adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a390de6-4a58-4a19-89fb-4620950d210f.json

834 lines
29 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2017-12-14",
"extends_uuid": "",
"info": "OSINT - Zeus Panda Banking Trojan Targets Online Holiday Shoppers",
"publish_timestamp": "1514468033",
"published": true,
"threat_level_id": "3",
"timestamp": "1513825239",
"uuid": "5a390de6-4a58-4a19-89fb-4620950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:banker=\"Panda Banker\"",
"relationship_type": ""
},
{
"colour": "#004646",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#00223b",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
},
{
"colour": "#002f76",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "ms-caro-malware-full:malware-family=\"Banker\"",
"relationship_type": ""
},
{
"colour": "#284800",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "malware_classification:malware-category=\"Trojan\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": false,
"type": "link",
"uuid": "5a390e33-a644-4e3a-957d-1606950d210f",
"value": "https://www.proofpoint.com/us/threat-insight/post/zeus-panda-banking-trojan-targets-online-holiday-shoppers",
"Tag": [
{
"colour": "#00223b",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": false,
"type": "comment",
"uuid": "5a390e5c-090c-4b23-83f0-1714950d210f",
"value": "Banking Trojans work by injecting code into web pages as they are viewed on infected machines, allowing the malware to harvest banking credentials and credit card information as victims interact with legitimate sites. Most often, the injects -- the code that actually performs the man-in-the-browser attacks -- are configured for region-specific banking sites. More recently, we have seen injects for online payment sites, casinos, retailers, and more appearing in banking Trojan campaigns.\r\n\r\nSince November -- a period of time that includes Thanksgiving, Black Friday, Cyber Monday and now leading up to Christmas -- we have observed Zeus Panda banking Trojan campaigns that have an increasing focus on non-banking targets with an extensive list of injects clearly designed to capitalize on holiday shopping and activities.\r\n\r\nMore specifically, these Zeus Panda (aka Panda Banker) campaigns expanded their injects to a variety of online shopping sites for brick and mortar retailers like Zara, specialty online retailers, travel sites, and video streaming sites, among others. The vast majority of these new targets will potentially see higher-than-normal numbers of credit card transactions for the holidays. While Zeus Panda can be configured to steal a variety of information, these injects collected the credit card number, address, phone number, DOB, SSN, and security question-related information such as mother\u00e2\u20ac\u2122s maiden name.",
"Tag": [
{
"colour": "#00223b",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513688781",
"to_ids": true,
"type": "filename",
"uuid": "5a390ecd-e0a8-4c1e-95bc-498c950d210f",
"value": "receipt-package-5a0a062cae04a.doc"
},
{
"category": "Network activity",
"comment": "Landing page redirection",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "url",
"uuid": "5a390eec-3874-4509-a0dd-1708950d210f",
"value": "https://canadapost-packagecenter.com/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "filename",
"uuid": "5a390efa-6134-40fc-901a-1713950d210f",
"value": "resume.doc"
},
{
"category": "Network activity",
"comment": "Document payload",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "url",
"uuid": "5a390f86-f3c8-4662-96dd-1690950d210f",
"value": "http://80.82.67.217/moo.jpg"
},
{
"category": "Payload delivery",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513688966",
"to_ids": true,
"type": "sha256",
"uuid": "5a390f86-06c8-4a7b-a2de-1690950d210f",
"value": "5f7a1b02d5b2904554e65bd01a12f1fa5ff2121eef53f3942c4e9e29c46bdce3"
},
{
"category": "Network activity",
"comment": "Panda C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "domain",
"uuid": "5a390f87-2be4-4d90-b4b6-1690950d210f",
"value": "gromnes.top"
},
{
"category": "Network activity",
"comment": "Panda C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "domain",
"uuid": "5a390f87-208c-477f-a436-1690950d210f",
"value": "aklexim.top"
},
{
"category": "Network activity",
"comment": "Panda C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "domain",
"uuid": "5a390f87-7364-456f-9669-1690950d210f",
"value": "kichamyn.top"
},
{
"category": "Payload delivery",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513688967",
"to_ids": true,
"type": "sha256",
"uuid": "5a390f87-7528-4d33-a029-1690950d210f",
"value": "e13594d83f2a573627e742baf33298b9eeec1ebb8c7955304b8c35559e5f23dc"
},
{
"category": "Network activity",
"comment": "Malicious URL in email",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "url",
"uuid": "5a3910b0-33e0-4ba5-b4e3-18e3950d210f",
"value": "http://www.nfk-trading.com/analyticsmmrxbctq/redirect/0849e22e843170e1600c1910df8cf9da-id-qblozsmn-to-package-awaiting"
},
{
"category": "Network activity",
"comment": "Document payload",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513761114",
"to_ids": true,
"type": "url",
"uuid": "5a3910b0-2350-40f6-bf70-18e3950d210f",
"value": "http://89.248.169.136/bigmac.jpg"
}
],
"Object": [
{
"comment": "containing URLs linking to Microsoft Word documents such as \u00e2\u20ac\u0153receipt-package-5a0a062cae04a.doc\u00e2\u20ac\u009d",
"deleted": false,
"description": "Email object describing an email with meta-information",
"meta-category": "network",
"name": "email",
"template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552",
"template_version": "7",
"timestamp": "1513688748",
"uuid": "5a390eac-8b20-4401-83c1-169e950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "subject",
"timestamp": "1513688749",
"to_ids": false,
"type": "email-subject",
"uuid": "5a390ead-5f38-4bd6-80cd-169e950d210f",
"value": "Your package is ready to be picked up\u00e2\u20ac\u009d"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "send-date",
"timestamp": "1513688749",
"to_ids": false,
"type": "datetime",
"uuid": "5a390ead-1fb4-4194-aaae-169e950d210f",
"value": "2017-11-13T00:00:00"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Email object describing an email with meta-information",
"meta-category": "network",
"name": "email",
"template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552",
"template_version": "7",
"timestamp": "1513688902",
"uuid": "5a390f46-b670-4975-842a-473d950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "subject",
"timestamp": "1513688902",
"to_ids": false,
"type": "email-subject",
"uuid": "5a390f46-6b40-4165-8b84-44fc950d210f",
"value": "Application submitted from Gumtree Jobs by [First Last Names] for Field Sales Consultant - Status: Emailed"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "attachment",
"timestamp": "1513688902",
"to_ids": true,
"type": "email-attachment",
"uuid": "5a390f46-960c-47bd-b0ee-44b8950d210f",
"value": "resume.doc"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "send-date",
"timestamp": "1513688902",
"to_ids": false,
"type": "datetime",
"uuid": "5a390f46-2430-435f-8e56-45e7950d210f",
"value": "2017-12-11T00:00:00"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513689320",
"uuid": "5a3910e8-d3fc-421d-a96b-1690950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513689320",
"to_ids": true,
"type": "filename",
"uuid": "5a3910e8-a610-44d2-96d4-1690950d210f",
"value": "receipt-package-5a0a062cae04a.doc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513689320",
"to_ids": true,
"type": "sha256",
"uuid": "5a3910e8-379c-4569-b87c-1690950d210f",
"value": "2514dbf1549b517692e415af85baa6e5eca926cdedb526d2e255b5943501d98b"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513689320",
"to_ids": false,
"type": "text",
"uuid": "5a3910e8-0b30-400e-96c0-1690950d210f",
"value": "Malicious"
}
]
},
{
"comment": "Panda executable",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513689357",
"uuid": "5a39110d-413c-4ff2-b531-bfd8950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513689358",
"to_ids": true,
"type": "filename",
"uuid": "5a39110e-7550-4987-8cc5-bfd8950d210f",
"value": "Bigmac.jpg"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513689358",
"to_ids": true,
"type": "sha256",
"uuid": "5a39110e-3f94-4b08-b2c2-bfd8950d210f",
"value": "ae92a4a5bc64db6af23219d7fa2d8bce98a5d7eb2eff7193e4f49698e3e5650d"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513689358",
"to_ids": false,
"type": "text",
"uuid": "5a39110e-77c8-4221-828c-bfd8950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513761117",
"uuid": "85fc2ee8-1979-4b2b-8a01-a6e86992950e",
"ObjectReference": [
{
"comment": "",
"object_uuid": "85fc2ee8-1979-4b2b-8a01-a6e86992950e",
"referenced_uuid": "6ef84376-1a21-41b0-8079-fe58470e8a3b",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1514468033",
"uuid": "5a3a295b-f150-45f5-86f4-4b2802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513761114",
"to_ids": true,
"type": "sha1",
"uuid": "5a3a295a-930c-47a0-b7cd-4bf602de0b81",
"value": "2cacb877c487b6dae47fb16fdd1dc7b05595125b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513761114",
"to_ids": true,
"type": "md5",
"uuid": "5a3a295a-faa8-487c-8be9-402f02de0b81",
"value": "a02d6ca05cbc89a317d82945bcb6b15b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513761114",
"to_ids": true,
"type": "sha256",
"uuid": "5a3a295a-9cc0-4301-8d36-44aa02de0b81",
"value": "ae92a4a5bc64db6af23219d7fa2d8bce98a5d7eb2eff7193e4f49698e3e5650d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513761114",
"uuid": "6ef84376-1a21-41b0-8079-fe58470e8a3b",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513761115",
"to_ids": false,
"type": "link",
"uuid": "5a3a295b-b3fc-4cce-92cd-431402de0b81",
"value": "https://www.virustotal.com/file/ae92a4a5bc64db6af23219d7fa2d8bce98a5d7eb2eff7193e4f49698e3e5650d/analysis/1513357351/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513761115",
"to_ids": false,
"type": "text",
"uuid": "5a3a295b-18c0-4bed-af46-433102de0b81",
"value": "53/67"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513761115",
"to_ids": false,
"type": "datetime",
"uuid": "5a3a295b-6208-4950-9d19-4b6a02de0b81",
"value": "2017-12-15T17:02:31"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513761118",
"uuid": "cd87750f-ad31-466c-8256-6bb5c496c7e8",
"ObjectReference": [
{
"comment": "",
"object_uuid": "cd87750f-ad31-466c-8256-6bb5c496c7e8",
"referenced_uuid": "8e8856ca-85ff-4643-9b60-708617003213",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1514468033",
"uuid": "5a3a295b-2bb0-40aa-8f2d-428102de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha1",
"uuid": "5a3a295b-9750-4c27-b32f-454c02de0b81",
"value": "ef22bcec61cb2aea85cd93cede6af5f4b27e011b"
},
{
"category": "Payload delivery",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513761115",
"to_ids": true,
"type": "md5",
"uuid": "5a3a295b-0a64-4a6f-b59f-4ce602de0b81",
"value": "52b053886cc0ca44df86cba91de968fa"
},
{
"category": "Payload delivery",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha256",
"uuid": "5a3a295b-6a54-4cbb-b447-4d8402de0b81",
"value": "5f7a1b02d5b2904554e65bd01a12f1fa5ff2121eef53f3942c4e9e29c46bdce3"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513761115",
"uuid": "8e8856ca-85ff-4643-9b60-708617003213",
"Attribute": [
{
"category": "External analysis",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513761115",
"to_ids": false,
"type": "link",
"uuid": "5a3a295b-c948-41f7-9f3c-4eb802de0b81",
"value": "https://www.virustotal.com/file/5f7a1b02d5b2904554e65bd01a12f1fa5ff2121eef53f3942c4e9e29c46bdce3/analysis/1513686510/"
},
{
"category": "Other",
"comment": "Panda",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513761115",
"to_ids": false,
"type": "text",
"uuid": "5a3a295b-1164-44e5-a7fb-4bc902de0b81",
"value": "44/66"
},
{
"category": "Other",
"comment": "Panda",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513761115",
"to_ids": false,
"type": "datetime",
"uuid": "5a3a295b-f134-4097-aaad-481602de0b81",
"value": "2017-12-19T12:28:30"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513761118",
"uuid": "23b939ba-58a7-4265-acbb-12945bdaf96f",
"ObjectReference": [
{
"comment": "",
"object_uuid": "23b939ba-58a7-4265-acbb-12945bdaf96f",
"referenced_uuid": "1b72a2c1-dda3-4770-9bfd-a29f36fbb9b9",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1514468033",
"uuid": "5a3a295b-7648-42c3-9621-4d3802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha1",
"uuid": "5a3a295b-c1b4-4de6-9890-40fe02de0b81",
"value": "00d8ef79f6fe532815c0325fb6d7165cdae98548"
},
{
"category": "Payload delivery",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513761115",
"to_ids": true,
"type": "md5",
"uuid": "5a3a295b-b4a8-40a6-9d84-42f502de0b81",
"value": "b2a6ec17f49740ddc699640fb19f951d"
},
{
"category": "Payload delivery",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha256",
"uuid": "5a3a295b-e384-4da6-b43e-4b0f02de0b81",
"value": "e13594d83f2a573627e742baf33298b9eeec1ebb8c7955304b8c35559e5f23dc"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513761115",
"uuid": "1b72a2c1-dda3-4770-9bfd-a29f36fbb9b9",
"Attribute": [
{
"category": "External analysis",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513761115",
"to_ids": false,
"type": "link",
"uuid": "5a3a295b-9dd4-4202-b6ac-44e102de0b81",
"value": "https://www.virustotal.com/file/e13594d83f2a573627e742baf33298b9eeec1ebb8c7955304b8c35559e5f23dc/analysis/1513686599/"
},
{
"category": "Other",
"comment": "Attachment",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513761115",
"to_ids": false,
"type": "text",
"uuid": "5a3a295b-bb18-4c9d-b107-418e02de0b81",
"value": "27/58"
},
{
"category": "Other",
"comment": "Attachment",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513761115",
"to_ids": false,
"type": "datetime",
"uuid": "5a3a295b-30fc-4206-af56-438802de0b81",
"value": "2017-12-19T12:29:59"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513761118",
"uuid": "c299d343-7fb7-4bda-bc3c-578213b2333d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "c299d343-7fb7-4bda-bc3c-578213b2333d",
"referenced_uuid": "5d0428a2-0eaa-4719-89c9-c696ddf72dfa",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1514468033",
"uuid": "5a3a295b-6320-4608-a527-424d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha1",
"uuid": "5a3a295b-09e0-40e0-8ce7-42ad02de0b81",
"value": "8eab9d3dfe6ac35a3624e916bb3cdc6d390a83d2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513761115",
"to_ids": true,
"type": "md5",
"uuid": "5a3a295b-e404-4ceb-9571-4a8302de0b81",
"value": "bcac60105cb24fdbcc03c1d52d09bfd1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513761115",
"to_ids": true,
"type": "sha256",
"uuid": "5a3a295b-f7c0-40fb-bd37-4c0302de0b81",
"value": "2514dbf1549b517692e415af85baa6e5eca926cdedb526d2e255b5943501d98b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513761115",
"uuid": "5d0428a2-0eaa-4719-89c9-c696ddf72dfa",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513761115",
"to_ids": false,
"type": "link",
"uuid": "5a3a295b-efcc-4b80-b82d-4cb402de0b81",
"value": "https://www.virustotal.com/file/2514dbf1549b517692e415af85baa6e5eca926cdedb526d2e255b5943501d98b/analysis/1513686655/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513761115",
"to_ids": false,
"type": "text",
"uuid": "5a3a295b-3e4c-474f-8b74-480c02de0b81",
"value": "33/58"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513761115",
"to_ids": false,
"type": "datetime",
"uuid": "5a3a295b-f240-48da-adee-467702de0b81",
"value": "2017-12-19T12:30:55"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink