{ "Event": { "analysis": "1", "date": "2017-09-12", "extends_uuid": "", "info": "M2M - Locky 2017-09-11/11 : Affid=3, \".lukitus\" : \"Bankwest - You have a new eStatement\" - /statement.html links", "publish_timestamp": "1505225731", "published": true, "threat_level_id": "3", "timestamp": "1505225722", "uuid": "59b7cd9e-57e4-42c6-b1ce-440d950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#006c6c", "local": false, "name": "ecsirt:malicious-code=\"ransomware\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:ransomware=\"Locky\"", "relationship_type": "" } ], "Attribute": [ { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "md5", "uuid": "59b7cd9f-981c-4c2c-8b53-46fb950d210f", "value": "2518037ef7d7524a631c4bf9086428f8" }, { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "md5", "uuid": "59b7cd9f-56d4-428f-b365-4303950d210f", "value": "230606dd8b0d62e2a8a04ef61b2d8707" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda0-1474-48af-ae04-02b8950d210f", "value": "http://420ent.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda0-8008-44f0-8882-02fa950d210f", "value": "420ent.com" }, { "category": "Network activity", "comment": "420ent.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda0-bc48-42cb-bc1d-4079950d210f", "value": "98.124.251.72" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda0-62b8-4017-857d-4ff8950d210f", "value": "http://afilhadaemmocambique.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda1-f198-4ba3-81e6-02fc950d210f", "value": "afilhadaemmocambique.com" }, { "category": "Network activity", "comment": "afilhadaemmocambique.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda1-9414-48a4-8dd1-4ad4950d210f", "value": "80.172.241.21" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda1-19d8-42bc-a278-469d950d210f", "value": "http://beepop.info/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda1-95c4-41f2-90c3-49bd950d210f", "value": "beepop.info" }, { "category": "Network activity", "comment": "beepop.info", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda2-d150-464f-9460-02b8950d210f", "value": "217.160.239.66" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda2-595c-482d-9250-02fa950d210f", "value": "http://bellevuecommunityband.org/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda2-8c30-4fc1-81db-4ea4950d210f", "value": "bellevuecommunityband.org" }, { "category": "Network activity", "comment": "bellevuecommunityband.org", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda2-f090-4d88-a586-02fc950d210f", "value": "64.6.227.247" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda3-83e0-413e-99b6-432c950d210f", "value": "http://bingleybuilder.co.uk/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda3-8f64-4c01-9fcf-48f8950d210f", "value": "bingleybuilder.co.uk" }, { "category": "Network activity", "comment": "bingleybuilder.co.uk", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda3-6f8c-43c4-a6d6-41ae950d210f", "value": "77.68.14.29" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda3-ac68-4ef5-b5b8-40bb950d210f", "value": "http://cedricanimation.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda3-af98-4fce-98a9-4edf950d210f", "value": "cedricanimation.com" }, { "category": "Network activity", "comment": "cedricanimation.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda4-5e40-42b8-af4d-4b76950d210f", "value": "92.48.103.161" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda4-31ac-4cfa-9241-02fa950d210f", "value": "http://chimachinenow.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda4-8620-407e-9298-473e950d210f", "value": "chimachinenow.com" }, { "category": "Network activity", "comment": "chimachinenow.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda4-a7fc-4aa4-ba12-4d13950d210f", "value": "199.30.241.139" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda4-68e8-4642-9a56-468a950d210f", "value": "http://comtechadsl.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda5-a968-4378-8a21-02fc950d210f", "value": "comtechadsl.com" }, { "category": "Network activity", "comment": "comtechadsl.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda5-3a70-4eee-87ef-4bc3950d210f", "value": "77.92.1.3" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda5-ead0-4524-9537-4314950d210f", "value": "http://conectivaconsultores.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda5-be2c-457f-a257-4318950d210f", "value": "conectivaconsultores.com" }, { "category": "Network activity", "comment": "conectivaconsultores.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda6-2984-4acd-810d-4061950d210f", "value": "84.232.4.8" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda6-01ac-454c-83e0-4128950d210f", "value": "http://crystalballcruise.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda6-9f18-45c5-9e43-02b8950d210f", "value": "crystalballcruise.com" }, { "category": "Network activity", "comment": "crystalballcruise.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda8-493c-4a66-a40b-49bd950d210f", "value": "173.193.126.154" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda8-3424-4dbb-99e4-4830950d210f", "value": "http://cutwell.ca/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda8-896c-4b97-b43e-02fc950d210f", "value": "cutwell.ca" }, { "category": "Network activity", "comment": "cutwell.ca", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda8-81f4-4734-a4a0-4d14950d210f", "value": "98.124.251.68" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda8-d684-4889-b398-4b14950d210f", "value": "http://dbatee.gr/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda8-f124-4c1e-89ff-4345950d210f", "value": "dbatee.gr" }, { "category": "Network activity", "comment": "dbatee.gr", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda9-f2d4-45ee-90d9-4a70950d210f", "value": "62.103.152.100" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cda9-a1a0-4d49-a5ea-4ffe950d210f", "value": "http://duaneandirisblue.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cda9-1d68-4a52-a8b7-4592950d210f", "value": "duaneandirisblue.com" }, { "category": "Network activity", "comment": "duaneandirisblue.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cda9-9ee0-4456-9aba-45e1950d210f", "value": "68.171.35.126" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdaa-47c4-405a-b804-02b8950d210f", "value": "http://e-chards.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdaa-fec8-43b9-aeb2-4783950d210f", "value": "e-chards.com" }, { "category": "Network activity", "comment": "e-chards.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdaa-13c0-46cf-a002-412e950d210f", "value": "64.6.253.223" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdaa-1f04-4bf7-9ddc-42c2950d210f", "value": "http://envi-herzog.de/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdaa-1ee0-4c8a-a900-4c1d950d210f", "value": "envi-herzog.de" }, { "category": "Network activity", "comment": "envi-herzog.de", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdab-5804-4f89-845b-4697950d210f", "value": "194.116.187.130" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdab-4ab4-42e7-8030-4511950d210f", "value": "http://ericweb.co.za/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdab-e008-42d9-835d-489b950d210f", "value": "ericweb.co.za" }, { "category": "Network activity", "comment": "ericweb.co.za", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdac-90fc-4582-afc9-4bac950d210f", "value": "196.25.211.127" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdac-25e8-4fb6-9377-460c950d210f", "value": "http://eternallyclassicjewelry.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdac-de70-4073-b19e-441b950d210f", "value": "eternallyclassicjewelry.com" }, { "category": "Network activity", "comment": "eternallyclassicjewelry.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdac-382c-455f-8b9e-49b7950d210f", "value": "98.124.251.166" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdad-28ac-4ffb-92a5-4eff950d210f", "value": "http://excel-conduite.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdad-8968-4c43-8902-45cf950d210f", "value": "excel-conduite.com" }, { "category": "Network activity", "comment": "excel-conduite.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdad-ef1c-45d4-b95e-4052950d210f", "value": "193.227.248.241" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdad-6dd4-4803-a972-42de950d210f", "value": "http://expresspermis.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdad-63a0-4bcd-800c-43c6950d210f", "value": "expresspermis.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdae-f464-43d0-9dd2-4a5a950d210f", "value": "http://fexx.co.uk/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdae-5730-46a6-a1ea-4bc6950d210f", "value": "fexx.co.uk" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb5-e28c-4770-bf33-02b8950d210f", "value": "http://fiore-web.it/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb5-936c-4d3a-a702-4acc950d210f", "value": "fiore-web.it" }, { "category": "Network activity", "comment": "fiore-web.it", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdb5-4fc8-4726-84c3-4b54950d210f", "value": "89.96.90.14" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb5-dc48-429f-a4e1-46db950d210f", "value": "http://hostprodirect.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb5-31c4-43ea-8cea-42ef950d210f", "value": "hostprodirect.com" }, { "category": "Network activity", "comment": "hostprodirect.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdb6-0a30-410c-8d58-4740950d210f", "value": "209.213.100.202" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb6-1338-4b45-932e-49d0950d210f", "value": "http://irmak.web.tr/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb6-21a4-4911-9130-4b59950d210f", "value": "irmak.web.tr" }, { "category": "Network activity", "comment": "irmak.web.tr", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdb7-9288-4d32-9ed5-4cbb950d210f", "value": "82.151.132.24" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb7-0ff8-4303-b6ea-4913950d210f", "value": "http://jenyeong.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb7-c188-4caa-8bf7-459f950d210f", "value": "jenyeong.com" }, { "category": "Network activity", "comment": "jenyeong.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdb7-1ccc-4919-babc-40cd950d210f", "value": "203.74.203.14" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb8-cbb4-4459-8bc0-47ad950d210f", "value": "http://lakeroadlavender.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb8-29f0-43f1-85be-43bd950d210f", "value": "lakeroadlavender.com" }, { "category": "Network activity", "comment": "lakeroadlavender.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdb8-2870-467a-86ce-41a7950d210f", "value": "66.199.174.108" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdb8-5368-45f8-b85e-4058950d210f", "value": "http://linksoft.co.nz/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdb9-3724-4010-a5de-41af950d210f", "value": "linksoft.co.nz" }, { "category": "Network activity", "comment": "linksoft.co.nz", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbb-44f8-4ee4-930f-4181950d210f", "value": "49.50.240.107" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbb-a3b4-41d9-ad06-4eb2950d210f", "value": "http://matern-eger.de/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbb-a990-4038-bc74-46a1950d210f", "value": "matern-eger.de" }, { "category": "Network activity", "comment": "matern-eger.de", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbb-dbb8-46b1-a5b1-42a6950d210f", "value": "87.106.222.105" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbc-56ec-42ab-9e28-445f950d210f", "value": "http://mysushi.it/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbc-ae8c-4f9d-bb57-48b5950d210f", "value": "mysushi.it" }, { "category": "Network activity", "comment": "mysushi.it", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbc-1ad4-454d-97df-4be2950d210f", "value": "93.174.71.137" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbc-14f4-44ed-8cdf-466d950d210f", "value": "http://pciholog.ru/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbd-6354-4e39-b860-4387950d210f", "value": "pciholog.ru" }, { "category": "Network activity", "comment": "pciholog.ru", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbd-d370-4bd1-af60-02fc950d210f", "value": "89.253.235.118" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbd-d058-4521-8d85-4138950d210f", "value": "http://phmetreci.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbd-5180-414c-9f01-43f0950d210f", "value": "phmetreci.com" }, { "category": "Network activity", "comment": "phmetreci.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbe-6594-4d20-869c-4765950d210f", "value": "185.150.128.21" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbe-f288-44bd-b7f3-4c33950d210f", "value": "http://placecomp.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbe-797c-4984-9e7c-02b8950d210f", "value": "placecomp.com" }, { "category": "Network activity", "comment": "placecomp.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbe-80dc-487d-8372-45ca950d210f", "value": "74.208.88.65" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbe-d740-447b-a1b2-4589950d210f", "value": "http://primitivoconstruction.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbe-d2a0-416f-aff1-4ca2950d210f", "value": "primitivoconstruction.com" }, { "category": "Network activity", "comment": "primitivoconstruction.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbf-9888-4cbb-be4e-406c950d210f", "value": "216.222.197.180" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdbf-6598-40da-a160-430d950d210f", "value": "http://quadratus.nl/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdbf-b038-4577-8d44-4f77950d210f", "value": "quadratus.nl" }, { "category": "Network activity", "comment": "quadratus.nl", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdbf-5b9c-44e2-845b-02fc950d210f", "value": "94.126.70.17" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc0-4f24-4203-b59b-41bc950d210f", "value": "http://rb.si/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc0-7ed4-4db0-abba-4798950d210f", "value": "rb.si" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc0-f6a4-404b-84bc-4325950d210f", "value": "http://redboxcontracting.co.uk/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc1-cfcc-45ac-856a-40a1950d210f", "value": "redboxcontracting.co.uk" }, { "category": "Network activity", "comment": "redboxcontracting.co.uk", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc1-51dc-4114-9d31-02b8950d210f", "value": "77.240.1.138" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc1-baf8-497d-b726-481f950d210f", "value": "http://reels.apa-agency.com/~apalibrary/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc1-671c-40c8-adae-42b1950d210f", "value": "reels.apa-agency.com" }, { "category": "Network activity", "comment": "reels.apa-agency.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc2-28bc-4155-901a-4e79950d210f", "value": "97.74.6.140" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc2-ffbc-414b-b8ee-422d950d210f", "value": "http://sabines-marmeladen.de/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc2-3520-4dc3-87d3-4156950d210f", "value": "sabines-marmeladen.de" }, { "category": "Network activity", "comment": "sabines-marmeladen.de", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc2-e6c4-400c-aa04-4e9b950d210f", "value": "178.77.75.180" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc2-1fb4-4151-b933-4ef7950d210f", "value": "http://schoensigns.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc3-3f54-4b94-bc28-4812950d210f", "value": "schoensigns.com" }, { "category": "Network activity", "comment": "schoensigns.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc3-e2a0-4249-aab0-4d9f950d210f", "value": "184.168.126.30" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc3-0ec0-4b34-ac1f-02fc950d210f", "value": "http://scouting-bvb.nl/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc3-ef4c-49d8-81c3-4ed7950d210f", "value": "scouting-bvb.nl" }, { "category": "Network activity", "comment": "scouting-bvb.nl", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc4-2f94-479a-9f10-44ce950d210f", "value": "46.235.44.76" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc4-7d10-40bc-bb4e-4e81950d210f", "value": "http://securmailbox.it/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc4-a390-4ee0-a951-46a6950d210f", "value": "securmailbox.it" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc4-9ff0-4ef8-b5bc-4d16950d210f", "value": "http://shanta.de/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc4-3758-4b3b-9597-4b29950d210f", "value": "shanta.de" }, { "category": "Network activity", "comment": "shanta.de", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc5-fb10-40f3-b6e1-4baf950d210f", "value": "83.169.1.28" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc5-d3ac-4cf8-9de6-46b8950d210f", "value": "http://share.be/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc5-d03c-4bb8-a1e2-4a56950d210f", "value": "share.be" }, { "category": "Network activity", "comment": "share.be", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc5-4a0c-4da7-a37b-4ef9950d210f", "value": "91.183.189.151" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc5-f778-45f3-8fb2-49c5950d210f", "value": "http://shopsshops.de/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc5-b634-4ab2-87c6-02fc950d210f", "value": "shopsshops.de" }, { "category": "Network activity", "comment": "shopsshops.de", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc6-5ac4-4134-995f-4892950d210f", "value": "62.75.132.67" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc6-a1f0-4362-a494-481b950d210f", "value": "http://studiofashion.it/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc6-9db0-4daa-80d1-4d82950d210f", "value": "studiofashion.it" }, { "category": "Network activity", "comment": "studiofashion.it", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc6-3bb8-4910-ac1d-02b8950d210f", "value": "185.58.7.11" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc6-9a3c-470b-92c2-4b95950d210f", "value": "http://studioslefteris.gr/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc7-6654-4796-9669-4093950d210f", "value": "studioslefteris.gr" }, { "category": "Network activity", "comment": "studioslefteris.gr", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc7-2db8-43ca-b58f-405a950d210f", "value": "158.69.151.250" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc7-bc4c-4b49-a1a3-4f85950d210f", "value": "http://tecnigrafite.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc7-2f20-426e-9284-4ef2950d210f", "value": "tecnigrafite.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc8-d21c-4fda-ad4d-481f950d210f", "value": "http://ukraine-consulting.com/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc8-3564-4773-9305-02fc950d210f", "value": "ukraine-consulting.com" }, { "category": "Network activity", "comment": "ukraine-consulting.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc8-4b6c-421a-823a-412a950d210f", "value": "216.55.139.238" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc8-8014-4d09-9daa-452a950d210f", "value": "http://veigadecompostela.es/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc9-f64c-4538-b966-4fda950d210f", "value": "veigadecompostela.es" }, { "category": "Network activity", "comment": "veigadecompostela.es", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdc9-d6c4-4854-91fe-4857950d210f", "value": "185.18.197.109" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdc9-74d0-4c3d-be40-40ca950d210f", "value": "http://villa-effe.jp/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdc9-fb98-45ea-b9af-41a5950d210f", "value": "villa-effe.jp" }, { "category": "Network activity", "comment": "villa-effe.jp", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdca-068c-40c5-8efb-41fe950d210f", "value": "121.119.174.24" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdca-bd48-4e99-9ce4-424d950d210f", "value": "http://yeserimmatbaa.com.tr/statement.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdcb-8390-4f84-952a-4c92950d210f", "value": "yeserimmatbaa.com.tr" }, { "category": "Network activity", "comment": "yeserimmatbaa.com.tr", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdcb-e470-4d29-a3d8-02fc950d210f", "value": "85.95.237.7" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdcb-dd1c-45f5-b945-438d950d210f", "value": "http://wittinhohemmo.net/statement.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdcb-5288-4b24-9a1b-407c950d210f", "value": "wittinhohemmo.net" }, { "category": "Network activity", "comment": "wittinhohemmo.net", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdcf-2978-4f33-ad86-4afe950d210f", "value": "47.88.55.29" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdcf-70c8-44e6-ab24-4ab4950d210f", "value": "http://mh-service.ru/canbtcc.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdcf-cc20-4490-b08b-4d4c950d210f", "value": "mh-service.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdcf-3558-4a72-b8d6-48a7950d210f", "value": "http://alexkreeger.com/golgers.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdcf-42c0-4397-abc4-4c1a950d210f", "value": "alexkreeger.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd0-b51c-4cf3-a8a4-47f5950d210f", "value": "http://mobius-group.com/ueunyli.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd0-93e8-4f02-b0ac-40b8950d210f", "value": "mobius-group.com" }, { "category": "Network activity", "comment": "mobius-group.com", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdd0-f608-4a4f-8d9b-48e7950d210f", "value": "176.56.62.143" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "url", "uuid": "59b7cdd1-0d30-4b2b-93fd-473c950d210f", "value": "http://185.67.2.156/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdd1-8e08-44b4-9901-47b7950d210f", "value": "185.67.2.156" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "url", "uuid": "59b7cdd1-4710-4396-a9f8-4640950d210f", "value": "http://217.106.238.89/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": false, "type": "ip-dst", "uuid": "59b7cdd1-c658-4f5b-829d-4f4a950d210f", "value": "217.106.238.89" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd2-0c70-4e13-b411-4827950d210f", "value": "http://euqfwticrd.su/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd2-c7c0-4759-99ab-02b8950d210f", "value": "euqfwticrd.su" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd2-5740-4a39-b4a3-4510950d210f", "value": "http://qljsukddh.ru/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd2-b684-4131-b644-4f27950d210f", "value": "qljsukddh.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd2-3674-4aca-b0ee-496c950d210f", "value": "http://vbquoegxdqmhbs.work/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd3-3f70-467f-a10a-46f8950d210f", "value": "vbquoegxdqmhbs.work" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd3-fc6c-438b-b2a3-4e4b950d210f", "value": "http://xpjsvwvxsbnv.biz/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd3-4734-4a8d-b36c-02b8950d210f", "value": "xpjsvwvxsbnv.biz" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd3-e358-403a-b14f-4d4e950d210f", "value": "http://uoivdwisd.pl/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd3-0184-462f-94f9-4038950d210f", "value": "uoivdwisd.pl" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd4-a1d0-4d08-982c-4f37950d210f", "value": "http://dkbclsxl.su/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd4-2508-45bf-9db1-4bfe950d210f", "value": "dkbclsxl.su" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd4-e0e8-4cea-9bfc-4f33950d210f", "value": "http://xsmoouv.su/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd4-3bd0-40e9-9c85-4b76950d210f", "value": "xsmoouv.su" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd4-9a94-4326-9774-4efa950d210f", "value": "http://lkqmqgbpdle.su/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd5-88f4-4857-841e-4ae6950d210f", "value": "lkqmqgbpdle.su" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd5-6288-407d-97fa-4c65950d210f", "value": "http://opwpsjnhkshl.xyz/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd5-f264-42de-8b18-42d6950d210f", "value": "opwpsjnhkshl.xyz" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd5-ed54-4f4d-87ad-02fc950d210f", "value": "http://bhetakwouno.info/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd5-1b78-41c7-a1df-44c4950d210f", "value": "bhetakwouno.info" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd5-26ac-4de8-94e5-4cdc950d210f", "value": "http://wnobheuejtidtiip.info/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd6-3674-4fbb-badf-4336950d210f", "value": "wnobheuejtidtiip.info" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "url", "uuid": "59b7cdd6-6758-4ca5-9837-47fb950d210f", "value": "http://ixgolywnbwvwmtu.org/imageload.cgi" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1505223741", "to_ids": true, "type": "hostname", "uuid": "59b7cdd6-adcc-4b9e-96d9-4633950d210f", "value": "ixgolywnbwvwmtu.org" }, { "category": "Artifacts dropped", "comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707", "deleted": false, "disable_correlation": false, "timestamp": "1505223743", "to_ids": true, "type": "sha256", "uuid": "59b7e43f-5b98-4145-aa0c-453502de0b81", "value": "5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f" }, { "category": "Artifacts dropped", "comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707", "deleted": false, "disable_correlation": false, "timestamp": "1505223743", "to_ids": true, "type": "sha1", "uuid": "59b7e43f-f7f8-42ac-bc85-4ec302de0b81", "value": "5c50cdad090de913d0c87edeb392c8df1af9f5c3" }, { "category": "External analysis", "comment": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707", "deleted": false, "disable_correlation": false, "timestamp": "1505223743", "to_ids": false, "type": "link", "uuid": "59b7e43f-fb38-4b54-a271-4e5702de0b81", "value": "https://www.virustotal.com/file/5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f/analysis/1505217371/" } ] } }