2023-12-14 14:30:15 +00:00
|
|
|
{"Event": {"info": "OSINT - DHS-USCERT MAR-10201537", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#67ce00", "exportable": true, "name": "circl:topic=\"finance\""}], "publish_timestamp": "1538565875", "timestamp": "1538568109", "Object": [{"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "24353fa4-39c9-4f22-afef-ffbeb15bfd8e", "sharing_group_id": "0", "timestamp": "1538505545", "description": "File object describing a file with meta-information", "template_version": "11", "ObjectReference": [{"comment": "", "object_uuid": "24353fa4-39c9-4f22-afef-ffbeb15bfd8e", "uuid": "5bb3bb52-7cd8-4607-95b0-441202de0b81", "timestamp": "1538505554", "referenced_uuid": "2379fc5b-3f38-41fa-953f-35dda1401a93", "relationship_type": "analysed-with"}], "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "b45ab37b-a23c-46af-a45f-bc3d800c64fb", "timestamp": "1538505542", "to_ids": true, "value": "4f67f3e4a7509af1b2b1c6180a03b3e4", "disable_correlation": false, "object_relation": "md5", "type": "md5"}, {"comment": "", "category": "Payload delivery", "uuid": "b956c49f-7f8c-4c6c-befa-5100823cda69", "timestamp": "1538505543", "to_ids": true, "value": "1c9a437ed876a0ce0e5374bd93acdfd9e9023f1f", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "321d6983-1524-4e81-93f9-986e03058425", "timestamp": "1538505543", "to_ids": true, "value": "4a740227eeb82c20286d9c112ef95f0c1380d0e90ffb39fc75c8456db4f60756", "disable_correlation": false, "object_relation": "sha256", "type": "sha256"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "uuid": "2379fc5b-3f38-41fa-953f-35dda1401a93", "sharing_group_id": "0", "timestamp": "1538505544", "description": "VirusTotal report", "template_version": "2", "Attribute": [{"comment": "", "category": "Other", "uuid": "d496f4be-1741-480d-bf18-f74e42f46633", "timestamp": "1538505544", "to_ids": false, "value": "2018-09-28 04:06:38", "disable_correlation": false, "object_relation": "last-submission", "type": "datetime"}, {"comment": "", "category": "External analysis", "uuid": "01a4bf63-9e77-44be-8351-6c4a963d2467", "timestamp": "1538505544", "to_ids": false, "value": "https://www.virustotal.com/file/4a740227eeb82c20286d9c112ef95f0c1380d0e90ffb39fc75c8456db4f60756/analysis/1538107598/", "disable_correlation": false, "object_relation": "permalink", "type": "link"}, {"comment": "", "category": "Other", "uuid": "1283ebae-cffd-4532-9965-1ad59314f771", "timestamp": "1538505545", "to_ids": false, "value": "36/69", "disable_correlation": true, "object_relation": "detection-ratio", "type": "text"}], "distribution": "5", "meta-category": "misc", "name": "virustotal-report"}, {"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "195ddb4c-b080-4cf9-8ec9-5ebbdb25c37c", "sharing_group_id": "0", "timestamp": "1538505548", "description": "File object describing a file with meta-information", "template_version": "11", "ObjectReference": [{"comment": "", "object_uuid": "195ddb4c-b080-4cf9-8ec9-5ebbdb25c37c", "uuid": "5bb3bb53-dc08-4f05-b137-445102de0b81", "timestamp": "1538505555", "referenced_uuid": "1b43c535-7d20-4ac8-9a35-b26aa3a2f09b", "relationship_type": "analysed-with"}], "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "aa1487f1-38a1-4ad4-8805-12bddaaa5928", "timestamp": "1538505545", "to_ids": true, "value": "8efaabb7b1700686efedadb7949eba49", "disable_correlation": false, "object_relation": "md5", "type": "md5"}, {"comment": "", "category": "Payload delivery", "uuid": "049135d2-1406-41e7-aac3-f1665b1d18ee", "timestamp": "1538505545", "to_ids": true, "value": "7b17d63694eee51010bcad143bc72e355e17cb50", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "e45c99be-5867-4c0f-ae3a-bfff4da31e68", "timestamp": "1538505546", "to_ids": true, "value": "a9bc09a17d55fc
|
