{
  "Event": {
    "analysis": "2",
    "date": "2016-05-13",
    "extends_uuid": "",
    "info": "OSINT DarkHotel samples at WooYun",
    "publish_timestamp": "1498162438",
    "published": true,
    "threat_level_id": "2",
    "timestamp": "1498162340",
    "uuid": "5778026d-9670-44e0-9c25-4751950d210f",
    "Orgc": {
      "name": "CthulhuSPRL.be",
      "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
    },
    "Tag": [
      {
        "colour": "#004646",
        "local": false,
        "name": "type:OSINT",
        "relationship_type": ""
      },
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      },
      {
        "colour": "#3a7300",
        "local": false,
        "name": "circl:incident-classification=\"malware\"",
        "relationship_type": ""
      },
      {
        "colour": "#0fbf00",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"darkhotel\"",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1467482777",
        "to_ids": true,
        "type": "domain",
        "uuid": "57780299-9398-4139-afe8-4947950d210f",
        "value": "all-microsoft-control.com"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1467482777",
        "to_ids": true,
        "type": "domain",
        "uuid": "57780299-31a4-4f64-81f1-45b3950d210f",
        "value": "view-drama-online.com"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1467482936",
        "to_ids": false,
        "type": "link",
        "uuid": "57780338-88bc-4f71-abbd-4afa950d210f",
        "value": "http://drops.wooyun.org/papers/15755"
      }
    ]
  }
}