misp-circl-feed/feeds/circl/misp/5e761095-13f8-422c-837a-4aa60a0a020f.json

434 lines
2 MiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "0",
"date": "2020-03-21",
"extends_uuid": "",
"info": "Lokibot Equation Editor Sample",
"publish_timestamp": "1642616464",
"published": true,
"threat_level_id": "3",
"timestamp": "1621850735",
"uuid": "5e761095-13f8-422c-837a-4aa60a0a020f",
"Orgc": {
"name": "laskowski-tech.com",
"uuid": "5e157d76-c92c-4acd-a54e-4a01950d210f"
},
"Tag": [
{
"colour": "#6ed8f0",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "Lokibot",
"relationship_type": ""
},
{
"colour": "#ffffff",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#4d3300",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:threat_targeted_system=\"Windows\"",
"relationship_type": ""
},
{
"colour": "#815500",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:malware_type=\"Stealer\"",
"relationship_type": ""
},
{
"colour": "#764e00",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:malware_type=\"Keylogger\"",
"relationship_type": ""
},
{
"colour": "#fea700",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:enriched",
"relationship_type": ""
},
{
"colour": "#372500",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:ioc_accuracy=\"medium\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:android=\"LokiBot\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:malpedia=\"LokiBot\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:malpedia=\"Loki Password Stealer (PWS)\"",
"relationship_type": ""
},
{
"colour": "#3a2600",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:threat_level=\"low\"",
"relationship_type": ""
},
{
"colour": "#f6a300",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "cert-ist:threat_type=\"malware_outbreak\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584795949",
"to_ids": true,
"type": "ip-dst",
"uuid": "5e7610da-c138-4add-a2e7-46c674656a8a",
"value": "23.95.132.48",
"Tag": [
{
"colour": "#e200a3",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "kill-chain:Command and Control",
"relationship_type": ""
}
]
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584795959",
"to_ids": true,
"type": "ip-dst",
"uuid": "5e7610da-0c20-4a88-8ad4-4b3a74656a8a",
"value": "216.170.122.34",
"Tag": [
{
"colour": "#8a0064",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "kill-chain:Delivery",
"relationship_type": ""
}
]
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584796222",
"to_ids": false,
"type": "vulnerability",
"uuid": "5e76123e-c354-4178-9c1b-4a030a0a020f",
"value": "CVE-2017-11882"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584797893",
"to_ids": true,
"type": "url",
"uuid": "5e7618af-5184-4d5a-8d09-4fe574656a8a",
"value": "http://shgshg9nationalobjwsdyindustrialgoogler.duckdns.org/shgdocument/vbc.exe",
"Tag": [
{
"colour": "#8a0064",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "kill-chain:Delivery",
"relationship_type": ""
}
]
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584797913",
"to_ids": true,
"type": "url",
"uuid": "5e7618af-b0f0-416f-801f-4a2f74656a8a",
"value": "http://23.95.132.48/~main/.isuoxiso/w.php/tOEYLz76bbT79",
"Tag": [
{
"colour": "#ff00b8",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "kill-chain:Actions on Objectives",
"relationship_type": ""
},
{
"colour": "#e200a3",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "kill-chain:Command and Control",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1584798456",
"to_ids": false,
"type": "link",
"uuid": "5e761af8-9558-4dd8-8dfd-43b90a0a020f",
"value": "https://laskowski-tech.com/2020/03/21/til-how-to-unpatch-office-and-get-that-sweet-execution/"
},
{
"category": "External analysis",
"comment": "Cert-IST Attack name",
"deleted": false,
"disable_correlation": true,
"timestamp": "1584960604",
"to_ids": false,
"type": "text",
"uuid": "5e78945c-f8e0-45d1-9de0-23b8d5388438",
"value": "Malspam-2020.03"
},
{
"category": "External analysis",
"comment": "Cert-IST External link",
"deleted": false,
"disable_correlation": true,
"timestamp": "1584960604",
"to_ids": false,
"type": "link",
"uuid": "5e78945c-2344-4646-8551-2367d5388438",
"value": "https://wws.cert-ist.com/private/fr/IocAttack_details?format=html&objectType=ATK&ref=CERT-IST/ATK-2020.024"
},
{
"category": "External analysis",
"comment": "Cert-IST Description",
"deleted": false,
"disable_correlation": true,
"timestamp": "1584960604",
"to_ids": false,
"type": "comment",
"uuid": "5e78945c-ffd0-4060-a6c6-23d8d5388438",
"value": "IOCs coming from a report published on the Laskowski Tech web site regarding a sample of Lokibot. The attack attempt involves an attached crafted Excel document."
},
{
"category": "External analysis",
"comment": "Cert-IST Malware Name",
"deleted": false,
"disable_correlation": true,
"timestamp": "1584960604",
"to_ids": false,
"type": "comment",
"uuid": "5e78945c-0d70-4486-8ddf-2416d5388438",
"value": "Lokibot"
},
{
"category": "Other",
"comment": "Cert-IST First Disclosed Date",
"deleted": false,
"disable_correlation": true,
"timestamp": "1584960604",
"to_ids": false,
"type": "datetime",
"uuid": "5e78945c-8164-4dd9-be39-23cdd5388438",
"value": "2020-03-20T23:00:00+00:00"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1584795972",
"uuid": "5e761144-d120-4a00-a22b-43d50a0a020f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"data": "UEsDBBQACQAIAMZodVC/u6EDeooNAADcDQAgABwANzFmMmM1ZWI2ZDJlOTg0NDdkMTcxNmNhY2JhMmI1NjFVVAkAA0QRdl5EEXZedXgLAAEEIQAAAAQhAAAArCemVA645Vn18vtkglL3kjfeorh5QFrsnvXoY+0O+zCqzXsyunUKQnU8BY56jAQdP0H7z/7nPscUCqe+/5unrCIJS/7XsQx4QZ/j64WlONrt2h5pBLzJsK3jL8JJQXkJA7ZmaE+J4NjlS/eRrczc0IfTeVwmAaA+GUNnpfM5mtDDUPJxUMAJJvY0CVRghia477uX56rvldRHMfea49LB3GgkxfvArWJD1YxvbNScg5Oyzf2l5BkKj45gyKlgBbbtk1GJzB9y7JECs6ijcR53HHuApoU+Y6iB9f3eHm6PzV7eTVvxAXox9I/wAOkSHJjafgqL8p/uU2FrhgWE0YV+vK2kc8kwLYNPabaqW+lP0AT43CrPJy2dob9cZ1oCwHRRRjGOdT9bmgIgyIbGxVNIQktrjWTdFZ5HZVcv5s4NBBVuAMLObLnPrMtKxMEP07rIzNp6dPnvR22B2rdyoIjSUdtvOrNvDZy2r1zKaElih6IEzGcaI8hMNZjLEiW77op+OeSiEPUf+UIKJwldc4WKFYpJzuyBf1FdLPb0EevMr8QKQpT5BEx6nfUwESH98WeFcJwmQhYv/mnmha1+79zYPP7PvZ77uhwWFSb00XZqS+0kiTOvdOZvqfm7vUvM6cmoQHEHSg7iuU913jPF3dcrcMjps2pRxfwltqAQ4zi0eYhiIyMTVVIfQAA4Mbfyl2T+HuKOoZV301QZe+SEQ/05CHTq2CkysF2hy+AmzEwcdayVUw8SLKFSpF68aLVj5Vw+MUSn9puRXILwpAqygZ13SleVA+SWsLLs2WQffH1Ea2NpLUIONeJysU3HdqjQiUL7QO9qogiW9v1wtbCpuDcAkkdLPazGYIJJXxTkG76GUd3b3W4VsFgSg4vy5LkfwWCz34E0dwrJNRMELak/ltwJTRnMw4rRTt3o8u8VqTUGWvXgXjNe1BRNk7/AIbJE6+dMvj5fXBRMrCi0GoS92+t7qQ0pFiNRS6Ye5bX9X1tf0ovdKUuzeTub/SfVJGr4HUv12iBSbHMk12U2013BYmlarN6bXF7tQRhoaZi9gEc/PLwwkszI07qzKXVnH7m0eGydSIx8klwHmeQRdBVsdZBIKixCAbacVbjr2GdD7xaKAx/0pwu1mb1nG08UUK8BPmpPzGKSSBTGFX970xsPADrj64pL+cachd4ti20jsJy9KGA7gGuVgPtJ8iWf0sAO2azne6zKjuu+josSrysamE6SOrO4hEO4966Rc7j0uFBaLoTHcEmHHSGJtBEkU78G1Pq5haozWKvByzhRCUnrruoIrduLElNffF6v5vGLoETtVybmLZZrdoN+WXppPEnJt2ZaR5npTBt25m5DqA0JM5HsFp6xy19Iw0AUUpMqMFmsVPZlxjRRuMldwL0TnlJwCVoL52AAMfZihA8OQ41c6qDXZl3jpPWgSSxmyP48j3EKTR96TM0KaNTumpvhj6mwlp3TfFNOoijf+qsACha/Lg9hz94qTRfpx9Y6acNWweXZb+uUJU5/Rh9Y+HtV0UV8qougjybcsdjxqr/g3Qef8Sp+sdrZNTF2YkAHO3MlHzEwY08FUrS19JEQkqiTfbEqfHJ91hxuEWnMRAEuoM2IG0+Kt4F2zu89MCzEbOf2EbE8ON19kllldP1ff/ShhHH2MI1qgOQL75HsiEQ0jGdsqf35iE2dS+dpU0P0yeeoUgJAfY2m0n3SKAFvCg4HjXBxCgSIC9gtuZWN89i1/lNG+YYztivFkvP+y94xue+MoVBUkOHllOCqgGde+SeJ3JUEhnUr32Uf9daZ8ADGIE9NE8/O0smk42pnS+1WSJEU7ObpDMwl0OVKEAEuHFOZFQvYKqqFHOLS6a86ppJ9y+TJKo11Eq1Dedo4hb1qoT6JQocSgHbIKe48RWLQKH6S3E6EIP5pMiOpP75DcvOVm/ShBOEBH9SzPBk9tsElYmrH7Ky4jK481N68D9QRKzezb84TlD57Ao5xtTbwEsCq83PO6/ZNYadL+rK1+I0WQmXZsfnN7js8+YbYkKwOpA52YQXFjYaRDKlqlZ6O9V7sWYNm/sreHVttr/5CRksRWbJ2IzA60602KU04nT+5ubkfNO9f35t92fm7pcBpGD9gtCBhgxdTkmoQfwo7My3VS07q5RCRuaxi6DtabfEQufUj/Z101Iw1xPah/PmW6XezSHOy67dskZu5p1hz8yVtN5oQN8MmECmwCq7+CJCZaeBzIqQRJ2R5t8Zb2tx+4KrH6FuZWwprjKVK0BLyU+8gEcTQIuNDEFiZI7u9JJvSmpoz17i5KBbQrfUw6zOuhZWzDK1xIZeK6lhxQ2ANLZsOjsNm+xD2XffhDECord02AWwD7WoNAJSa7oFXM3pkKH6HtZYVLrWUvdo1Srlc0ijdsGQeUS6/vmhlTyy0MRrYFVX31rBoajJP31WzHIcO/zNIrdltvolMzAkdIfQOfctk2uWQXGVohQMZcHJatyp1pqXdiEIIB4tE4CrogqIbIeN9sFIiXN8BPaE4ziKIIL8Z2JznIHUJa/7BjxX6jYqP6hRHnNQrITqMyod4yHVzjjvtgYxsiREPnEYa0tb/8mBurTBn/5llNcdEX+gOM3caacSyxCGSWCb1euxwan9Uw0xq6r7mhGNDdIRZh5KkUgd55kQ3MY3eLzXVz5593Nw6BuzA7lKRHQDzPCKU3nrphmbm5d/Jqpideu+hBaEZ0cO7MnNKCRL+OvEHD7p9TarYr7lSz+4lUMD2UsHWH9uwvTy21Ilc3ADJp7AMkshG9pGvUqsIQ/BhziN5EcW1Akg3KxttnwI+/resheoTF1ZoTNCvxcFLFUAqi6QAX7Uq9XiH3RO6mylzC6ZugAJXrJsoxSmUP91aK7z3jTtdwyXjN6/nAVk65ezgbvhBNMe+uP5DTU2NUAfr7TeOrMLvW+xpkMcrjHDaHfeaKRQ+1EcqCQZQRsjEo7ZZty2I5Lrozy7z5sO5yJ/BfE29LQAKyuPoifi4xt1MnMq0r9pMy9cW821B+kpsC/0fH1+1oslakzyYWhauSfJ2HhEgFTLhIgCPKPu6Uw5/1D4MwbTQm3AQXSX+KeDdqGnDkHblMoVY30R4OF5qxW+71LFXKI0jHQTFv/C24QMrRNuJpH9zTVPWGlfAoyD4rjVinLBmlELNM3/Gb6wYTq+2EGGQG73JnHYZBdxxROMkWvH5R2GbC38TTLFNdHfwJhau/QUwz8ncRjHJy5Tk5tO5WmiOBHgPv7oJ6/rvaMO1vdnqBYLfZ80GGsbzpiA6GHc3gX3WxxCVcQOCRlskBNZcQt3qZIoK0g7yiAEapb8SQXsqFwYdodPhWBPbuinZ7R/Cj+UxGAnLVKT6EO+uAir6SqImoZ8un6KayGeuLhSTkmru+IiAp++cdgFnxDn/caIcUEZWkViUUPCj2ov1UEfNUlnzXEHzeYzBu4FxpJe7Fop3kVG+m8u0dW+Mvxz+YbNGFqj6MJQft/NomTUABgtEHDXzVNQ1uyXzL1WD5eJ+oYmQaPAE5zgcfYAkPD8A6dMxoXnAOx5HVzYtNBZhPH7lunOTa6SPUsWJyOYweQlUSBLRkEg1CSgibOCHELcNmSybk4QPhW6On9n0w/RslqKZ38J3TuRqdY5/epP+OUT810JHMM1X/zYe0PNGewiaXxpmow2P+5pg5wWbYha+QTrN+6LKQlYLQPsTibbTQo+CX0cEjiGlsxEKKejC183ytkhmYjeAIDHqVH1jOzPwAQ6Y6fATn1R0nlRWfbaFdxvrJy3esOXLRpssU2SABE6+DvKI4zt0JMqcAV3g6Y6TNQ4Ru6NFkoCvWz9pHFdZfLi7pD3VrJJzjwwyFfequ18x7YE4Qx/0zLH2DEaO2Z9+N/MGF/9f0zpKySbq9KOip1ANjjwMOuYVtM1vakf6LVjdERo4643cVbFW7Uw8ZIY4Ewn7WqgugFY/lj
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1584795972",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e761144-8a50-4a47-a598-47480a0a020f",
"value": "SOA AS AT 29 FEB. 2020.xlsx|71f2c5eb6d2e98447d1716cacba2b561"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1584795972",
"to_ids": false,
"type": "filename",
"uuid": "5e761144-2224-44de-aa0b-43470a0a020f",
"value": "SOA AS AT 29 FEB. 2020.xlsx"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1584795972",
"to_ids": true,
"type": "md5",
"uuid": "5e761144-cf18-4a6d-bfcf-4fe30a0a020f",
"value": "71f2c5eb6d2e98447d1716cacba2b561"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1584795972",
"to_ids": true,
"type": "sha1",
"uuid": "5e761144-5374-43ea-b647-4e440a0a020f",
"value": "87fa9e824272c8ef8c465b589362b8a13941f403"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1584795972",
"to_ids": true,
"type": "sha256",
"uuid": "5e761144-8a88-4376-b4dd-47900a0a020f",
"value": "207e6fe2a7fae906d9cb12d5c1ce67b4c9f9a6c5e8787fb7dda9496834122b18"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1584795972",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e761144-5738-4b5c-bcf6-467c0a0a020f",
"value": "908288"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1584797675",
"uuid": "5e7617c8-b490-4181-b9ef-477a0a0a020f",
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"data": "UEsDBBQACQAIAEBsdVDM35g7QXgKAAAoEQAgABwANTg4Zjc0MzVjMGY2MGM2MjZlZjFhYTY2ODZkNDk4YzNVVAkAA8gXdl7IF3ZedXgLAAEEIQAAAAQhAAAACoFQCar9zHFHrEIFKaKphl+Usui7i/hX7gXSdyejfHhpb1lip8ERHDD/KkT5c4d2T1py++dn9sDmU5f22FagLfSucZMe+5dc84eBQBJm3zAmXP9gyKmuFpCOgmEqVxzQ05mzdAYawq1pIYld6c5Z1M+jNEShPPX5QxfxGLfD4m/nHVU9zyG33ScCoLCAxqgC1Z5+uMOd3J562aHaf2PEN1MyTrJVABuFMu9L6oMLTrByvNGXaUOkPEKR82k+oNtmT//S/nd7YAPG1D1t0+kBjNlTTzBaeM61ABlyEGwcI6vME6hLc1m6RdM+D2d/C+hT7Aeoim5mMWdGXdHFrcTBOHBPsLgYbztlaZQX5tpDOhU/jWPVoGm1nIX2X3tN/G4lSgoMobke3J976/Mt8TA4boKg8huUb4aT9j/+ndsPNKNhsaBsYT2D1cBNtyTrHQKFeZcwb66gDMWKMhP1T7I5mkZxMDi/BNTiC1E+SVy9y4drR0V5LPABexNYLDsY0QkJ3yKo8thR2INjwvH1GQqj2RwnWLKviYt6RkjJYQYmvU7W6X48bk4TPG8rf24nAKUR+yju1c+NSzKwaEu+181Vd4i3leVj++eJMg9XxMstLymC6eZ2SzvudPMZ83QUkt5YzCqDQ/q4xi0NoibUR7bWYM4GRtKIh7tj8JyPgYK7PkQwLavItW1qTkrDdkfrcPIK5kvNLVktghoqAv8U0pTjzvh6lLorjbXCFRBKl3DEk47SvFQVxC5hyErtDcVSgTTBWFZNpdJjvYmbNCIpOPRO/EWvnh73epduYKXX+ORBeoyOONgW9x6rOZDkeVTgAo76l41zrWr15L9OeIQCafqVmKJTMytvPoAjZswxjjuE3VNa500X7oXkRrt1V5QHIJAgTJSG6sR55wNGjwGc/GeylgFWbnjutUGYj5h18nDG+NqiASfeiFAF5ejlMZtJhjb7kAtnb07z05x3PGHamYnMNk3nFR4mzJOh+26Esx5WQ7qJizn60BGy7a7Tghk7Oxh3KPIZGMdTKamc+AZrNDmr0Gs7g7BTrM1YAMDhcJIQBU1gNTuQbPiMtLAz8vlxdmiyClGvrldG9u1v1ICob5BnvrKG4V0Vk6mX51LHqeWlEms/OmTruNfIVTW2Czno8tt0hOXd1Fw+v/cuUwvNP5ePkzzZM7Rgcvjpls4PGe4nphFeKiXu+mUaB73xJL7jQuGTIEhIZfXOJ0WfH20DODcAr1/4rQTdtsUa5IW87fymeDwOar/caXeu6pTutP4z0IB1G/wR08c0oGpU+2br7yqITgSVaGknnVV1cmNffVUWsjUYB0aBvCYY2E6fLPk0dwopeT2B2gbfNGbfoEK6KVxFuaU+SZJ0ZZLRCmRet2JyviXDBK7jt/ZCobdnCIvayu/XDuCNaAsPPq/5skYgbvEN1kWLT+G4CArZSgNEm/3piJimMGvNo62hNqh6DWbOajXGbz1JgNZhcrIWVDAUEPnZUcXQuBDiPSXaC25iw3fyXDo6hXgH7BYZGMz8av+ATqM3umRI8AlJqqczimV3c7PemUM1bg4uDlcTEo7oCuDUza0B0Xd3lP49Yi615QNtdLot8tTYnAeiUonO/6gNGqXPA/EeI44VrkFrGUDtDW2WaPcPNhob0Yk7BVitMsm3aFGSZ9BxTGtFCE9yG9Bx/rLdZ9Z37g2D3Z9GyHHyPmtVOZLN9plxyLiDJlN8NugzJUjVYlkLnDwv49TE5akuMhWJ2K3CiZwCrSK8XVDyck8Z4IcNhvUL4Zimqh2HzQ9PjXGpaPGgU2HqlLexliTYvJiA9IsA9XLjON1BDxtzwo2J38TbBkD1GKnaTzzFeC2+tFVscgwF11viBTa2GxoRfaB14XiFIrzA4+/jh/Bp5TDSwpPJrvtUnSe96ycfDXSKaHXIQ/gIwSDc3a/vR29TM8vt2WXM6Ih0JisoCf//Ycls7UoL54ZiRlOhx3JFcczT/0bNVIB0JUROu8Pyt6JUFadr8/E3xehoq6H/cQCp5yeZ4TOqiU/WhgM1T6pQDIVk4ndX51mzohf5NCMXxqqqY+k6jIki+CsOKCRzSiox8t0sEj31/hjyw4c0b2XEk4a0wmVCrHG4Qm8kNoRmEWLHQuGi7uLICGvkwK29JHBgs+nz7bfSrG5uMeOZj+70JGKfDav8JWC3aDNzI1XbQZWHQmErPeBHQcS9WbunxDCc2ku2Zx+1Ft/xHJsnHu7I8B5Q65wV1p3n1hyF0vhPHfcSNjGLGOAoEa4v2QWaVWD8Wmvs1ej5giu709BS2eWLx1PTgNeaCa9YeK7NG8EppJrrg8DV3J/ahnZJNvHssvStPTXZWBdCw0T1s52++sr+LIz8oq/WlqLd+4A++luTPmCr5WM54BktlC6Jm8EFXmg/u2FJNDrgjaqIIbHmHkMeMoPLzz/PMeZVXGCsOFMSdHp+nC/CuL5un8cA5s1vtXlCE5KW9QiVny2JaF88jMs8+S1bfM99YcIbIP3c7jMmbrmZhVFszbK8VDb33nQKNGT7efl/BUj32zVZfkMgJd+8M71mfYfbE325poAaQNuMQO1wtDJd+Z1A9FptyiAv0GwfVw4nzGj8bpIuVe+xWfZvIW2fwUovP1QKQ59R80ZN/iwsn6yMD9IyyMw03QhcuucxiaTxNsgDL9UPwNF9Pe+9ECJNPkhvZdX7KoZ+8E1WgFpUjPgcwEnV6I428PVfNfqyk2Yv4ik1I2tncczM3Gg7yRcIVUBrXH2gKSemGOvPwwsKJF3il4uwmd3cB/Vu3GyB87YE4yd0ajik0pKReGmV+rBXyNrDpSymQl4AmtuIGt+E2tyt9Y//iH+VUU1uiPTQ0fSdgvbFAEulS5j0WvnJNqNUV7kg6Z+MHzN0ORMveMI1d7/YyZmVpyqdygG1CcXkGQ56RYoD2HG3Kl9i3IhnDbexVDplgzGjAzCEPuKZnEavQnUj55H4yeNkkMIvhLsjn8janTrpLhGtETRSGiLr27HSoPVHKWik/Y1xEnbhWqnzLz3Km/bYzhtjr5kWWC1DcxyRfufKjdDqaUb7mKbQLqzqgA9mWwV8fmUBfjaDHfWNDm5xmDnIzoJncNuLOG6bQzICnYuPaq09yhoKy5D9IvWON7KANrIZj4A4rvMcXaAmafs7BQdjObhy0POC/l6WfudkfTpqqFPaW22ct7gunEdN1AkOrtekPptm1jELGfpQzyBExECWZsejDmPoBvJoOkztN0V6bHa4CvLY/3ndRYxHCgCe49AfNeDbVeTBbjHDxBmBTPQEI+puKmlenq4nXsgtJtJhK6rD5CAfFfEYGF3vXqHP++1lEeNYij1GLlzxNiqBabOXCWuzIsL7a0vSweu2Z355eDgZ9KIY5TqHVXwjKp48SF3nNe9+2Gwi1cFmron+m6QU+m1OtS/LyteDK0JfQdwH6QIDGLHYZ5z99xAOg2yzZAqzo5fzM+Ww4rwGUz6pLZgrQiMaI/w9+2FIESr8aFjXnQr5QamJoCsR9TDl9259DzaG4Q8I7/kTyiszkCaDCZXc7KdtZIGmtNNEgJq2guXLTs0qAoOlcUipkgMXEsXeJ3a+vzon0YyxUuXzLGJPqDsLC5pOMxRRTVQJgRFxERFoClO9H0KLo7NM+rrQu4W7GV+RfmgFcCkFJEu+4HWige3wCiBiOE5s+/l12EPFsqAhCShMNIKKG1kOUijzRI+77l6Id0kmxFaylN5MGGSWxl1hHM3v0UJEY/fcr8lmWZ6jRbcM1CsOMWJZFzsFm5QILThS/MXl2fJDgD6QvGCM1RBXA2D74TBGmkccjjIaV0T8AfNInXszjoGxcVMROUteiIx8y1Upt66a4d21kF3UPsrXUige18GZ4e8TxXQeJjjxrUNQIf2TWtbeEhSQAo4N34bHn87L03F+pb4rGwjcFt2nU/GLNtfzaw0S4pLZ/HceV777Zn
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1584797675",
"to_ids": true,
"type": "malware-sample",
"uuid": "5e7617c8-bfc0-46ed-9f31-44fe0a0a020f",
"value": "vbc.exe|588f7435c0f60c626ef1aa6686d498c3",
"Tag": [
{
"colour": "#6ed8f0",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "Lokibot",
"relationship_type": ""
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1584797640",
"to_ids": false,
"type": "filename",
"uuid": "5e7617c8-f4dc-4d53-8e10-4fb10a0a020f",
"value": "vbc.exe"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1584797640",
"to_ids": true,
"type": "md5",
"uuid": "5e7617c8-ec08-473a-9407-48cf0a0a020f",
"value": "588f7435c0f60c626ef1aa6686d498c3"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1584797640",
"to_ids": true,
"type": "sha1",
"uuid": "5e7617c8-842c-4618-8f7d-47bc0a0a020f",
"value": "8ae273618ff5a22bf2ee880d6ce8327aa8a1a4ba"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1584797640",
"to_ids": true,
"type": "sha256",
"uuid": "5e7617c8-45d8-483c-ae90-4ab10a0a020f",
"value": "d04f19307af75f77ec2e418bc6a16454906b93f1117fc5b4ba84a73764b089c4"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1584797640",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5e7617c8-6360-4a90-b6d6-44560a0a020f",
"value": "1124352"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}