misp-circl-feed/feeds/circl/misp/5ae6cb05-26e0-442f-b430-478b950d210f.json

{
  "Event": {
    "analysis": "2",
    "date": "2018-04-30",
    "extends_uuid": "",
    "info": "OSINT - On the Economic Significance of Ransomware Campaigns: A Bitcoin Transactions Perspective",
    "publish_timestamp": "1525098196",
    "published": true,
    "threat_level_id": "3",
    "timestamp": "1525098135",
    "uuid": "5ae6cb05-26e0-442f-b430-478b950d210f",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#420053",
        "local": false,
        "name": "ms-caro-malware:malware-type=\"Ransom\"",
        "relationship_type": ""
      },
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097833",
        "to_ids": false,
        "type": "link",
        "uuid": "5ae6cb10-7560-42bc-aa57-4c5a950d210f",
        "value": "https://arxiv.org/pdf/1804.01341.pdf",
        "Tag": [
          {
            "colour": "#002b4a",
            "local": false,
            "name": "osint:source-type=\"technical-report\"",
            "relationship_type": ""
          }
        ]
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097818",
        "to_ids": false,
        "type": "text",
        "uuid": "5ae6cb20-d088-46b8-8ec4-481c950d210f",
        "value": "Bitcoin   cryptocurrency   system   enables   users   to\r\ntransact securely and pseudo-anonymously by using an arbitrary\r\nnumber  of  aliases  (Bitcoin  addresses).  Cybercriminals  exploit\r\nthese  characteristics  to  commit  immutable  and  presumably  un-\r\ntraceable  monetary  fraud,  especially  via  ransomware;  a  type  of\r\nmalware that encrypts files of the infected system and demands\r\nransom  for  decryption.\r\nIn  this  paper,  we  present  our  comprehensive  study  on  all\r\nrecent  ransomware  and  report  the  economic  impact  of  such\r\nransomware   from   the   Bitcoin   payment   perspective.   We   also\r\npresent a lightweight framework to identify, collect, and analyze\r\nBitcoin  addresses  managed  by  the  same  user  or  group  of  users\r\n(cybercriminals,  in  this  case),  which  includes  a  novel  approach\r\nfor  classifying  a  payment  as  ransom.  To  verify  the  correctness\r\nof  our  framework,  we  compared  our  findings  on  CryptoLocker\r\nransomware  with  the  results  presented  in  the  literature.  Our\r\nresults align with the results found in the previous works except\r\nfor the final valuation in USD. The reason for this discrepancy is\r\nthat we used the average Bitcoin price on the day of each ransom\r\npayment  whereas  the  authors  of  the  previous  studies  used  the\r\nBitcoin  price  on  the  day  of  their  evaluation.  Furthermore,  for\r\neach  investigated  ransomware,  we  provide  a  holistic  view  of  its\r\ngenesis, development, the process of infection and execution, and\r\ncharacteristic  of  ransom  demands.  Finally,  we  also  release  our\r\ndataset  that  contains  a  detailed  transaction  history  of  all  the\r\nBitcoin  addresses  we  identified  for  every  ransomware.",
        "Tag": [
          {
            "colour": "#002b4a",
            "local": false,
            "name": "osint:source-type=\"technical-report\"",
            "relationship_type": ""
          }
        ]
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525074789",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae6cb65-f87c-4986-ba30-4094950d210f",
        "value": "135N2nfAkextd6E25quXpM98qLSi2BccCb"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525074789",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae6cb65-443c-4020-882a-4aea950d210f",
        "value": "1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525074789",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae6cb65-f26c-4c01-9cb4-4311950d210f",
        "value": "18iEz617DoDp8CNQUyyrjCcC7XCGDf5SVb"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525074789",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae6cb65-1b44-4a4b-a319-466b950d210f",
        "value": "1KP72fBmh3XBRfuJDMn53APaqM6iMRspCh"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoDefense",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096734",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7211e-300c-429e-ba5c-4a19950d210f",
        "value": "19DyWHtgLgDKgEeoKjfpCJJ9WU8SQ3gr27"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoDefense",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096734",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7211e-f24c-4fc1-b9da-444f950d210f",
        "value": "1EmLLj8peW292zR2VvumYPPa9wLcK4CPK1"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-5ac8-4808-9e42-4b90950d210f",
        "value": "1PoebUjR5pdH88tc9ECQ1PCLaCrtPnG9fm"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-c06c-4388-b7d3-4245950d210f",
        "value": "128pJdREzcR6xorYPQAPzGf8RwMQjRBzDt"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-fe38-4ae9-b988-4e17950d210f",
        "value": "15WUYqKerTtxi4rUEmnakw5gRMkr3nZCQd"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-f5b4-4f73-90af-4810950d210f",
        "value": "1L66AcnbuZkYjs8eE6uVbTUxmorHYGKxFJ"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-d2a0-49cc-be6b-4351950d210f",
        "value": "16REtGSobiQZoprFnXZBR2mSWvRyUSJ3ag"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-70a8-4576-a755-4f11950d210f",
        "value": "16Z6sidfLrfNoxJNu4qM5zhRttJEUD3XoB"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-19a0-4139-aef4-4806950d210f",
        "value": "12LE1yNak3ZuNTLa95KYR2CQSKb6rZnELb"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-8be8-4ea2-9842-4a6b950d210f",
        "value": "1JYYzNHDaGC7noiE4eKatuYA4AThqVocDd"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-1028-48b5-bf92-4ad7950d210f",
        "value": "1BhLzCZGY6dwQYgX4B6NR5sjDebBPNapvv"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-0eac-46f8-88a7-4cc8950d210f",
        "value": "16yd1Wj2NZa2uLZ6W4UDCDJ2Ttw92uFaT7"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-9070-404f-a842-4187950d210f",
        "value": "1LGnuv6KX9SXB8eM72dnBAcECeaC8Z2zje"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-10a4-461e-aece-4285950d210f",
        "value": "1L7SLmazbbcy614zsDSLwz4bxz1nnJvDeV"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-92f0-4a5f-82c9-4c4f950d210f",
        "value": "19yqWit95eFGmUTYDLr3memcDoJiYgUppc"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-6f78-476f-b9fd-441d950d210f",
        "value": "16N3jvnF7UhRh74TMmtwxpLX6zPQKPbEbh"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoWall",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096846",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7218e-35bc-4b6e-868c-421f950d210f",
        "value": "1ApF4XayPo7Mtpe326o3xMnSgrkZo7TCWD"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-5f54-4be4-8928-4176950d210f",
        "value": "1MrKJhiECV3RufrY1dSybSXRCwSw11Co6i"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-5adc-4600-876b-4d1b950d210f",
        "value": "1C8yA7wJuKD4D2giTEpUNcdd7UNExEJ45r"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-572c-4cf8-a9d6-4a31950d210f",
        "value": "166vHLnGB1pCQGxdBkRiMkHW5WGQDbsw6s"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-55d4-4807-8f92-4748950d210f",
        "value": "1BA48s9Eeh77vwWiEgh5Vt29G3YJN1PRoR"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-8230-42cb-b530-4dcb950d210f",
        "value": "18mfoGHSfe9h145e8djHK5rChDTnGfPDU9"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-b3a0-402d-aedb-438b950d210f",
        "value": "16hHkyuzCDRFzoejVuqajqrnbmKHSmEfQM"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-d124-4fdf-9e3c-4559950d210f",
        "value": "1382JAg5xbQv7QNwq1svDeyw6ELtNCmujG"
      },
      {
        "category": "Financial fraud",
        "comment": "DMA Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096921",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721d9-df6c-4306-b273-4dc7950d210f",
        "value": "1KXw7aJR4THWAxtnxZYzmysdLXVhLfa97n"
      },
      {
        "category": "Financial fraud",
        "comment": "Mischa",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096953",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae721f9-7b60-4569-9179-5780950d210f",
        "value": "13dN96pRTQDhpWRqKyLTbgRxeTN52p2CqY"
      },
      {
        "category": "Financial fraud",
        "comment": "GoldenEye",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096992",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72220-4bf4-4eb4-bd9b-5787950d210f",
        "value": "1BAdEKq6zE1JDL8g2pA1MDRHbW1wvYCWhT"
      },
      {
        "category": "Financial fraud",
        "comment": "GoldenEye",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096992",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72220-e1ec-4696-b941-5787950d210f",
        "value": "1MGnopAa6MAGjUpCEmRiSAcVKZNB6n8gnR"
      },
      {
        "category": "Financial fraud",
        "comment": "GoldenEye",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525096992",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72220-9530-4e39-b6b1-5787950d210f",
        "value": "17xV74Hp2zNR74yG3AJvPpNMchPJHm2iUo"
      },
      {
        "category": "Financial fraud",
        "comment": "NotPetya",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097017",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72239-b5fc-4b9f-8298-5789950d210f",
        "value": "1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-15a0-49be-9060-4e6c950d210f",
        "value": "1PGAUBqHNcwSHYKnpHgzCrPkyxNxvsmEof"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-11b0-46c2-9dc5-4f2f950d210f",
        "value": "1Lhgda4K77rFMTkgBKqmsdinDNYYVbLDJN"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-7c70-40b9-a0b9-4688950d210f",
        "value": "1KGusS7xB9hnqZQdCZ1G8Tno16RfTS95ey"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-dca4-4bdc-a089-4cb9950d210f",
        "value": "1KPPqHpd8Z9S6pQH1qVovzyejyfDMghp4u"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-4a84-4663-b652-4341950d210f",
        "value": "1J9PMCpbrnicZoBUdyuNBwi4QvXwq6Korq"
      },
      {
        "category": "Financial fraud",
        "comment": "KeRanger",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097080",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72278-ab80-421f-83b6-45c8950d210f",
        "value": "16hhyeg7WMh4Go7JqNKRwmD95bRd4aenwz"
      },
      {
        "category": "Financial fraud",
        "comment": "WannaCry",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097134",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae722ae-f838-473a-8a9d-49e2950d210f",
        "value": "13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94"
      },
      {
        "category": "Financial fraud",
        "comment": "WannaCry",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097134",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae722ae-40d8-4f8c-9be8-48b4950d210f",
        "value": "12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw"
      },
      {
        "category": "Financial fraud",
        "comment": "WannaCry",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097134",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae722ae-0250-44df-99a6-4668950d210f",
        "value": "115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-fef0-4c46-a8e6-5786950d210f",
        "value": "1EfuwPcYeCTes24X8CVGMUCR1H4yZ4CyoE"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-ce78-45b7-86b2-5786950d210f",
        "value": "1EhJcMYwQKKWQcLFBjjYaMGTVncpQMJbbv"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-2cb8-4a07-bdb3-5786950d210f",
        "value": "1Bj2z4j3weU1g9jwu4oHQQA6x8x2G2FRRm"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-a8a8-4603-90bc-5786950d210f",
        "value": "1MScgv8kvbVLwGbciuw44gvy23rocaNCc8"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-3884-4b92-880a-5786950d210f",
        "value": "1JXMiCkbrPiDWxoZ8oJ9yQZutHoaGQtXCF"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-b794-4693-90f5-5786950d210f",
        "value": "12UrsknT8hqYGpi8NToS2GWCWaLKtR2UXn"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-3b54-4068-9cba-5786950d210f",
        "value": "1PAVxqYtWD1RBAjE5voSDnUSefGGUvCwpm"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-b7a8-4f70-866e-5786950d210f",
        "value": "1N3qTaZsUqU2owUVjmijVyHB4uiid2JoXd"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-25ec-4c5f-b2b3-5786950d210f",
        "value": "1PWLk2FP6r3FzKcqq9UgsYVZ9Ev6gufCsJ"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-b1e0-4a7b-8efc-5786950d210f",
        "value": "1BLeMsrSLB8H1fDDLRhQbLHScoC58ncf4x"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-2984-4467-a3c1-5786950d210f",
        "value": "1A6GJMhpPhCcM557o62scEtuVXNAFe74fa"
      },
      {
        "category": "Financial fraud",
        "comment": "CTB-Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097289",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72349-95d4-4a55-b6d1-5786950d210f",
        "value": "1BGDTqDZyD446Q71eGhdmWLzyCHVPZUJxv"
      },
      {
        "category": "Financial fraud",
        "comment": "CryptoTorLocker2015",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097327",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7235f-7f88-4f0a-9a16-457a950d210f",
        "value": "1KpP1YGGxPHKTLgET82JBngcsBuifp3noW"
      },
      {
        "category": "Financial fraud",
        "comment": "Chimera",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097423",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723cf-212c-4b43-8bd7-409c950d210f",
        "value": "1HqoNfpAJFMy9E36DBSk1ktPQ9o9fn2RxX"
      },
      {
        "category": "Financial fraud",
        "comment": "Chimera",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097423",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723cf-b234-4f5a-bafe-4487950d210f",
        "value": "15QzHEbNZWp2w1i2mfZSx7pV5YNM4ahszB"
      },
      {
        "category": "Financial fraud",
        "comment": "Chimera",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097423",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723cf-3c98-45b8-b085-4519950d210f",
        "value": "1GaVKrVT17DN4dnWbTqGB9qG3rQrk1JBe9"
      },
      {
        "category": "Financial fraud",
        "comment": "Chimera",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097423",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723cf-d05c-4096-a5c5-4594950d210f",
        "value": "1MZsTFUNMGxQxz38wWm8CtBoycW7VD5z7v"
      },
      {
        "category": "Financial fraud",
        "comment": "Chimera",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097423",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723cf-7d84-4d94-9c2e-40d1950d210f",
        "value": "1DGqEKZJdCd4YftWPuK5Z1HFBdeyz9RNDU"
      },
      {
        "category": "Financial fraud",
        "comment": "Hi Buddy!",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097449",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae723e9-c0f8-4a27-afba-4c55950d210f",
        "value": "1AoNMLZfhw7cbMCKAhaKHiveMdwFyVUGeA"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097741",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-a29c-465c-afa6-4e29950d210f",
        "value": "15fbyNgDnqYQR5vSHJ8PTAEJbKy4dwNBCZ"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097741",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-ad84-40e5-b5ca-4336950d210f",
        "value": "12YHmaLEAbWx3o3p6BvegG9WH47EYs8t1V"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097741",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-4918-4cab-8468-4625950d210f",
        "value": "15MHczWfcYxf3P3NwYqCthaNiieGP8RY9d"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097741",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-aa78-440b-aeb1-47fb950d210f",
        "value": "3NQoq5MVPfEMw12gB4a2c1G61mRZyMymsB"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-3be4-4f57-bb88-4f8a950d210f",
        "value": "12vfQqmMxiDvZdzYHndfURupmcjjs8uSpY"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-bc84-4468-b8c6-4972950d210f",
        "value": "1FLjcTFpz9MhwLdZ4xm9onpAnUGfRbGdXg"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-6df8-498d-b325-485a950d210f",
        "value": "1Cj37Tw5uHwfye6Srd1zHzSMhUekp3jM63"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-e59c-4b57-8ee2-4e84950d210f",
        "value": "1Q5B5udzDLpNJbpedGpyGMLVU5DR5dTqx6"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-5318-4d89-8b4c-461e950d210f",
        "value": "13VEVaJUMdJyQ7ttPfBaVNKjj2dS9ahU1z"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-ca58-4617-a813-4271950d210f",
        "value": "1HxkJ3vz2tvpcHgdt9yyY4XivdY9jKkcZH"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-37d4-483a-9dd4-4399950d210f",
        "value": "1LBhCecBmT23hybSUYyFW1YYqtTJcvFui2"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-b9a0-49e3-b206-45f2950d210f",
        "value": "1H8BXLJsLk9YCoNeBahYbgWo5ZqEn752ey"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-352c-4283-aa19-412e950d210f",
        "value": "1L9GdBW65Rt6e8UY69bnWNWomsppFFFR2X"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-a5c8-4250-b001-474b950d210f",
        "value": "1ESe1nekuFJcEWycb1JjCz9KneNEm8yjg3"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-3220-469a-9555-4e4e950d210f",
        "value": "1EVNFaX7HktW1ud6fPueoMJ2Xw4UfYGY5Y"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-9ed4-4d54-83fb-4d01950d210f",
        "value": "1CcAYfsKNNFPq7AKkbKQzRKw2kqjrqUeN9"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-1e48-4533-b442-4217950d210f",
        "value": "18jCCAR2QZf6uZTnu4769ZknPfXjbmh1mw"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-90d8-4c9d-8bdc-4ec1950d210f",
        "value": "1EH3yoQciVcWUufa4NWJvftyvvFxjbFLtQ"
      },
      {
        "category": "Financial fraud",
        "comment": "Jigsaw",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097742",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7250e-f4f4-40a8-87a1-4010950d210f",
        "value": "1F5RJzWN1g38wD9XbcspcxaYDU5hKpdvm8"
      },
      {
        "category": "External analysis",
        "comment": "On the Economic Significance of Ransomware Campaigns: A Bitcoin Transactions Perspective Mauro Conti,   Ankit Gangwal*,   Sushmita Ruj",
        "data": "JVBERi0xLjUKJY8KMTkgMCBvYmoKPDwgL0ZpbHRlciAvRmxhdGVEZWNvZGUgL0xlbmd0aCA0MzY3ID4+CnN0cmVhbQp42rUa2ZLbxvFdX8GnBKxaQrgPva1XkrWJLSvWOkmV7YchMEuiBAIMDq+Zr09fg4M7q3JSlWIVp6en5+4b420OG2/z7atvHl69fp9nm8TN0zDbPDxuoszNk2iTJp6bpvnmodz87ATbXx/+8sqTPtQhB6ogwQ7eZheGbuCnTHvfbHexnzufdTFULVYCz/n7/Q1jnzSXZdUXY99z63AUbF2dqkFht54R7SNTtGPHiHPXnttel7ggnNn33TxOeObHTp30Noidp60PXbov7nYXxp7zvmpUXV+2SezcMGZaG1b+fn/PQNE2RT2WuucqrQqBszrrbhvHjkuzZpHrBfFmF8RuHmSyaVidJ/8wawzFJySmo0rhbD0fjyrw3STMYd3U6cftLgmcd/DvO98RfE//3y/gj9tdkDm3BP9IlPdTr8D5PM0xX8cuj12cbufHbpSEi0vxUthT1TPU8xHgtXgZXwtgYfNFV+21oRagOHZt09bt4cLkdC2AV0J3OVeFqul0driSUC4m5tk71fTtiW5FdThkGDpV8zgxCFRVUzKgt37s/H6uVUUtgSwCWh7HpoQLbgZV94yhZUCJJEt+kGm/qYaireSWi+5yHtpi7DrdFDjHhfH9pR/0yeWD9L10cZJmJ4HrGeb+kXeium2YOvqN5fjjzE1931wxXFyYxtMBUeX6NMI0WZ4GklQzI2Jv2d4uydwkjdabfGzruiWmr5oDb4lk4DfcIxxW/2YluyDoSQTM6wMTp8K8/i9e7K+pfoZ7BX42q3qz3UUpiDSIZw17p8rQQpl5zkE3uqsKRp5gk7Avs7kbxl7vGHEI4KZ8UB3ZektwvzB2GMWoJQZgxy1ogHEAoQdk4vxWKW79Dfepuqode25ZnmJkjqAY2q53meDhqHu9atzZGAd7wCrz0FwE7iMPHFkINzWtAKS0cHFIMrQ3jNUnVdUM9lsfdMjpRBeEiKdqONrmhdOrCt5OEPmOGgZVHJHjse45cE2edg/uDTffEUd/1xZf8GB1R7dILW3HZV01X7grXhZicIadTXeaaWF1Z3WpW1ViJVjNCW085z+2cO+gUnFGaTBi21aDGaX40lvHuG2sh36oQcnuwjxx9h0zdG8Qq8ERQUIN5cM2hZ33taJ1MY40CQIf9QjM07TPx7DM/gWHjn2fho79wHn7/S0j1gfsMvK+GXSn+wGudDIs2KvTBV0X0lxxvWVS4K62O7edGlDF5Rko5fpxhyZOHbbA2qIeoaFQZ7Wv6mqoNPJynKfOe9wQ3jS2V00/qKYARrVM87EdPunhotgusaaNcodvsWnw8Lhpdc5I8ttYg3BPMzMVnRA0vqB1Gz0Y+8tCB/sBxdvWIqRDuxRWhFOnblk7ArpoT2eQ9U6oWZYTMcYA9GjjLQy8mNZd67KdRcUEL6m8dw0ZCtZ5cZw7t48DsiGCVfOL5wX10CljORPvuW0Dwr6qgQvqC9e08LtlGQWzbQwMREPTESe8a0Sy7UtiOSxUMlgzNoto74X2rLqhKkbUzyDwN4yE1VmFba2OYd8DdPMzUOao1DwfZm57aZpWRnRHJRRTV1bD9aj2tRmsNYMIYkRRplVZ1iKqIQSWqk7qoHuqZKDnS9320lKC6UZNyJo8m7k/FE4kQE+3x1TAenZtp3scOMrS57YJcCNtPQN5vJxOemDrBvjl8FhX9aHtQJefrPtSX+2dLXtTO+4G8UvzzS0gE3vwYamrZSJ0g6JQHFYE9u1wdBl8MDjWYeL4IOKR5gvWh4YN6CFiqWFtyPoIk5FXw5XfLfOT9CK3R37Eu4BZ4OjB2SKzCNjHrj0xXjGi06cWtR7Cd+3pRFqJ2pvSYO2sO3RtjUovIbty96c7o5YB8y0tc/b1EccyBApzDxZpPJuuRtrQYpDcIkCOB0LaPjcdlC5fl7rWYvJ95nYoz93K8WIkGIQWEYztaGEuN31gK7foZCSXRqWLA8As1cLGYIHOECpVLHhJKHcKQDc2DbsbiXjQiGW9wTAze2L8GCBTj7gS1jM3QmS1lbVW/cCu5tgM6OWswqVSqxI8D6khc2LJcmYCqgvK8h/Q0+GLevp3cNJETYeguERNI8gL8a+0gU/aQAQfa8/ccMCBv/miroaQ5MICo7gwO4ogQGuYmQFLUhSITkIAAiqtG5crDwYL2taZ+ufL/o+2I5/8ish/bnEibxEwIIXiYjh2Wg1McIKNg269WQ5hVVqndsSJQnCs+rMuKmQ/8rxTtvxYIk4J0VVEhd3G4siQ6rn86TOXJcQqGD7wGLGH7Gph69mZAcoUer/lICn0PMbwOpLJsWHPF1vIIkBpjfagB63NqqvRXmZzyBgn+bREalksCqu+0D/cMS33yaxOuXRRVo2Cx12yJsAhUohmqxN5HGkk1haR/VF8YqEhpSbETFvrR6Hda1i1ngkt0xoZRTkPxGcmAIuUBBQYlLUY1FVZgq7pXSYSJk6MHEtXprFuUsHWgth3MLEQoA/K1em0sWL6U4UimJnwSe97iLH+jEmY/hm58UoQPZ+TzXRw9iPLF/cMlXl3WHtAt5jj9YUdMUmqbJZ7hFluaRC0HVZmXuaUkIu6sZAMF+lHyU/IurnCMQwAT2CBRZGS3wwlB6GSvZB9/AFNGr2kSd/qhccbzaoUwaIll7c7SSgSSUouMmo2mhQpw8IRNy8pUdbNFrcZccbhQFiNQ4uzimcRolcNPurArdMw5bR4233PCj8GZ5AkOZKFx+RgwkWcGCbGgFL1LLil0LZcGgnlwJgIGwHA1Fo1ijGGCxtEt9jW1mQT5c2CdWJGbteWZgoTN04ik2bCGCCCtfh5Ht4wCBytVVccKZJChLhg4CXfqa4hT/BQaW77Xtd1K2P81EiGADwANw7S9bbEUQFpxOgmSZ2fo18Z4AMBAAZYuDQzJWXroPzcjnjPDdfuVF2BumowqUPjxTLeZIuvlcnY92SQvEj4AIBGGxQpbATwArxQLMGhU+cjhNSX3V5NvcvqUA0Ud0JlZSvYSUP0D41NqD8ufLrTnqQFduyLNg08L7thlBJFCefAjgEHLZOqhTvoWnRKEUOSBSim7hk5NqUZ32pAzr0eSxgb14287AXOZzW0/bHCSuh8VF/AphMfQ5OJETmU9IwhgRYIthSjOLkbwDJgYtA1L6TIdtTODiudJrko4H1XYDn+TS4knevL5w9OdAHefIMBEl3V8gpsQau4r2HqO6gX2C1ZmJEwDZyf/V9dRpOZQgCmpCkABM12qkwmG8nH3ozCA/h/KJlsUhqirY2KVqLT55zsVfYVhR6/BwQpyNUiw7yQ+V88P/3a15bcjfNgSi+z5UIfGC4Mk83e8jjwwo2ZxEolpWJCzK1SzpivH1x5cvY6xpDjPhOfW7s4SvQRBvTxYDBhKiFYFoOMxoD6vDLxMSgIoNr9wCUtEXoECdfJ6kEZxlyqerc6ncmYBUnoen64STLfjaJIhOOomvHE6enYi53iqDpVcHYJ66D0Dgyx9gJgL5qxERLK1QIUGVGJHRjSehR7ProcnUMs0H/8hKOpyw7k5dO4Z/xfkTU4FP+gevSVPbZO2Pgp+PTXDwwOl7MW1xZqhiBk+sXgQt3a1vS56CrKjIJxlsl8GQswn4LPHyRokrlcrs435U/+Efkw0DZFS0cYz54ROI/7ms48DJaJh54xczKBqmyYFp96AuddXcOqzQh3Y8eqlqtvRW3bdlsdgP9GDm0T59ZkWLiKR/bu7u3nW9ko4j5o9ukR1goDlwiU/7R9RFe9PWLo26LiXZCnRnyyCoTFZ9Cd8VtJdcjRILzMySTyefFFXbFjyV/Zof9KWZisvR7Q0YOY5RaLTD7WIJ7RlP9JOMylKAjzD0wq2b8EnTEIMYRwcVrZgllsh8YCF0InOa90cuZy8DY7zmiUlaE6d+JLoPkbhG7JUS6PQeojyc2nowS/RFUv5I8Uy3ZmjF8WgcsCsS7F14B92Ib8kU6Z75OA/GEczqMQIB/99PDPH1g2EUMrt6vHeT
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097817",
        "to_ids": false,
        "type": "attachment",
        "uuid": "5ae72543-617c-489e-b53d-4142950d210f",
        "value": "1804.01341.pdf",
        "Tag": [
          {
            "colour": "#002b4a",
            "local": false,
            "name": "osint:source-type=\"technical-report\"",
            "relationship_type": ""
          }
        ]
      },
      {
        "category": "Financial fraud",
        "comment": "ZCryptor",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097888",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae725a0-2320-42c7-8848-4a53950d210f",
        "value": "17XajwHHeWbfKfNwn57sHRMAEXxvQUUGNd"
      },
      {
        "category": "Financial fraud",
        "comment": "VenusLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097927",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae725c7-e154-4672-8044-56e1950d210f",
        "value": "16jvWspVfvhjRgJhGCDETf29cjQAyNmx9G"
      },
      {
        "category": "Financial fraud",
        "comment": "VenusLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097927",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae725c7-ef5c-4387-998a-56e1950d210f",
        "value": "1JKVwmeokitMHAFxCUeC4yrd8pdWxDAjZW"
      },
      {
        "category": "Financial fraud",
        "comment": "VenusLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097927",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae725c7-d310-4634-89e3-56e1950d210f",
        "value": "1Dj9YnMiciNgaKuyzKynygu7nB21tvV6QD"
      },
      {
        "category": "Financial fraud",
        "comment": "The Trump Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097947",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae725db-b6a4-403d-8f86-45a5950d210f",
        "value": "1N82pq3XovKoJYqUmTrRiXftpNHZyu4jyv"
      },
      {
        "category": "Financial fraud",
        "comment": "The LLTP Locker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525097987",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72603-46f0-4be9-8542-43ca950d210f",
        "value": "19fhNi9L2aYXTaTFWueRhJYGsGDaN6WGcP"
      },
      {
        "category": "Financial fraud",
        "comment": "KillDisk",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098008",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72618-3508-44d5-94be-4cbe950d210f",
        "value": "1Q94RXqr5WzyNh9Jn3YLDGeBoJhxJBigcF"
      },
      {
        "category": "Financial fraud",
        "comment": "FindZip",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098029",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae7262d-d9a4-43c4-aa7d-430b950d210f",
        "value": "1EZrvz1kL7SqfemkH3P1VMtomYZbfhznkb"
      },
      {
        "category": "Financial fraud",
        "comment": "ThunderCrypt",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098068",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72654-4640-4545-8755-570e950d210f",
        "value": "18yfx86BwNK5xYKw71uaHwAxPgCGRJaqgg"
      },
      {
        "category": "Financial fraud",
        "comment": "ThunderCrypt",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098068",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72654-4e08-4d48-8e48-570e950d210f",
        "value": "1HFY12o56xbHer3oeNxC99A7SGyXaR64hs"
      },
      {
        "category": "Financial fraud",
        "comment": "ThunderCrypt",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098068",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72654-54a4-442d-8dff-570e950d210f",
        "value": "18KfMJBTDWUUa1h4tm58swbkvsgHNZ6d2g"
      },
      {
        "category": "Financial fraud",
        "comment": "DoubleLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098098",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72672-ce58-4361-9814-4c49950d210f",
        "value": "1CvcvetHZ81V8itkDtF8iRpLfPp7Zz8UER"
      },
      {
        "category": "Financial fraud",
        "comment": "DoubleLocker",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098098",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72672-d1d4-4ae6-b676-486b950d210f",
        "value": "1HxKouDDK9WbkizMEnf23tftHSefWhUyXR"
      },
      {
        "category": "Financial fraud",
        "comment": "Bad Rabbit",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098135",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72697-4e60-4755-8c13-4666950d210f",
        "value": "1GxXGMoz7HAVwRDZd7ezkKipY4DHLUqzmM"
      },
      {
        "category": "Financial fraud",
        "comment": "Bad Rabbit",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1525098135",
        "to_ids": true,
        "type": "btc",
        "uuid": "5ae72697-0484-4b72-852b-4a90950d210f",
        "value": "17GhezAiRhgB8DGArZXBkrZBFTGCC9SQ2Z"
      }
    ]
  }
}