyy+/7Oep2rX5KrptJmACJmACJlD7CFg0175r4haZgAmYgAlUj8AKhPNzFHGFpmpj8dKYpt0J8Xx269at97Rwrh5gn20CJmACJmACxUTAormYrrb7agImYALFQ2B5y5Ytn0IwD6XL2hws7hDOGyKcL2Ma90EDBgxoGqbbNwETMAETMAETMIFUBCyaU5FxugmYgAmYQJ0moKnao0ePfrSsrOxSOjIeAR3fVRvR3BXxfNHy5csHe8S5Tl9iN94ETMAETMAE8kLAojkvmF2JCZiACZhATRHo3r3706xxvhKxPEFtwI8hmtdp0KDBuUzV3tfCuaaujOs1ARMwARMwgbpBwKK5blwnt9IETMAETKCKBB5//PHl3bp1e5iR5fMQzx+Fa5wpbiPE8zA+R3WIhXMV4fo0EzABEzABEygCAhbNRXCR3UUTMAETKHYCEs5sDvYMgvlqWGiqdhwJo87rEzirTZs2nqpd7H8k7r8JmIAJmIAJpCBg0ZwCjJNNwARMwARqPwEtU1YrAz8erqjVTMf+DyPOF5BfI87h56i6Ip6HsDnYEb17925W0fk+ZgImYAImYAImUHwELJqL75q7xyZgAiZQEASYar0csbsw0L7N8NtW1jFtDvbpp58+Q74h5B8ZnKt1zl2Yqn0W6Qess846TSorx8dNwARMwARMwASKh4BFc/Fca/fUBEzABAqKAEJ3AaL3G3UKwVuCN6Bfv36bptHJFeyq/TL59B3nMVh8xJkytDnY6WusscYBHnFOg6KzmIAJmIAJmECREGhQJP10N03ABEyg4Ai0b99e04r3xlphmqL87IwZM0YXXEdTdKhZs2ZlJSUlHen71mTR1OyO2Abt2rX7kVHonxcuXLgsSNexRIvB6su11177G87fCOtEHo04rwnHAQjoZZ06dfp0+vTpKsPOBEzABEzABEygiAk0LOK+u+smYAImYAJ1mMCkSZPmMSL8IkJ3D6wnQrcZYnlXRou7MsV6+rrrrru0ku6t4Hgptm40H+evw7rnUyjr144dOz46bdq0hdHjDpuACZiACZiACRQXAYvm4rre7q0JmIAJFBKBlbNnz/5kzTXX1I7YFyCaN0A8l0pAy9LpaDAzW6P0q2TXVG0SzmHUumSDDTb413vvvTdvlQyOmIAJmIAJmIAJFA0BT88umkvtjpqACRQagWKfnq3rOXfu3LLmzZt/UVpa+i3CtwNJayKY60kEM1KsLARTOx1PYipCU7W1sdjAsrKyuYw4j/dUbWjYmYAJmIAJmEAREvBIcxFedHfZBEzABAqJANO0l/To0eM5plWPxzZHIm9L/9ZF9JYSzrSrKzhH4rsbo80llNGe+JnEx2DvZlqY85uACZiACZiACdR9AhbNdf8augcmYAImUPQEJkyYoPXLEwcMGDB58eLFLzRt2rSEEeKMvxDBuSsbNWq0fsOGDc9CMO8j0Y2/Ln7roodsACZgAiZgAiZQpAQsmov0wrvbJmACJlCIBEaOHKndrmdXs2/T+/fv/z5l7BOUk/FwdTXr9+kmYAImYAImYAK1iEDGb+FrUdvdFBMwARMwARPIFYGyXBXsck3ABEzABEzABOoWAYvmunW93FoTMAETMIE8EGA6tr7rbGcCJmACJmACJmACMYtm/xGYgAmYgAmYgAmYgAmYgAmYgAmYQAoCFs0pwDjZBEzABEzABEzABEzABEzABEzABCya/TdgAiZgAiZgAiZgAiZgAiZgAiZgAikIWDSnAONkEzABEzABEzABEzABEzABEzABE7Bo9t+ACZiACZiACZiACZiACZiACZiACaQgYNGcAoyTTcAETMAETMAETMAETMAETMAETMCi2X8DJmACJmACJmACJmACJmACJmACJpCCgEVzCjBONgETMAETMAETMAETMAETMAETMAGLZv8NmIAJmIAJmIAJmIAJmIAJmIAJmEAKAhbNKcA42QRMwARMwARMwARMwARMwARMwAQsmv03YAImYAImYAImYAImYAImYAImYAIpCFg0pwDjZBMwAROoCwRWrlxZL9LOaDiS7KAJmIAJmIAJmIAJmEBVCVg0V5WczzMBEzCBGiawAlevXr0lNGMJ4nkpVlbDTXL1JmACJmACJmACJlBwBBoWXI/cIRMwARMoEgL169efilC+E+HcGp9o/fFF0nV30wRMwARMwARMwATyRsCiOW+oXZEJmIAJZJfAmDFjJnfu3PmGsrKyehp0njZtmkad7UzABEzABEzABEzABLJIwKI5izBdlAmYgAnkmcDyKVOmLM9zna7OBEzABEzABEzABIqKgEVzUV1ud9YETKAOE2jYp0+fdkzBbrV06dJGJSUldbgruWs6o+5a5z1/+fLlMydMmDA/dzW5ZBMwARMwARMwgWIhYNFcLFfa/TQBE6irBOr16NGja6NGjTZHDP6eTmyEYG5OuK72J6ftbtiw4VLYfNegQYMPecnwTseOHT996aWXPG09p9RduAmYgAmYgAkUNgGL5sK+vu6dCZhA3SZQr2/fvlsiAk+lG39glLkJvtVyBdc0eJmwBRuj7Quv0dOnT7+uW7duz02aNGluBaf5kAmYgAmYgAmYgAmkJOBPTqVE4wMmYA
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "attachment",
"uuid": "59cd5900-1614-40dc-969b-1fad02de0b81",
"value": "CMSTAR_1.png"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-32e4-41cc-acec-48cf02de0b81",
"value": "http://45.77.58.49/54xfapkezW64xDE.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-ddd8-4047-af8d-41c902de0b81",
"value": "http://45.77.62.181/naIXl13kqeV7Y2j.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-5988-4a75-af09-473302de0b81",
"value": "http://45.77.58.160/9EkCWYA3OtDbz1l.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-d814-4385-b195-430302de0b81",
"value": "http://45.77.58.160/8h5NPYB5fAn301E.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-9afc-49b9-b64b-49a602de0b81",
"value": "http://45.77.60.138/3kK24dXFYRgM6Ac.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-1e54-469e-8d2b-4a8c02de0b81",
"value": "http://45.77.60.138/ezD19AweVIj5NaH.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-ed74-47e9-a1ab-4a9d02de0b81",
"value": "http://45.77.60.138/VFdSKlgCAZD7mmp.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-cb6c-4371-a524-43ec02de0b81",
"value": "http://45.77.60.138/HJDBvnJ7wc4S5qZ.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-aa6c-4b7b-b99a-4dff02de0b81",
"value": "http://45.77.60.138/jVJlw3wp379neaJ.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-e23c-45fd-be51-44c602de0b81",
"value": "http://45.77.60.138/YXza9HkKWzqtXlt.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-e238-4923-b667-411402de0b81",
"value": "http://45.77.60.138/UScHrzGWbXb01gv.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.C Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "url",
"uuid": "59cd591d-b540-487a-a31a-4d5302de0b81",
"value": "http://45.77.60.138/WsEeRyHEhLO1kUm.dat"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-2998-4ff5-b971-435c02de0b81",
"value": "85e06a2beaa4469f13ca58d5d09fec672d3d8962a7adad3c3cb74f3f9ef1fed4"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-63fc-465b-a3fb-4c6c02de0b81",
"value": "b8ef93227b59e6c8d3a1494b4860d15be819fae17b57fd56bfff9a51b7972ff0"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-28a4-4622-9219-453902de0b81",
"value": "9e6fdbbc2371ac8bc6db3b878475ed0b0af8950d50a4652df688e778beb87397"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-4304-4197-9cb4-423d02de0b81",
"value": "4e38e627ae21f1a85aa963ca990a66cf75789b450605fdca2f31ee6f0f8ab8f2"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-7a70-495c-9a6f-440302de0b81",
"value": "f4ff0ca7f2ea2a011a2a4615d9b488b7806ff5dd61577a9e3a9860f2980e7fc0"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-e25c-4e14-846b-4c7402de0b81",
"value": "8de3fa2614b1767cfd12936c5adf4423ef25ea60800fa170752266e0ca063274"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-0650-4fcd-8ab5-483502de0b81",
"value": "38197abde967326568e101b65203c2efa75500e5f3c084b6dd08fd1ba1430726"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-db70-43ad-851e-421102de0b81",
"value": "726df91a395827d11dc433854b3f19b3e28eac4feff329e0bdad93890b03af84"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-4378-4cde-8554-4d0102de0b81",
"value": "5703565ec64d72eb693b9fafcba5951e937c8ee38829948e9518b7d226f81c10"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-285c-4e1f-ba5b-47ef02de0b81",
"value": "d0544a3e6d1b34b8b4e976c7fc62d4500f28f617e2f549d9a3e590b71b1f9cc5"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-9e08-4069-aa27-4fa202de0b81",
"value": "2a8e5551b9905e907da7268aba50fcbc526cfd0549ff2e352f9f4d1d71bf32a7"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-59a0-40f8-928e-487502de0b81",
"value": "d7cd6f367a84f6d5cf5ffb3c2537dd3f48297bd45a8f5a4c50190f683b7c9e90"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-29ec-43b6-9e48-439602de0b81",
"value": "8f7294072a470b886791a7a32eedf0f0505aaecec154626c6334d986957086e4"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5937-3bfc-41d9-9d23-4d9f02de0b81",
"value": "6419255d017b217fe984d3439694eb96806d06c7ea41a422298650969028c08c"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-cdf0-42d9-86de-4c1d02de0b81",
"value": "http://108.61.175.110/tlhXVFeBvT64LC9.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-0358-4440-b66b-490b02de0b81",
"value": "http://104.238.188.211/gl7xljvn3fqGt3u.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-0dfc-4f69-b951-440802de0b81",
"value": "http://45.77.60.138/c2KoCT5OHcVwGi7.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-0a34-4123-8753-486f02de0b81",
"value": "http://108.61.175.110/gkMmqVvZ7gGGxpY.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-f988-46ea-a6fd-482e02de0b81",
"value": "http://108.61.175.110/z_gaDZyeZXvScQ6.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-9d9c-4141-8cc9-436e02de0b81",
"value": "http://108.61.175.110/bDtzGVtqgiJU9PI.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-350c-4264-9592-4eee02de0b81",
"value": "http://45.77.60.138/liW0ecpxEWCfIgU.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-1034-45ec-944d-48ce02de0b81",
"value": "http://45.77.60.138/JUmoT4Pbw6U2xcj.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5956-1c30-4896-b874-4f7502de0b81",
"value": "http://108.61.175.110/oiUfxZfej29MAbF.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5957-c770-451f-bbd7-4f9902de0b81",
"value": "http://108.61.103.123/jvZfZ0gdTWtr46y.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5957-6670-4ea8-b893-4b1d02de0b81",
"value": "http://108.61.103.123/06JcD5jz5dSHVAy.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5957-0f34-40a9-8fe9-41eb02de0b81",
"value": "http://108.61.103.123/nj3dsMMpyQQDBF3.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5957-38e0-4c35-bb77-477102de0b81",
"value": "http://108.61.103.123/fHZvWtBGlFvs2Nr.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR.B Download Location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd5957-40f4-48e5-b0b0-441702de0b81",
"value": "http://45.77.60.138/w57E8dktKb9UQyV.dat"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-e658-4de3-991f-43b402de0b81",
"value": "8609360b43498e296e14237d318c96c58dce3e91b7a1c608cd146496703a7fac"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-79c4-4c49-8b2a-45d002de0b81",
"value": "f0f2215457200bb3003eecb277bf7e3888d16edcf132d88203b27966407c7dc3"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-4e30-495a-80ab-4b9202de0b81",
"value": "aecf53a3a52662b441703e56555d06c9d3c61bddf4d3b23d9da02abbe390c609"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-e474-4714-a266-448102de0b81",
"value": "960a17797738dc0bc5623c74b6f8a5d74375f6d18d20ba18775f26a43898bae6"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-073c-4960-8f26-4f6602de0b81",
"value": "e37c045418259ecdc07874b85e7b688ba53f5a7dc989db19d7e8c440300bd574"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-2a68-445e-9d50-4f5c02de0b81",
"value": "75ea6e8dfaf56fb35f35cb043bd77aef9e2c7d46f3e2a0454dff0952a09c134f"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-e1c4-480a-a813-4faa02de0b81",
"value": "a65e01412610e5ed8fde12cb78e6265a18ef78d2fd3c8c14ed8a3d1cef17c91d"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-b478-42c9-8030-444d02de0b81",
"value": "7170b104367530ae837daed466035a8be719fdb17423fc01da9c0ded74ca6ad1"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-5658-4804-b7eb-43aa02de0b81",
"value": "13acddf9b7c2daafd815cbfa75fbb778a7074a6f90277e858040275ae61a252b"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-f194-41b8-91ff-4e0b02de0b81",
"value": "625ed818a25c63d8b2c264d0f5bd96ba5ad1c702702d8ffaa4e0e93e5f411fac"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-4108-4d89-8fac-4a7902de0b81",
"value": "a56cd758608034c90e81e4d4f1fe383982247d6aeffd74a1dd98d84e9b56afdf"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-f738-4e94-ad00-4dfd02de0b81",
"value": "a4b969b93f7882ed2d15fd10970c4720961e42f3ae3fced501c0a1ffa3896ff5"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-e418-4ba7-8757-4f0802de0b81",
"value": "e833bbb79ca8ea1dbeb408520b97fb5a1b691d5a5f9c4f9deabecb3787b47f73"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd599e-dc4c-45c3-8450-409602de0b81",
"value": "8e9136d6dc7419469c959241bc8745af7ba51c7b02a12d04fec0bc4d3f7dcdf0"
},
{
"category": "Network activity",
"comment": "BYEBY C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "domain",
"uuid": "59cd59ac-2c54-41ec-a3e3-484602de0b81",
"value": "oeiowidfla22.com"
},
{
"category": "Payload delivery",
"comment": "BYEBY",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd59b9-748c-4cc2-a601-47ff02de0b81",
"value": "383a2d8f421ad2f243cbc142e9715c78f867a114b037626c2097cb3e070f67d6"
},
{
"category": "Network activity",
"comment": "PYLOT C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "hostname",
"uuid": "59cd59c6-39b0-4666-990e-4fbf02de0b81",
"value": "wait.waisttoomuchmind.com"
},
{
"category": "Payload delivery",
"comment": "PYLOT",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd59d9-c854-4446-88c9-4cfb02de0b81",
"value": "7e2c9e4acd05bc8ca45263b196e80e919ff60890a872bdc0576735a566369c46"
},
{
"category": "Network activity",
"comment": "CMSTAR Download Locations in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd59f7-7a04-47ea-87ea-49b202de0b81",
"value": "http://45.77.60.138/mePVDjnAZsYCw5j.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR Download Locations in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd59f7-350c-4409-b8bd-416302de0b81",
"value": "http://45.76.80.32/tYD7jzfVNZqMfye.dat"
},
{
"category": "Network activity",
"comment": "CMSTAR Download Locations in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "url",
"uuid": "59cd59f7-1aa0-4337-ad04-497202de0b81",
"value": "http://45.77.60.138/cw1PlY308OpfVeZ.dat"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-10b8-4ba5-8f77-48f902de0b81",
"value": "65d5ef9aa617e7060779bc217a42372e99d59dc88f8ea2f3b9f45aacf3ba7209"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-a44c-43e0-a018-450a02de0b81",
"value": "2a0169c72c84e6d3fa49af701fd46ee7aaf1d1d9e107798d93a6ca8df5d25957"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-450c-4c3d-b3d9-4c5802de0b81",
"value": "4da6ce5921b0dfff9045ada7e775c1755e6ea44eab55da7ccc362f2a70ce26a6"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-2f3c-4f88-ba4a-495202de0b81",
"value": "2008ec82cec0b62bdb4d2cea64ff5a159a4327a058dfd867f877536389a72fb6"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-1638-4e5f-8d8b-403402de0b81",
"value": "cecd72851c265f885ff02c60cbc3e6cbf1a40b298274761f623dfa44782a01f8"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-de50-4e0a-9e92-45e302de0b81",
"value": "d8c0f8ecdeceba83396c98370f8f458ea7f7a935aabbcc3d41b80d4e85746357"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-a29c-4d38-b7e1-4d8c02de0b81",
"value": "2c8267192b196bf8a92c8b72d52096e46e307fa4d4dafdc030d3e0f5b4145e9e"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-1bd4-4a45-ab2a-4b6f02de0b81",
"value": "2debf12b1cb1291cbd096b24897856948734fa62fd61a1f24d379b4224bda212"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-2fe0-484b-b9cb-4d5f02de0b81",
"value": "79b30634075896084135b9891c42fca8a59db1c0c731e445940671efab9a0b61"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-2380-41e1-a9be-492102de0b81",
"value": "b0065fc16ae785834908f024fb3ddd4d9d62b29675859a8e737e3b949e85327a"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-b190-4e86-8362-4e1902de0b81",
"value": "16697c95db5add6c1c23b2591b9d8eec5ed96074d057b9411f0b57a54af298d5"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-bff8-4b26-9d53-466a02de0b81",
"value": "6843d183b41b6b22976fc8d85e448dcc4d2e0bd2c159e6d966bfd4afa1cd9221"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630313",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-b9a4-46f7-82fc-48a702de0b81",
"value": "3c3efa89d1dd39e1112558af38ba656e048be842a3bedb7933cdd4210025f791"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-a17c-47d6-b461-4f0602de0b81",
"value": "b2bebb381bc3722304ab1a21a21e082583bf6b88b84e7f65c4fdda48971c20a2"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-3c18-4dc6-8184-4cde02de0b81",
"value": "09890dc8898b99647cdc1cceb97e764b6a88d55b5a520c8d0ea3bfd8f75ed83b"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "sha256",
"uuid": "59cd5a0e-b370-4168-9699-437b02de0b81",
"value": "fd22973451b88a4d10d9f485baef7f5e7a6f2cb9ce0826953571bd8f5d866c2a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "email-subject",
"uuid": "59cd5a81-5dac-4c17-8ec7-433d02de0b81",
"value": "Fwd:\u00d0\u0178\u00d0\u00be\u00d0\u00b4\u00d0\u00b3\u00d0\u00be\u00d1\u201a\u00d0\u00be\u00d0\u00b2\u00d0\u00ba\u00d0\u00b0 \u00d0\u00ba \u00d0\u2014\u00d0\u00b0\u00d0\u00bf\u00d0\u00b0\u00d0\u00b4-2017"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "email-subject",
"uuid": "59cd5a81-14d0-4a71-9760-441902de0b81",
"value": "\u00d0\u00b2\u00d1\u2039\u00d0\u00bf\u00d1\u0192\u00d1\u0081\u00d0\u00ba \u00d0\u00b2\u00d0\u00be\u00d1\u0081\u00d0\u00bf\u00d0\u00b8\u00d1\u201a\u00d0\u00b0\u00d0\u00bd\u00d0\u00bd\u00d0\u00b8\u00d0\u00ba\u00d0\u00be\u00d0\u00b2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "email-subject",
"uuid": "59cd5a81-0fbc-4c71-9f86-4edd02de0b81",
"value": "\u00d0\u0161 \u00d0\u2014\u00d0\u00b0\u00d0\u00bf\u00d0\u00b0\u00d0\u00b4-2017"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630312",
"to_ids": true,
"type": "email-subject",
"uuid": "59cd5a81-0f44-4b69-9b6f-44b702de0b81",
"value": "\u00d0\u2014\u00d0\u00b0\u00d0\u00bf\u00d0\u00b0\u00d0\u00b4-2017"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: b8ef93227b59e6c8d3a1494b4860d15be819fae17b57fd56bfff9a51b7972ff0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-7f80-48b7-ae88-4a4902de0b81",
"value": "b9aa08bc99b2d026310cd315d552356798f4c77c"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: b8ef93227b59e6c8d3a1494b4860d15be819fae17b57fd56bfff9a51b7972ff0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-7a34-4cca-9859-4cdb02de0b81",
"value": "b1764f1d5a5c92b44a7f493ed5179058"
},
{
"category": "External analysis",
"comment": "CMSTAR.C - Xchecked via VT: b8ef93227b59e6c8d3a1494b4860d15be819fae17b57fd56bfff9a51b7972ff0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-2944-4caf-ab24-424802de0b81",
"value": "https://www.virustotal.com/file/b8ef93227b59e6c8d3a1494b4860d15be819fae17b57fd56bfff9a51b7972ff0/analysis/1502600585/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 9e6fdbbc2371ac8bc6db3b878475ed0b0af8950d50a4652df688e778beb87397",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-2b64-42cc-9f63-4a7902de0b81",
"value": "0c497f4a7166ae36b2099a544a8f2b6c6a800c87"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 9e6fdbbc2371ac8bc6db3b878475ed0b0af8950d50a4652df688e778beb87397",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-c9a8-4041-9259-4ba402de0b81",
"value": "26a7865464b54a907babe93d058c05b9"
},
{
"category": "External analysis",
"comment": "CMSTAR.C - Xchecked via VT: 9e6fdbbc2371ac8bc6db3b878475ed0b0af8950d50a4652df688e778beb87397",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-6920-4fc6-a94d-469a02de0b81",
"value": "https://www.virustotal.com/file/9e6fdbbc2371ac8bc6db3b878475ed0b0af8950d50a4652df688e778beb87397/analysis/1502165419/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 4e38e627ae21f1a85aa963ca990a66cf75789b450605fdca2f31ee6f0f8ab8f2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-e1e4-4ab5-aea3-498602de0b81",
"value": "46c8ed5fda81e65d013f14e35b3b4380b33352da"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 4e38e627ae21f1a85aa963ca990a66cf75789b450605fdca2f31ee6f0f8ab8f2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-c164-4dda-a35d-4e0802de0b81",
"value": "6ad1bf20ca0ec27f4e75d850b4af27fa"
},
{
"category": "External analysis",
"comment": "CMSTAR.C - Xchecked via VT: 4e38e627ae21f1a85aa963ca990a66cf75789b450605fdca2f31ee6f0f8ab8f2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-5260-4bf6-9a18-4f2a02de0b81",
"value": "https://www.virustotal.com/file/4e38e627ae21f1a85aa963ca990a66cf75789b450605fdca2f31ee6f0f8ab8f2/analysis/1502175386/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: f4ff0ca7f2ea2a011a2a4615d9b488b7806ff5dd61577a9e3a9860f2980e7fc0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-7a08-4b9b-bbc5-4e5102de0b81",
"value": "bffae549464897294bafba21f11f7e80f056416d"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: f4ff0ca7f2ea2a011a2a4615d9b488b7806ff5dd61577a9e3a9860f2980e7fc0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-8a00-4ab6-91ae-49c802de0b81",
"value": "3180732e32e812db57f41954f203883d"
},
{
"category": "External analysis",
"comment": "CMSTAR.C - Xchecked via VT: f4ff0ca7f2ea2a011a2a4615d9b488b7806ff5dd61577a9e3a9860f2980e7fc0",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-2244-43b5-831b-487802de0b81",
"value": "https://www.virustotal.com/file/f4ff0ca7f2ea2a011a2a4615d9b488b7806ff5dd61577a9e3a9860f2980e7fc0/analysis/1503504356/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 8de3fa2614b1767cfd12936c5adf4423ef25ea60800fa170752266e0ca063274",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-2da0-4814-b1b3-445902de0b81",
"value": "5ab5b24f583087f5ec45e5e97bac1a531fe48e5b"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.C - Xchecked via VT: 8de3fa2614b1767cfd12936c5adf4423ef25ea60800fa170752266e0ca063274",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-4754-4690-b55d-4deb02de0b81",
"value": "aecb2b9ca69306d3420c072a0f23b24a"
},
{
"category": "External analysis",
"comment": "CMSTAR.C - Xchecked via VT: 8de3fa2614b1767cfd12936c5adf4423ef25ea60800fa170752266e0ca063274",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-f44c-4b06-be90-4e0002de0b81",
"value": "https://www.virustotal.com/file/8de3fa2614b1767cfd12936c5adf4423ef25ea60800fa170752266e0ca063274/analysis/1503503490/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 8609360b43498e296e14237d318c96c58dce3e91b7a1c608cd146496703a7fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-14c8-4ae1-97f0-4fb802de0b81",
"value": "2cbd574f7772081eeb10c58d5a0e413ec8881102"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 8609360b43498e296e14237d318c96c58dce3e91b7a1c608cd146496703a7fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-f254-4143-9b45-418702de0b81",
"value": "34ac15b78f9184c40502d26112317855"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 8609360b43498e296e14237d318c96c58dce3e91b7a1c608cd146496703a7fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-1aa0-4b5f-ac1e-454d02de0b81",
"value": "https://www.virustotal.com/file/8609360b43498e296e14237d318c96c58dce3e91b7a1c608cd146496703a7fac/analysis/1500244944/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: f0f2215457200bb3003eecb277bf7e3888d16edcf132d88203b27966407c7dc3",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-4e5c-4bbb-a598-43e102de0b81",
"value": "931d429bd2a450edc660739fe0643f63e7104bc7"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: f0f2215457200bb3003eecb277bf7e3888d16edcf132d88203b27966407c7dc3",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-1f68-4422-afb5-42fa02de0b81",
"value": "cef57a0ff13db32d9330be26d3a53b0e"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: f0f2215457200bb3003eecb277bf7e3888d16edcf132d88203b27966407c7dc3",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-775c-4881-ba23-4a8102de0b81",
"value": "https://www.virustotal.com/file/f0f2215457200bb3003eecb277bf7e3888d16edcf132d88203b27966407c7dc3/analysis/1505187113/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: aecf53a3a52662b441703e56555d06c9d3c61bddf4d3b23d9da02abbe390c609",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-c47c-45da-8fdc-4aa302de0b81",
"value": "86f011e17d127165beedf9554028fc2b103ea8fe"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: aecf53a3a52662b441703e56555d06c9d3c61bddf4d3b23d9da02abbe390c609",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-98a8-4fa2-9a7c-4c2602de0b81",
"value": "f9267cde7ac77e4798db7922a2f45faf"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: aecf53a3a52662b441703e56555d06c9d3c61bddf4d3b23d9da02abbe390c609",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-08d4-4c7b-8d0e-4b1102de0b81",
"value": "https://www.virustotal.com/file/aecf53a3a52662b441703e56555d06c9d3c61bddf4d3b23d9da02abbe390c609/analysis/1505191764/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 960a17797738dc0bc5623c74b6f8a5d74375f6d18d20ba18775f26a43898bae6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-f664-45ee-a4ba-4c5802de0b81",
"value": "89667e2ac107b8718b32881c5af465ad9985b128"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 960a17797738dc0bc5623c74b6f8a5d74375f6d18d20ba18775f26a43898bae6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-f0d8-42cc-8c90-47fe02de0b81",
"value": "0dee4f09fe7997a1296525c3ea84ccc9"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 960a17797738dc0bc5623c74b6f8a5d74375f6d18d20ba18775f26a43898bae6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-1a2c-436b-bade-476002de0b81",
"value": "https://www.virustotal.com/file/960a17797738dc0bc5623c74b6f8a5d74375f6d18d20ba18775f26a43898bae6/analysis/1505186035/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: e37c045418259ecdc07874b85e7b688ba53f5a7dc989db19d7e8c440300bd574",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-9b24-4869-93bf-43b402de0b81",
"value": "2c8a9d95afae9cb299483feeb38f8fa492738af6"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: e37c045418259ecdc07874b85e7b688ba53f5a7dc989db19d7e8c440300bd574",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-04ec-454a-9019-47db02de0b81",
"value": "216ee49d2ce0be6942e0c73f139d2bcb"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: e37c045418259ecdc07874b85e7b688ba53f5a7dc989db19d7e8c440300bd574",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-b0f8-43c9-bfc3-4aed02de0b81",
"value": "https://www.virustotal.com/file/e37c045418259ecdc07874b85e7b688ba53f5a7dc989db19d7e8c440300bd574/analysis/1502001804/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 75ea6e8dfaf56fb35f35cb043bd77aef9e2c7d46f3e2a0454dff0952a09c134f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-77f8-4ea7-b364-454602de0b81",
"value": "ec7bc272a6c465db803f257789cfc651890b4d41"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 75ea6e8dfaf56fb35f35cb043bd77aef9e2c7d46f3e2a0454dff0952a09c134f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-f394-461a-ab1c-42c302de0b81",
"value": "d57b026809125ec561f6be1889f2f2df"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 75ea6e8dfaf56fb35f35cb043bd77aef9e2c7d46f3e2a0454dff0952a09c134f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-d9e4-4ecd-8024-454702de0b81",
"value": "https://www.virustotal.com/file/75ea6e8dfaf56fb35f35cb043bd77aef9e2c7d46f3e2a0454dff0952a09c134f/analysis/1502001795/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: a65e01412610e5ed8fde12cb78e6265a18ef78d2fd3c8c14ed8a3d1cef17c91d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-3a78-40d2-b291-444e02de0b81",
"value": "16eccb74112a19237cc669117df78efe526c23fd"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: a65e01412610e5ed8fde12cb78e6265a18ef78d2fd3c8c14ed8a3d1cef17c91d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-6930-4d2f-9249-474d02de0b81",
"value": "067ce30468fa03a81db393577edfccc4"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: a65e01412610e5ed8fde12cb78e6265a18ef78d2fd3c8c14ed8a3d1cef17c91d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-21f8-4502-a31c-4ada02de0b81",
"value": "https://www.virustotal.com/file/a65e01412610e5ed8fde12cb78e6265a18ef78d2fd3c8c14ed8a3d1cef17c91d/analysis/1503289876/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 7170b104367530ae837daed466035a8be719fdb17423fc01da9c0ded74ca6ad1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-4d98-40e8-85f1-442c02de0b81",
"value": "e920cd34437fd8c4eee85bc89ead11eef55b6cf2"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 7170b104367530ae837daed466035a8be719fdb17423fc01da9c0ded74ca6ad1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-cf4c-42d3-a630-476202de0b81",
"value": "7ac3e28d45a592501d4fc83446266614"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 7170b104367530ae837daed466035a8be719fdb17423fc01da9c0ded74ca6ad1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-7ae8-4a80-ad92-48a902de0b81",
"value": "https://www.virustotal.com/file/7170b104367530ae837daed466035a8be719fdb17423fc01da9c0ded74ca6ad1/analysis/1502001747/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 13acddf9b7c2daafd815cbfa75fbb778a7074a6f90277e858040275ae61a252b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-83ac-428e-a543-4ceb02de0b81",
"value": "0dd2b59679daf1e6896be04e08b7ca0128ae878a"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 13acddf9b7c2daafd815cbfa75fbb778a7074a6f90277e858040275ae61a252b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-58bc-425c-a3c8-45c402de0b81",
"value": "891cd799cca447b1e476437972d56fb0"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 13acddf9b7c2daafd815cbfa75fbb778a7074a6f90277e858040275ae61a252b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-e480-4f5a-8e6e-447f02de0b81",
"value": "https://www.virustotal.com/file/13acddf9b7c2daafd815cbfa75fbb778a7074a6f90277e858040275ae61a252b/analysis/1502001782/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 625ed818a25c63d8b2c264d0f5bd96ba5ad1c702702d8ffaa4e0e93e5f411fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aaa-4824-46a9-8c87-4c6402de0b81",
"value": "272f42f450017cb5e845e7d9c34a598571a8e39d"
},
{
"category": "Payload delivery",
"comment": "CMSTAR.B - Xchecked via VT: 625ed818a25c63d8b2c264d0f5bd96ba5ad1c702702d8ffaa4e0e93e5f411fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aaa-3464-40d2-be01-4aa802de0b81",
"value": "8f5a4ad5b92212b1117b594f3fbb2fac"
},
{
"category": "External analysis",
"comment": "CMSTAR.B - Xchecked via VT: 625ed818a25c63d8b2c264d0f5bd96ba5ad1c702702d8ffaa4e0e93e5f411fac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": false,
"type": "link",
"uuid": "59cd5aaa-4110-4d6b-b99b-4d5602de0b81",
"value": "https://www.virustotal.com/file/625ed818a25c63d8b2c264d0f5bd96ba5ad1c702702d8ffaa4e0e93e5f411fac/analysis/1504095692/"
},
{
"category": "Payload delivery",
"comment": "BYEBY - Xchecked via VT: 383a2d8f421ad2f243cbc142e9715c78f867a114b037626c2097cb3e070f67d6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630314",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aab-6784-429f-adce-4eaf02de0b81",
"value": "7a63fc9db2bc1e9b1ef793723d5877e6b4c566b8"
},
{
"category": "Payload delivery",
"comment": "BYEBY - Xchecked via VT: 383a2d8f421ad2f243cbc142e9715c78f867a114b037626c2097cb3e070f67d6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630315",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aab-dcbc-4b9c-b1e6-4ef702de0b81",
"value": "bffc3e2b7382d093fb7440cabbd7b1ba"
},
{
"category": "External analysis",
"comment": "BYEBY - Xchecked via VT: 383a2d8f421ad2f243cbc142e9715c78f867a114b037626c2097cb3e070f67d6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630315",
"to_ids": false,
"type": "link",
"uuid": "59cd5aab-cc1c-4183-bf29-486302de0b81",
"value": "https://www.virustotal.com/file/383a2d8f421ad2f243cbc142e9715c78f867a114b037626c2097cb3e070f67d6/analysis/1505726945/"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign - Xchecked via VT: 6843d183b41b6b22976fc8d85e448dcc4d2e0bd2c159e6d966bfd4afa1cd9221",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630315",
"to_ids": true,
"type": "sha1",
"uuid": "59cd5aab-91cc-4b18-a096-4e5202de0b81",
"value": "87f46a25c043af38af0eebe5fa46b316e89e4100"
},
{
"category": "Payload delivery",
"comment": "CMSTAR Variants Identified in Phishing Campaign - Xchecked via VT: 6843d183b41b6b22976fc8d85e448dcc4d2e0bd2c159e6d966bfd4afa1cd9221",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630315",
"to_ids": true,
"type": "md5",
"uuid": "59cd5aab-d014-47b3-a85f-4e3e02de0b81",
"value": "0eef54c97f445914bc88a65026e8ee32"
},
{
"category": "External analysis",
"comment": "CMSTAR Variants Identified in Phishing Campaign - Xchecked via VT: 6843d183b41b6b22976fc8d85e448dcc4d2e0bd2c159e6d966bfd4afa1cd9221",
"deleted": false,
"disable_correlation": false,
"timestamp": "1506630315",
"to_ids": false,
"type": "link",
"uuid": "59cd5aab-7e78-4e36-b002-433502de0b81",
"value": "https://www.virustotal.com/file/6843d183b41b6b22976fc8d85e448dcc4d2e0bd2c159e6d966bfd4afa1cd9221/analysis/1504537807/"
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink