{ "Event": { "analysis": "0", "date": "2016-08-31", "extends_uuid": "", "info": "Malspam 2016-08-31 (.hta in .zip) - campaign: \"FW: [Scan]\"", "publish_timestamp": "1472637770", "published": true, "threat_level_id": "3", "timestamp": "1472637755", "uuid": "57c6aa95-f274-4fcf-8007-b664950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#3a7300", "local": false, "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637652", "to_ids": true, "type": "url", "uuid": "57c6aad4-5450-47d3-8f06-c130950d210f", "value": "http://www.download.extraslot.ru/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637652", "to_ids": true, "type": "hostname", "uuid": "57c6aad4-3d9c-47dd-ac28-c130950d210f", "value": "www.download.extraslot.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637653", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad5-f8f0-4e30-8982-c130950d210f", "value": "62.173.139.197" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637653", "to_ids": true, "type": "url", "uuid": "57c6aad5-0e1c-48c7-80b1-c130950d210f", "value": "http://w07q93g5g.homepage.t-online.de/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637653", "to_ids": true, "type": "hostname", "uuid": "57c6aad5-2fcc-4906-bdd5-c130950d210f", "value": "w07q93g5g.homepage.t-online.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637654", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad6-df94-4674-8e60-c130950d210f", "value": "80.150.6.138" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637654", "to_ids": true, "type": "url", "uuid": "57c6aad6-d19c-4e66-a56d-c130950d210f", "value": "http://www.hager.50webs.org/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637654", "to_ids": true, "type": "hostname", "uuid": "57c6aad6-1780-4930-a563-c130950d210f", "value": "www.hager.50webs.org" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637654", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad6-4430-4c43-9f49-c130950d210f", "value": "192.151.153.26" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637655", "to_ids": true, "type": "url", "uuid": "57c6aad7-1e00-4312-83a0-c130950d210f", "value": "http://powermax.ru/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637655", "to_ids": true, "type": "domain", "uuid": "57c6aad7-d410-4f8b-aabb-c130950d210f", "value": "powermax.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637656", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad8-cd8c-4f71-aac0-c130950d210f", "value": "213.189.197.56" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637656", "to_ids": true, "type": "url", "uuid": "57c6aad8-2e74-4554-a2d0-c130950d210f", "value": "http://www.helpinict.co.uk/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637656", "to_ids": true, "type": "hostname", "uuid": "57c6aad8-61b0-4514-bae3-c130950d210f", "value": "www.helpinict.co.uk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637657", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad9-04bc-44a6-9718-c130950d210f", "value": "212.159.9.151" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637657", "to_ids": true, "type": "url", "uuid": "57c6aad9-333c-4e79-ab29-c130950d210f", "value": "http://pcps.web.fc2.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637657", "to_ids": true, "type": "hostname", "uuid": "57c6aad9-7510-4935-aff7-c130950d210f", "value": "pcps.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637657", "to_ids": true, "type": "ip-dst", "uuid": "57c6aad9-63d8-4618-ada4-c130950d210f", "value": "208.71.106.38" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637657", "to_ids": true, "type": "url", "uuid": "57c6aad9-eccc-4076-92d2-c130950d210f", "value": "http://www.redanchemical.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637658", "to_ids": true, "type": "hostname", "uuid": "57c6aada-a604-4119-8e8f-c130950d210f", "value": "www.redanchemical.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637658", "to_ids": true, "type": "ip-dst", "uuid": "57c6aada-1a18-4a32-b982-c130950d210f", "value": "213.205.40.169" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637659", "to_ids": true, "type": "url", "uuid": "57c6aadb-3c98-446c-a634-c130950d210f", "value": "http://jack0v0.web.fc2.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637659", "to_ids": true, "type": "hostname", "uuid": "57c6aadb-2608-450d-aeb5-c130950d210f", "value": "jack0v0.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637659", "to_ids": true, "type": "ip-dst", "uuid": "57c6aadb-0f54-44f3-a4cf-c130950d210f", "value": "208.71.106.48" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637660", "to_ids": true, "type": "url", "uuid": "57c6aadc-779c-46b3-aaaf-c130950d210f", "value": "http://a-tconsulting.co.uk/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637660", "to_ids": true, "type": "hostname", "uuid": "57c6aadc-3470-46eb-9015-c130950d210f", "value": "a-tconsulting.co.uk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637660", "to_ids": true, "type": "ip-dst", "uuid": "57c6aadc-c1c0-42a0-984f-c130950d210f", "value": "212.159.8.91" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637660", "to_ids": true, "type": "url", "uuid": "57c6aadc-7b34-4de8-b1f5-c130950d210f", "value": "http://www.commentaborderunefille.fr/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637660", "to_ids": true, "type": "hostname", "uuid": "57c6aadc-062c-4f78-b04a-c130950d210f", "value": "www.commentaborderunefille.fr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637661", "to_ids": true, "type": "ip-dst", "uuid": "57c6aadd-78a4-43a6-a671-c130950d210f", "value": "213.186.33.4" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637661", "to_ids": true, "type": "url", "uuid": "57c6aadd-3c80-414b-be32-c130950d210f", "value": "http://khaimekong.50webs.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637662", "to_ids": true, "type": "hostname", "uuid": "57c6aade-4524-4deb-9c0f-c130950d210f", "value": "khaimekong.50webs.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637662", "to_ids": true, "type": "ip-dst", "uuid": "57c6aade-6aa8-4e89-8ea6-c130950d210f", "value": "162.210.101.98" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637662", "to_ids": true, "type": "url", "uuid": "57c6aade-6d0c-4fb8-9cde-c130950d210f", "value": "http://www.luigigiordano.org/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637662", "to_ids": true, "type": "hostname", "uuid": "57c6aade-0e50-40c9-85a9-c130950d210f", "value": "www.luigigiordano.org" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637663", "to_ids": true, "type": "url", "uuid": "57c6aadf-c1a8-442f-ad70-c130950d210f", "value": "http://www.ionut.coman.home.ro/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637663", "to_ids": true, "type": "hostname", "uuid": "57c6aadf-ed5c-44e8-b1c5-c130950d210f", "value": "www.ionut.coman.home.ro" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637663", "to_ids": true, "type": "ip-dst", "uuid": "57c6aadf-20b0-4830-95ff-c130950d210f", "value": "81.196.20.133" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637664", "to_ids": true, "type": "url", "uuid": "57c6aae0-242c-4034-b4dd-c130950d210f", "value": "http://www.personalshoppingservice.it/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637664", "to_ids": true, "type": "hostname", "uuid": "57c6aae0-f35c-4f3b-843d-c130950d210f", "value": "www.personalshoppingservice.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637664", "to_ids": true, "type": "url", "uuid": "57c6aae0-7d28-4f82-bdc6-c130950d210f", "value": "http://nkbzryw.republika.pl/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637665", "to_ids": true, "type": "hostname", "uuid": "57c6aae1-7aa8-4142-baab-c130950d210f", "value": "nkbzryw.republika.pl" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637665", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae1-46c4-4f18-ba52-c130950d210f", "value": "213.180.150.17" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637665", "to_ids": true, "type": "url", "uuid": "57c6aae1-9418-4872-abc0-c130950d210f", "value": "http://www.hotelancorariviera.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637666", "to_ids": true, "type": "hostname", "uuid": "57c6aae2-7f4c-4809-b830-c130950d210f", "value": "www.hotelancorariviera.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637666", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae2-18b4-46df-a97d-c130950d210f", "value": "213.158.72.90" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637666", "to_ids": true, "type": "url", "uuid": "57c6aae2-6fa4-4132-b9ee-c130950d210f", "value": "http://www.francescafraioli.it/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637667", "to_ids": true, "type": "hostname", "uuid": "57c6aae3-63e0-4dbb-a7d8-c130950d210f", "value": "www.francescafraioli.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637667", "to_ids": true, "type": "url", "uuid": "57c6aae3-126c-4234-8786-c130950d210f", "value": "http://user22393.vs.easily.co.uk/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637667", "to_ids": true, "type": "hostname", "uuid": "57c6aae3-0e00-4c81-bfdd-c130950d210f", "value": "user22393.vs.easily.co.uk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637667", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae3-722c-400e-95af-c130950d210f", "value": "91.194.151.38" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637668", "to_ids": true, "type": "url", "uuid": "57c6aae4-c6e4-4964-a194-c130950d210f", "value": "http://www.francogatta.it/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637668", "to_ids": true, "type": "hostname", "uuid": "57c6aae4-2eac-4b5d-b488-c130950d210f", "value": "www.francogatta.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637668", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae4-53f8-4d10-85a5-c130950d210f", "value": "195.78.215.76" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637669", "to_ids": true, "type": "url", "uuid": "57c6aae5-889c-4652-ae90-c130950d210f", "value": "http://dreamworksoffice.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637669", "to_ids": true, "type": "domain", "uuid": "57c6aae5-a058-4c15-bcb8-c130950d210f", "value": "dreamworksoffice.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637669", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae5-810c-445b-beff-c130950d210f", "value": "123.242.226.64" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637670", "to_ids": true, "type": "url", "uuid": "57c6aae6-afb4-4bb2-aace-c130950d210f", "value": "http://sarushima.web.fc2.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637670", "to_ids": true, "type": "hostname", "uuid": "57c6aae6-9b80-4cdb-bf9d-c130950d210f", "value": "sarushima.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637670", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae6-6104-45ef-80a5-c130950d210f", "value": "208.71.106.61" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637670", "to_ids": true, "type": "url", "uuid": "57c6aae6-c478-4420-91f2-c130950d210f", "value": "http://sonaeyou1.web.fc2.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637670", "to_ids": true, "type": "hostname", "uuid": "57c6aae6-926c-4d07-b267-c130950d210f", "value": "sonaeyou1.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637671", "to_ids": true, "type": "url", "uuid": "57c6aae7-fc2c-491e-8759-c130950d210f", "value": "http://www.kreso.it/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637671", "to_ids": true, "type": "hostname", "uuid": "57c6aae7-1fb0-48a6-b0de-c130950d210f", "value": "www.kreso.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637672", "to_ids": true, "type": "url", "uuid": "57c6aae8-fbd8-4369-ad51-c130950d210f", "value": "http://twojamuza.y0.pl/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637672", "to_ids": true, "type": "hostname", "uuid": "57c6aae8-8c88-4b4c-b4cf-c130950d210f", "value": "twojamuza.y0.pl" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637672", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae8-15ec-48a7-b5b1-c130950d210f", "value": "95.211.96.160" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "url", "uuid": "57c6aae9-6c50-4992-8f42-c130950d210f", "value": "http://www.ieslamerced.es/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "hostname", "uuid": "57c6aae9-40f0-4158-b578-c130950d210f", "value": "www.ieslamerced.es" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae9-b7a8-4602-9d9c-c130950d210f", "value": "62.42.230.17" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "url", "uuid": "57c6aae9-482c-4715-9852-c130950d210f", "value": "http://finishcar.de/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "domain", "uuid": "57c6aae9-31b0-436d-98a6-c130950d210f", "value": "finishcar.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637673", "to_ids": true, "type": "ip-dst", "uuid": "57c6aae9-6f6c-4472-b2a3-c130950d210f", "value": "89.31.143.112" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637674", "to_ids": true, "type": "url", "uuid": "57c6aaea-4174-4422-9790-c130950d210f", "value": "http://www.kukon.go.ro/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637674", "to_ids": true, "type": "hostname", "uuid": "57c6aaea-87e4-45da-a364-c130950d210f", "value": "www.kukon.go.ro" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637674", "to_ids": true, "type": "ip-dst", "uuid": "57c6aaea-2b7c-4fc5-9fe0-c130950d210f", "value": "81.196.20.134" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637674", "to_ids": true, "type": "url", "uuid": "57c6aaea-c664-47de-ae77-c130950d210f", "value": "http://simo62.web.fc2.com/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637674", "to_ids": true, "type": "hostname", "uuid": "57c6aaea-4884-42d6-9c9b-c130950d210f", "value": "simo62.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637675", "to_ids": true, "type": "url", "uuid": "57c6aaeb-eb18-466e-ba85-c130950d210f", "value": "http://joeybecker.gmxhome.de/HJghjt872" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637675", "to_ids": true, "type": "hostname", "uuid": "57c6aaeb-48bc-49a0-8985-c130950d210f", "value": "joeybecker.gmxhome.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472637675", "to_ids": true, "type": "ip-dst", "uuid": "57c6aaeb-cdf8-4cb4-80c7-c130950d210f", "value": "82.165.58.83" } ] } }