{ "Event": { "analysis": "2", "date": "2016-12-19", "extends_uuid": "", "info": "Kaspersky Lab: Spearphishing attack hits industrial companies", "publish_timestamp": "1602321219", "published": true, "threat_level_id": "3", "timestamp": "1607523242", "uuid": "5857cf66-aa18-4681-bff7-08720a950b0c", "Orgc": { "name": "NCSC-NL", "uuid": "5697b0c4-9474-4336-b675-28140a950b0b" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#777c00", "local": false, "name": "ncsc-nl-ndn:feed=\"generic\"", "relationship_type": "" }, { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" }, { "colour": "#a2009c", "local": false, "name": "retention:1m", "relationship_type": "" }, { "colour": "#460043", "local": false, "name": "retention:expired", "relationship_type": "" } ], "Attribute": [ { "category": "Artifacts dropped", "comment": "Rule to detect VB Packer of FareIT and Zbot samples", "deleted": false, "disable_correlation": false, "timestamp": "1588082213", "to_ids": true, "type": "yara", "uuid": "5857d248-8124-423e-8e90-086e0a950b0c", "value": "rule VBPacker_FareIT_Zbot\r\n{\r\nmeta:\r\ncopyright = \"Kaspersky Lab\"\r\ndescription = \"Rule to detect VB Packer of FareIT and Zbot samples\"\r\nhash1 = \"0b7f872d098ef8f1dd0e52f6d5c5a92e\"\r\nhash2 = \"0eb12f0c3aa4ec1db178fbbe69a329cf\"\r\nversion = \"1.1\"\r\n\r\nstrings:\r\n$a1 = \"C:\\\\Program Files (x86)\\\\Microsoft Visual Studio\\\\VB98\\\\VB6.OLB\"\r\n\r\n//\"gdi32\" + 0x11 +\"SetViewportOrgEx\"\r\n$a2 = {67 64 69 33 32 00 00 00 11 00 00 00 53 65 74 56 69 65 77 70 6F 72 74 4F 72 67 45 78}\r\n\r\n//OriginalFilename AX.exe\r\n$b1 = {4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 41 00 58 00 2E 00 65 00 78 00 65 00}\r\n//OriginalFilename AS.exe\r\n$b2 = {4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 41 00 53 00 2E 00 65 00 78 00 65 00}\r\n//OriginalFilename Can.exe\r\n$b3 = {4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 43 00 61 00 6E 00 2E 00 65 00 78 00 65 00}\r\n//OriginalFilename usisui.exe\r\n$b5 = {4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 75 00 73 00 69 00 73 00 75 00 69 00 2E 00 65 00 78 00 65 00}\r\ncondition:\r\nuint16(0) == 0x5A4D\r\nand (all of ($a*))\r\nand (any of ($b*))\r\n//and (any of ($c*))\r\nand filesize > 250000\r\n}" }, { "category": "Artifacts dropped", "comment": "Rule to detect MSIL Packer of FareIT, ISR Stealer, Luminosity, HawkEye Keylogger samples", "deleted": false, "disable_correlation": false, "timestamp": "1588082210", "to_ids": true, "type": "yara", "uuid": "5857d288-8438-4b59-934c-08700a950b0c", "value": "rule MSILPacker_ FareIT_ISR Stealer_Luminosity_HawkEye\r\n{\r\nmeta:\r\ncopyright = \"Kaspersky Lab\"\r\ndescription = \"Rule to detect MSIL Packer of FareIT, ISR Stealer, Luminosity, HawkEye Keylogger samples\"\r\nhash1 = \"1f9ea55ec924bf927db4fb4f429d49b6\"\r\nhash2 = \"80c4a3d66159877e264b0eab74a791db\"\r\nhash2 = \"e8bfa64826d095ff3699a5e3df205d24\"\r\nversion = \"1.1\"\r\n\r\nstrings:\r\n$a1 = \"set_Key\"\r\n$a2 = \"set_IV\"\r\n$a3 = \"set_ClientSize\"\r\n$a4 = \"set_ControlBox\"\r\n$a5 = \"SetCompatibleTextRenderingDefault\"\r\n$a6 = \"CompilationRelaxationsAttribute\"\r\n$a7 = \"ICryptoTransform\"\r\n$a8 = \"_CorExeMain\"\r\n\r\n$b1 = \"Video card management\"\r\n$b2 = \"Net Extensible Autheticator\"\r\n$b3 = \"NetTcpActivator\"\r\n$b4 = \"nVidia PhysX technology\"\r\n$b5 = \"WdiSytemHost\"\r\n\r\ncondition:\r\nuint16(0) == 0x5A4D\r\nand (all of ($a*))\r\nand (any of ($b*))\r\nand filesize > 100000\r\n}" }, { "category": "External analysis", "comment": "Source article", "deleted": false, "disable_correlation": false, "timestamp": "1482149781", "to_ids": false, "type": "link", "uuid": "5857cf95-b01c-46c9-9b92-08710a950b0c", "value": "https://ics-cert.kaspersky.com/2016/12/16/spear-phishing-attack-hits-industrial-companies/" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150159", "to_ids": true, "type": "domain", "uuid": "5857d10f-935c-4084-acf4-0b7a0a950b0c", "value": "alreyadbplastics.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150160", "to_ids": true, "type": "domain", "uuid": "5857d110-d4fc-43f6-ad3b-0b7a0a950b0c", "value": "xpweb.win" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150160", "to_ids": true, "type": "domain", "uuid": "5857d110-ca0c-4e06-ae93-0b7a0a950b0c", "value": "heinevy.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150161", "to_ids": true, "type": "domain", "uuid": "5857d111-aa30-465e-b2f3-0b7a0a950b0c", "value": "overseas-operation.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150161", "to_ids": true, "type": "domain", "uuid": "5857d111-7190-42a3-98fe-0b7a0a950b0c", "value": "metaksen.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150162", "to_ids": true, "type": "domain", "uuid": "5857d112-9464-4588-86c3-0b7a0a950b0c", "value": "charlogistics.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150162", "to_ids": true, "type": "domain", "uuid": "5857d112-8bf8-43c7-b09f-0b7a0a950b0c", "value": "btinterment.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150163", "to_ids": true, "type": "domain", "uuid": "5857d113-5934-4fa6-b878-0b7a0a950b0c", "value": "kinqnuts-raaphorst.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150164", "to_ids": true, "type": "domain", "uuid": "5857d114-8904-47aa-932b-0b7a0a950b0c", "value": "watersysterns.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150164", "to_ids": true, "type": "domain", "uuid": "5857d114-8ef8-40ff-9627-0b7a0a950b0c", "value": "hidroquil-ar.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150165", "to_ids": true, "type": "domain", "uuid": "5857d115-62c0-422f-be94-0b7a0a950b0c", "value": "thai-nidhi.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150165", "to_ids": true, "type": "domain", "uuid": "5857d115-6c38-4df6-bcdf-0b7a0a950b0c", "value": "ms45-hinet.net" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150165", "to_ids": true, "type": "domain", "uuid": "5857d115-bab8-4c89-884f-0b7a0a950b0c", "value": "fullone2u.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150166", "to_ids": true, "type": "domain", "uuid": "5857d116-af18-40a9-9e54-0b7a0a950b0c", "value": "poolkingsthailand.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150166", "to_ids": true, "type": "domain", "uuid": "5857d116-911c-4332-817e-0b7a0a950b0c", "value": "soaaxa.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150167", "to_ids": true, "type": "domain", "uuid": "5857d117-cb68-43cb-94e6-0b7a0a950b0c", "value": "restarz.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150167", "to_ids": true, "type": "domain", "uuid": "5857d117-1760-47d6-ab3f-0b7a0a950b0c", "value": "galaxystarshop.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150168", "to_ids": true, "type": "domain", "uuid": "5857d118-3988-461a-8f2b-0b7a0a950b0c", "value": "asappyco.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150168", "to_ids": true, "type": "domain", "uuid": "5857d118-6e14-4421-a3c8-0b7a0a950b0c", "value": "gettoworkzz.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150169", "to_ids": true, "type": "domain", "uuid": "5857d119-6b70-4184-b43d-0b7a0a950b0c", "value": "yasive.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150169", "to_ids": true, "type": "domain", "uuid": "5857d119-bcc8-48d2-9ba5-0b7a0a950b0c", "value": "alu-heat.biz" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150171", "to_ids": true, "type": "domain", "uuid": "5857d11b-fdbc-4409-8dea-0b7a0a950b0c", "value": "sinctruk.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150171", "to_ids": true, "type": "domain", "uuid": "5857d11b-adc0-4be1-bd04-0b7a0a950b0c", "value": "pguy.faith" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150172", "to_ids": true, "type": "domain", "uuid": "5857d11c-dc98-4437-b621-0b7a0a950b0c", "value": "chunfenqlighting.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150172", "to_ids": true, "type": "domain", "uuid": "5857d11c-c1ec-42eb-adeb-0b7a0a950b0c", "value": "hunterkaysmoves.in" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150173", "to_ids": true, "type": "domain", "uuid": "5857d11d-4174-4872-8377-0b7a0a950b0c", "value": "danqote.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150173", "to_ids": true, "type": "domain", "uuid": "5857d11d-7918-4d00-a762-0b7a0a950b0c", "value": "biblesoceities.org" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150174", "to_ids": true, "type": "domain", "uuid": "5857d11e-e3c4-40f6-8882-0b7a0a950b0c", "value": "sympetax.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150174", "to_ids": true, "type": "domain", "uuid": "5857d11e-da90-4041-81e4-0b7a0a950b0c", "value": "lumibrigth.com" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150175", "to_ids": true, "type": "domain", "uuid": "5857d11f-48b8-4ed5-9131-0b7a0a950b0c", "value": "bothela-orsaro.com" }, { "category": "Network activity", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150820", "to_ids": true, "type": "domain", "uuid": "5857d3a4-45fc-4d23-9256-0b840a950b0c", "value": "hardworkzone.cf" }, { "category": "Network activity", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150821", "to_ids": true, "type": "domain", "uuid": "5857d3a5-429c-43c2-85df-0b840a950b0c", "value": "ivicker.usa.cc" }, { "category": "Network activity", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150821", "to_ids": true, "type": "domain", "uuid": "5857d3a5-1530-4003-892e-0b840a950b0c", "value": "limco.usa.cc" }, { "category": "Network activity", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150822", "to_ids": true, "type": "domain", "uuid": "5857d3a6-2d68-4522-b5f2-0b840a950b0c", "value": "cs19335.tmweb.ru" }, { "category": "Network activity", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150822", "to_ids": true, "type": "domain", "uuid": "5857d3a6-eb6c-4a10-811c-0b840a950b0c", "value": "mirchifunz.in" }, { "category": "Network activity", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151042", "to_ids": true, "type": "domain", "uuid": "5857d482-b35c-430d-8e4d-08720a950b0c", "value": "hungasidy.biz" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150626", "to_ids": true, "type": "hostname", "uuid": "5857d2e2-2e84-455e-afeb-0b250a950b0c", "value": "www.creativeforwardings.cf" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150626", "to_ids": true, "type": "hostname", "uuid": "5857d2e2-3fd0-4c5f-a4f3-0b250a950b0c", "value": "shadowwalkersonline.co.uk" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150627", "to_ids": true, "type": "hostname", "uuid": "5857d2e3-97b8-4ff6-b3ca-0b250a950b0c", "value": "owwalkersonline.co.uk" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150627", "to_ids": true, "type": "hostname", "uuid": "5857d2e3-7e34-4653-907c-0b250a950b0c", "value": "www.ballerpushers.cf" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150628", "to_ids": true, "type": "hostname", "uuid": "5857d2e4-5c54-4760-af56-0b250a950b0c", "value": "remote.legacyrealestateadvisors.net" }, { "category": "Network activity", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150628", "to_ids": true, "type": "hostname", "uuid": "5857d2e4-7f50-473a-b32d-0b250a950b0c", "value": "alibabadns.legacyrealestateadvisors.net" }, { "category": "Network activity", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150942", "to_ids": true, "type": "hostname", "uuid": "5857d41e-5c20-4b1c-8ddc-086e0a950b0c", "value": "gavingo2135235.ddns.net" }, { "category": "Network activity", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150943", "to_ids": true, "type": "hostname", "uuid": "5857d41f-396c-4f4b-ab4f-086e0a950b0c", "value": "www.spmersclub.cf" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1563522442", "to_ids": false, "type": "ip-dst", "uuid": "5857d11a-d910-431a-b4ee-0b7a0a950b0c", "value": "66.23.226.40" }, { "category": "Network activity", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1563522442", "to_ids": false, "type": "ip-dst", "uuid": "5857d41e-9210-4484-9230-086e0a950b0c", "value": "178.175.138.196" }, { "category": "Network activity", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1502967999", "to_ids": false, "type": "ip-dst", "uuid": "5857d483-587c-45f8-9582-08720a950b0c", "value": "186.202.127.132" }, { "category": "Network activity", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1563522442", "to_ids": false, "type": "ip-src", "uuid": "5857d11a-a8c8-457c-a4ce-0b7a0a950b0c", "value": "66.23.226.40" }, { "category": "Network activity", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1563522442", "to_ids": false, "type": "ip-src", "uuid": "5857d41d-1510-4745-8f6c-086e0a950b0c", "value": "178.175.138.196" }, { "category": "Network activity", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1502967999", "to_ids": false, "type": "ip-src", "uuid": "5857d482-4e68-4064-b1c4-08720a950b0c", "value": "186.202.127.132" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150175", "to_ids": false, "type": "filename", "uuid": "5857d11f-5110-4863-83be-0b7a0a950b0c", "value": "%APPDATA%\\[A-F0-9]{6}\\[A-F0-9]{6}.exe" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150176", "to_ids": false, "type": "filename", "uuid": "5857d120-6d40-4390-9828-0b7a0a950b0c", "value": "%APPDATA%\\[A-F0-9]{6}\\[A-F0-9]{6}.hdb" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150176", "to_ids": false, "type": "filename", "uuid": "5857d120-cdb0-4b08-94a3-0b7a0a950b0c", "value": "%APPDATA%\\[A-F0-9]{6}\\[A-F0-9]{6}.lck" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150177", "to_ids": true, "type": "filename", "uuid": "5857d121-10e8-4fb2-b052-0b7a0a950b0c", "value": "%HOMEPATH%\\Documents\\Ticoapp.exe" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150177", "to_ids": true, "type": "filename", "uuid": "5857d121-4c7c-4792-bd29-0b7a0a950b0c", "value": "%HOMEPATH%\\Documents\\Escoapp.exe" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150178", "to_ids": true, "type": "filename", "uuid": "5857d122-767c-45da-9663-0b7a0a950b0c", "value": "%HOMEPATH%\\Documents\\Dulfapp.exe" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150178", "to_ids": true, "type": "filename", "uuid": "5857d122-f2dc-45a6-aa0d-0b7a0a950b0c", "value": "%HOMEPATH%\\Documents\\Echeapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150629", "to_ids": true, "type": "filename", "uuid": "5857d2e5-775c-4012-9ab4-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\YiTapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150629", "to_ids": true, "type": "filename", "uuid": "5857d2e5-44cc-456b-9af0-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\YaPapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150630", "to_ids": true, "type": "filename", "uuid": "5857d2e6-8c88-48c1-85cf-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\Nativeapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150630", "to_ids": true, "type": "filename", "uuid": "5857d2e6-5b1c-4435-872a-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\Nosapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150631", "to_ids": true, "type": "filename", "uuid": "5857d2e7-d25c-4b38-8d27-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\Monorapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150631", "to_ids": true, "type": "filename", "uuid": "5857d2e7-294c-404a-bca5-0b250a950b0c", "value": "%HOMEPATH%\\Documents\\WinLuapp.exe" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150632", "to_ids": true, "type": "filename", "uuid": "5857d2e8-2b64-47ab-8687-0b250a950b0c", "value": "%ProgramFiles%\\Client\\client.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d35e-b72c-4dc4-bdb5-08720a950b0c", "value": "%APPDATA%\\pid.txt" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d35f-0fb8-4e21-a26b-08720a950b0c", "value": "%APPDATA%\\pidloc.txt" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150751", "to_ids": true, "type": "filename", "uuid": "5857d35f-6388-440f-9907-08720a950b0c", "value": "%AppData%\\WindowsUpdate.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150752", "to_ids": true, "type": "filename", "uuid": "5857d360-951c-49d8-a9fa-08720a950b0c", "value": "%HOMEPATH%\\Documents\\Runesapp.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150752", "to_ids": true, "type": "filename", "uuid": "5857d360-fa74-4848-8d27-08720a950b0c", "value": "%HOMEPATH%\\Documents\\Coinapp.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150753", "to_ids": true, "type": "filename", "uuid": "5857d361-2e44-423e-8e7d-08720a950b0c", "value": "%HOMEPATH%\\Documents\\Trumpapp.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150753", "to_ids": true, "type": "filename", "uuid": "5857d361-187c-4598-8b51-08720a950b0c", "value": "%HOMEPATH%\\Documents\\doc_23772.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150754", "to_ids": true, "type": "filename", "uuid": "5857d362-dac4-4d70-9aa6-08720a950b0c", "value": "%TEMP%\\holderwb.txt" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150754", "to_ids": true, "type": "filename", "uuid": "5857d362-1380-4ed7-860f-08720a950b0c", "value": "%TEMP%\\vbc.exe" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150755", "to_ids": true, "type": "filename", "uuid": "5857d363-e2cc-41fa-b72a-08720a950b0c", "value": "%TEMP%\\holdermail.txt" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d363-5740-449c-b1f8-08720a950b0c", "value": "%TEMP%\\SysInfo.txt" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d3a7-931c-4479-b4f9-0b840a950b0c", "value": "%HOMEPATH%\\Desktop\\filename.exe" }, { "category": "Payload delivery", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150943", "to_ids": true, "type": "filename", "uuid": "5857d41f-069c-451d-90c2-086e0a950b0c", "value": "%HOMEPATH%\\Documents\\Chunapp.exe" }, { "category": "Payload delivery", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150944", "to_ids": true, "type": "filename", "uuid": "5857d420-783c-4199-adde-086e0a950b0c", "value": "%APPDATA%\\Install\\Host.exe" }, { "category": "Payload delivery", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d420-00e0-4c95-8bec-086e0a950b0c", "value": "%APPDATA%\\Install.Identifier" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151043", "to_ids": true, "type": "filename", "uuid": "5857d483-31a8-4d0c-a909-08720a950b0c", "value": "%HOMEPATH%\\Desktop\\system.exe" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d484-0bec-4bc3-b42c-08720a950b0c", "value": "%LocalTEMP%\\filename.exe" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482152313", "to_ids": false, "type": "filename", "uuid": "5857d484-2b74-4183-8eed-08720a950b0c", "value": "%LocalTEMP%\\system.exe" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150119", "to_ids": true, "type": "md5", "uuid": "5857d0e7-059c-48ed-b067-0b7a0a950b0c", "value": "d1212291e44846ff608711c0f9e07b3e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150119", "to_ids": true, "type": "md5", "uuid": "5857d0e7-dcac-4c47-bf5e-0b7a0a950b0c", "value": "01712e2261fa051e46c489df533d7bdc" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150120", "to_ids": true, "type": "md5", "uuid": "5857d0e8-adcc-4cd7-8bfd-0b7a0a950b0c", "value": "d1d8c46271abfe4ea230214567ae6d61" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150120", "to_ids": true, "type": "md5", "uuid": "5857d0e8-18cc-492b-879b-0b7a0a950b0c", "value": "6dd0b2770a7d7bcdecc5f6eebbde4d7c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150121", "to_ids": true, "type": "md5", "uuid": "5857d0e9-1d94-4efb-bb18-0b7a0a950b0c", "value": "51966a70638915dbd7be9f15592cb453" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150121", "to_ids": true, "type": "md5", "uuid": "5857d0e9-d1e8-484a-a56a-0b7a0a950b0c", "value": "4258a22f09d39f5201f9deae0abec680" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150122", "to_ids": true, "type": "md5", "uuid": "5857d0ea-9a54-4d4e-ae51-0b7a0a950b0c", "value": "09fcb032b5330ca04cfc536dda6d8948" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150122", "to_ids": true, "type": "md5", "uuid": "5857d0ea-7b78-4377-900e-0b7a0a950b0c", "value": "20cbe25bcabdf6557888d5c3353098a7" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150123", "to_ids": true, "type": "md5", "uuid": "5857d0eb-95f0-4ead-9e31-0b7a0a950b0c", "value": "f354693b8f497e4e3599517fdffed0a7" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150123", "to_ids": true, "type": "md5", "uuid": "5857d0eb-fbd8-42cb-b3c5-0b7a0a950b0c", "value": "b96d148f8ef2b2f3ef825342bf0eb651" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150124", "to_ids": true, "type": "md5", "uuid": "5857d0ec-04ec-40fd-a6b6-0b7a0a950b0c", "value": "652e2222f3523296020ae0adaa392036" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150124", "to_ids": true, "type": "md5", "uuid": "5857d0ec-8a34-4a54-93ef-0b7a0a950b0c", "value": "4ea4af607d7ec044bd7e94cf81f2d731" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150125", "to_ids": true, "type": "md5", "uuid": "5857d0ed-ce34-4d5e-a96e-0b7a0a950b0c", "value": "4231e1ddf6cd6edc269b65221e983a2a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150125", "to_ids": true, "type": "md5", "uuid": "5857d0ed-fae8-4165-a0fa-0b7a0a950b0c", "value": "51a5f21d781c8ab2b081ca3d044bb548" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150126", "to_ids": true, "type": "md5", "uuid": "5857d0ee-1378-4270-99cb-0b7a0a950b0c", "value": "ba4dcb0af37929c7f85d0830e4fb7682" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150126", "to_ids": true, "type": "md5", "uuid": "5857d0ee-ff40-465b-b085-0b7a0a950b0c", "value": "b0a68240b82a8d4ff46a9bb4833c243a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150127", "to_ids": true, "type": "md5", "uuid": "5857d0ef-bcdc-4e87-85b5-0b7a0a950b0c", "value": "690090c7b2b1808ea5586dd3394951b0" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150128", "to_ids": true, "type": "md5", "uuid": "5857d0f0-5f84-48cd-808e-0b7a0a950b0c", "value": "ad2e9747132bf556945785f06610dcc8" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150128", "to_ids": true, "type": "md5", "uuid": "5857d0f0-6830-4bf4-a67e-0b7a0a950b0c", "value": "f1e7507e85804477b46041c4f79a6318" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150129", "to_ids": true, "type": "md5", "uuid": "5857d0f1-71f0-4932-95c5-0b7a0a950b0c", "value": "7e5c5279a6b25fc25e822277a0e67893" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150129", "to_ids": true, "type": "md5", "uuid": "5857d0f1-aae8-4244-be2b-0b7a0a950b0c", "value": "bced2a9404e662d11e74eb92fe91cff7" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150129", "to_ids": true, "type": "md5", "uuid": "5857d0f1-5d30-4319-8e8f-0b7a0a950b0c", "value": "e5c4cc287ada4d8f190f7d821fbd55a6" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150130", "to_ids": true, "type": "md5", "uuid": "5857d0f2-bd38-4e12-b01f-0b7a0a950b0c", "value": "4be18082a65cbdb37dc3f76c72ec50bf" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150130", "to_ids": true, "type": "md5", "uuid": "5857d0f2-4aec-459f-8630-0b7a0a950b0c", "value": "faecf9cfff312dfff977602a696905bc" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150131", "to_ids": true, "type": "md5", "uuid": "5857d0f3-a4f8-4c8a-a877-0b7a0a950b0c", "value": "139ac7a3ea98a743ab53e5dc9a143d14" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150131", "to_ids": true, "type": "md5", "uuid": "5857d0f3-a8b4-47c1-a021-0b7a0a950b0c", "value": "c0632e26efc3b4bdbe8cc4e35cbf2ca2" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150132", "to_ids": true, "type": "md5", "uuid": "5857d0f4-5dc8-40a9-b2c0-0b7a0a950b0c", "value": "57beddcde4930bff12554c70ac0d486e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150132", "to_ids": true, "type": "md5", "uuid": "5857d0f4-a148-40cd-96c2-0b7a0a950b0c", "value": "cec324588b4f4f1be7ca72a77a27bcc8" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150133", "to_ids": true, "type": "md5", "uuid": "5857d0f5-fe88-4c49-8ae5-0b7a0a950b0c", "value": "4a0f4d8d1730e7cfb28ab9ab1dd0c458" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150133", "to_ids": true, "type": "md5", "uuid": "5857d0f5-07dc-4c8f-89fa-0b7a0a950b0c", "value": "1d562105d2b9bbee31b464e11add3314" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150134", "to_ids": true, "type": "md5", "uuid": "5857d0f6-d88c-4f34-ae42-0b7a0a950b0c", "value": "d68e6aa2e3b43db1e932212628d158d0" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150134", "to_ids": true, "type": "md5", "uuid": "5857d0f6-e40c-4c2a-9069-0b7a0a950b0c", "value": "25d70b4551fb7ab195fe4a20dad19f6d" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150135", "to_ids": true, "type": "md5", "uuid": "5857d0f7-94e0-4ddc-9813-0b7a0a950b0c", "value": "060aba7b0dfe98f344a08525794f3a39" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150136", "to_ids": true, "type": "md5", "uuid": "5857d0f8-cafc-4ccf-922b-0b7a0a950b0c", "value": "3f11280bd0e9992d38f5c474d2031059" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150136", "to_ids": true, "type": "md5", "uuid": "5857d0f8-3540-4148-a605-0b7a0a950b0c", "value": "950675e2eae333debef01953a5e1ef8f" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150137", "to_ids": true, "type": "md5", "uuid": "5857d0f9-0414-44aa-b642-0b7a0a950b0c", "value": "51b4f43117385d03872644af00393f99" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150137", "to_ids": true, "type": "md5", "uuid": "5857d0f9-315c-4d7a-ac30-0b7a0a950b0c", "value": "9d3ef8695eedf3759bf930134198b2d7" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150137", "to_ids": true, "type": "md5", "uuid": "5857d0f9-d214-4827-892e-0b7a0a950b0c", "value": "9b949ec2e377c101fb6607b7f0f46c69" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150138", "to_ids": true, "type": "md5", "uuid": "5857d0fa-b698-42e4-a260-0b7a0a950b0c", "value": "21a3ff76584d0877a7d3d67e22700d84" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150138", "to_ids": true, "type": "md5", "uuid": "5857d0fa-52fc-4849-8215-0b7a0a950b0c", "value": "95ff84fc026d94eb29c5766d3f412cb5" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150139", "to_ids": true, "type": "md5", "uuid": "5857d0fb-5a2c-450a-ae26-0b7a0a950b0c", "value": "0431fb071b43075967d95dca4e4b74a4" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150139", "to_ids": true, "type": "md5", "uuid": "5857d0fb-c2e0-4732-859d-0b7a0a950b0c", "value": "a53b46d9cdfbe2dcf620852c6ff9e62c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150140", "to_ids": true, "type": "md5", "uuid": "5857d0fc-f0f0-40d4-9e3d-0b7a0a950b0c", "value": "81afa5b79a5e44ad1a5f993e56ea0f19" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150140", "to_ids": true, "type": "md5", "uuid": "5857d0fc-4760-4a91-b675-0b7a0a950b0c", "value": "c31f027c91a17e696d3badb647b4776e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150141", "to_ids": true, "type": "md5", "uuid": "5857d0fd-38c4-441e-9ed9-0b7a0a950b0c", "value": "48c196ab809cf170027a36f8ce83b2a0" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150142", "to_ids": true, "type": "md5", "uuid": "5857d0fe-b968-446a-9106-0b7a0a950b0c", "value": "b3bf838e056efad6c4e2fc34ff907b1f" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150142", "to_ids": true, "type": "md5", "uuid": "5857d0fe-1d08-492c-a755-0b7a0a950b0c", "value": "fa460248d72f9c927fbde7e49b3f9064" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150143", "to_ids": true, "type": "md5", "uuid": "5857d0ff-f768-4a11-8ded-0b7a0a950b0c", "value": "dc746f578444fd08b899acab6a9f9480" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150143", "to_ids": true, "type": "md5", "uuid": "5857d0ff-f884-4780-9132-0b7a0a950b0c", "value": "a99a74ac5eccdf92a3d15226ff764437" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150144", "to_ids": true, "type": "md5", "uuid": "5857d100-67a0-4de5-9f27-0b7a0a950b0c", "value": "3f7c440d5ae431e2d638037b1522d537" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150144", "to_ids": true, "type": "md5", "uuid": "5857d100-992c-491c-bd02-0b7a0a950b0c", "value": "6d5bb65986d89c860434a131cd07af3c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150145", "to_ids": true, "type": "md5", "uuid": "5857d101-043c-401e-9cdd-0b7a0a950b0c", "value": "5834cfa707d899a6ded4df35fe454663" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150145", "to_ids": true, "type": "md5", "uuid": "5857d101-cd84-4949-ab3b-0b7a0a950b0c", "value": "b6ab6bd1952c68e8378e9e88f1d02844" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150146", "to_ids": true, "type": "md5", "uuid": "5857d102-6bc8-40f6-ac89-0b7a0a950b0c", "value": "f7e80eef3e16b5902839213542f2433d" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150146", "to_ids": true, "type": "md5", "uuid": "5857d102-4a1c-45b5-8744-0b7a0a950b0c", "value": "a276bbbf4ea6628ee8ac6694aa23b70a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150147", "to_ids": true, "type": "md5", "uuid": "5857d103-5db4-4398-94d3-0b7a0a950b0c", "value": "27ede7277a5c482d156bf8cad3d67ecf" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150147", "to_ids": true, "type": "md5", "uuid": "5857d103-5184-4220-9bc1-0b7a0a950b0c", "value": "7639651850c1f2a333f017a2b7a58c2e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150148", "to_ids": true, "type": "md5", "uuid": "5857d104-8034-4d70-a0d6-0b7a0a950b0c", "value": "9ab8bd9a64bb4ab9b921958af213209c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150148", "to_ids": true, "type": "md5", "uuid": "5857d104-5a8c-47b6-b160-0b7a0a950b0c", "value": "df1ff7cc193e6daabdb54e44d7d376c1" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150149", "to_ids": true, "type": "md5", "uuid": "5857d105-d92c-40c6-8aaf-0b7a0a950b0c", "value": "11b949dafc35aaab4595ed5d5119731f" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150149", "to_ids": true, "type": "md5", "uuid": "5857d105-7604-4ae5-b412-0b7a0a950b0c", "value": "842f279d81f52a3d21d43367b976eb24" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150150", "to_ids": true, "type": "md5", "uuid": "5857d106-6f38-46f3-8ef0-0b7a0a950b0c", "value": "a0c5cc06f6e5e9fb6da7529a02331972" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150150", "to_ids": true, "type": "md5", "uuid": "5857d106-8554-477c-9d9a-0b7a0a950b0c", "value": "fe5bf21593ddaf4aae3ac77f1bff02c6" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150151", "to_ids": true, "type": "md5", "uuid": "5857d107-8070-41c2-b2f6-0b7a0a950b0c", "value": "bc4d634d6b5d40a4be72de9b91b9d2d3" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150151", "to_ids": true, "type": "md5", "uuid": "5857d107-12c8-4b1a-a3c5-0b7a0a950b0c", "value": "6d021db429a696e5ab237b30a743cec3" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150152", "to_ids": true, "type": "md5", "uuid": "5857d108-6f80-4cb6-81f3-0b7a0a950b0c", "value": "739d8fb283e2a7a6015f1be1391c33a2" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150152", "to_ids": true, "type": "md5", "uuid": "5857d108-1b2c-4148-9709-0b7a0a950b0c", "value": "cd770d2079332bfffac2b257d5ca88a4" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150153", "to_ids": true, "type": "md5", "uuid": "5857d109-bd9c-4f46-a2af-0b7a0a950b0c", "value": "0eb12f0c3aa4ec1db178fbbe69a329cf" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150153", "to_ids": true, "type": "md5", "uuid": "5857d109-9250-48e0-9afa-0b7a0a950b0c", "value": "10bd1bcf24e12761df2ac8574cd5421e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150154", "to_ids": true, "type": "md5", "uuid": "5857d10a-e834-4864-87ec-0b7a0a950b0c", "value": "12c02277ede45fdad0cb6e5572555a64" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150154", "to_ids": true, "type": "md5", "uuid": "5857d10a-284c-4e58-8628-0b7a0a950b0c", "value": "13aa570ab9772d1e03e054eb4d5ec895" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150155", "to_ids": true, "type": "md5", "uuid": "5857d10b-aab4-42a7-aaa5-0b7a0a950b0c", "value": "2a38488d890751f2e7b1a8dc7c212a54" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150156", "to_ids": true, "type": "md5", "uuid": "5857d10c-a4a0-4527-ab0f-0b7a0a950b0c", "value": "7fb0c05045f84aa9bb2e27ee490379c9" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150156", "to_ids": true, "type": "md5", "uuid": "5857d10c-8e60-4718-b975-0b7a0a950b0c", "value": "8b573ec48dea7caffcd18eea04d73c6d" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150156", "to_ids": true, "type": "md5", "uuid": "5857d10c-e01c-48cd-8381-0b7a0a950b0c", "value": "a5bc70e11f4dd1858ab8bbcee699c39b" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150157", "to_ids": true, "type": "md5", "uuid": "5857d10d-e6d0-4405-9018-0b7a0a950b0c", "value": "da6794432858b2bfa8e7e252af5d59d8" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150157", "to_ids": true, "type": "md5", "uuid": "5857d10d-c540-4217-b759-0b7a0a950b0c", "value": "ea87cce7ba48805a0082c59c8feab894" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150158", "to_ids": true, "type": "md5", "uuid": "5857d10e-a880-4765-ae11-0b7a0a950b0c", "value": "0124976c3608a484d929a7bd0d6be7a0" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150158", "to_ids": true, "type": "md5", "uuid": "5857d10e-e6e0-47ed-b5a8-0b7a0a950b0c", "value": "05ec671309abebc5e183ccfe98a4cc6e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150159", "to_ids": true, "type": "md5", "uuid": "5857d10f-eac0-4535-b4de-0b7a0a950b0c", "value": "072f11f8bb4d295d1000148939e99577" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150621", "to_ids": true, "type": "md5", "uuid": "5857d2dd-0c30-4808-b728-0b250a950b0c", "value": "1f9ea55ec924bf927db4fb4f429d49b6" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150622", "to_ids": true, "type": "md5", "uuid": "5857d2de-c2f4-4d24-823c-0b250a950b0c", "value": "f758f8cd8df5c969181f727bdc300b09" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150623", "to_ids": true, "type": "md5", "uuid": "5857d2df-75dc-4739-b7c2-0b250a950b0c", "value": "09b3e90ba0352189c374ed9f925fd016" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150623", "to_ids": true, "type": "md5", "uuid": "5857d2df-67fc-47f3-917f-0b250a950b0c", "value": "4e6b187f08037c03887fc0cc7d2d7862" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150624", "to_ids": true, "type": "md5", "uuid": "5857d2e0-1d84-4cf5-8638-0b250a950b0c", "value": "890ce994b735b36bbbb737d4ea86283c" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150624", "to_ids": true, "type": "md5", "uuid": "5857d2e0-6bf8-4e44-80bd-0b250a950b0c", "value": "8badfb1cfda4d0b88fa8e765b6162eaa" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150625", "to_ids": true, "type": "md5", "uuid": "5857d2e1-aab0-4754-b2d5-0b250a950b0c", "value": "95cc32e268174eb70e5d4878c8c481f8" }, { "category": "Payload delivery", "comment": "Luminosity RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150625", "to_ids": true, "type": "md5", "uuid": "5857d2e1-bd68-4462-86a8-0b250a950b0c", "value": "cc6fa7ea140f2af9e821f0b2a3785f3b" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150745", "to_ids": true, "type": "md5", "uuid": "5857d359-a7e0-4e84-acf6-08720a950b0c", "value": "59d528ac5530c7dd148fc85ac3e2de5b" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150745", "to_ids": true, "type": "md5", "uuid": "5857d359-78b4-4700-bf9d-08720a950b0c", "value": "80c4a3d66159877e264b0eab74a791db" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150746", "to_ids": true, "type": "md5", "uuid": "5857d35a-7b28-458f-9a02-08720a950b0c", "value": "94c4d42987540d6428a79c1ec4498a62" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150746", "to_ids": true, "type": "md5", "uuid": "5857d35a-70f4-48d5-aa26-08720a950b0c", "value": "c96ac3ecac9e7f5c72aa452a299ccd4c" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150747", "to_ids": true, "type": "md5", "uuid": "5857d35b-0398-4ccf-91e8-08720a950b0c", "value": "ca261b901e94148a336b7504612900b3" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150747", "to_ids": true, "type": "md5", "uuid": "5857d35b-ff94-4a78-9c64-08720a950b0c", "value": "5232002e147c9a71de02b1503549ee5d" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150748", "to_ids": true, "type": "md5", "uuid": "5857d35c-5a6c-4ebb-8d0a-08720a950b0c", "value": "8f35879eedef813f7cf363e6b31bb720" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150748", "to_ids": true, "type": "md5", "uuid": "5857d35c-2de4-4698-82bd-08720a950b0c", "value": "983ac1b9d8d8f93f6ec2133873e0d765" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150749", "to_ids": true, "type": "md5", "uuid": "5857d35d-5010-4d23-aa36-08720a950b0c", "value": "aa6eb70eb3760839617114e970eec9ad" }, { "category": "Payload delivery", "comment": "HawkEye Keylogger/Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150749", "to_ids": true, "type": "md5", "uuid": "5857d35d-6f64-449c-9c8c-08720a950b0c", "value": "cc2a4547e94971b25f5c64db863c7007" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150817", "to_ids": true, "type": "md5", "uuid": "5857d3a1-bf14-44b1-a03a-0b840a950b0c", "value": "42de8eeb42766ab89f7ad30e3a95a6dc" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150818", "to_ids": true, "type": "md5", "uuid": "5857d3a2-ad2c-4d19-a848-0b840a950b0c", "value": "da0bc308da0fdd2bc88c16609de84799" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150819", "to_ids": true, "type": "md5", "uuid": "5857d3a3-887c-4eca-be1c-0b840a950b0c", "value": "e8bfa64826d095ff3699a5e3df205d24" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150819", "to_ids": true, "type": "md5", "uuid": "5857d3a3-f240-4bd8-bcb5-0b840a950b0c", "value": "bd32f579daf66fc77d0d39faa0827d49" }, { "category": "Payload delivery", "comment": "ISR Stealer", "deleted": false, "disable_correlation": false, "timestamp": "1482150820", "to_ids": true, "type": "md5", "uuid": "5857d3a4-0f78-4f34-8de5-0b840a950b0c", "value": "baf19d9baa948caa29fa4d47a5b00f39" }, { "category": "Payload delivery", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150940", "to_ids": true, "type": "md5", "uuid": "5857d41c-97a4-4258-9a56-086e0a950b0c", "value": "362b8ff281b373698823f01ec5de316e" }, { "category": "Payload delivery", "comment": "NetWire RAT", "deleted": false, "disable_correlation": false, "timestamp": "1482150941", "to_ids": true, "type": "md5", "uuid": "5857d41d-c8e0-485a-96c9-086e0a950b0c", "value": "b4161aeec2eee9f16b4f7bf53017b593" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151036", "to_ids": true, "type": "md5", "uuid": "5857d47c-c624-43cd-9c39-08720a950b0c", "value": "6ed4cb68167e3413d9987b0f40733ded" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151037", "to_ids": true, "type": "md5", "uuid": "5857d47d-c078-4b3a-90c5-08720a950b0c", "value": "763eff9455c998456f017d375ebbe334" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151037", "to_ids": true, "type": "md5", "uuid": "5857d47d-7b40-4cb6-93a5-08720a950b0c", "value": "acb19c9d138687d8b77b9a16318f7897" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151038", "to_ids": true, "type": "md5", "uuid": "5857d47e-14b8-4b69-9c84-08720a950b0c", "value": "0828d80567c200832804ab58b9653f40" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151038", "to_ids": true, "type": "md5", "uuid": "5857d47e-ecc4-4406-a471-08720a950b0c", "value": "1c55c4e93c5b59c5497817c2d75eeb82" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151039", "to_ids": true, "type": "md5", "uuid": "5857d47f-7164-48d5-b4eb-08720a950b0c", "value": "20bca6c0ce7aa1c1eec53bde21162f05" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151039", "to_ids": true, "type": "md5", "uuid": "5857d47f-4060-4409-bc0d-08720a950b0c", "value": "41875543ce8f9fc1c3c823e783fc3799" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151040", "to_ids": true, "type": "md5", "uuid": "5857d480-fef4-4a09-8e68-08720a950b0c", "value": "59ea190027969a9395556a1879b8fa1c" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151040", "to_ids": true, "type": "md5", "uuid": "5857d480-8368-49bc-92af-08720a950b0c", "value": "926a5b3a83da4947dc45b83a564e5de4" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151041", "to_ids": true, "type": "md5", "uuid": "5857d481-a8dc-4d33-b52d-08720a950b0c", "value": "cb6b3071cf743fa0e62af0e29a269301" }, { "category": "Payload delivery", "comment": "Zeus Atmos", "deleted": false, "disable_correlation": false, "timestamp": "1482151041", "to_ids": true, "type": "md5", "uuid": "5857d481-0788-48ba-8063-08720a950b0c", "value": "f7f79d8821abd3035a3c77b4d1319334" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150101", "to_ids": true, "type": "md5", "uuid": "5857d0d5-97b0-432b-a8ab-0b7a0a950b0c", "value": "b26502694ec0f977510045e4805e3c5c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150101", "to_ids": true, "type": "md5", "uuid": "5857d0d5-c9a0-4fde-a750-0b7a0a950b0c", "value": "312feecdc77cb3e29151734ec9939cfb" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150102", "to_ids": true, "type": "md5", "uuid": "5857d0d6-0768-489a-b11a-0b7a0a950b0c", "value": "23965eaaece7160f5f4f38a2b2ae557a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150102", "to_ids": true, "type": "md5", "uuid": "5857d0d6-b4c4-44da-a738-0b7a0a950b0c", "value": "36db408c729e4eec4b67593dbe6e21cb" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150103", "to_ids": true, "type": "md5", "uuid": "5857d0d7-11d0-4f67-8131-0b7a0a950b0c", "value": "94083460473c6ccf96060c3f35bda8f0" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150103", "to_ids": true, "type": "md5", "uuid": "5857d0d7-4c98-44af-b34f-0b7a0a950b0c", "value": "4e06d7730397f84761222ceb22578e59" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150104", "to_ids": true, "type": "md5", "uuid": "5857d0d8-5688-4c13-96f6-0b7a0a950b0c", "value": "fff1ccdebd953a89168fa545cca2d78a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150104", "to_ids": true, "type": "md5", "uuid": "5857d0d8-e7e4-4630-9d96-0b7a0a950b0c", "value": "5497251394bca97e1cbe2008740ead6a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150105", "to_ids": true, "type": "md5", "uuid": "5857d0d9-2d3c-40ab-914d-0b7a0a950b0c", "value": "ead4bbedddba4cd1d0b31a82987ffce4" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150105", "to_ids": true, "type": "md5", "uuid": "5857d0d9-14ac-4d46-9b78-0b7a0a950b0c", "value": "d04c3b2fe025c183ffcf85d334b2dfc3" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150106", "to_ids": true, "type": "md5", "uuid": "5857d0da-c948-409f-8733-0b7a0a950b0c", "value": "f402e0747de2f70a43dcb0ef5cb1bb12" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150106", "to_ids": true, "type": "md5", "uuid": "5857d0da-8450-4a3f-9b17-0b7a0a950b0c", "value": "262c692bec80d7d7af77026d03a9277d" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150107", "to_ids": true, "type": "md5", "uuid": "5857d0db-0568-4ac7-b8e0-0b7a0a950b0c", "value": "d0c3b85e2459e85fd0d00b5ac88782d1" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150107", "to_ids": true, "type": "md5", "uuid": "5857d0db-4390-4ce0-8b5a-0b7a0a950b0c", "value": "0899d80a6e4168e760321009d28b4a25" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150108", "to_ids": true, "type": "md5", "uuid": "5857d0dc-d1b0-4e75-85b8-0b7a0a950b0c", "value": "7ba5b2b942587afad892d14c29186881" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150108", "to_ids": true, "type": "md5", "uuid": "5857d0dc-0ea8-4029-95c7-0b7a0a950b0c", "value": "f328c9cef3df7dbbafdabe102f2dd489" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150109", "to_ids": true, "type": "md5", "uuid": "5857d0dd-7b90-4b29-a25e-0b7a0a950b0c", "value": "513d4413be0c6756b0aec628fb8f5398" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150109", "to_ids": true, "type": "md5", "uuid": "5857d0dd-3868-4a95-ab01-0b7a0a950b0c", "value": "a1709a3f4952c2928e5f7e4ba552bef6" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150110", "to_ids": true, "type": "md5", "uuid": "5857d0de-ff0c-4043-b450-0b7a0a950b0c", "value": "a598c6964f7f9aef6e6ad21c630e744a" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150110", "to_ids": true, "type": "md5", "uuid": "5857d0de-3914-451d-8858-0b7a0a950b0c", "value": "bcd6efb7ba13404999640cbf4a8300ef" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150111", "to_ids": true, "type": "md5", "uuid": "5857d0df-91fc-4c2d-b625-0b7a0a950b0c", "value": "7210fa489bfb83715529f1ec3b55922b" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150111", "to_ids": true, "type": "md5", "uuid": "5857d0df-1744-4479-9652-0b7a0a950b0c", "value": "2cab3363d8bb5601948f528add75c5e2" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150112", "to_ids": true, "type": "md5", "uuid": "5857d0e0-bb6c-43da-b61a-0b7a0a950b0c", "value": "abaaba5109c19f658f9eaf56551c0996" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150112", "to_ids": true, "type": "md5", "uuid": "5857d0e0-0084-4199-b01a-0b7a0a950b0c", "value": "53b9d168f0776c99518a8a125459b94c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150113", "to_ids": true, "type": "md5", "uuid": "5857d0e1-0e08-47e6-8df0-0b7a0a950b0c", "value": "1c000371cda75156c5af004ca4b08e08" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150113", "to_ids": true, "type": "md5", "uuid": "5857d0e1-f074-4a7f-b871-0b7a0a950b0c", "value": "5c78e6d84ef59b06e918c55d9fd8de8c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150114", "to_ids": true, "type": "md5", "uuid": "5857d0e2-efbc-4175-8f45-0b7a0a950b0c", "value": "1e692a3e7f16b8bc9949eba72158a773" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150114", "to_ids": true, "type": "md5", "uuid": "5857d0e2-bd98-41f8-bd81-0b7a0a950b0c", "value": "e9d3d83bec1d897538af8aebffd03ad1" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150115", "to_ids": true, "type": "md5", "uuid": "5857d0e3-d59c-4063-9a92-0b7a0a950b0c", "value": "c5674b866e3362bc09dfab0385b44bec" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150115", "to_ids": true, "type": "md5", "uuid": "5857d0e3-0590-4103-a67c-0b7a0a950b0c", "value": "dfae40a4e4a1b60322fd180f8cfa1c33" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150116", "to_ids": true, "type": "md5", "uuid": "5857d0e4-92b8-459c-acf1-0b7a0a950b0c", "value": "0b7f872d098ef8f1dd0e52f6d5c5a92e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150116", "to_ids": true, "type": "md5", "uuid": "5857d0e4-1d24-424c-baa0-0b7a0a950b0c", "value": "e2ab25321e1bb1d56d8bca11fe0cc764" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150117", "to_ids": true, "type": "md5", "uuid": "5857d0e5-e110-4e01-98c1-0b7a0a950b0c", "value": "96f1794733e30fb2df9e5e894f4e1cfd" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150117", "to_ids": true, "type": "md5", "uuid": "5857d0e5-54b0-4fd0-a69e-0b7a0a950b0c", "value": "63b1d969270cccd998279477a687407c" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150118", "to_ids": true, "type": "md5", "uuid": "5857d0e6-2cdc-4178-b498-0b7a0a950b0c", "value": "9e7318168e76fdd5414fe00d8daaf21e" }, { "category": "Payload delivery", "comment": "FareIT/Pony 2.0", "deleted": false, "disable_correlation": false, "timestamp": "1482150118", "to_ids": true, "type": "md5", "uuid": "5857d0e6-72a4-4136-807a-0b7a0a950b0c", "value": "57da8a2813c9b1cb6598609e10faf1b4" } ] } }