{ "Event": { "analysis": "2", "date": "2019-12-11", "extends_uuid": "", "info": "OSINT - trickbot cashcore hashes", "publish_timestamp": "1576055992", "published": true, "threat_level_id": "3", "timestamp": "1576055979", "uuid": "5df0b000-ce20-4cee-89d6-1e9f950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#004646", "name": "type:OSINT" }, { "colour": "#0071c3", "name": "osint:lifetime=\"perpetual\"" }, { "colour": "#0087e8", "name": "osint:certainty=\"50\"" }, { "colour": "#ffffff", "name": "tlp:white" }, { "colour": "#0088cc", "name": "misp-galaxy:banker=\"Trickbot\"" }, { "colour": "#0088cc", "name": "misp-galaxy:tool=\"Trick Bot\"" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-e42c-4c15-ae50-412e950d210f", "value": "5f1de6fb357ee5821e86dfb0c373ea29a600769e8a83b70e77e4ecb284768302" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-cd14-40ce-b472-4421950d210f", "value": "fefbd626a8986fe0c42ad78e59421e0dd05bae31c26ee51a4376c58d99d3dfe5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-4b78-4d3c-997b-43cc950d210f", "value": "986620e9e27ddeefef746b3ab85da4ed3a8d38cd36245a76fbc0b99a119c537a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-3f08-4c2d-8507-4c5a950d210f", "value": "4e125c0e8b8578dbaa20638a4aac926a79cef3a6621d3351bb630eb243fe33f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-d36c-4c63-a2c7-42ad950d210f", "value": "7934ca1ca0a9ec30065d12a2f5d4dbdc7df71eef8e8af8d92bf5feae7850e43b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-f384-4019-8151-4318950d210f", "value": "45363875792ec1150f235d43a398d5080019a31487e322d0bf2221279424da64" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-1f54-4e48-aab7-4f10950d210f", "value": "3da6aadcadf81b15f1117771e79dd6b78bdd28405a35e8213de97c046fb30447" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-1034-4265-a7a8-4c3f950d210f", "value": "91eaf9d913402a7c3378f4b7a2b068e5b73ade4abbc929d65407106602f0f463" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-aa1c-4aab-8c4f-49b9950d210f", "value": "ecd9e7bbdbf657838d3527c43e04529fec97af74907493ea2a9ab46f72192754" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-d8d8-41d5-87b2-4e71950d210f", "value": "7ce5efcdc40d2b8e157c16f4281c84478eec5d8a6604351b005723b80135a5c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "5df0b03b-7354-4e0d-bfc3-4c1b950d210f", "value": "415d65745d95f0a468a6ec7d21e670e58d74f21717db5db645cbd40eee7bc6ab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-57fc-4aa2-9a8e-4f83950d210f", "value": "90d86f95cd827d8d1e9093257e118d59f7cfe02d869e52479a85673850e084e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-c048-4978-bfd9-42ae950d210f", "value": "97a4658497adfb1b8c46c615e676d7e51308490aa1715cd78abf03662a80e145" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-8128-44c8-8fb8-4353950d210f", "value": "d350d2d326c205e4a93442bf7b2f29683888d8a1a77023da769e8ce4d2cbd94e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-b074-4407-a952-448e950d210f", "value": "dbf1565a95a2485ff3448bc994277768df704e8c37c553e64d5b59b82074cbee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-f6b8-4023-b8d8-411f950d210f", "value": "96689f58b3f9f44ca9c5bf133b1c880c03dfdada3b0c28cbb9cc6ee160974ce2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-6614-4bb1-8214-45c0950d210f", "value": "28348068d4a96533884f5c481a16083dcd8e331c09facf08df1a331fe6ba4395" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-6bb8-4008-9b60-4074950d210f", "value": "58f45d651ba2fc5d8a1c4a0b338208aa0a7946afe933c7d34d35cdfa2af5c2d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-d624-4417-8b7c-4ad1950d210f", "value": "7a34cd84c913e1e6c2e1a6f94c34d62d3a261cd1a75da85c0f3d73df9259c5dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-5c4c-44d3-a372-4f31950d210f", "value": "f4802ff60ac9e87c230e21ea0909bbb0930390ac51cf97dacea41fd24211d5c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-8b84-41ef-89c9-4bfd950d210f", "value": "504a762eec4cf52c11196700afedf0416a8edd206e1ce24cf792ec269fd8dbce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-0764-4c59-a1ba-4781950d210f", "value": "d4af0967f5d0934dadb18b1e05ae908d586a8817305f89592ea272e7009d9f46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-c600-4652-b7e8-44ed950d210f", "value": "9544a35e1dcc645da251a6a56db8bf5232b14824c1591b2760cfcb62ee4eb127" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-a578-414e-84da-40bc950d210f", "value": "a679240bf4af8ef69fabc147e123bacb020ee58a055abe272c0e1e20b36be5ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-83f0-407c-aea7-4901950d210f", "value": "a9db888bd80d8c94393e815f0e7810fd12365ed9be183b4babf61a5e7124a7bd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-645c-42ed-a0d5-445e950d210f", "value": "8019eb1473eb3015d1b1f4b4f606f29976a50b24d73bb5a7276af48bb2df6b12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-2890-44bb-83d0-46dc950d210f", "value": "9c0cb9e43e2fc4cbc2cb3728dbfa41d015cdfedaf4111f28726df8f36fc929d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-29a0-428d-8258-45cc950d210f", "value": "6a3b484113c16cb513fd220541c556f211ec9aaf0cf2737cddb960ca8425f63c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-46c8-415a-baa1-4e3f950d210f", "value": "ebbc69e2b6ae5e838c17deefac4a00e0e52d69fa8ca50d133fcb849667a3b3be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-4d34-4344-827b-48f6950d210f", "value": "9d7f87b56eafb20acf39a0be08e077c02f40e2f8f08cf661b57902600de78c70" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-76b0-4f02-bd23-4930950d210f", "value": "ac0a3eef0ee842e7377a81a4b64470ec90e3e3d871c4b0bbbba027d6dd73d839" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-f73c-4780-9f0c-4fd8950d210f", "value": "a46cea0a797e51ebe1e29dada58a6fc7c8f119813ac76ff85055630f2ba7ca27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-aab4-4637-b433-4327950d210f", "value": "20fead8a77400ccc5979691974048f9350cfeed23a6e5b2436ab0a9e314569aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-37a8-46f8-bffc-4d5a950d210f", "value": "9ffc171e07bd76e75957d7a6d6ee25505c33401c50830a2b7f2524f802336c72" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-46ec-47b7-a2e6-427e950d210f", "value": "8577330adc83aac74476e9f3a70103a2ce7bc2a57d87032a8f5443b4d4f18517" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-4840-4cee-b55e-4ebd950d210f", "value": "e258a486f192d62e58b5cb4dc903579ca62f5eea504962892869b479de7ba71a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-f7d8-4537-bf89-40d7950d210f", "value": "20f68227ad461fcff097a135fe39b6c1a9fcb5711d7b9e94830a3233e1ea3fdb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-f9b8-4bc2-bc9e-4bd3950d210f", "value": "257c041313c04b2dcf175ebe5cc874d0ce9aa4bad93e817279f4dc332aa09420" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-d67c-4d61-8203-4c30950d210f", "value": "bd705bae29e82a184dc1b697fe12e31e0856fd5cdfafb8e6eabd6e78ae4a16d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-7284-4195-b9da-4a2d950d210f", "value": "cbfae70f76b555df5c045a3236d56a8b3bdb7b80d05119658898b423f50c4293" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-e298-45b6-91de-4a3b950d210f", "value": "e18e786e4ca230ade1bc145f485435d81d039dc0ab92fff6c88c8accdd1ba95f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-c700-417e-9513-4e7e950d210f", "value": "a3eaf8b097433b8b607bbcb8f7bb4e435431c6ff825dca3e6541c2dbb88514cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-04e8-4bdd-8114-4cf9950d210f", "value": "7860674666bc7c299809637998310b9aacf6a4965da0d852b61c67742edd8b62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-b5a4-4d45-8bfa-42f7950d210f", "value": "65eeca9512dd349debcb48151fa859e1b3c02d1e533d07fe6d4b6cdc465aa43e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-4be4-4ae9-aed0-4307950d210f", "value": "31fb9cc444848fe2c0b178119d5080419347f6dfdf76bf820834ad750285faa5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-1e80-4a6d-b6eb-4fd7950d210f", "value": "7a368fd689c7f3e7c95d7d67f963d4438fd8fc417623931bd17b03f0a9da6ff3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-dca0-4339-a2a4-4a65950d210f", "value": "eea7cc92f6d27c6a67c1fd0767dc4d97be238d7b8ae3aa93020d80aa7ff65d44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-d534-4176-850f-4d0d950d210f", "value": "568c38c9adb0c2c1ff87043cad3004ab4a537b1c2deccd2766da616867dc634b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-de1c-4824-ac34-4c1e950d210f", "value": "8dad0d94b2a5f0e442dfc8b600c9f1b0011706728903a6dd72ed035cf8d62e8c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-1748-420b-977e-442d950d210f", "value": "c904c857a88d375b1d7647230fad0cbb4cc8e173ff5f874faa6e4daf3ebaca01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-f76c-4172-9b77-4438950d210f", "value": "73d2fdb420a1f0e4ae42b362f54c6cfe39f197f8f9b8c8c2c7581da53de7e144" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-113c-4b19-ad6d-434c950d210f", "value": "a9207aed06e769610fc9ea357bae1e1462c180d10c1cb05e49db1f499d48592c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-d66c-4011-9935-4960950d210f", "value": "5f80a818809cdaac0959a7bb4cee64ab1044a0444a34db5a154d6a7e060353df" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-947c-44c1-abd8-459c950d210f", "value": "2a2b7c96b4976ac66c22872575123b72bd9d285001f83c8e81f352afbc0a68ea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-3378-4f3e-9124-4dcd950d210f", "value": "44e6c50c223f82ebd0700bfe9a0c1d4f9f9d95bd49f82e2a6f6d800e60c53bf8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-acac-4bfa-b48c-479e950d210f", "value": "e87a102922f2a09acefa82210ad67e10e269f3c14ab4ca9cd475ff66b8b48706" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-8344-42d0-a6ae-4837950d210f", "value": "6fad038452d694046a6040b37057598bb05cbd6d898b92da03d9af7d8bae9d64" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-72b8-46f8-80c3-4402950d210f", "value": "f0a8d23efcf2c50479a878dea17207424b0294f6b03f5b72910579b0f490d22a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-0d7c-4f9a-884c-46f3950d210f", "value": "63c4cce6d4abac25062b3826bbddf3fcf9920e86257bd0fbf32b78a1cea48b17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-78c4-45ee-92b5-4f60950d210f", "value": "a19cb57464849401b6b3550182b359fd662673aaa44103c2d698a6b19612cb63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-9c6c-459c-8998-4c05950d210f", "value": "4d758688de62b69c69b98dcaebae6e98dce463b4eb0f62591cd2df371ad54535" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-b354-45ac-ab17-4b8b950d210f", "value": "b636ad3e666a2fd724a2719bed3c7bf04cb21eff830409eb806553be8835e424" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-b954-4b8f-a683-4b0e950d210f", "value": "f506deabc2b7589292aa8af68f7dd8de7326cbfa529d4a8f260dbdc0dd7126a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "5df0b03c-c8f4-4776-acc7-49de950d210f", "value": "e61a1ba9c85ab774dcb35ca580282cf980bff6928695b8beb06843d73189dbdf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-f794-4f85-b13d-437b950d210f", "value": "060d74a4f7818bf7fc147aa5e2ee4533a7add3605d4014cd4a6c58916c6172d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-7a30-4d31-9143-4221950d210f", "value": "192e68746552b5546de223be6ec1f65adb4abb9c05a11ba8fcf159c1738872ea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-0dbc-4761-a1c4-40bb950d210f", "value": "9edc0ce20c2ae14ea9c587e0a6d6f7663d501542168fd6382d829ef85073a594" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-f7d8-47a1-9cc5-4477950d210f", "value": "f586ffd811378d6d3b706c5792b23cee7aa320ceea9694544f38ecc7983261c8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-e924-4554-8009-46a0950d210f", "value": "c72f5072c7aea97e0bf562953dbd10743bb5a981d6a0baf88ccf28c881ad1435" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-298c-452c-9d7f-405c950d210f", "value": "64eb9c3b8f0dc2bda117596f50c751bfb6d90b72b7096b59eed72b8ec4613de8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-4ce0-4722-8c07-4a7f950d210f", "value": "8defe8f8adf49bce8b4ca4af8a3b89d717b6499445239ff1a77b00529ca05455" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-f7cc-48f9-bf33-4e69950d210f", "value": "a1a25ccadda246f3d7a560a95bdea9957950045f11595308df5624485be320b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-ba30-4484-8656-4f61950d210f", "value": "2843f7de1d188c9a2f962d64ab487c600c1d9ba38a9d3982f6d8fef7dcbd098b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-4e30-4a2a-892b-436b950d210f", "value": "d643b32810d7b5fe56ca5148590e7e8079d0d2c7de248905f773f1832dbc8c0a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-3368-43eb-b26f-40a6950d210f", "value": "45664849ec2256bcc959b68c06d959e9e0571e4b98f29462b1ee5459a05ba03c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-82a4-4273-adbd-43e4950d210f", "value": "f9b97e51603687908067e0a7da3e3b7b7ec893cc01f28a66244e0180d8c47abc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-0b14-4e2f-a34d-44a0950d210f", "value": "7e1b9dc4c57c34e2c2acf28e6032cc7b944cd840de765c97cd6b1d936836498d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-5474-4868-bfc1-4b8d950d210f", "value": "576b5faa19a20599f24a3322b098c214077112a0c1c96f5de5a1ee898595ad30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-1e98-4f8e-bdcf-4ee5950d210f", "value": "1490120495ea192eda1987907729197bbcf56f3826e0f0406b545e52a8c69373" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-9d84-4f88-856b-4154950d210f", "value": "34c389cd507f99a380deb6ccabe2c6cead6f25e5fe78e710acdf8707a60a57ec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-281c-4a4f-9a12-42c5950d210f", "value": "8a18be5d3739b3ebe39b075757c60354cee2e680b8e08de49b32085cfe69ea53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-fd6c-4e3b-aecb-4418950d210f", "value": "d9e5d44db6bb8faf66be54b55986ee4c0597f2b5b31ea0683bb0f543adeb9d43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-5684-4e20-8226-4fb5950d210f", "value": "a7d52d0e385159e745d6495a4285a6e4fc96c83b775e79db98ba1fa4e46c292c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-e560-4aa5-bef1-4370950d210f", "value": "57a99264787fecbb4acc9f317f460916acb380ac941ccb66d7c7521b1ec17e46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-7cb0-4adc-a8a4-4784950d210f", "value": "aaaf7c645d38e22cef3b34153c449bb7fac3af8e0f6bf29e961018d27e6bf941" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-1c10-46c0-b3ca-468d950d210f", "value": "ff9133669c7f22c1b09d8ba869c490ac9d91da045762401eb975b600e051a643" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-ef40-4639-b993-4fa7950d210f", "value": "ccd47c869d3573eadacdf04e8ae5294ae8e193a68bb05aef6d0e4eb563f54bcd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-fe3c-4907-aae3-4d9d950d210f", "value": "5eec8ae262bcc5d47f42cb57a742bc95691278d80f6f5dd3dae50a0461a2d746" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-fc74-4861-9e74-45de950d210f", "value": "9401771a55e0df0af4c8f2e73f30f622cbf2632cadf476aadb16fcdd2c7b5d46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-6bf0-4c28-80c3-48cc950d210f", "value": "2b27cf8d46e3dc99cfa4b0381f7e2489b203b4c079bdce5c107629c7957456a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-5304-413e-9be2-45d8950d210f", "value": "c680fc7b51a0cee302bc5fb4c39921c22c1253d2bd339a09c1507ccddfffce3d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-7970-4d84-a48d-4278950d210f", "value": "0323579935236a84bddce1f305ab4202cb706e89f910ad18758e118689af546e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-48e4-45b7-b617-4f32950d210f", "value": "c204d91f556a9102c196cc649289e4cf68db2a31c17b28f5c3b3b70ab65f0431" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-b238-432e-8332-494f950d210f", "value": "5ac92f676d9698faa5b6f5b63b7b8605e62994cc766d5516635d7ed40f70cd35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-d5e8-4fdd-bf4e-4598950d210f", "value": "c8d02b63d5d973233f3f72a608c991c48cdb799c314287e7de3a1a8e327111bd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-c4f8-4b2f-a96d-4353950d210f", "value": "be6cbb6d2c42472006c1c3f093a1015830e4fd45bcdf50bf89f5eb8a234d2c1c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-24d0-4ebf-9fe7-4d10950d210f", "value": "fd0014cc7ec0ba63e363f60e94870beace7e0f649d5609accb8d4cc83a559e20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-b68c-4da4-a1d8-481a950d210f", "value": "959a7940a5d8811036a35ce12b36fb9e2675fc4ead51f8eb9d67a870194ed9e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-8e34-494a-9719-4387950d210f", "value": "f41ed53c0c864b4d60da5f6a8e31a1bad43d48fad76f39f36c7d351c401eed5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-0db8-4f4e-a96a-41f0950d210f", "value": "aed94a273cd5238ddfb5fce13847f51857beebec9e2fe22a8726efbe42498746" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5df0b03d-2e34-40d1-a6be-43c4950d210f", "value": "5b706dbca4b0975be310481c0a238641873bab44cd73de01d09ae00cd0061287" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-738c-4320-9f77-4c1e950d210f", "value": "9726003bb13cbbb847c3f771c2097722038a0487a721b1f3d5cfaf01e891a3cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-f73c-4fbf-99ce-4c88950d210f", "value": "161a343cab2f3e862271b6d5010e8800388cb2e221f54f197330792881938e51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-bee0-49ec-bd32-45bd950d210f", "value": "6cee05723caefbd2f1f92aad74d7f1cac9f0074e20b4423fff56e1a8acd689c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-1954-4498-b9c2-44be950d210f", "value": "34e500bbaf855bb4bd7208899b40a42a15d6c38ed09bffc1dcc64f481439ce15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-f6d8-48bb-9c62-4ac9950d210f", "value": "0d9d499882a9188a73f1af194fc03e5803181adec3fdb9658e4a7c1991196ba2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-e028-43d7-b17a-4047950d210f", "value": "0bdf3c6e94121a3f2911f2acdd0514c38069b699859a29fde0d54b0a0cc37e85" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-aff0-4b63-aa9b-4f50950d210f", "value": "924a8b62fd55d59d80701387c86651ca455d5e6044dc6c836198dbe3577e8202" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-c6bc-46bb-b04d-4a25950d210f", "value": "7a7c7d75c04c7a22240ee8223dd9161c4cc06d3f5f442ceba055af748aec487e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-c328-4db9-8883-4961950d210f", "value": "2293a2c7ed2ce7ebe8c161a286dc5e2b4d2b70afadcf972d524f02abad4e59e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-a0d4-460d-85a3-4c1d950d210f", "value": "77cf0d5a5c3c8256ce3ebb1ed3c3937c181cf717986bb64d8457143171736197" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-3434-471f-8655-49ef950d210f", "value": "8dd6ac6c539d10c74f76cedde68adbed0393e880ab9a305a9297316884f360c4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-2218-422f-80bc-4816950d210f", "value": "ee008b9299dda630d5ff4217a43f7ca9a280001ed006db0008ef2716b6c7a5b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-6b48-42ed-971a-4c49950d210f", "value": "c09a454de3ee3b814d0ad8530ea962596dc66ebc7366d9d731e273ff9560e87d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "5df0b03e-2e38-4a15-a040-43a9950d210f", "value": "97e16593378bf75c26944f5a84af8d6364a062bfdf5bd055f2e5d76a0f2b94cb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-072c-476a-9919-4742950d210f", "value": "ec7e696dff324e9b1302069dfbd49a684d820ad0b5c79a16b305ab2478a144eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-2ad8-44ca-a1ed-4290950d210f", "value": "f9061958003b279ec0cab8c53ce83c588ef2be18d5840a8bf0a9a57ad2adf51a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-8d08-4845-9b8b-45b5950d210f", "value": "21f19a65a0194ead3ad5b624e44c7b32510be96633d6e778827adacb311f8877" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-106c-4fd6-aa0f-4aee950d210f", "value": "a1c52643e738eeff690993a22fb679a98c8ef2057eda04a3c5edbd2632b3c2c8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-61c4-4742-a4de-4085950d210f", "value": "d619f315ca6b1e9212d92e361a09ad01a2214326a435e25a33c20689343c6f42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-cb04-4f73-9d5b-42ed950d210f", "value": "ffcb32513e35a6404482528b90b4eaab4bb4e3b4d2bffde5be51fe1fac0eb152" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-7d08-4fc5-afae-4338950d210f", "value": "46cd5c3efbd83d66e3752be1d8229c6eb597d7d24ab68c6cec249f6b0368e57a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-3d4c-4090-91e5-4896950d210f", "value": "12cf9d677b1ff4e8a97b43bccf1ee7081737ff556c65907ece0debb4a2cc590f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-e5b8-4baa-9867-405d950d210f", "value": "e8d6740005d7459b7119b660a95661a6889855b3f697ad063a06731cb6423036" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-0354-4fec-9ada-4544950d210f", "value": "9a5f8b42ee9f40a59d99c1b33ebac6ac9290f907dae8188bbc9ac1f875c2a99a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-5268-475f-b1a8-4c2d950d210f", "value": "5c7b6ee00f7c96912e4f5391be445daf2eeb90d5f81cae7b6337b6329fe59165" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-9418-49af-8e23-4f31950d210f", "value": "91c3e558704960cbfc8f2e0a781d3ca3d2adc4ec82a978f6c598bf842d267186" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-0f98-4bf2-8f7b-41f8950d210f", "value": "e3eec80ccd47c6935f0fddce1d3627f5be717e90a30e2f736c3ef268bb7676f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-8830-44e9-b79b-4edc950d210f", "value": "387d4ee7df6dd6fe6321789aaaaf2c9752b2d07b001d13b446c559b73902b633" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-35e8-45cc-948d-4ea1950d210f", "value": "ab6792b3d193042bf502069939c409e15715efcc86b4d03410ffcb6eb4779b5c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-ae54-4a2e-a9b4-4426950d210f", "value": "7a68d875c499fd6987c5fa1a46272bd7c2969f900807e51de43b49d9934aa59e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-3460-4b60-b0bf-4321950d210f", "value": "2df028b7d9b691bf3c25d8579c5b7846f40227eb00b563e04956fc1981fd5ba9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-273c-4ca4-a725-4009950d210f", "value": "c7c3bd15e6546015a1dc1805d5dff9fdca0a103e010c9538c84a66a632a0493b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-6340-4455-9e32-4e30950d210f", "value": "1c209ac0b2139297bc88bbf37a5262ed039bcb454abd8f75abfd21120b9df883" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-275c-4a5a-bb47-4064950d210f", "value": "1e1f68b0b5a623c08acf5c37fe2c72505caa9783587a7ef925a25de26d950f2d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-7030-4d91-8c30-428c950d210f", "value": "4ca8e95a0a59b48ca7b24ac6ef01fef657fe47d3ba98a4abc870e2110c174986" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-6de8-449b-a47a-4af4950d210f", "value": "03b8210693afae7306e09bf2032a5cc47d88b623aadac02e6bf932e887454c5b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-ebe4-4e7b-ab22-4361950d210f", "value": "123954a33e65c8ac28dba816e408fba324e4f5984a08dfa94f7640d5dc429c1e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-9b7c-4c5a-a844-4499950d210f", "value": "6f06ed65b8e0314d12bd54d861c9a7fdaa2c1409f3b91afc0ccb8bfabbfe47ff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-5730-43b6-8f8e-4e9f950d210f", "value": "220a65657f754a4b46670b3666f8e14545c0dd286e8caad4591ddb8172e56105" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-ea84-4598-9737-45ea950d210f", "value": "b0485232103de6831e588c1fe1b52ae9ec3fb554b12dd29843c7d535fcb676a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-a9bc-41b7-94a4-49a4950d210f", "value": "f7e080a60a2b820f8860af7f197f29d32aab6f38ac9c9074aa906b20cfed5918" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-4b20-434b-a381-452d950d210f", "value": "5c2590abc22bdffa9a7ff469b6caf8b64c66242aeef5f6b6229b1ca600ecf387" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-f5c0-43f6-b76d-40df950d210f", "value": "82b1489f223b70fa1ce9da30d6477dd00abd48a274e99f32bcd82d92c2af808f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-99e0-4b8b-ad23-4b57950d210f", "value": "c2232604d5247808d7be0ff297a17c87129824209d8b8f17a6c5ae9c8cf50144" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-0304-46dd-b713-4e73950d210f", "value": "cd42c483e127c30442eebd5a7143d25276d06340fc24a4324ce6fa39da7120b5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-f770-465a-a9fa-44bd950d210f", "value": "a00c5219a5c8c3a934ffd4faff9a79a964c8b60280f6c26ee18490b2f9be0152" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-ea54-42a0-be59-43db950d210f", "value": "878eaace41f3e112afa57f52541613cd126979bede58b0a7eea091a057e75e88" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-415c-41f8-9713-494b950d210f", "value": "9191189f3c8d3ef2f451ed086ce3520b25aab1b81c5d5c965c11fc81876c9ca0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-e558-4a96-967b-494e950d210f", "value": "608aa2fb4ceae9b590a2bf265e7e7a44337ed8c20f1884db16ab91b898bffbb3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-ff0c-490d-89b8-46f9950d210f", "value": "40668f08878740fd7eab3c521702a5504f8c5fea2b803252962927e5d50c2950" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-f448-4d67-9ab8-412f950d210f", "value": "4b6c68077d8cd37814b678f2a04d997fe3339008e9750b8cab619360a2ab1b96" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-0244-410c-84a0-4d56950d210f", "value": "e908dcbfc6a2d0dda43f4fb1aed61a3279b0f8cd383e796cf7d13d45049a0d7b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-7cd8-4a6e-971d-4ea5950d210f", "value": "c4cf061f764535f06af80e3a1e8b9bf87617a509cb879dc26278ad9577310c6c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-d4cc-48be-ab18-4ddd950d210f", "value": "603b8b68189d423aee83a9f2113d293538eb9d8f0ac4a58bda55734006734b4c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-e840-4758-840f-4154950d210f", "value": "3a7fe7796e70149b80f41d070b2d0050e2055cba3bd2e6cda7752441a736b8d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-1db0-4094-9b55-485b950d210f", "value": "460a87ff9ac1302a2189064447c092c8388af958e14da48a85070b71f0478e60" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-c428-4446-b8bf-4981950d210f", "value": "7f882477d3f1b5925f53dfeb5c0f582e9e1813c10c46a2ac0989ed6417fb0a76" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-79b8-4260-a28a-4bb0950d210f", "value": "490cc1a82b65b83687a798282fffc65893ba472fc55d106204cb54434f04d582" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-710c-4683-a2ec-48e6950d210f", "value": "3e9666def4f1f0d096d02d0c15738e99da05da2a52b64dd5a4229d6548ad37e9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-0d5c-436f-910e-4c60950d210f", "value": "e0c1209a7ea3ca2f78b0c9e33b25a074491ca7cd4208b84d8e1908db76da8d77" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5df0b03f-27d8-4f99-9967-46b5950d210f", "value": "88b1b7d25c5f4f118a404eff1800dbf2794d97271ab293c1ad8ad8ec5e545f02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-c300-4d41-a7eb-4577950d210f", "value": "02f89e7b87262d14560f46006633246541d521d41b8e90b9466e61e578dc0aba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-9f3c-496a-80a7-4a22950d210f", "value": "e3b3f7195bd380f9fdc3192b24d0958db1e99937646a795e97f1db1a86b67756" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-01fc-4819-be6d-4ff4950d210f", "value": "80a07c5c111eb78c26ae8b707f9c02ca75584a0038994bb4523cec0ed018ad5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-5304-4afd-9d5c-4c99950d210f", "value": "301435e44ce79e819700be21046eaa6bc26fe28f7b94d85419f55c32c18b68ae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-f8b0-4883-9f64-4e98950d210f", "value": "1473aa4c297929bcab0b67f502ef90b5214113b442ed01910442fda077692f4f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-1c28-496a-b270-4654950d210f", "value": "b09e5f96a0eb011cdc9aa3a223c00459a2778a74f2d1f0fad982ac6ffc3157c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-b640-4f59-ba81-4260950d210f", "value": "143572af9a036032d8a0ff56a8dd828220d0ef3aa0469058261beb9cb687c30a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-92f4-49c7-b0cc-431e950d210f", "value": "d885ace57e9c72d3026b994e70cbb52e68dde1df934e69084a9173c6d37f4023" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-9910-4785-b855-4714950d210f", "value": "eab2961d1e43ebfe346bf69d1d424efa3553f9726299a40e45bdf2f743c101c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-8868-4a2b-95cc-459d950d210f", "value": "5b3fd34ea531bec8d64fa5ccf6bfe216a06984fd02d7384ba3914814d744d6d0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-0ad4-4157-b48d-4eef950d210f", "value": "ff1a7c25bf00f8e001176b6b0301cc8ba7e87d06b4f01bef90235e7069a1b30d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-10c4-457d-94d4-489f950d210f", "value": "09ec80f99e85ccf0df9ee0ae4c6520eebde71bc3c87b2726d84b981259164639" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-948c-451b-86cd-413a950d210f", "value": "e43830a8d66e07606f3b52c56d1cc6bee3733e1b9e7a435578a052834ea78bcb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-43d4-4321-b56a-4cc7950d210f", "value": "cd48897f0bf376271dedecd481a6c9117a6e8303d5a3e583c034c3d33ce23c4a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-a52c-41a6-9e35-4176950d210f", "value": "388abec861fc7230337a22b32f349639560154d68c82e195509d30a1e8a7479c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-ec98-477b-9ff8-4427950d210f", "value": "9767c10a00326f9f167178d813afb963021e2f58aefd174a211978c4aa1a95f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-7be4-40e3-abbe-4507950d210f", "value": "77db29ae7db276b52c2c4f8dacec831896523d8bbfa2cb21a161fa5a50d63476" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-cf08-4ffd-b873-4d78950d210f", "value": "c0c02334dc523867f02a593cbc860e1520158da1b3ff9c1370bcbaeef70d4009" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-1534-4aff-816d-4d7d950d210f", "value": "96beeb7236cda9ae1fdbb692c03626f40e57ff55014838d5143ad461a3461770" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-f8b0-49bd-96cf-4bf5950d210f", "value": "adfc6aea1314ebaef8bfe956ead4223322da266c696a2f4d054fbb157f8d5abf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-25dc-425d-ade0-45cf950d210f", "value": "ce110da29dec4756efa27fc5d4ad17eca6e6194375f8391226f60972bcd17a91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-e77c-4e6d-90c8-4e72950d210f", "value": "940b78c80d87d87ec29b645857635886addc471f8c70b865e49288feec5059a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-6bf4-47e1-9d2b-4c05950d210f", "value": "63476988992a922fa9c1b2ca608557701306bbbc5f2f062e3477d31947efbb62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-c1d4-4f96-b94a-4ab8950d210f", "value": "decff0530202a546210fc055e1a6b0f912678ed85d2d77ef48eff23ac2719019" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-9f84-41b9-85b3-4b35950d210f", "value": "ef5c29d77fd28e3263573cfd998650040d586316a37b82d6b7646872255ef3b0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-51b4-4cc9-a4f6-4126950d210f", "value": "a3c8cf44b0a0d6bac1841c641b2b9113eaeb70c35f2c2668076bea15099e1eff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-f440-4c0a-9cc5-4214950d210f", "value": "c52f02602bf5945fd62bc86c992f4d37e51857af76b67fd029f715a6fa695b3a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-76b8-40de-a1a2-4aef950d210f", "value": "dd970118732e36438b0af85413668925c73f2fe7983bc085b0cdeab3582f271e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-933c-4500-9a0b-49b9950d210f", "value": "37d3ec9d3335ba7c437681b01dc79539046aec484045c00ef764587b164d133f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-0eec-46fc-b3c5-46bc950d210f", "value": "d6720180c4bcf1e2d01fef9ad426edc52917286a5807a518468eba3e4aed7b53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-300c-4c85-8414-4ad9950d210f", "value": "5f21b9e408d2fbc366e15204d4965cddbadefd113612a647987f9126961aec04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-4488-4c16-850a-4e0f950d210f", "value": "6c69d1c6a51d6e5254f6ce3a1c55d91571421835033259d7052f3ac759820a18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-2574-4052-9f69-45f2950d210f", "value": "8d32f91d955cd2b85d657cab932431097edc4b52aadf51e5e25d5eccc761132c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-f0e4-43c9-ae7c-49a8950d210f", "value": "51f64cb9a8e015fd8b960c82e5cceeeabe379966de4038b460e0d77bd91273ac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-18a8-4ea3-b6dc-4af4950d210f", "value": "94116b1efc4fb3208bca075dd55ba04321803bd14a5d91f8038313ed816f5560" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-1d44-4bf4-80a2-4244950d210f", "value": "f5d15646962641710bd0af8169423b16cac279d6b78af0bc7f6f720d7c30ec01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-1e1c-41be-91f6-49f2950d210f", "value": "ff35cf673a2eceec026cba6050750170456568b307bbfb2ba984a7b0d6d5f2ed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-6584-4c5b-9df3-4e48950d210f", "value": "b9b546dfbe34a6256c093ad7688cb447b89de2f9916dc073e6f7951a3ebbc830" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5df0b040-d0e4-49b4-8e47-45de950d210f", "value": "d838184152595edbd8093289a71d84670cad912010d07c309d1321295b1cad09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-c2ac-4009-92a2-4525950d210f", "value": "54ac5748d75d1963e2c5b753e31044813ba9e116532d73815a862e469879260a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-e5bc-48ee-a1bb-4eb8950d210f", "value": "2443279e31ab6247ce24de7144d024d6d7ffd792541a813972e9db803716f533" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-37ec-4bac-93b1-4c95950d210f", "value": "9a1c0b695bd632525b1a33629f16393409da089284ad36a2b8a7a86cd24c2cdc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-cd50-4431-a7b8-4042950d210f", "value": "0ba437dde133d54fe3ee1c2882320698fa2b0738d7ed8ffd53f1d76ea8897481" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-0270-4dbc-b980-4a6a950d210f", "value": "9ec7482e56c1a048351a1b9f9825352fd535089359e232b70bf2023d3a0143e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-8d48-4115-a6aa-4f58950d210f", "value": "91f1b3a4c4af40cee470b75619653eeb88db8b37958159b6df262ed01d2ed7c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-0498-45d1-9a15-45c8950d210f", "value": "7c6233499d1298c7cdac827e66e727c4b716cbfd3789e468f3e26693bee57467" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-d2c4-48f4-9dd6-401a950d210f", "value": "6bbba3209752c404e353cd13947b9e851aa3865a6f83493b5e42be1ce586f963" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-8340-4f16-9947-4b91950d210f", "value": "b7ccab9717b1469e44bdd4682dfbb66706a067deee8f841cecf77e598a69062f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-4060-40cf-bbc1-4392950d210f", "value": "8fed723fdc0793a7a130e6327d5e8feff1feded7555142d01a3d788404a1b3cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-c478-4853-b3cd-4fff950d210f", "value": "7046577f74929156e1a0e8b8a267a254074ad941a58cbfa808fe95f248c7687d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-7db0-42f8-adfb-4819950d210f", "value": "1a59ce8bc8290a2a21af2f6914566a2301e3f2c1dca2f42749d16f037b2c805a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-1a40-415c-bf3c-4bd1950d210f", "value": "c1258f15e48eb097453ca8bfb959e887d98d128759070034665d95314bef1cc4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-d868-4ec0-ad19-4449950d210f", "value": "66dcbe7ca3b5ca2636ed3d8de7a57b2955091a0cae30731005d82efc9cae0c79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-7c00-4ae0-aadb-4b9a950d210f", "value": "957f3631844a1981e02551916a6e3ac788aa468cc30130f0da01166a02588268" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-41f8-4a22-a44d-436a950d210f", "value": "79efc9b5853a3beacbcc3e183e810d34b2745e3cbd74dc6533cb595a09d1ebc9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-dc94-44c1-a313-42c2950d210f", "value": "3ad66d92af7445f4dc1b339299f95c7e08372bf8b1b5055fc9f48f07481552c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-bf10-486f-9f0f-483e950d210f", "value": "7f1d3f304633e81b604ec757cb319d92d5a11f2f5de8e89d90dafcf872fcbeef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-8d3c-4b35-abc5-42fd950d210f", "value": "fa0d550b5eae5ab246a42be129e71e37f8b98857b533a69c410097b34670e94c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-4e84-4e72-96db-414d950d210f", "value": "28f108aae9808c8751112e789f8987902d57a51f283f8cac6c4f8ec333ebc168" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-88a4-4aac-836d-4673950d210f", "value": "82048f464c16ff7008e7495cc87fea4fcc5cf04d958a12fb1b3dc613fd33efa4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-39e8-4227-ab36-474b950d210f", "value": "9a984474b1600dbbd1078648f66a9d8a82f3c0b97c5b278762f24e3b6346e210" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-db34-402d-b48d-4eb2950d210f", "value": "6af21af6dab46946596b012550939e5fe42b78a9403b2814995796bc3b15e976" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-270c-46a2-977b-4f54950d210f", "value": "203cbe5480d28edc12930a107b24f625cf0efd10cdcdb954dbc122f9e2c74eb6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-5f78-4f3a-8e1d-4943950d210f", "value": "2c03ed5b6081c3fa6561c6d20c502cb4c47bb88c64f33263972b856215be982e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-e19c-4d1a-a83e-4c5d950d210f", "value": "95b4a039248c58c3886e6735ce41e3a2aa18ed7e4b9c60cfcf1ab0a4e013a275" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-cae0-4fbc-8573-4e55950d210f", "value": "2e8b35c7bbb105d779c8ee29f3bd89f1e1753cf1890df83388ceff019ddb7ab9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-0fd4-46f0-9fac-4d8b950d210f", "value": "dd5279f4d1936a2875bffcdb28cc5020cf6aea41c51a7c45ac3cd16dcaa2e0a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-5144-4a22-a665-4e86950d210f", "value": "84c830d00205e5eec89eb6d87555785f200ba5cb94f5a7b3ddea4b67c41fdeb7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-694c-4962-8301-43b7950d210f", "value": "2ea3ceed200e046612256acc1f69a7d0582ed5211f537d941ac93360e8403559" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-7d08-479b-b71c-4186950d210f", "value": "590752a39996f425b0a0033329dd816c195bade99edd7f4c7aadba84f1744eba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-62ec-43c6-a58b-4fdc950d210f", "value": "89517d5ef6fc519f230079a2c06b80e0e93362c0cdb4239cb6349a26136c8357" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-35ec-46de-adbf-4901950d210f", "value": "48dfc838c038dff2aef79334e74f1da28d92166ef03f46df2bead9bdd467d307" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-a184-4cfa-bd64-4fe0950d210f", "value": "26649e486ba1a9ad46837aa6e7c80b094b0b6e2af1f0a906310e1188afb35696" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-3684-46cf-aaf0-47d9950d210f", "value": "a0ee7213974daf74c1940dcaadc9c729cfc3e2a5a2bb4e2a73684fc4037e49ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-0514-4cb4-8377-4bd1950d210f", "value": "307792eb08705f14a9b31a2718fcf07bcda31bf21b147f69a8287d6c57362680" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-4448-46d7-a6ae-4a9c950d210f", "value": "8df4b1705188fae1a6472b1456db8af87269efd2a2caff5863ac165adacb88c8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-c34c-47ac-ac4f-474d950d210f", "value": "57933d84d9e4d9fedf9496972ac23510feacb2a4c867568b1b7ed490234e348f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-cd84-4706-92fa-456e950d210f", "value": "5950774f554812943b76eb930e90f82aef3e0d1483dda07546db29898dc6c336" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-e990-4066-9c73-4a7f950d210f", "value": "208408123b09439e6f8fc63cb0c58902a3f1e0fc730547e501ccbbe6ab880bae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-75b8-42c2-a502-4c84950d210f", "value": "3f819b905a4cec128b33469fe4b8eda61f969ec58247955a0b98b021e9a16a48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-ac54-4634-9066-4c7c950d210f", "value": "6cde3711c42fda4fc47d075bc1885657a8f1f5000bfb3c40f99a62dc2d33359a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-2598-4749-b882-4ecc950d210f", "value": "6a1fcfdd092049a7fd75b42fb7e8e3f256806098ce884c06ca683d145a875fc5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-f530-4376-9da4-4b72950d210f", "value": "69b5a1582c4398b3367c6fbb40c51eeda0deee719b9830c55c946da564fc737f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-0a30-44d3-b448-4ba3950d210f", "value": "c7c31829c31467ef1ec99d169682c80a15ea6940249dd28e5d206a493e66b0a1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-5e18-495f-b59f-4005950d210f", "value": "723be12af49d00743b25237e0411053bd6ba684ed6026f91fae6c88e2b3736c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-7a64-481d-b2c1-48cf950d210f", "value": "ec22ee792afd1e0428019c172aa3382df34771f9671a2a9b5cb67aee9267edc9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-27d4-4441-bd08-4ac2950d210f", "value": "9fd9100c7ca4b77e522e14b979a431e8cd2349a359b9e7cfd13a282291f7c8d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-f384-4c90-a576-488c950d210f", "value": "989a3fefb82d37805a91a2f07f07081e819a032b4fd9484fab1f2a01303feba1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-060c-47da-869c-4d77950d210f", "value": "a9db489b00bc4306cfc3e85a66746229b5669e2134840c3005feda5c554f6c87" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b041-938c-477d-b5ca-44ef950d210f", "value": "935277a274a40581ca73699a0b61d0bf06800e21e3fb127279a994307aefa9f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5df0b042-09e0-4277-8962-4e25950d210f", "value": "beab3e5de052dd4686e48fb37b756e648a261b264d6cba66c265ef8a1ea9239f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-9c88-44c4-8abb-4082950d210f", "value": "964fd889c72bc6b5e553c6548001795d10c1d87cadcbfe248c766a5a7c931424" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-b2b8-4775-b356-4384950d210f", "value": "fad8f8c03505c21664bb6841de7e6dc7a19338ef2fb9400d832776365d258ac7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-c008-4534-a608-4986950d210f", "value": "7f2be3d7de95745bafdd1a69d077dc92d66b40f0005433c47d8323c1c0fdc61f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-9d70-4659-a9a5-483e950d210f", "value": "8affd6ae38dc7e715fb703a1341f835840c98fad83fba7466b9d5bf3b881771d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-1dd0-44e7-ab77-47cb950d210f", "value": "bb09c8b7ba552b5200c6da5b55f9b29e5170c01b10aaa3140b0bccb85f991588" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-e394-4346-9929-4237950d210f", "value": "96af9cc86a8d45787ec4895a19f9b244cea2d0a23759c6dc7eaa1c42d1df9217" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-c314-4cc7-a512-4b43950d210f", "value": "cf32204e546d98b585d28b0fbdb8b13f845e7ef8f5d819f6fa7517a98e9b552e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-6bc0-40e9-b20f-47d7950d210f", "value": "ed2c195cdd3386c450856322d3bfc69369f3a787e4476249fa74e1440895f708" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-dd10-4c61-87cc-484e950d210f", "value": "9c1c4166a5f5861823f981c7e16932351844b0d62251eb79f73e7a25844b7dbb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-ad38-4988-916d-472b950d210f", "value": "5d241730dafd29e909c9c4f4c172561fedb783c786dc865854d3e7bea0c9120d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-2a50-49bc-9580-408b950d210f", "value": "4d8a2f6e05217252abe1732f61c3a8e8cc00029ab483d6ffb25060aecd0caf68" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-6430-45d8-bf83-4c6c950d210f", "value": "bc210c0d9757ec34e1ec76264c63b71fee3367b7d020f81f56b3d89b75531da7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-d80c-41a7-96e1-40fe950d210f", "value": "5cc8d0a2996968160ea9607cd9d2f3ff49227be3de15b096150e08198658c24a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-69b4-4c1b-848f-4c09950d210f", "value": "0b30436a70da6328b82022c227c7c3912ab0d1f998dde4ea0c846bc97099459e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-1f78-40e8-91cf-48c3950d210f", "value": "5ee264316db1e2c32603a31b99a0d871d6b4d253aca53d76336aaecbf76cf6f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-2fcc-437d-ad0b-4b15950d210f", "value": "636e19b738793a5338e5b90085d1ace86b9d790508de18c69b3567e1bd8ed5c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-5380-41d6-a8a7-4780950d210f", "value": "50cbc24760b13fc6069311028b7728e1d6a183c4802b38516918d95cd3999ad9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-17c8-4d15-8c19-4bf7950d210f", "value": "e781a624c56b45e8fcd37d57426fc03a7fe86a750b9885b75ad873086cca3b82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-f130-4ed6-ae69-4578950d210f", "value": "cc0e31c60f0ed3caa59feb0d1d1304f96cf23c6312270fd8567e4ed87cb7c71d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-35c0-414d-b36b-4c03950d210f", "value": "b6f6a90c9aeea1c1cd79ad4c090ef6e7586f8b1ac4e3c81b16e8970de240d821" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-8ec0-4567-b3b8-402a950d210f", "value": "7090aa4a651779e03dd59527dc2ba2f73a727828d0f5886f9fae62db71526709" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-2e7c-4522-86fd-464c950d210f", "value": "3fd07c1d65ed0ad52a78f5a128a1fcbb83472896c1d61037137f95ac09cb5b53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-38d0-4f6f-ae8a-4dc7950d210f", "value": "1461a178a2aeefd5c2ac2ec2d500012b5c60dd3b34eeefc3c261c019549f0288" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-527c-4ab0-9bb8-4112950d210f", "value": "65fc3e576108db04a432776c0806fbee72f388ef18334069f99708032bc53c3e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-3030-48ac-ba3b-46f6950d210f", "value": "a81e7d7911fca8d0b8a9f74edf81555483bcc111029c53383a72fb3c1a7cdb4b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-4d58-4403-8ed6-471a950d210f", "value": "1a52d43768e4c1b16d7aebfcbbe52b23ea082ed91cf7afc01219b9a739e82df2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5df0b042-901c-40f4-9050-4906950d210f", "value": "0cbeb4d718e24f83387b5956f8ba06d54be4ff800543b6a8e29764fe64fbf8eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054851", "to_ids": true, "type": "sha256", "uuid": "5df0b043-786c-4d68-9fd9-493c950d210f", "value": "4bdb662003f9b91c203c140ea95e96f6795ebcc4eeaae68bfb8f82918872e511" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054852", "to_ids": true, "type": "sha256", "uuid": "5df0b044-d55c-4c69-98e3-42fd950d210f", "value": "aa4e6432312438a82dd9e4bfe897f915a2766ceb9dceee6c24ceed5bde6b4416" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054861", "to_ids": true, "type": "sha256", "uuid": "5df0b04d-9f6c-4d2a-ab00-43d6950d210f", "value": "9091f32108282e5a2edfe5ca09d24f9cf335142e1061b2274f13a2534047d52a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054863", "to_ids": true, "type": "sha256", "uuid": "5df0b04f-7f98-4a79-9493-4cbb950d210f", "value": "8c225b6bbb767f950dc729cf038c299bf543090e72e2f9ee9ef082f62a581164" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054871", "to_ids": true, "type": "sha256", "uuid": "5df0b057-3134-48e1-826b-4919950d210f", "value": "673dd35ef657718612f06f89ce98781f0861f261e5a4a3906e80acd27c249bbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054873", "to_ids": true, "type": "sha256", "uuid": "5df0b059-6d80-4df4-925c-434c950d210f", "value": "31fee0d5fce984bbf2050744b0bc13c245eb70806ce260f0611e84bab2d8ce54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054876", "to_ids": true, "type": "sha256", "uuid": "5df0b05c-c4b8-4ceb-a6bc-4097950d210f", "value": "f281a3f88fd4aca86b05300e4a00f26974154aed73715de92456d26cbe6fd873" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054878", "to_ids": true, "type": "sha256", "uuid": "5df0b05e-58a0-44b6-99b1-46e3950d210f", "value": "9e655561670e1d8c0b424a935b58d1b9e62dd507fdd177b7695bcbf47ae1e7a8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054883", "to_ids": true, "type": "sha256", "uuid": "5df0b063-7864-4911-a99d-441b950d210f", "value": "09f3d9d701210797c5aac3e7f2825f7f17f186649474592f2a6ba6a2df5924a1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054885", "to_ids": true, "type": "sha256", "uuid": "5df0b065-4d98-489e-9772-49e1950d210f", "value": "2a33c66d6bab81782a1efc66c740cd1e1e38b138c76fa09c8eaf9dbcb7620e0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054887", "to_ids": true, "type": "sha256", "uuid": "5df0b067-62d8-4d38-861d-4df1950d210f", "value": "f705030ef79d322bd6cfd6e08b53c2e62d5365d701df30a9fe3aeafe451a55e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-ead8-4f25-83e8-4568950d210f", "value": "8fe9321b5a511874984558d77aef49e79bd297d6a6b8c40186260bcbbdc8ee30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-c578-4b52-bba8-49b3950d210f", "value": "e080dd64361c5d7855494333fb91dda700b0fdb898d7e0b37fb55d89dda4899c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-59e0-4804-83f4-4d0e950d210f", "value": "2f34ccf1ab15958cf6eae626712718a6de864378732fbcdad429967c58633b5d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-47d4-40fb-805d-4054950d210f", "value": "145afca358d19ee27d94bee9b6c3196311490d402386c00684219a0793336729" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-4460-4a42-9d4f-4370950d210f", "value": "4e4fb92c6c122035e705e4f30aa14be766c7671a8043fe02e48bc7dd2d79f860" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-824c-4d31-be85-4190950d210f", "value": "8cbe01bb083603ccd65892664cc93caa09ba65515337f1ec69ef28c818c6afbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-38f0-4f91-86ad-4356950d210f", "value": "af1e1c07f5cc6ba4314616156252bd8960c39f9106189ed754c6d673290cd399" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "5df0b06a-9db8-47ce-b3ca-44c8950d210f", "value": "6540b42f334391d3e48b964e39e199e9d75d7e58086aa6c40b528c9bb306ec8b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054891", "to_ids": true, "type": "sha256", "uuid": "5df0b06b-47c0-4fe6-b4f4-4b85950d210f", "value": "975e95134bd072c19cda96a2f372467e6f3e6833e14db37de0f0b47e5a857019" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-ba7c-4100-8dde-4969950d210f", "value": "0fd0a413f060bfd03456ccc0ee43b86e1614a96c8727c59deb2f7d09059051e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-0df4-4f36-9b13-460a950d210f", "value": "e063f4f4e14c56753a6672861bb5a44bfade383a94aaa84766eeb870205ef53e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-fd44-46c3-83ab-4551950d210f", "value": "41d588da12f978f1456436f3fd0a33bc6ac8b1965ff7a43ff252e16f8100cab7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-7984-47c0-aef4-415b950d210f", "value": "fca0b85fb10a75d04a9bbe9065fcd97a83676585181be6c8c4e6a2e35751f08b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-19f4-400f-a465-4a58950d210f", "value": "39ef98994ddcc60068efe32bcf1b8655feefbcd0c9725124ca0d0ad0ee19cc5a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-cdd4-4ee6-9c15-4c35950d210f", "value": "574de62d0fa0bc8fe1af444960a9d8fb61f95f5bb23b42c9832fe7d288b7d147" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-a854-4e21-bb1c-453a950d210f", "value": "d18604d8582e40a5b4dd358aff12f1ce422faaa204ef86264a5779ee2cedd0f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-f8bc-4e6c-a38f-46e1950d210f", "value": "d093211ca6df1e26dff4ec0e2b432c56e7d0a3eb08e53d00a990e5a4c919e7e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-3c24-43bf-b9c1-40c2950d210f", "value": "d2c301d3d084ae6f68000e2daed358fa538b4cf7e4f2d78ad86646c7d601fd95" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-ba08-429b-b47e-429d950d210f", "value": "63a1b92800d420cf3441021474f937833e56fa067144a36b74a15af49abf1128" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "5df0b06d-7e08-4332-9f1b-40a8950d210f", "value": "855164a11c1c387e06ee37f28ec8795b0cb169a75ebbe1a62143c5a34f0ff1d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054894", "to_ids": true, "type": "sha256", "uuid": "5df0b06e-a7cc-4520-bca0-44b3950d210f", "value": "c1d650ab6aef15a7170da9d2c2060c6c11d2989282a27cfd63f9afc478027a79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054900", "to_ids": true, "type": "sha256", "uuid": "5df0b074-b768-4dac-b514-4178950d210f", "value": "122e7c75b0d159fbe36e277b1c66fe136fb58a73f42c8a3ffe8677fde56c1daf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054906", "to_ids": true, "type": "sha256", "uuid": "5df0b07a-e414-4719-83fe-4104950d210f", "value": "830667e2e04b4cf696847e772b4e0a70f33b907eb94e5b77ce8c017c8b106934" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-9030-42ff-95e3-433b950d210f", "value": "84b21d3a7a5a85c9ac750f46a864bf8d236f0e6838f57623469d2ca2c9531f81" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-6f14-45c8-aa64-404b950d210f", "value": "8658079dbf8cd8ae37fc32e6c9acd079986fa3311acd5b73b93d6ad94e51336b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-b90c-4505-9381-44d1950d210f", "value": "d9f32d7b5404638a9d14fc4632936c89c9c6420cb63356a232d4e4db891bcf1d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-a1c0-4467-9ea7-475e950d210f", "value": "9d5a0edd97c0689ca40a7ae9519f4992a538ff81a5d4c5a47e327afa192cac76" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-47b0-4729-8e19-4532950d210f", "value": "b2739c0042bbff812ef3d9106fdb32a6554a4ccaad94253b79f280506acb61d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-a328-40e0-99b0-4380950d210f", "value": "3a1261fb978ac7806c43c420a2d92e5dcda896b1846fbba341909e33f5256bd7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-845c-489b-9693-4119950d210f", "value": "bf41c236fc909089e5b4220ed35d7b2c379ba862aa469219ea0c03ed7fe02de2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-5ec8-4fa4-8f66-4a63950d210f", "value": "f91303fcbb2e2397529987732c7922911381169d16f113752cb1cd9e1382794a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-2b64-40f0-b040-4c86950d210f", "value": "9b2da6540c7d3d44704c115996d25dd504be05c6a3232746efe3b1d3ed3a0e91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-934c-45c1-a0db-4928950d210f", "value": "8618e3362f008deddb91a883b943bc250651d45016ecf8f98160c1ee30c31376" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-13b4-4c8d-8d3a-468e950d210f", "value": "7c4a3468a02545ca7dc7fef06b9bcc5b37f5a892695bb9c64bf898aae81545f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-b8cc-44b0-9919-48ae950d210f", "value": "6027dd52f89684cbf428d9420f84fdfee93ee73ee35af34f469a13c76279ab71" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-7fb0-4115-b524-4de8950d210f", "value": "626c969f98464156d2964bc7d73d53aa83d68b0d3ee06224eae4b2a0a310d7b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-08b8-49e9-b199-4b78950d210f", "value": "aae033ea6ac16ca78663191b8248ce7d6caa2c00fab27610cace73ac26f7286c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-1fb0-4402-8d88-474f950d210f", "value": "710d2f297fb305a1648274801bfbab0aa21f1b67c17de9d8a930dc6cfa162f6c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-6b64-4782-899c-494a950d210f", "value": "9514a036805d3a7973980175968b5f43d7ee14af461d8a966f9dea02ee2ebb4d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-8dd4-48b6-a079-478d950d210f", "value": "d5861e71eba45e19297cb1c120e37718e191c65c41478a50e5eed96b9cd4254b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-0914-4450-b1de-461e950d210f", "value": "245b5eea1f2095c703792e37341b68b4495c88f6f8c2ec3dc398a5720686fff3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-1cd0-4652-9f4b-41b6950d210f", "value": "0a51c2f661670154c7d94dbdd507bf3b698f935756267c617e51103640f50990" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-a690-4720-99fa-4838950d210f", "value": "a20196011e8fe6929f0d565c8a080b62c4ba29874896ec08ed4af0709aa36f04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-ab1c-4b5c-b168-4523950d210f", "value": "7588f5502a3583caf38ce1a497fe61d3b3f45f05bb92f5637b2510e2bcee9a6e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-6554-4473-bf62-4c9a950d210f", "value": "0c19f0684d6cef08612c2ebe66ba38050aac3a68822a181390455882da6fe71e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5df0b081-d9b4-4b7b-8c06-4843950d210f", "value": "e4370b0ab4dde24b3f8634e6a154e243a1d96e447c5b03d17005226ef4815cd9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-c39c-480c-81e2-4ee6950d210f", "value": "c441aa77eb1d094403a8fd0f66dc7e00b8534a4a7db9ec3afa402c98fa7da440" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-47b4-48ee-84c5-43b2950d210f", "value": "424708e82897b74f3b31cc8408949e969353177be0fa88ddfc387f050971068b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-bd7c-4d3d-8a2a-4687950d210f", "value": "2e91ec0a6c189ad8def886d10a30c668fb8e0817f804875b5b30fba17fafbbff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-7ea8-44fd-adbd-43a0950d210f", "value": "c87a3d98f4b64cf15eaf00fc0cc7cef39a3a02540161241c288b2f0e0deec5a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-4d80-44e2-a28e-4565950d210f", "value": "b130c34d608b40a3770f6833a79aaf3dd8c21cb9ee2eb9cbd6b80128cfb8d200" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-2a58-4034-9301-41f1950d210f", "value": "fa6a3b7f70c5c1aa4d083523146abb2f0b5af84b74c8c019c6c4feb3e01f751a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-e278-44d6-bb00-427a950d210f", "value": "edb030d018d707cf2130b990e1ba80b4b2fd5415aa67c004fb129494ecb235d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-ee5c-48c2-be97-47d7950d210f", "value": "e06ea82bd1fd49ae05791148c9e0fe4f327146911f434fcd3cba4db52e5c372f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-c5e8-4591-a6a2-4608950d210f", "value": "54462075b75adf13fd54d56282dd200847ebaa2e43340f3555e45073fbc126f1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-a9ec-43bb-a6a4-4c85950d210f", "value": "02af85494ac863e6d7d67143ed6227bfc886663ee339c9ef2f95ce28cafa2baf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-f08c-4746-bcf8-4b66950d210f", "value": "2acba73e75dc9f2fec4a30a81387a50b86079e0facbe3c3edbe436a6bf28b825" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-e66c-4c57-bab2-42a6950d210f", "value": "7588964a824a72edfeb379ad77aa2a4f719878c8749910630d5563ba59ef2478" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-69d8-4704-8b08-40a9950d210f", "value": "6eba1d9bef86ec551a936bcf43a148dfdf0d8d10dfcea1967c5195cc443b9689" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-d54c-4f17-9c22-46cb950d210f", "value": "6451fa2d64dcc6b31c5d06e59d3b2c900ae420a5ad9d9fee87e8a39ad3a64c3f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-b2b4-4487-8bce-45ca950d210f", "value": "ceadfea8ea204382f4ce75d7f15a73f412ea54c28e49828b1f5358ee4d0b831d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-37d4-487d-8c43-4ddc950d210f", "value": "b91401f6ce92f63e1994669b0446261f10cec30633a57e6a14c583c52f16507b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-2b1c-4696-bd82-4785950d210f", "value": "5ca46047bf29b4838397231f505f6a2c52219449933cb4156402a3f906e29a47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-cde4-4ac1-a3b0-4468950d210f", "value": "017ac2aed0f08d650d722308b79fb8f831b9be6f43c4368b7394b44ffd4f6f09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-cf3c-40ba-96cb-40ea950d210f", "value": "758360f2c03ae4e1a19238c748a2e0e72cd7466a9caf387e5f1839ab3daf3d57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-a3e0-4164-8927-42ff950d210f", "value": "d0ea8533befeede8e05e192ff3b00a1e689cfe65c8db15abd0ebd28aad81b297" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-cf68-4ff7-86fe-40df950d210f", "value": "8ed575d654411a68e86fe7794c96c9061cb2d79e08d83160085b15eab3443721" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-5380-4ec9-91c2-452a950d210f", "value": "9ec099ce8747e0c8ad027da62e5388cc3ae5f84a2b4d78af452c8f79823e56dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-f804-4f5e-a485-406a950d210f", "value": "1ecedf01f1142c1616882e79f2d554e0e6c51e55e59392948c505d7dc12aa430" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-1474-4f31-b161-4078950d210f", "value": "35c322773997578185364bf8ec420dea5195e1e450aa0585c805115c593d62d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-caa8-4a17-8974-484c950d210f", "value": "781f84274d6432596325a04276a68d0c5599bfdb98771a853400d94605dae631" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-a2d8-4a00-baed-4f8d950d210f", "value": "1707ff37285a6c1d552eec29c1a7a4439c7787500a665cf8d34703d65af52788" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-f290-4b24-9c31-40b9950d210f", "value": "73399f5f04cdbf8fd8d61d730a24399a1058f727577cbf33b31c37bd6bc820aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-682c-478e-954c-4019950d210f", "value": "bd0fdb7472b937dbc36b42e01c2b201fd7c8de76e0bf5f3c9b656cab78380c43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-a994-4842-a10c-43fb950d210f", "value": "a33ebe9f8b0eafc1dc8dd220a5525ca66f328713992f43cc68d829d4fdb00f21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-6ba4-4e81-bbd8-429c950d210f", "value": "ff30ff65e97407715f6d03b6912ca42d87b912ae1e40b473e6738887aa1c3264" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-d454-4c1a-8dc7-454a950d210f", "value": "4d2e86301278a9e8859857bbf23ae2604946786fb8046a97ff1102a0df8fa520" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-3750-4654-856a-4dc5950d210f", "value": "64a8e288112a982aff6ca02c49a0ae0b2dd41d23b04433b93a573b62e43a441f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-49ac-488c-958e-4e43950d210f", "value": "e8c699ad010c200d8764cae0d4b75762379b321ab52e0614617a7bedfd42994e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-0fb8-4fe8-85c4-4700950d210f", "value": "a29724b0d16f55a8ec4fdfcd5aac29de9ea7165b1e915a266184b8b16e351dff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-6854-489e-aa5e-4ce7950d210f", "value": "5b12baad329c9492712ab1c57b7e1e89ac507172d61d99da6f9fd2caf23be9be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-9784-4c9e-8a33-40d7950d210f", "value": "4974552078e1f43540ee29a04b40618df797bef3299cf60cc46e5d68a4bf77a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-7650-4efb-b10c-41d0950d210f", "value": "88dcac0d38c3b5deac8490ae8bf4c74f9028d90b72573b299439a0769502acbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-db44-4098-8add-4932950d210f", "value": "c8d71f59dcbb6a9248a1d6d2face02c1e7f7d54a70ccf32d1111cb0ec81d21af" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-9138-4e5b-aed4-47e6950d210f", "value": "173e1f595031f1a862d18cb31e4fa49ad74ea93eeaec8a0dd830d5e59fa13a66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-43e8-4f74-91ba-46c5950d210f", "value": "afdcc114586c5720dbecef9911e1b3b30a54cabe7912b5a8bd3d46c868d7343c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-eec8-4898-88d2-4559950d210f", "value": "6212b6073077941c534fc23d482128165b8d5d0d9ec165abd0b4184353de9c32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-0210-45b7-82a9-491b950d210f", "value": "c2758f27013aa2fd4cd57d3fa6aae6c61c43cac869f7622de24c0910165c6805" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-f728-4c92-9344-4b14950d210f", "value": "47957ac381ddf4917b0ec2a325c6a68f4778196e4ace0035dd95d142858c4702" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-c530-4861-b8fe-4833950d210f", "value": "1b50d9c750036e5e154dc86d3daa50502dc2fbf74847d7df401a0df41294d4c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-e94c-49ad-b320-4bca950d210f", "value": "56f4307bffe1f95775fea20b85fe181ea7d0b1d0713b59d1183cc37535e9402d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-f4cc-47b5-b895-4f0c950d210f", "value": "3286ff9f319d913c1d05725c17eee4548df331c36da0ea2e49d945e655f54ca4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-2014-400c-90ad-4c3c950d210f", "value": "c55de9da7945deccfcd284a2516938a287d503218e5c7cceca8606a93e00cfcd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-68a8-4f00-a24e-4b4b950d210f", "value": "0ae75dac0dababdb13ebf9efadedf18c5bae3c09d919ea956e578b60e25725a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-bb64-4045-8cd2-41d0950d210f", "value": "29a19ca5aaf2c175255067ce165dad2510991ccd21f9be422471f4318e52cd63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-8590-4dcb-961a-4cb2950d210f", "value": "8abe40eb8d28d1ff22b5626f888ab4b2693ed5211887bdd83679762fa2b1f046" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-4098-4e32-a7a3-4ec6950d210f", "value": "c41420a1759debca01a347d21ce31593aa207ca5f3514bf36eefebb9515cd7f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-c708-49c7-8808-4b6c950d210f", "value": "9d6d21f59f7c7160b5f784da15bed3750cb5b2a5ccd0c736aff71702a7e71e63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-4778-4ec2-a3b3-4367950d210f", "value": "fd55e025bb06dd688ed8aafae68f613d886184e93e7967d4a55dbb051ea48c40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-a3f8-4ec3-960e-49cb950d210f", "value": "56919d739ea0b1107916a790cc2bf270afc21693b0f4c31a0bbdc9b5a70cf81a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-c9e4-466b-959e-4847950d210f", "value": "d1b58a7f25a5237bebb4104e247d7e036ea2b1a48f4342c88a117b1e8a43ad51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-2000-475e-a34f-452a950d210f", "value": "b755f549334e2612c52a2632752eb60d124b69e632f6c7fbe964fbce42aee440" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-7384-45a0-89f9-4364950d210f", "value": "62f4fab29c4f69c9bc911b6ec388ed93543889b6f58883e0513304fdb9210c8d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-d388-48e0-85f0-406b950d210f", "value": "9528d0c578157a0c18d495e807bcc5acc82f84a03a52576e6e824698f748c12f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-bf00-4091-8084-4a1f950d210f", "value": "19ef2012b0ef2026959bb8eb5f921238d42b7e82dd298443ae21debf1e3e85d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-6180-419e-8560-4e2e950d210f", "value": "537497e066b92b1852ccc874f865e6cc09d0d6032cefcf44d6069d22c9610015" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-b924-44d3-a70d-4df6950d210f", "value": "050df8f1889c7a3c31a91ff07e9b4cc51ec203f6d9d25fb87a1ee0399a37f1c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-49d0-45dd-8a28-4b7a950d210f", "value": "e64c25696f03af4f410cd66ba85fd2ddb951d224bd98cd5a1e29f171cd3c3730" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-38cc-4112-a5cd-4ab8950d210f", "value": "ab8028bc96c4000430bd8da9f5c7f86fc58f001080dc022fcb0fa61daf4aa3d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-8f70-4c03-baae-49c8950d210f", "value": "0e6f9a877d5b73a03b475db5f2ec9a4052c330a186942cb61febbd2d7dab2a91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-d9d4-46e4-8c9f-4fd5950d210f", "value": "20826d7e9b4bd1e27ce9d055aec859720dfc89dfc3ea640c680dea6c9cd5588e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-6fc0-4500-9a99-4a19950d210f", "value": "7de248257c505d28976224974b20e590bcf0a5f1c6da7326147930acb8541118" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-1d80-4720-95f7-4d8a950d210f", "value": "1b39f0dd28bf86f78bb8e9727c43aea0ebef4a229b9d696f490eb0aa3b43e06c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-6d1c-4fea-a148-409a950d210f", "value": "c85d5d8c7e16c27fe40e17513ffce6a84c1e44aabd583411fc37d774bf7c6a2f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "5df0b082-acf4-409a-9bc6-4ffd950d210f", "value": "1a60fe01d7c1d34d24a3d00590d53573980fe420a4afd747003324acdd7023f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-e524-4950-85af-4003950d210f", "value": "8ccc4fccbb17b53e702f18f86dc88bd362c1bbbd7affaa26aa96bf4f655f3bbb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-e094-42c0-b82d-4028950d210f", "value": "e8c42093d0f6424ed018d43b6e416a645700dc291ea90ca5ce9bee7090a533b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-055c-4bdc-8377-4947950d210f", "value": "b264af7a7700b8fab2a66a501ae033728f9fc11fe4b4f9e9f72544c7a8c85646" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-1eac-4fba-8e4b-4bca950d210f", "value": "2b99b9171cb3d2f13b8e21ebd70be56cc2475ced28ef7868cb7f537e65209714" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-6ee4-4560-8406-40d0950d210f", "value": "e3a17ad287aa54ed67f4f802957d87810e5173c06b85d60dd742a05184fbce25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-6784-4e15-b6f5-4a90950d210f", "value": "a520390ad47a1e45c99aa8022584c650d67c7b094e144142cc87a6f3d3faf2e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-1114-4aab-b03f-4fef950d210f", "value": "60c66d7f9bd30008dd2f4549940d46afd9cb84df073892766c8f2c5cbb58ab1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-dd28-4b6a-a390-4cb2950d210f", "value": "af0dc865455bb67362237f2bc15828385b122578d5ec53d9eaa6fdd0e1f08445" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-6ddc-4af8-8a5a-4cab950d210f", "value": "a68b9516432bb43b24b47c9767f852cacd160c3069c7864d075be33f0070dd0c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-eb08-48d4-976b-4008950d210f", "value": "df502a4069b889ff8e73741352e7c3c07fb4a33478c92325d11b7fca3bfc1732" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-341c-4b6d-bbaa-4053950d210f", "value": "f5e32a9aeac0da48daba5170e73b0993ced02dfce759c04580559c63b80104be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-8be4-4b4c-a669-495b950d210f", "value": "c84a1c504d3e0c5b2f9f5ce17c7874efa1704d458db3e6845ae2b12112027fe1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-3ad0-4ec5-937c-4137950d210f", "value": "b5bb9daca3aea592d67391824b3765985e10e17bcff43270305a72766a6348eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-712c-4ba5-8795-4ef3950d210f", "value": "bedcab7f3878611ff761325d62ee183f5496edc8dd2381afea34ced2bfc64db7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-eb1c-44da-b853-48f7950d210f", "value": "0793a789afe30dcd3a93bda8b77cd75ba2f1a9d28a371f0f96cce03efb3c1849" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-23ac-4f2b-aa95-4e48950d210f", "value": "21d2ae10a5a809222b67ffaca166e2a76732b47615597ea2f408f19d43ae0493" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-4850-4e24-bc7f-4c2a950d210f", "value": "3456947910ec14542ef059d0a3da5cbc9d0a173b894e72a210c93d8570d2faf8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-3f9c-432a-98e5-4dda950d210f", "value": "f0d329b6cbf7ed9b0e744a499f0fe79f37919ffa9447783efb7ae2db1979490d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-5a18-48ab-a74c-4e3e950d210f", "value": "06fc21ab8354c6f6012ecc23d1c5fda1f8cb0be3b474a96da9587c6cadba99f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-c9bc-483d-bc16-4efa950d210f", "value": "fe59d5a474a9cd104bdd34d874e71cee88142eb467ea6c93962e23590194047a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-2f9c-4eb0-89a9-41b1950d210f", "value": "94e129b1a140a2a53e25cdbfb0ffd2ff02dd306711ac5c038b1b124fe374036a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-78f8-43a6-b793-4296950d210f", "value": "16265e842f45a44cdabceddd2af7cb0910130d819dff4b82af7aa5972294f5c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-c524-42f9-98e3-4b6d950d210f", "value": "d54a2943b17d93852b875925a279199374e1e9eb78a34d8f1c5eede1b27bd179" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-fe7c-4882-b2e0-4555950d210f", "value": "3c6e8b9cadbf7611aab1fbacfd54053a78bdcf49265eee02394c17bdcaceb5aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-c474-4bdc-993d-4206950d210f", "value": "484e8e202934f502bb1b0a944721845ff81879b4e91656d30c5fe4c490cb781a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-e1ec-4206-95ce-4a51950d210f", "value": "bec75abd1810200ca989eba1b5ed9d30ab150079408bcd9dab5506f2f7e17968" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-5dec-4c0e-bb2e-4f1d950d210f", "value": "7f160a49ee4ad098f972f8bf86b52afeca4ccd77ed47f5282b36a9ab40040e5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-02b0-4441-a873-4896950d210f", "value": "dbc858c551a2b73228898aef3689239432eb9273acf745034ec86caa2f19b2be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-0214-4ffa-bded-4e26950d210f", "value": "3e028086b6244035187b2847baac76b627dcfae5b10be55f1363ab5531af4d45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-eed4-4e01-a11c-4367950d210f", "value": "5870f5bd63135a66a45a7f2d87741e211be129c74fcab5f43f2106af2eeae894" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-da4c-470d-b0cf-4f66950d210f", "value": "1e5e5820d5465402d2247e890127ee4d1e337742efe78ffafee046461483de0d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-d2e8-41f0-9dd9-4fb9950d210f", "value": "e246f1af92ee0dc1772a1a6a546891984ee3b3cd5a7258d61f95b4c3e2b113c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-1170-4a16-9fd6-450a950d210f", "value": "94d2a8a51f525a51f4b7d3266240e9172c94f8562c695a2f908539cc46666087" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-fa38-45e9-b969-4c02950d210f", "value": "737ff4b548bdc34e02aa05235d906b33fa44a38622e0551844c8bb0fb02e55e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-0aa8-4add-8ef1-4a93950d210f", "value": "9bc659247414c693997f6f7dae795f529a35ccd4bb21184b35b205a022f4985a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-2db4-4dab-8641-4541950d210f", "value": "676f1bb1cf144e5fb86776954be0a1471218cf502c5d0ecc23defaddd05e56d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-4914-40df-9f9e-4ec5950d210f", "value": "eed0c51f66ef52f2fe6eeb4b2809e1aecd48922fb090f2ef19fb1ac689e1e628" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-d8a4-4d8a-bd41-4294950d210f", "value": "7303a39cc0af4c27eb0eaf3d164e5a046da3a1fdcd1d6815e6e72f4635ac6982" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-bdb8-4847-97e5-4689950d210f", "value": "815d74755a6ff3bb73d93df564abfce3e5479d942a23a6fca202c61e5c2c4d62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-cae4-4a28-91e6-4ae5950d210f", "value": "3a546325ce2a949223db646115b4fea6a9c596e3b81c529ec3c3b6dd96b17b0f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-8898-4207-b205-4f36950d210f", "value": "118c8b83363e1361c0e5687df0e6c8d4d5d265cd84ba778a6b7bd7a27f179c54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-8e40-423e-ba54-4256950d210f", "value": "13d9fce3701ddc48ae25113120decc21d458765bf655e3dff640b993b31a6614" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-2514-4352-b3ae-4665950d210f", "value": "1a5292b1f274e2bc303cb8010b7dccead0c43b25a0abfcf61aed7221b72b98e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-70e0-4576-807e-4b64950d210f", "value": "9914f24595ad8463f4df3a24fb549da701d39cb4d1ee027ca50e794ef24ef58a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-9b90-42f7-93f4-4a18950d210f", "value": "430e929301f32f2eaa12f78750a26e0e358dc53211fd3780c91381beafec605d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-d5cc-4bd4-8fac-4910950d210f", "value": "dbd0b60e889c63a5162fd846c42952e068040f2a7cd7cf618d9428427d722cea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-b598-4e72-ae68-4a25950d210f", "value": "a1efc530151d1df800bb6dc15313e8c3a407334d56e0a1d59cac9026e6a78557" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-5bc0-42ca-a9eb-43b1950d210f", "value": "c0db220cf85c131a29f5a83c822c61af5d7f530cafc90d46a247cb4f3b752a61" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-9464-4e02-b6fb-46dc950d210f", "value": "3e5a0fb76977b5025e6d60e9e9f9227594b274462bc40741c91329e6d435bfd8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-4f64-428a-979f-4636950d210f", "value": "08f53891c69302e820db6ec3e54907497c50133a0b02d8151a3f0f84d4d798d0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-46cc-4987-ae48-4517950d210f", "value": "4926cd1eda6ef5314a1eaa49d2a9ddaf9ea1894cb97bc29a57ad28bff70c4b07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-fe2c-487b-9074-49f8950d210f", "value": "876b129b5571a80390ff1b9420d6a422fffad80396cd524c8a28d79a594e5785" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-cd20-4422-b207-4eed950d210f", "value": "01f9ed2163e7decb379aaffaa35d0307b95c9ade7a1e20d476127867a3ea8256" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-82f0-4587-9d34-4647950d210f", "value": "8ec3ddea193714bd2fef447d33c11b71e5d6f6b87b019fe76a16ad08f425c49c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-2a68-4d5b-a044-43a3950d210f", "value": "b12737e22992e76fb0b07481696395ec69d92ff79e592d5d553a22f6825163f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-79c8-45e1-8da4-46f8950d210f", "value": "89cb6eb33e51ddfcebe483e0e44440cfabb952350c13c77e316d216d83aada71" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-1540-4d18-9022-426a950d210f", "value": "5c87e2f8867987ff3a194f428f8cf0f190015e586ab269b52a309ea088c4107b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-17f0-4fb7-82c4-4fca950d210f", "value": "a0df4633a022ba93d73a75ad7e6b8e01c369407107c27aa8650cb5f5fc878fb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-21d8-468c-a158-44eb950d210f", "value": "6152b2318b2b975ccf7239afb2222156bde9f1dd338023b5ef6801bcd6e4ccc2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-1418-4711-ad2e-470e950d210f", "value": "f3bc9d6bbf6c7609fba43c3ace9bb9e6a134b92c048b1c3712d31d906b489725" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5df0b083-386c-43a3-8e0a-46b3950d210f", "value": "3c705f31d7165350245d3fad4db9ab7a0b85475b10aa1cbe2030bd23458495d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-b7e0-45e6-9c05-4598950d210f", "value": "b0639a1314161dfe9590eef1830a7a4cc2c8dfb75e59eb5275cc91339365371e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-3154-46ce-bc24-4b71950d210f", "value": "7eb19d5b71f0994ce6a57b946172483c9951fdd66a5198e1289a4aae3a4a13e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-7e98-482a-a8e1-4b5c950d210f", "value": "61f53a66eef46ebed5318e21eee3b03c91dabbd7e87e291b072b24351f47db2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-1710-4666-8fd3-481a950d210f", "value": "ec8983d519b411aeef042ad15f794e817855421f0cf4d00c3e858c4e6817cedb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-3244-4214-9d07-4bd8950d210f", "value": "90eb6adc4f5f291590b8da5f7e0ef1d97e3e7ff10ce825c8c0badc79a1df5487" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-469c-4a14-87df-4093950d210f", "value": "9cf345394b70a129fb77e130037c740fe2733b1301bc07b809d14fac187eed2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-139c-471e-995b-4bc3950d210f", "value": "b888ddfa1dc6067ff6b46d81c13a46c66c3a55eeb635ccdc29b386bc21d0f66b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-d734-4417-8e31-4e30950d210f", "value": "c8f3516e6579f1182c2387d42e28c9c26397b0ffb5819aecdd38e1dc60313ff4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-bcc8-412c-94e1-4911950d210f", "value": "92440151a74d4e58043dd7c10df2141a6877747983e5b96b28fe8fa2be268d9d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-769c-4219-94f9-44b4950d210f", "value": "0a3a8e203c017695546bcb0fa764721f61d7a5a2c2c0d2ff7c2edc18f7fcb2bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-1eb8-45c2-9dc2-49fd950d210f", "value": "6cc3efcc4d64393074d60aea4c50585af789ff68b4c7b1181abf352b129a8840" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-aff8-4902-8743-4919950d210f", "value": "f83c4792728be3bee73911473f563b776353e79811febaf30e0736ceee68298a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-5774-43f6-b6e8-4f4b950d210f", "value": "d1bbeed4dc9881d31df1bab35c03593d874d3fcd5d8d65cf4201fdb479d42c5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-3384-4868-adaf-4bf6950d210f", "value": "5871169ac3ab263569ed138888cd17a3770d375854e7734fa03c339c7ed9e916" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-6ba8-41c5-b8cc-4c71950d210f", "value": "21db063f58ba1e3e9f7d9ceb5288e89bc9fbe023ab7b3d1296c83f9a271e0ade" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-cdd8-4723-a4fd-4060950d210f", "value": "345dd3d94a7f7c68034d64523189443cc0d5112b6aa826783e6dbf5842aa7362" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-7104-4478-8b6a-4c49950d210f", "value": "7e43b88207db6991ca9a1e5bbdbcce511d9907667f24b7dc34514120cf469855" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-44d8-4d44-99a9-467b950d210f", "value": "46057abf095625ca75f36b5df302f5060a21288be15a819458265da59d8f3547" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-6d38-46d9-a298-489c950d210f", "value": "ab7cefe8c033c0d37cb5afa1a15697ce47d2c74d46384e4ca572c4c012230b19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-9590-443a-a55c-4950950d210f", "value": "f878ab6f2fa0e5b01e61cb5deb5188bd0d31ba16f31fe8a88d2cc17859f66ef6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-f4e0-4d66-9d40-436d950d210f", "value": "1727fe93ee7f5cdce528dcd24d36c425fa90ea91c293c58fd38fc71fcff64e32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-fb3c-4a7f-b396-42fe950d210f", "value": "5e044a65acb4d8faf7caab4375a7fb995806691135ebd20cb3e199e9b2f29aed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-ff88-4407-8146-424f950d210f", "value": "2f88813ba2a9fd0c09d188c305482a94ddc809200750f7ab979affd944b8b019" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-a7c0-433a-ac8a-4214950d210f", "value": "8e90c30ea85486b8fbcf0bfc45bed76cb8981c83d84c066ed196067b87266f05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-ed6c-49a8-b5a3-4449950d210f", "value": "bea877537fcc69ad507962979b853651d7871edcdb286dfb42636203241dd287" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-7d58-40cd-be47-4b65950d210f", "value": "c6d1dc32460d80466b2a56eee1018ff5ed04c9b5cbf0691f8c8d69a3e44f627a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-5d2c-4345-b8f8-4e28950d210f", "value": "024efd926b745ad0e6a17407a0fb85844868daef8aacfc5c83ab34173c0036d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-d094-4b50-852c-4ac4950d210f", "value": "960279a5458f1204c009a108bc6aab5a9f6e5c9a0f257b211dcfca39796905f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-253c-4818-92eb-4a7c950d210f", "value": "6c9cfef6b7e2312183b7140e1949ed712a28ed9e906580c25bc371c7d2c6f559" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-e5b4-4202-b2c0-49d8950d210f", "value": "3fff30a09c222236dcbbe2ba82d30222a391b6d6fc5e11660b5e32910990b097" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-b0b8-4ee6-919b-4852950d210f", "value": "d2e1649eb93dc513bd8285f44f2631cdb7a8282acb626dc7873b6f536f10fec8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-b5b0-4501-a8f8-4825950d210f", "value": "43ff3a3e53fe58d6b356a772b77df9caea2bb07e133a0bba78f64332b415d4ce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-1610-42a8-a1b6-4284950d210f", "value": "3da8dba74d4e1965885ee13b87a34296cd0bed175cdc52f7995bce780a88d3fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-e9d0-417e-988f-413a950d210f", "value": "93533608231aeb71e1b7f96f0c5b37b8e781b525def4e3c21b6379a55b55cc11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-878c-4b16-ab20-41d7950d210f", "value": "814162b87fdb59e4b04b1cbe83d67c07ddb97950f221e31a81674e3346f5f078" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-ccb0-4b03-9541-4418950d210f", "value": "7d61fcb28088fc3713bdb09a3b8b3372a494b449bcdc0bc1631c541d2ad25504" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-70a4-4f1e-9514-422f950d210f", "value": "5a0da68d7f847acdbc07bef59b2f6cefae83ba6d0f10686ec2fc37526c0f9c91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-caac-44c7-84b0-4ce8950d210f", "value": "64ecad0a55b2950a40af2c2c6b67177b54ccac3a97e417ca42d0c55ce4b365bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-ad74-431a-81c4-41a2950d210f", "value": "4c289673d7e8272c016e3b9925dfde7b19a2c7c9f6db70102f7c7d882f4b17e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-8f3c-437f-b04a-48c6950d210f", "value": "1c9ee620d0aaba03b3aadbd044e1e266e25085edf5315f573e6e4844ad9aae27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-8848-4150-bcef-4056950d210f", "value": "0f64b020f47a73628af0bf2e62e0108e90f7d1fde5b830513bed1e7b0ee0f73b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-0b90-40a3-ad2d-45fa950d210f", "value": "41e978655f6b85f444b99c91865c0221c27a54a20e3fc55d4e61c3e106af73c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-063c-4a08-8ae8-443e950d210f", "value": "edea204fcd030a0b00c8951b1fa6dd0397129067f893b2da490f32d4e8a7f2dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-f7ec-471d-9d9b-4f39950d210f", "value": "d65de0d445035740cdf1cd4baf0405a8924edc0e9c3024aaa70df20cb7f28a32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-6a20-4c93-96c1-48f4950d210f", "value": "bf33725115b8b645f205947c3d252589b4fbe732dc64f5ebb9c10cc9b92877d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-8bbc-4803-a274-4a9e950d210f", "value": "b5beb26498be7bcdc7339b4df0e98b1efd052287706d8677a46c85cf1924fc22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-fef8-43fa-beee-4772950d210f", "value": "d3e28102b217faa33b3c16ed5d3ef631eb423955492b61067df4862515df8b7d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-9adc-4b2c-8d9e-4689950d210f", "value": "dd73b9d898d7663b38388a2f2d36f3ef72e5def1b2e67310158273f66cba61a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-44f4-4364-811e-439e950d210f", "value": "4a38aea6d52d72b4969f43d948ddf29a2d3576db9b3e288aeafaee4532a3293c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-b668-4e6c-a077-4d9a950d210f", "value": "60a0d505ed7870300d7f47928f551d39526a735f074bae05d163e2a62389f9fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-4138-4e1c-92c8-4797950d210f", "value": "ccbf899aa9f6c8b54ca16614053741007519febb63299e5435a3f6c690f3d0a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-0e04-4ac8-905a-4f52950d210f", "value": "9e15e1cb09224f97d4473389080ef7a811bb04df9c6ad6e1764471a1186008c1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-d8e4-456f-b028-4ce0950d210f", "value": "bd8bfa884d792afc2d037da121f3bf122b90a724d406cff50b9fa34739ab7095" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-d96c-4ada-8e07-4aed950d210f", "value": "bdc55acb282895b9942d5b188e752b35e106a55ad17f4357c0c2fe098da92e50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-cd50-4409-97ba-4692950d210f", "value": "adf0001edca850a68fc0a04e1635cc3d4849cb9662197b2ed689a11b1a0843bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-72c4-452a-93ab-40dc950d210f", "value": "28dd5bb9bd2a828533fb5e95793643fa5bf96a7d0f5b1799d7978d84fdea62ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-64d8-4715-9a1f-408f950d210f", "value": "fe531c3f1db56d1ab6d8294ab3753cac84e8becf8307023fac07d39d28a07e35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-0e20-46ff-9db5-4311950d210f", "value": "224de48dcea5a83a1315db1409372f3e9d72d9639ae3883068dfc55d60c75ce3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "5df0b084-0118-4aa9-b8c6-43d8950d210f", "value": "eb4387cfd0d30be5e985d58f7dc3935cd3bd5a7dca193699aaa9971bda082229" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-ac24-49e5-9af1-4a0d950d210f", "value": "d864793695bea272f2c43877db5140cfa18e348e6788f2b5d3fcb189db868fb6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-1290-48fa-b54b-45d3950d210f", "value": "1f4a92061c1a2d3f19d1e4f127395cd056f699b1db2f1ed8648cd406fb973b66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-5a58-48f9-aa1b-43c5950d210f", "value": "2b89009a51eaea0a277359651ab9097d44370f0829545a59ec5f63358e71e913" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-85fc-4d16-b422-4b3d950d210f", "value": "dfbd3927e48c1772fcd2f57baeed5f5292a12540cc0c061fa0e576ac37d38350" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-f784-4929-84ae-4dfa950d210f", "value": "ad573114b70a99dc487ad50eed634303c4acea26c0b26e456599971aa8607d42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-a4d8-4c1a-ba00-4e01950d210f", "value": "2bf45addcc29bc985a90492f5364af1ff8386de6d0de1dc10d432fa6fd7a2829" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-f2a8-4083-8727-4d9d950d210f", "value": "bf01e71dddf875a6e1b9df0a9c672d267b21556e83ebb50239b7d4b83a695721" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-4d08-48b2-90c6-4431950d210f", "value": "ba68ac8c05da97e6cfcb6853a92232b5443ac43c1e11c14e4d4a15b684a6dc8b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-76a8-4753-b991-4490950d210f", "value": "4b87e402b89a0ab65ab8bc89c95cbcfe7c08358e43d18cc1b04ebad1823c8e00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-a254-4f3d-ace9-4496950d210f", "value": "f21d9a07d47f5e9e68f76084f09e7363bc9b5b4a7de3700d478f2b1bbe6e829f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-a434-4bab-b981-4ecd950d210f", "value": "16685887e84613e8b69bea67feaeb7115d3c403623dcb1689ac12c5c59a98ff9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-706c-4bb0-8041-4cad950d210f", "value": "a6255ce706db85a4ff427ec9d34dad32c59baddec430f32f99fa957a145fde9b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-d840-4bf1-81eb-449c950d210f", "value": "f27e019ac525aa96c91de1861c4fc33d79648b0f7f04a8b881f52565ca4de20a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-5204-4d27-acee-497d950d210f", "value": "1fef6dba7c44624e4d7c3066cca2cf4fd4dd8ba6ba7f3399373e243c96e5a1be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-19cc-4563-8df1-44a9950d210f", "value": "2f250c57106a44356f14a671e1f9d71c73444de0405da37eaa747128139958ad" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-1994-40a2-9581-43c9950d210f", "value": "5e05284cb4efc45f8cf8ca3818bb9461f2a106285ecd2b23125046691a3839e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-2d48-46d6-ae3d-4fea950d210f", "value": "9aa74d061e986ac65dcf4243d6229122666d1ebe5e5c8c278f109d5d8a74ae80" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-1988-4452-b4d0-4e15950d210f", "value": "da6bc58ed98b2b1e9c79502248409a6041e10f04d81411f7ced305e589c03618" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-0074-4cdf-a384-45bb950d210f", "value": "8d320161b1278bc09135b76e07ed5c4ec833064cc061bed97daca4485177ec73" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-f22c-4d65-8a73-4bc5950d210f", "value": "687f47552ce1cb3df741abfaa1a16113e516751bf41be3d10f49c93d26e49c45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-cc34-4cb0-9095-45f4950d210f", "value": "eff68eb29c3efcdcbc71a3094cc9b7105cce0d53c9b066995c35ef0c31f5acba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-6d80-4061-918b-4318950d210f", "value": "43bbf8b4bfa3ead1ceac9c7813c1d848f446886c83274dcd1c98ff2240249684" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "5df0b085-571c-439a-bf20-4d7d950d210f", "value": "0eb5a08a148269bfe5967ebc6175c248fc4ea4fa2f9f29127bfa4420cf7163e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-6490-47e2-b17a-4267950d210f", "value": "87416ee1c0634db27523e23e9a62a0d934dfdd328b0e0a1131cb44007326859e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-8ac8-42aa-bb5b-4963950d210f", "value": "efff02b0d3d86d0e27d7854f382cb7e4ec25fcbdc50276bb3d181b02750fe2f8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-f0c8-4c94-8337-4bc7950d210f", "value": "a5d257e59a105af5c7002665a87c96c9c50b849d6fb7e0de686d6bfadf11cdc4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-71dc-4e53-944e-4487950d210f", "value": "f2887e2d29564f6a7ba1e0138b907fac713463a5906ff38a2819c6bc4f7e82fc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-2f60-4811-b8d4-48c3950d210f", "value": "2cd85602d84cec93946952f095113774a4e00cce2f8211275b7fa86392598fc1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-65bc-41dc-899b-41b0950d210f", "value": "ae7d2ea6a9157f27aafa28d73808b959326bfb14597bdc4d52060b4fc76b8304" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-3024-4880-9167-4d4a950d210f", "value": "a2188ff2dcca659807db8898153c88520d41033b8f446ecb932957abb6237abb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-4f88-4c59-a695-469d950d210f", "value": "d00379abaf3060b9848ba406daa5948978df60429bbb447d629a0b233e60d112" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-1874-47fc-9f4e-45af950d210f", "value": "41ac143274f38597ad8cd849b40194a9ce8a340f2ac3ca81b00d03f78393c01d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-9b88-45ff-afca-4273950d210f", "value": "aa5825680d7438a8a58f6361cafce56c333f7857e9117c027544008895b5dd31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-9078-4fc8-adb3-4a84950d210f", "value": "68443a2fb7c7e5aca2209a3955cf39c716c5f5a915173746e4b27a9c4d70cb1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-50a4-4c89-8aa3-4806950d210f", "value": "a90dd65add6ecbeab7382101a28fbbb818f696731bcdf2ee83cdd51987ab45af" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-c1d8-4163-ad56-4fe5950d210f", "value": "9fe0f0fe473163b358923164a9d1f3287bcfe48f54b9b52aa2712a3f8a8e9ca8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-eeb0-4e6c-98e1-4bad950d210f", "value": "c3e1cd68273ab34264ed21f73247d10d51086bd65f8dc3dbf8e6c155b3aa68fc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-e7c4-4755-a0f8-4f67950d210f", "value": "057ac9e82be5accb71dcbc4c98c370600b931c3a49c24351659d8e051b7ce686" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-82b8-4b95-bece-4649950d210f", "value": "def6d7b27b2c5411a53d44b5cfde7be57d9d72f0fac36c639d830bb9eac1c174" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-c8e4-41e9-878d-49d1950d210f", "value": "84fc44d957d32757e27bb509c32d7cba01768a7510b2fbac950e602aec9bceaa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-ecb0-4607-9bfc-4b85950d210f", "value": "0d6de4ced4581620ad4da96c8b885b74ae31c987426da8e31e5d680a0f515b96" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-1bdc-4269-9cca-40e0950d210f", "value": "39f9d63667821d7b12267a250b84e6979eb7b88b1c7573e82da42dcd162b81ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-3c6c-44ce-8580-49fb950d210f", "value": "91f7de5bb9002d63e079bfa3998a6ee460d2d496ec412d1a19e6ad0ce416c22c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-f080-43a7-a251-4ee9950d210f", "value": "d0a85bfe1329577c7d16bb6a52f6b051b1db4eebc4a1a18948bc8bc4b324f653" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-96e8-4ea0-8423-4d76950d210f", "value": "e1d6dcab11869cb619a173440c998f0957162ca36e2b43f1e2757e11541fad05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5df0b086-4dd4-4ffb-9a7e-47c7950d210f", "value": "3ab1d7b7e41a79c7147027fb2f8e921ed35167322281f1936cc321f1f916f3e3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-4ce8-4b3f-b202-4c07950d210f", "value": "e728fea893b9018848a4e88764c64f22ba98b2e4a9904c11376e9e60c688949c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-d720-4bf1-b388-4ea3950d210f", "value": "09941d4f793f4ec9f214aa2e27be77d43e775adfd8288646f58157744cde5c5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-0494-4222-bec1-4393950d210f", "value": "0da7ebb8576f1ff0989c85b370bd8113bba622619509f64570dcfcc751bbd5eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-e364-4843-bb8f-4214950d210f", "value": "6f38d55197506412ffb4e1563d1a4255000da0b125b6be7112c92555776c34bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-c760-4d58-bb00-4ce4950d210f", "value": "0f3bf370122c4d1ebcad5f2dcb6f4b60486953427ba8c95176df3298d1b5db85" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-1674-42c7-9ec6-4204950d210f", "value": "63a1f51893b65e59c233fc62194c6cc9508e780763d6442cb4b8d48248d3bb93" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-1894-4925-8585-4178950d210f", "value": "98e70fef469167aa28027be07072243d4bde148f8af364d245b761729fe735de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-fbfc-4707-b8d5-4bde950d210f", "value": "61c523739188d42e8061ec5727f86be931bef90078c1195e9d7cc126db4aaaf6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-dae8-4042-82da-4cb4950d210f", "value": "52a1dc7dbb067a3c37b3ee776f56e97b926fcf419d7dac3b1b99576ff1095fbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-0310-42c2-a148-4861950d210f", "value": "5eab9b8af26b1508575d42c95661f41ec0aaffd794f307fefaaa6306ed50fb2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-9320-4cbe-9a3c-466a950d210f", "value": "9ab1db2fad7f75fd1fa2eb742d92e1a4d35e81627fe5fff55444956e5260b81b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-ce00-4716-8985-4a4e950d210f", "value": "28496862543b5f6201b033f7ab19e390b3a7915b7d3557629f3d2f2f8292a586" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-6dd0-4d9f-96bd-40f9950d210f", "value": "10079b5bba74566cd2daec9376f14acfd3ffaeed56f9a79d45d87ea795c21e33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-d290-48b9-8ac4-43e1950d210f", "value": "6c083b167fbd3ed5290c6dc8e31c11e9b44bb8fd0e8386bde654cce5151ffd8a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-cb50-4b9b-9441-40ae950d210f", "value": "1eb43cca04f207dd7a107c81496a9dea67c457827c593ede89e75b4bd5b317f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-be0c-406f-948e-4d13950d210f", "value": "e805efb48554e98574bfb9cf2de17610d46b6be0f68d5c0a267e5b3e2ed3264b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-1f18-4b44-a0ea-4458950d210f", "value": "aaab37892423fd94d199cce24360c53ea240a0a81b63b7d7169c7b7595c2fcd3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-aa6c-4ba2-845c-4fa9950d210f", "value": "31e422b17cd0cce5cbd49cbe452772c16693fecd97f05558db60b5a331757bcd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-86a8-4cb2-8bff-4dde950d210f", "value": "f74ea44f76af2e9c80dc50ef39c99b802f1accb0d94258d5595e6805999137bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-bbf4-426d-858d-4ea7950d210f", "value": "2c579f40cb18b3b9a207ca0598b5cb88aadbcf6c892bae840fb6c8098b011075" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-96e0-4cf3-ab86-4d3e950d210f", "value": "bbd1ebcab780a0d5018b033a89b83ea4216aad07c8c73e41c86e878d77d8a8a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-53dc-4ffb-909e-4013950d210f", "value": "98dcb64b12c9a0cb858adf937105f53525786452c63a67986458f4bf091ba804" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-b1a4-40a9-93d8-488b950d210f", "value": "d6a3834a9368528d2d6d49a44f44dd4a6f25318d44af7c5072f0621a14373e75" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-4514-493f-8056-46ce950d210f", "value": "0fb2fd7fbf71ab39078aa16528e06cd88e9a3e541c9e93721cbaeca081794bdb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-8c74-4219-9057-43bc950d210f", "value": "c7baf739c5a78fda1d3aa48f71cefe7cec070c71ece8940566b398ab135e71b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-18b8-4cfa-8f4d-4c2f950d210f", "value": "dd55cbf28ffb502bb38398c03f454a361330902c3fc4e465eb8865c8432d6b4f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-1fe0-40a9-9cde-435a950d210f", "value": "41e02e68c13e610488e285a5df79977a807974e9b7cecccc1bf8036aac2eafa4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-2ba4-46a9-b973-4b0f950d210f", "value": "800636f452b0dad4e1b48e925463194ebb26ee2bb2a7d30e263766ae05801f13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-676c-4247-b47e-4287950d210f", "value": "29d157f73ce559467d99ba16ca2d867eb5abc086c2ab0b92373d6adf91f77683" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-6850-4d8d-8632-4862950d210f", "value": "6b74139432e8eb9cfa5d695952798be4dcc2930e0718ff1e5ea9fbed0e9fe15b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-bc28-4d18-ae8d-4f1b950d210f", "value": "444a564c7466ed4b60dbf70c215067ffa99ab773b8c8c1b0a383617777bde650" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-5d68-495f-a27f-4fad950d210f", "value": "d902651a98c1f0d139bb18d2eff730e2b06af7b5813c3d170475a284cb25b04b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-bab0-4007-9441-4d12950d210f", "value": "38d39eec91474ab3b6fb64bfc0880539e47351b9ac2a907bb8722e94c516088d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-8ad0-405c-b122-4971950d210f", "value": "4889ebb5f02c520e57a9f417df2d53cf415c9fc67d2ae3abab8b604e275df23c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-4d44-4dde-abc8-4f98950d210f", "value": "83dd15c56492c897da410681b15890e7b760a95aae1bd6981bceed56b66124d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-7d7c-4a70-a417-44a5950d210f", "value": "336ee5f4b81ae7d30a17c6251b78af87f1a9815f19f732f78961584f268ddb0e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-e8b0-489a-8dfa-4c9c950d210f", "value": "5a7b1f75b6082530340c4cacbc39341ec9c259f78297194fa0d6143cdf67c92b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-eb34-483a-8bb4-4b8b950d210f", "value": "3777619b23c946d08a275d374bcaf3add3e377722f9e24157cd2cac3861532c8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-67fc-4df6-958f-46c0950d210f", "value": "305cf6af8c1e6d52eba30a3f826d9b0439b80d9fc78c194ce50559321d62df1c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-f0a0-4e4f-a462-426c950d210f", "value": "71d895e3bae4d180e9ea94e8ce1bc6052a25fca48b086d78c1c14e2186ecf09f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-d42c-4a1d-9608-4995950d210f", "value": "904f9899b4b829c44d8238d9510c487a16b053d38617d701c986438fc479e7d7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-8e08-4618-b1cc-4994950d210f", "value": "885ee30a74554d4d5009337cabf839fe5c4ea16d5a4e4a799e1041ebd709f243" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-13cc-469a-b646-436c950d210f", "value": "e746313a774296e024bd6cccc4d320f2d8d10d87caaa79afaaf5076138e89ea7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-7518-4bd8-843d-4bac950d210f", "value": "849dcba27a0f40c293c2ccf9c08cedbf7e8547c5be20b3c398df896bb9b343e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5df0b087-380c-4c6f-be3d-4cbd950d210f", "value": "0ef0ca713cef3958447c81d34d78ab8f940111671878d66a56a3ce73fc7b3d41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-64a8-4a4e-84c7-45f7950d210f", "value": "1ecd294c05fbc67ab487162c4c55992821f3c9dd00cf7d4e29750cc70e6b7552" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-ffa0-4e67-a000-499e950d210f", "value": "1e67614d79d390bc8b2ceb10744b3015d545ca15bcaa688cffe1e066f227f776" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-2fec-4a95-9a6a-4256950d210f", "value": "dfa71ba3111d266b909ba4e3c8b0e165f0741b448f8dd4c582cd2c6a92b1ff26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-948c-49e7-b821-4e6f950d210f", "value": "e375336fb2bb058946e20c09411545ce280ef5dc6b390df3a480145789c4b119" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-eb28-4975-bb16-4bf9950d210f", "value": "673eba40a6a1d012467081271d749eef31bdbac99f4033c737bca40cd71dc66f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-82cc-4da0-bf89-42da950d210f", "value": "218cdf63771e1d0481456f26bf130b71cd22c578631e2c2759e940b854bd54b9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-8d88-4c48-bc6f-443b950d210f", "value": "d96e18f786de1a4909c6bb5ca307b459918278bd6dd5aa2660ea48268233386f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-1b1c-4708-bbbb-4581950d210f", "value": "3b64aeca320d43d6622a5e8ec421db4ae4be75a73440454b0f128403670c2622" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-d72c-4527-86ad-403c950d210f", "value": "b6e6975a76b305c753c8e85b854fb759622055f71fcc109f5d2074b394e0bf24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-7290-43e2-934e-4737950d210f", "value": "a0970b9addb86c5dca18c5b4e155b93b6f5a5d45106568014de8310367433d78" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-c484-49f5-b8e4-40a6950d210f", "value": "1765ebda60085d53187e136384a6badff0a6041b6ee4761ced2f11e20b060802" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-bda8-4981-963b-49f7950d210f", "value": "5ab0950fef12f8ffc21e6484750821405dc522e9b8c48ae49d9372904cd0be80" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-86c0-4298-804e-40bd950d210f", "value": "53af038821cde1f915bf0168cf1e459b7e32219d7a8798175f521dae6ca6fb49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-b490-45f3-8310-40a4950d210f", "value": "7b88bba3162b7ea96d9a93be491de293a856ba4d69449a0b37b14d924bdb963d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-f830-49b5-8fde-4894950d210f", "value": "0f3c3ba71c343b83234ec64f5567072b0c3104cbf042da63f1b250fec52a3193" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-a3d8-45a0-8b97-4d40950d210f", "value": "efd75086b9da41dc65da3f002610280f83a7a9a188dfc2cd3b43228b3107cd46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-b3dc-47a2-b7d7-48fd950d210f", "value": "88684cfaf2c29fd61382af8577f660767504de6236d8a98a087b4745c958e494" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-6520-47a3-93b0-4490950d210f", "value": "4a03361f7f8e42e62ca7e0d6bb843c67547e5f564d9bb484c326a10d70cf868c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-e03c-461f-9d88-4028950d210f", "value": "86856ae49b89dc11ce60764c5cc099cacb3d86cca312ecf1b4a911f74e81f75c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-2bb0-40bb-8dc5-42d4950d210f", "value": "16931d251d5a0eec6f7d5f9440836ed897092905d9b4fcf92188773cb292a586" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-a450-4235-aa48-4ec9950d210f", "value": "00c4c679f1423f01284223a150cf45130f69ed14c847ed63862cc43fe6f27857" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-04b8-428f-a0bf-41f1950d210f", "value": "136d1366ec76a9e1ecc49c1020adea68c416c6c8696925ef50f549dd3564bcf9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-4238-4d2b-91da-427c950d210f", "value": "9a5986bfc4ae1e3436813670e1ce3924cbd950aae3045c965295fb33853d1232" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-9300-4067-a8d4-4b59950d210f", "value": "b16a89db2c9a766ac32fdd3898e5ca24b1bb755ace6c7438585ce72f5239f48a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-d76c-4232-806e-4138950d210f", "value": "6f381faf83806ecf983e0325b130994760f6e058d55bb367237e46d5be70d1cc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-33ac-496c-8d46-4b92950d210f", "value": "d347250ecf7a9209a2f3af83ad1be9ce2f48ac5f2af622a7385c3e6e0044b29b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-2a04-4ab0-b6d7-458a950d210f", "value": "778f10e44ad76087857af1f4168a4f6fb3a5f03b160d19ae02c467e98597fbac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-102c-4b37-9ec0-41d4950d210f", "value": "46ed1b8f223e4eebcda42b873dced8e19e25c769214494c785a762bb218ffa5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-4ef4-44f1-8824-4c6c950d210f", "value": "8ad4e1140aa7ad266673028013858417d24c302e8103fc8eac538d14e06418e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-4ae8-4b30-90c6-4065950d210f", "value": "237ef9a6a2b26b732e37978d07b9e4866eabc0f18a2eeebb7290db2ab348482a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-8320-45b8-942d-4abf950d210f", "value": "cb61c4f9d662a99ad9a28e9e269d86eaacb35359fc8aabb870690c4551900782" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-caa4-430b-b290-45a9950d210f", "value": "1460eb328b914d30935452587a558641526c89282b63290a231712d6c1a3c1bc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-11c4-4b72-9623-453d950d210f", "value": "528c6ce5c450d901c81dc9bf8eb5b7023cd153303f3c3cb4d43396280d932b9d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-7ba0-4ec4-8cc0-4f55950d210f", "value": "b6fddc15d6a0857ad34f4bcbaee7daa007aa2a0f042eaad8be7c5bc422daa8d3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-7950-4be0-9c09-4c5b950d210f", "value": "71d10f273af4861dd0a8844f92370c2982470a0e5f8c16ea85a901e0d0cf0a65" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-25c0-4af0-ad1e-4b82950d210f", "value": "b99ae37e732f458040573ceef72314171ee8e84ea1072719deb79a0d957d748b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-7c80-46d5-95be-45ed950d210f", "value": "a841bdaf836ef681193d2affef3c586ed5f98589e470da5f3b4ffb2e98a292b9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-a654-4a16-9408-4191950d210f", "value": "4d05c434412dc66eac7a44c20421ac7ab4567aa378330b9fbdb4196a5d0b1198" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-35e8-4036-849e-4bdc950d210f", "value": "b2aaeee604cc6cd5084d2f953fd191c4184198adb5d65800e25a5a288dfd07fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-f3ac-4ce5-99b7-4116950d210f", "value": "f09818b84326d48a0b7984283679e999111b47aa06e5ae5647e8b28c06256ce1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-f310-4673-8b92-4177950d210f", "value": "328152999c4b148033dc91e85e068419cff0d51614a0ffb81a851b9b61032940" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-078c-47ab-96fe-401d950d210f", "value": "e9b23b87a3d7cf6c408c0eeb588ff11f73c6e3ac8a2496550a3c0481758178c5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-851c-485f-a81e-4888950d210f", "value": "d2ae0171b71d401548bd41dd28a7aa9a4fe5f32a92fbce9cd860bfad79d3eb21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-152c-4429-9c0d-4d5b950d210f", "value": "f0c4aaffdfaed2db209a76aa99bc98518f489f1c62bec0be7584cd210bc0b31f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-78f4-4186-83ad-47a9950d210f", "value": "e0be60f48d6e3e9517be583678b1b4760e021bf77a6502782c66b2581c044b1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-d634-43be-8598-48e8950d210f", "value": "9ce1f1342c2da8446fdf6b79267cd4ce15d00fbd890c6e59abf5d7a90f988cc9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-0c48-439d-abb1-42bd950d210f", "value": "9ac35b8b97c10bf93965ceaeea0f6ec47342a74427f97836a3805973be69e24b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-6300-4524-b7a0-4a29950d210f", "value": "fb951bef895718adf17a3be416c9d56d6685e9faff8399dd80c36d98a98a9db5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-0160-4cd9-8092-43cf950d210f", "value": "84efdb78987a8fdbe3df5b927fccd2ab184ea905e29e3ac98176dfc0584570a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-1af0-4d50-8260-43b1950d210f", "value": "e9f6f49c3ca9a3eb7a4007b42b14c0621e5a01af78c9cdf2994cdc4c3333c4ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-acd0-4ce8-9330-4154950d210f", "value": "49c92940302ac4222b5d21359b50e30517b3b9cb05b2143d7f4384864652bdd9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-60ac-4360-9d35-41ec950d210f", "value": "d4adcac6c4bfe7c26bd8c17ada5cebd9fafdbc970a75ac5f5854b9e4204325c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-29e0-4626-bdc1-48ce950d210f", "value": "1b1f610739b3bf0f89349bf5ef1c7ce25331817e59a88912f3a8b2c465f71a6a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-a300-4d21-be73-44c7950d210f", "value": "503fbb210c018225ffd88965de25b23c3a9e9daa3ec78a41171a32ac9cc19e05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-55f0-4efa-8048-4e28950d210f", "value": "d7a483de1fb445fbdf5408875f2bd1694e8a746a3b0e9dbb3b01a63714ce5729" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "5df0b088-badc-49d8-b964-4a0e950d210f", "value": "e50a761781915101a0fec4e4b7c2c6d8c8baf89fb70060580f09a07a8e1eb846" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-b590-4c4e-9d52-4bc9950d210f", "value": "135e78b23deb6a4d01e151ad0106036a8db5df2b92e4b44ae096a5f1150a79ed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-12f4-4611-823d-4d1d950d210f", "value": "d39c4d688026e814136165c76b8f4406c620353b9ff9c048a083b40293067e2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-adc8-498f-99b4-4e24950d210f", "value": "a3ab8979ce82e86793b9be5501419fb31a8ca98eb05f9a22b06ec8a0bfb692f9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-13ac-446f-bf3f-411e950d210f", "value": "887176ece756575c44404450f80ede32fe518222cc0a45935b788128f23619e5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-22e8-4265-a283-4f96950d210f", "value": "98a7b6c06daf06711cca53955d7b4f74d18197442c426d745421bdbd802d8ee4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-f4f4-4351-90c8-4b9c950d210f", "value": "ab7ed7cb1a0f80f7d9cb639a9c18273f7ba349512a5f759b72c892593cb65ef1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-ed18-4943-af3a-4b9e950d210f", "value": "795b69184e3d8ec1d998340d21299168172002966bfd74a7960e8d084d95c119" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-eb18-412a-91e7-4fff950d210f", "value": "df8a6067c650113f0a29bd137711f49edef29df0d8f1ed83c9489b4c0abdc17b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c71c-43fa-bee1-4255950d210f", "value": "f5597cc223eede583bf1456658c951873a6bb69c38940c0f21d607eb7ac8cbb2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-840c-4a13-8f31-4bde950d210f", "value": "1918956aafe716e3d2ef05932b268bd1a876e96eb79dbf9a0f03cbdda00ce6e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c610-4a8a-a441-45f2950d210f", "value": "e359a5f605e68745f421fd4cbe5c8c00c7ee33b3f0a99772a89ed0057503a134" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-55f4-491a-8747-48bc950d210f", "value": "8ad3156593ffbf173177d099cfcbf40b356d4bef42ac6a5a70e6481785fdabce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-1b20-4f58-b9c5-407f950d210f", "value": "d7687e1d98484b093e8da7fb666b2d644197fc3ea22b3931a6150c259479b0c6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-1410-429f-a340-43bf950d210f", "value": "d9a3b5323039595bca3956fafdb14c8bcf0e5c1d141ab17e92cae7cb9b1dfc2f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-825c-4423-9dd5-4812950d210f", "value": "6a91f4c4488e921e7bd8a23b41581724bafb311148ced9f756e89c5a2efa3839" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-bf14-4f7d-970a-4267950d210f", "value": "479829dd230f643fa72f422b8a213e09cac7b4eed7fa74fa661a429d4140b996" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-d070-4bb7-a56f-4059950d210f", "value": "5d16bc98c17eb578f31fae02b4e615aff6e92d02f376ad1f4e6cff4c9a2e24dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-26cc-4b80-96a4-4905950d210f", "value": "84bf972975d42aef02354cb837e8d9f9773d9d44fd74cb97766b11bcda77c0e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-3ac0-4ace-9ba9-4d2a950d210f", "value": "a356e9801614f1ca6b131a4b71e170450591987cf45697f065a4c9ebb3541234" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-8c74-464c-ab2a-42b4950d210f", "value": "3d3cabf08d58a73648062ef0c821cec69ef3e3678a05694ae89dc1da3e12f493" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7e2c-435a-bf14-44ea950d210f", "value": "04fc7a5e9d0f158883589a5fae04898457e45b1954c0ad1a258a23e2868b3b56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7640-430b-9553-4080950d210f", "value": "b3660101d3c25aded77d1a9694b16e311d8e708e1d586e9baf0bc988552a378f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-f6e8-4991-be76-4ee7950d210f", "value": "2b8cafac06fc630b469df01db694a4616ca31fdb32b4ffea56ff514618fb6103" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c44c-48f8-88ca-4787950d210f", "value": "94f064392a539b996c0b823d2c25ba7e0e852907c3925864e82eed9522939269" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-2f38-4e9d-ad65-4f21950d210f", "value": "588ec943d755cc0fd2c699c069e5328d49a6fc87dca234134a1a8b51aa18c93a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-af60-48f7-86bd-4a05950d210f", "value": "a4713a5f1a12aa6d564656c9c155cc1a6b0cb5e91771840d8f4acca519e0ba1e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-09e0-40fa-be5c-4882950d210f", "value": "ffa4c0875faf1a430e725da129b5abaf874fe769dcfa88764554f53f866b9529" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-1c20-4771-bff0-446b950d210f", "value": "4e3ce5e255d3f1134feacc559bac6e4f8f838af09432943cb8acb2b112258811" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-240c-4b6b-ba05-4016950d210f", "value": "b2df333204745a0780d5253a4e0a25f3f6fda445ac38f916b42e8b8498302058" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-2398-4cdb-b184-4c52950d210f", "value": "051e3737e6b617a96ae1c2f74881c1a32296073a6a351230942f1d07c1f8ba4a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-2a2c-473b-ba2a-4208950d210f", "value": "e849704aeebdba473d11c4f0dc330b369b0b2183034387d550ebca1d8225c901" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-b4c8-4e6f-90db-4b38950d210f", "value": "6647c194037558aaf53a09179f1bb428f27ab19136120a2e6758271e474df252" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-8fd8-4e3d-8e90-4fb1950d210f", "value": "efcd94f8097416dfb0ea84d289f1500ab75ebfd13e31203ea5e72a48a5ae9f8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7dbc-46d9-8998-4540950d210f", "value": "9f0ab599f89caa081c5f65e1666092da42759d27a6e272508ee2d3b416659e7b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-d070-483a-b689-4930950d210f", "value": "f968ec20bedcf27c4e559af7e2118adb30673355e2fe459d6a2b1fba8d747956" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c540-47a5-9ec1-4d7b950d210f", "value": "6ac70aab719e8da3d49dab3c45609235f2090f24a40d05717e6e2afa5b95fca2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-2b20-4679-963c-47ab950d210f", "value": "281841ed84abc658c8b77a2a284d4a95f5e82cd3990135f463cd2a45c719bfeb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-f944-4d5b-ad5a-4890950d210f", "value": "680b265bd7d06936857966f5dd5f01c3100eb74d858f1d9916c9ee4a34974633" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-d96c-46a3-aa59-43f8950d210f", "value": "1b0181a41f948f21dcaf76fbdc79f1493e355ea2dd99d6c586de600ac45f2fe2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-81d0-4073-90e3-4f2d950d210f", "value": "2582b2898823e26096b851f130d38745d1680253f4cbc162044220b803c39a0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-cdf4-4c78-8708-434f950d210f", "value": "3889af36e1225cfe1771ce732032bc02885ecc5cc25808693ddd8b9bbad585d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c258-4808-9d78-48af950d210f", "value": "8f51e9c67c3eb7abb83b6bcfd35da0d71b256f3f00aaaf2cce8dc06a346158de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7b00-4985-a13d-48aa950d210f", "value": "f653d73237175f1ac319de0af0395bf4ffa82c2eeaed813f978cc68ee6e9ac2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-c1a0-485c-8959-49dc950d210f", "value": "d1e0902fd1e8b3951e2aec057a938db9eebe4a0efa573343d89703482cafb2d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-4ec0-4527-9f0f-4317950d210f", "value": "78caf93f28ed33a68d9c877e65d3329438f222c4069277fbaae540fc7912f6f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-efd4-4776-bf0a-433f950d210f", "value": "07c10a199a1c93afcebef1eea12333b4fb7e1847b707ee55b5c7b7dbe4db8f57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-82a0-4584-bb49-446e950d210f", "value": "4d97d7a9db51f6ccbf1f21d1282bea23291e8842f1d3425968d1c2b3bf0a548c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-b6c8-4031-a282-4db8950d210f", "value": "566882637c84946f59d0126951dc19bed5d6c6c0ac8bb5ad157c398bc0b4d4b0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-3ea4-48e1-85e2-4938950d210f", "value": "2610797b258f6fbc974c389f2c76ae291197753f8f67ad74eccbfcc064760279" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-1208-4179-b2b2-4fda950d210f", "value": "39f51f64194d852bfbe3d2f56d44943d98b94b7b9b6ae8072d96bf43c5f2ed3d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-b9ac-486c-9b63-4a4d950d210f", "value": "cd6247e8d69ce5e882e8efc8a4201ac3e3a61bd358a4501ed7ea23b5f95a7f39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-6dd0-4e7b-91e4-4767950d210f", "value": "14baf0bc72990bb2cc414f2384825a5985be5cce2bdec55e1f3fc1c3c404490a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-cab4-4409-ae4a-402f950d210f", "value": "e8e600692047c465576edff769cf9e5f82fa277de9ebc0f962a64317984573af" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-8770-44bb-9216-426d950d210f", "value": "eae7fa17ec085510884e359794e7bd645ea09a541f8056c364622fb972b83e7b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7f8c-4fd3-ad63-4464950d210f", "value": "2437a58d064633e57b32149b711ff16b3b55902915b7711d6cf9e855ac08ec41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-e9dc-4a76-861a-493b950d210f", "value": "efda6986f9c71d4bb89efe56c1a5c0b12c88e2f88e42e941668df5f8f95a56ff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-4748-44cb-8956-4f82950d210f", "value": "3b164c0b2ac9e86fb24e32cb0ac1a1d6087372c644107e4de4aac9dede085ef4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-7de4-4940-9431-4390950d210f", "value": "f19871a464a805925b8df6749bacf04657f788bfe3fd9f09a9b0f26082b216f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5df0b089-a224-474d-baa6-4311950d210f", "value": "c839355e4a53b4ec4a7cc4267efc78a9d7ddc429cb76b3aaa38a70857810d846" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-1788-4f8a-8018-407d950d210f", "value": "5171299ff98c0d226b12a2a25bebd1c00099ce90ec8545cfe461f250c9876b93" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-69e8-4085-97b3-401e950d210f", "value": "b2a3431fc7c46594be458f821eb4ecfcdb3417a0dc30d20c933c0c753adeb44e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-97b0-4904-b78e-47a7950d210f", "value": "f888524b88358c2f1bd11a7a98dfcffab0997d13e214116d73d23d7d905c8df4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-6a04-428d-a46b-45d5950d210f", "value": "9ec4804cc76160ed4915684a2d4328fc3e87e01f84d0be78cb4c6179cea97c0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-1a94-45f9-b5fc-4c12950d210f", "value": "3bc7c49d2b4bc9caa3d54c884679ff2b278df3a3821c80186fe258bd1cbd4eaa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-4798-4594-bfb8-4812950d210f", "value": "9756df0c33af1509974388fc6f1c01ba737ff750a010fe33f6b310c29232bd99" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-dff0-4772-a23e-45cd950d210f", "value": "c04d8b1efe722ffcc7d6e5e8e0757be9fa8f529bbd74c2dc25790e1c9e078b2d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-7e48-41ed-ae75-4956950d210f", "value": "71c60050983f8b37c3be0b0da31521992ed69d60a89e6fe97de67c437fd22302" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-b4e4-4964-a9d0-4523950d210f", "value": "a8b4a2bd90274affb16e5c551ea2d4c8da0356b83d20595078ffe619eaf4bbdf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-aeec-40a2-b69c-4eb9950d210f", "value": "69093a5cea07689d44aac2648c80a2e934f870615bd1d85d8aad480d7e559452" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-62a4-48c0-a05f-4439950d210f", "value": "f75316d27f864577b461e88b4797e3d00c87dfd6f729fd519353ea7cb2d06858" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-d4e4-4192-a23c-4071950d210f", "value": "ef2a74ce32cdf501f3b83be8f3de48c80535f160ec0830effddfb4f3d3d61ee8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-cf74-49d2-8539-4c1e950d210f", "value": "20394dc816db696f7a9fe41ed1d6b581f91616e8de94b9810b580738fcc0baa7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-ac9c-4f58-b9b4-4194950d210f", "value": "e5b4d4e579b38b110e44004c3b35eb8392b71224755b6a2fc45cc56359bda2b3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-41b8-41aa-8d26-4603950d210f", "value": "83206a7a5354107957375b1d37c0f87c5013a06a7e7b6bbf4d9a02cec2f2c199" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-b800-4357-b724-4091950d210f", "value": "3665c04c797a7effbc3edd7e4465e2728e81b0d7f0fbc9fe478f03063bb1bcfd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-c278-4271-9385-4001950d210f", "value": "1658cf5e21efd05d7111da50b954a0bfa0818e983e12935eb78d0b1df251edb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-b134-447e-a310-4c71950d210f", "value": "2f283ad12fbd85f295a46dd108d2b9f7c59bf49c617e26c4f996931c93ecca8b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-2970-4243-be2c-4f39950d210f", "value": "6ef46a0abeae802a3517a22ba0d5e2cfee6edfce2c1ee135747d8d4f2983d100" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-9050-4575-9d43-4712950d210f", "value": "8a9229d7fc1e81bcd9d53c944d7793fa69a17e3d83349619023e0c125c04d741" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-457c-43ee-90d4-46a8950d210f", "value": "066ddec8d79ef08b41456395cd8dbb8a1da013ca6d9f027eee434e9d78135fbd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-7994-4fd9-abf5-4f74950d210f", "value": "c8c4724ed20a2372df3243eddbb613af1b0044a60493697c3ae4283c59710f30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-5adc-4387-a2e1-4d2d950d210f", "value": "85cf5eb76db2ab29e5b4e54752af88ef2d3d6e5d6581a7d82212aa4e8f474da2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-37bc-4256-8415-4d12950d210f", "value": "6ce6f2fa87d52c3249d5ef7bc51a1ae49975d3779f9ce028d5f35cb1990e7778" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-d6c8-4265-971e-49eb950d210f", "value": "6a968202cd64d7a276ea438f50cb2e4d7d72a6f23791a9d22a4c0024c0083fb5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-4cec-414d-933c-4fe6950d210f", "value": "63973fd565c7bc589131ae1f97f14b22efecf71978b0c9e2a124f22bfde24d11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-2f84-4835-b5b9-4ef4950d210f", "value": "79b831f0284eb1611f2c033f3e442f9ec164b57771b07551ac1bfd7a29014c56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-0478-4b61-baa0-4fc0950d210f", "value": "34263bfeb6a3f4e19e1eb0f3ea9ffe8640284171bfecc3b71b7f45a118e2d059" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-c5cc-40d9-8be0-4b2f950d210f", "value": "e94e057de1101fcfbe72a6fe891083ef7a94a06e6159bceb23790495a9343565" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-f4d8-4f33-8801-42e8950d210f", "value": "624a84231a82d8bffef81bedbd711d6adbc176861874691f13743e90b804698e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-1274-4f9b-80cf-4193950d210f", "value": "a572358457bb15ae137df1c26dcd82345cefc50832b63417b9d57f4795534c07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-161c-4c21-b1ec-4b85950d210f", "value": "f8aaf313cc213258c6976cd55c8c0d048f61b0f3b196d768fbf51779786b6ac6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-9030-4374-bdc4-4c1e950d210f", "value": "9df13782a06a77cffe00501500a6c75edecf37d04bd532eb3a1c7995167e087b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-6e74-41b2-86ba-4ed8950d210f", "value": "1583e4d2966f0eab80c3defc26dd95d0020759b5c6024840d91a18cf14c999ea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-78f0-4aa1-9150-4cf6950d210f", "value": "ed59f8ffd000d1d80e56d402de6fc6d4cd18eb259586172f90a7ba056f5a85dd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-5328-466f-982e-4a50950d210f", "value": "08f45213adedd2a8d89b2b5ec74288087cef2c7a90b214f00ddfa0d7329f098c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-d1a0-457b-8440-40cf950d210f", "value": "6b98f3a7e0c7ed16b5cedbc2017f43d05da15776e7a51b0fcd8a3f01eb785d80" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-c9ec-4746-9449-4438950d210f", "value": "ee7aa5f506aea586027a892f3142b0e63a69493356a69f47fdd020ea7e681c65" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-32e4-4adb-bff6-4f50950d210f", "value": "792afe6ffd358114c28e78aa2a93ef26b1e482cdcc7452cd9dc717282d867a7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-760c-4c20-a55d-45e2950d210f", "value": "a34cf6ad6f2360d699f96d8b825f6d99469f3a922586e7492f2f5fca982cd9f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-ecb8-4b99-a5f3-4877950d210f", "value": "d36a49ecd072c2df8db9f25ca792f545227219d2310efcd5cbf9c08c7cb62db7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-feb8-4df9-8a0a-41f8950d210f", "value": "ca543b40cfd9041fc4a3a4774e8b809c1fb0c1d9611e63cb12c375433902903e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-a7d4-4ffc-a6f0-4d93950d210f", "value": "32cec4a49f598adebc5858e6b6514968a5b6e367b6b0434361371e65c45bfe21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-b570-49c1-b836-43a5950d210f", "value": "131cdc02a4abf3ac05609389d1f1391fbe2340831ee105b80ecd88877dc83d1d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-374c-44aa-baea-40b6950d210f", "value": "bfafa8be3980f026bc1a0561f7a376f83b2c4dd0594654acf3499df18c84c29a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-1ea8-492e-ad4a-4f4c950d210f", "value": "afe106ae1b74031acfea1585c78a8db20fe3b99ae1f099e9a1812945f8008498" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-22a0-4b81-8893-4793950d210f", "value": "c746410a64aace77d16a6dcd054f9a54b011539764d35286840148eaf8c75869" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-c554-4520-95b8-46cc950d210f", "value": "dc440fdd3bd43d22a0da4928055c62e62d58dd0b13d96fccf125d47a00cd6aac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5df0b08a-e9ac-446e-8513-4c6b950d210f", "value": "80048f4537854c73c3a77a4a746e436e60c75956a3823e979658c6dad919e47f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054923", "to_ids": true, "type": "sha256", "uuid": "5df0b08b-5cdc-4191-a12f-483b950d210f", "value": "c6aae9ff530d3b869029e23338429e3baa8dd477e4733d06c5fffc4775f7f1ba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-bd54-4938-8403-49f8950d210f", "value": "f590bb5912105c0a4a8668dd7a88565c7dd7af5a4efeb1592d386337126f0af9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-fd74-466a-a568-4f21950d210f", "value": "fab5fa63e2e623ae86d7ba93b938b0ff6f796aa1ce57cea300570c57139db602" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-8cd0-4e66-b94c-4ec9950d210f", "value": "7d6ff8baebedba414c9f15060f0a8470965369cbc1088e9f21e2b5289b42a747" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-cff4-4486-8d33-476e950d210f", "value": "e782789646de1f1b58323d2961870f9aa574c59901a560396cb72f7a7ceaf6d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-8a8c-4d47-96c4-4cd3950d210f", "value": "d49247bd53a156dd0c9f89240ae41dcda9b393ed204f5656735cd2079dd2653f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-660c-4a42-a94f-4853950d210f", "value": "1338c13050d672e0728a0b2db6d947a6c64387832e8ea6b4b575bce0a3833582" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-fc58-4a65-a8a0-4ffd950d210f", "value": "356805e9fc94bd5ec769e2d5b524e79b1c3fba43a9011fa338da3e10bb67fbda" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-ace4-45c8-a481-485d950d210f", "value": "eaa2f84bc0a4f2e5c7e26c2ad49bd253a71c9bd7d6c445051e2b15f28f87e164" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-676c-4147-9352-4ef1950d210f", "value": "f64551a882617ff5f18e45a8f26b2df9142526bf8dd534a02b1d193ea5f4c33d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-132c-4d52-8044-47e3950d210f", "value": "e0872aaa02e58960f1cf16e0933afe8fa78aab35a60d155e831bea544baddfa8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-a744-4d7b-8d72-4da6950d210f", "value": "42a8ffcdc95ad1316e981227c7a7aac64a38bb6ee624ded5d6833f34e5c81bfa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-ac60-458d-885a-4f1b950d210f", "value": "27439f0ebb4e6d9820e5760a24fb649a05838c37571e6a5d2d8c5ca9d7d5cfae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "5df0b08c-9a84-4962-b689-4f7c950d210f", "value": "eadda694198dab4fce48663094b3cb700b1fe8ac4c1f8d41bb100645d1a51cdb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-cb14-49c0-8fcc-4734950d210f", "value": "afbf46d05691370ebdeff78aa5eb1aa362b7787fc4c68efa979ae344b9a328f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-a2e4-4765-ba59-4529950d210f", "value": "a0ac7a6dbb4f8703f3e02d54413cbb78ee88bb4764eb0d237c3a90fcca688be9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-e4f0-4359-afe8-4d99950d210f", "value": "cba36d8c367d5b0aa85a0f08cdd899d09f97f22640865258fc73074073f78f61" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-d73c-49e2-96d4-4387950d210f", "value": "9c5c4c15432a28b801e3089ac6f1e3bb8bb69d7fe701d24c064bac4164d172ea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-1ff8-4109-9588-4a30950d210f", "value": "2807b45cf41bea348f00df06ebb82a983261e3fabe4ee6342246e0203fead610" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-5cbc-41a0-b4cb-4c67950d210f", "value": "5a029e225cd1e877ac6907bac15b0d9ca8a523d8641c40b56c7e06959f2285bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-5dbc-4369-bc68-4a2b950d210f", "value": "05fb0930b553e7c3c5e8e2da59e56191e22b887dcd2d9da5b91b4927aef326dd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-26f0-423b-8190-4db6950d210f", "value": "6b960d2ff0fe601cc1223a275110f3195cc82f789db9c3225a06d27e24bc4349" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-9168-422b-9f5f-4af4950d210f", "value": "bdf0e2f23087864019f07a05a071efc3d0d5a6d8932adfcd7102ec9646d9f433" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-8f7c-463a-9111-4370950d210f", "value": "95123b3142be5d6c9a3cdbce974d10cddc4b2796e243d2f64ea9f909cb00eb29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-8af8-4916-9075-423f950d210f", "value": "98a23704433cf0aea9d340f2e420faa867e9f3961de7639be17b15c1af6a1265" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-35bc-4748-b23d-4bf7950d210f", "value": "41cd33e04e6884ec3b47ca09f0621589fd7f2be3b4afbb5b64aa21dc2e9433a6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-ce88-4850-8de7-46bf950d210f", "value": "ffbf659f15435ab3b684d61fb766ff8000819c2d2f48d29bc0b195cbf38db76f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-8c94-430d-b46e-48b8950d210f", "value": "95dbf1fdbdf2fb01923966504c378d59c4367f5848196ebd50a91e8acc454d4f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-c508-4848-ac0f-409c950d210f", "value": "6bb35ab59734e874c72d8142ff21892ecf003e0341ff689f0bee003ff8bbc324" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-ff70-479e-9617-4e77950d210f", "value": "c4ddc6723d9bd47512558929a7e39f2fbbc997f0bda8221f2349990efd52cfcb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-8d30-485d-a965-4f7e950d210f", "value": "567ed308ecd24dfd17bf249ded1d13cef9dcc5f28426970615f5dfae4e2faccc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-d4b4-4877-bce1-41cf950d210f", "value": "5868d46bd51c706f79a968ee4020810bffaed8a85a8c67a37d0c656a10a9eeba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b098-6414-44c4-a73b-4484950d210f", "value": "737444d7942052e791619adb10261afa045159ea0873ad75d6389ebe60e1325b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5df0b099-e654-46c7-86fa-4e46950d210f", "value": "08089df5cbab72ed79c09600280ffd9b54ec14f14caf87f4d67b21f683d6c2e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-c96c-4a8c-925b-49ab950d210f", "value": "09701e1be1c1d055eaa2e910e8f0086f911ff2d83f8e52c0c56c801bb65c436e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-cc94-43ae-a490-41d7950d210f", "value": "392bd63c5da49944fed61c27f75c421e5be112584b3bf3e44dd11e30a1447eab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-06fc-450e-bb94-4188950d210f", "value": "7a9f153171d49dcb8e605447c7139f12020a3ed811cdd4c138473fb7eed4d450" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-fd74-4a77-b749-4ff2950d210f", "value": "a1dce29debeaa91c77b2b14915408550d6ea9f56fb10ca17066d348759f8df20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-a0d8-4ac2-9941-4605950d210f", "value": "7da8d79c254cc1b61ac5dc49c74fcd85f6dc505e0c58bf298f757d94b03c0a4d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0a08-40b8-bbe8-43c6950d210f", "value": "3281a69666a207a4badc2a0a7344bcc94123df12f04f41191cfd5c8f1872159c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0fdc-4143-8d41-418d950d210f", "value": "606941e440a5e3c93654b8e66e697ee644582afe3bd183de8eced61219e31ac7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-4410-43e4-802c-4916950d210f", "value": "3b16a2c27a1869216641d1ae2fa122d1d62b7b2c03ccbb98b92a35c91231b561" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-64a0-456f-b401-48c1950d210f", "value": "7618269db455d174aa8854869da9a02cb85f53aafa61263e8192e0abb66e36c4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-f080-4352-aeb5-489f950d210f", "value": "d420aa432177c790f7bd9b9b2227df18098654e3e44f6042e826ce6c8ee295e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-b334-4dd6-8fae-4e6b950d210f", "value": "e9fd22631de9c918ac834eb14e01c76aa4d33069c7622daafcd03b4f1574aad0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-2c14-4009-8dff-41f0950d210f", "value": "e961b4444035266889c97a282c5cd8f36a43bde005abce430362567314dba99b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-82f8-4d5d-b473-4e0b950d210f", "value": "c792044608784e566a7d45a5ec30ea21eba7b2df2215e3f679c7564b983ccf04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-a714-46b9-b85b-49d9950d210f", "value": "8264b7930cd796ac0665159e87568b3d493449815a3a38fdbbf36ef4a732e046" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-798c-49c2-bfd0-4cac950d210f", "value": "cdbf681278068a588e3ee47089a271e8166c6c65e8d74d0a69ebf8f7d7101acc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-e24c-452b-b0aa-4d57950d210f", "value": "c8f6852d0e353fb1ed5137c0ddcda3c662b0b0d00c749c960bcfb14ea2169a97" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-22ec-4756-aebb-4ad9950d210f", "value": "117025363854052272e557414b646281517e452b228ed93ad3cabc94736215c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-18d4-49e4-aac2-4958950d210f", "value": "0b0f8310ce0800bf70fcb4b4d365066ca4080d2028a16db72b13e0682bf8f754" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0834-4bb0-bcc1-481b950d210f", "value": "bd1ecfc118a0f0c5855f28ddbda840ec5c10e138d7bd26e98984a0d17bf96fab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-6eb8-48fb-85d4-4c1d950d210f", "value": "35bb15b3e22620842ea33c5e89614edc5fe641529374c780c06c7f573c508782" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-19bc-4d8c-9a5d-4ddd950d210f", "value": "cda99d9277b3b982db98b7896280ca67dfb7e7434ef99b1a31f4de8e3faf4d81" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-12a0-4df3-a0e5-4d1e950d210f", "value": "eec5855647c376dd2e363d18cdc499d5cb525ee2ca1f62335336d5c13711443c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-1d7c-4274-a177-4682950d210f", "value": "2e780ffa83a09b488f02216b24c69b89b3bf8b7401cbd7551f10e3e082f1711d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-91d0-4623-93c9-4b39950d210f", "value": "f0c31f19ca1159657e2777c50ce5e1c6c4247b50da33300694bf4f2c7287f01b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-d870-4924-91e0-4312950d210f", "value": "7e2655a5c74222e7699ad465b71cd960bee5cabb40059000128c9f669be95fd0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-3514-43af-95db-49d1950d210f", "value": "5c12654e62f6b7038e594dfa85c75e5be6bb55010c29ddf16f37fa6e525a832c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-b948-408c-b7e1-4da3950d210f", "value": "afac782d2ac572e3763afcda9f1aa61074b2f74b08a2db0fe6d539462873e81a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-9e80-428e-88e4-4655950d210f", "value": "19c9a16ba965f9ee777c8364b59cdaa21a82d69b742474023954d4bb43f78710" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-5434-4897-bd5f-4d0d950d210f", "value": "22f85d3891c4d59ed5276852118311c54779f86a4cb0a10fc98eadae96cebe20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-eef4-48c5-9e3b-4aa2950d210f", "value": "09e6f6ef125c7ce41a07b72f6bb16ca3036de4c309d864f2fe1d5eebd4a01b4d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0dc8-41b6-a2a2-41dc950d210f", "value": "46f95e54a2156bc1109e824ea098af8a7495d00bb7375fb183d384ce23e12915" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-8154-42c6-99d4-45e3950d210f", "value": "67d6299bf2670476be5dddff75af12aa5151f94f7544334dba5ce5bbe8598f35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0cd8-4516-9a36-4be3950d210f", "value": "0e33e8bc0c064806d70900b210d5590393a3fd3e6450720f137adaa55366ec68" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0718-4afb-951b-40f2950d210f", "value": "2dc1d4732a00142eabecb7d91bef13580620210e8376114dbe5d4ae1e67a1052" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-2e38-4c0d-8799-4930950d210f", "value": "75b9d0e27a84949cab71ffe158f026f88afc72abeb7c1fa25d8e78bd7a13c6ce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-160c-4f4f-9e5e-4a2a950d210f", "value": "6013c5cdd7fe8b15004ba4646b453faa61fd313ad9a00bf7d82ddbda658058d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-0980-45ff-a721-45be950d210f", "value": "9be8d48ac5d6d49b306802ae9f5fc4a1e2de1feb453f4c1c49f64002548b0c9c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-1884-43ae-b171-461e950d210f", "value": "dafad7a4563e41c8b38e000508a54d7189246bb50a1bd021dffab164bfa79876" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-585c-4ac3-a65e-4a3c950d210f", "value": "320e2d51ca5e8c806b798a6024cf56fa07978536ffe90fbe1c24c3e8715bb935" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-20ec-4349-80b0-4ea3950d210f", "value": "66b07500943b483ace74a8d7a2da84d8b80ed3bd176af7ade8fde076b3095604" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-adb8-4535-a824-400b950d210f", "value": "dc0c06608a9d7c44ed27d16bc64d75ae72c31d14135440208d36fafa5220a76e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-9b38-4e0e-8ab7-4447950d210f", "value": "2533737ccf2178f94a0b69666d5194343b09786e046134d58f047913169c9444" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-5c78-4703-834c-4807950d210f", "value": "24e3fa3fb1df9bd70071e5b957d180cd51bcf10bab690fa7db7425ca6652c47c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-8d54-46a1-b2e6-44d8950d210f", "value": "611cea5f84c2c74b0e6261ffe4e2fb4bc138ad16a526a618f7b68956aad54dda" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5df0b099-8a40-40f1-ae5e-4daa950d210f", "value": "a9b0c8015f4447c5df40240d10bdbc79ea7380f7d6ebf8020b0ae03e4a0a708f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "5df0b09a-7004-4ab6-9515-42e1950d210f", "value": "9abc76cbab014199ecb4282d0a367017779ffdb76ba826d37efd2eec2f037bc2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "5df0b09a-80d8-432a-8c8a-4766950d210f", "value": "eec7aed0cb872dbd71dc0f372f1794ae7f43daada3de62e3e6a221919ebaf220" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "5df0b09a-19c0-4371-b268-4ec9950d210f", "value": "039440d34b6c33b0bd94807103670232b93b4660d5b0e7a3762bfb6876bb5f6e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "5df0b09a-7428-4036-ac5d-42aa950d210f", "value": "7bbd5336a9e203070e55890136006d4c41d4b87fa89986600b11669a15c0dad2" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1576055979", "to_ids": false, "type": "link", "uuid": "5df0b4ab-fe28-468e-ac6a-98e1950d210f", "value": "https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt" } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055310", "uuid": "53843aec-5e04-4543-94b0-bb3fa5395712", "ObjectReference": [ { "comment": "", "object_uuid": "53843aec-5e04-4543-94b0-bb3fa5395712", "referenced_uuid": "b406bf9c-4d7b-47b6-a576-ebdbb551bafc", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-6d04-4b73-be45-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "6a8836d5-d82d-410f-942a-d1201173c500", "value": "831dce08e00a9548811e039bda14599a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "2968b76c-dfcc-48c8-9210-a1912a07a73b", "value": "00247401fca046862139359be9defe3b6f7c2cb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "1949cbb0-1c1a-49d2-a9e4-a9b0fd10f29e", "value": "f91303fcbb2e2397529987732c7922911381169d16f113752cb1cd9e1382794a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055310", "uuid": "b406bf9c-4d7b-47b6-a576-ebdbb551bafc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "f2f5ae0e-fce8-452a-8fcb-519341748f5b", "value": "2019-11-10T22:40:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "674bdd80-bee1-4fae-85fb-7a21e6a213bf", "value": "https://www.virustotal.com/file/f91303fcbb2e2397529987732c7922911381169d16f113752cb1cd9e1382794a/analysis/1573425651/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "de6cbab4-30e9-4065-b210-3c20eef779e1", "value": "35/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055310", "uuid": "45873b32-efb8-4b5f-8a53-212212b36a39", "ObjectReference": [ { "comment": "", "object_uuid": "45873b32-efb8-4b5f-8a53-212212b36a39", "referenced_uuid": "c3b3b92e-5eb7-4d9f-8337-11db8eb78ea8", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-c1a8-4c26-88b3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "169eb43d-356c-45b5-a05e-112520080cc8", "value": "54d8c20c40830b3affca7541bf4aa536" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "13584af0-678e-4dd8-b39c-1112535ac7cf", "value": "8e622d39e79d9316032f03cf571099f101bc4d09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "2dcd214e-618b-4f9d-9d07-078cce959330", "value": "48dfc838c038dff2aef79334e74f1da28d92166ef03f46df2bead9bdd467d307" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055310", "uuid": "c3b3b92e-5eb7-4d9f-8337-11db8eb78ea8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "5d12dd26-bd2d-4705-be6b-7c4c1a0ba807", "value": "2019-11-24T16:23:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "456718a5-9704-4aeb-9ce4-26463f4c5008", "value": "https://www.virustotal.com/file/48dfc838c038dff2aef79334e74f1da28d92166ef03f46df2bead9bdd467d307/analysis/1574612598/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "d83bb7db-c2ae-42a5-87df-a68f328b2224", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055311", "uuid": "6af81f2d-c191-482e-bdf9-3a203e914d02", "ObjectReference": [ { "comment": "", "object_uuid": "6af81f2d-c191-482e-bdf9-3a203e914d02", "referenced_uuid": "e67a5294-4b42-4ae7-9990-7a8a00e63c15", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-34ac-410c-9705-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "404b7cc7-0c5f-4eab-bd2a-e55b5d45eb19", "value": "7a791f712de9064777ca375678700eae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "57facb7e-e00c-43a2-8829-a82a38590815", "value": "5551bddba448769ac841f52a6f748f8ce5eb1b5d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "f1f4c116-b3a1-4739-b1ce-84b6f2a1abdd", "value": "8ad4e1140aa7ad266673028013858417d24c302e8103fc8eac538d14e06418e1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055311", "uuid": "e67a5294-4b42-4ae7-9990-7a8a00e63c15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "e6f1bddb-e277-4519-94d9-4cdafe88347a", "value": "2019-11-15T13:21:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "cb199f1b-f7ec-498d-a350-e6ec46ea7d4a", "value": "https://www.virustotal.com/file/8ad4e1140aa7ad266673028013858417d24c302e8103fc8eac538d14e06418e1/analysis/1573824087/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "93d13cc0-1bfe-4048-9bef-452eb5aa1b92", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055311", "uuid": "e3f8e0b1-5829-46ac-9a3b-b18e4bbab0c2", "ObjectReference": [ { "comment": "", "object_uuid": "e3f8e0b1-5829-46ac-9a3b-b18e4bbab0c2", "referenced_uuid": "085b8738-a4b2-48d6-932f-9d31960d6f2e", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-abf0-41ef-b479-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "1ae1a792-6d85-41c3-8791-3f8fae3b7bb3", "value": "3ab6cf21b0d7273bec5d7f3b2a0c7c53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "2e9b9666-0df1-4800-9630-0967bff54445", "value": "338a11011b8ad329bb6f4f7ca84705d334fab58d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "2c5384db-d63e-4dc3-b7d2-4c99fcb022c6", "value": "3c6e8b9cadbf7611aab1fbacfd54053a78bdcf49265eee02394c17bdcaceb5aa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055311", "uuid": "085b8738-a4b2-48d6-932f-9d31960d6f2e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "48db687f-cf36-421e-a17b-1c6c0899036d", "value": "2019-11-17T05:21:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "43a09b07-7f6e-4987-8ec9-4671bb56dc44", "value": "https://www.virustotal.com/file/3c6e8b9cadbf7611aab1fbacfd54053a78bdcf49265eee02394c17bdcaceb5aa/analysis/1573968102/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "5533fe22-9dbb-4156-8561-2c5c9cbb6fa9", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055311", "uuid": "5f42c00b-7637-4194-ac20-42251320a11f", "ObjectReference": [ { "comment": "", "object_uuid": "5f42c00b-7637-4194-ac20-42251320a11f", "referenced_uuid": "70aee2bb-57f7-4a3a-adfa-e0f9c7161010", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-5dd0-4dba-9c55-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "4bd3aad8-06c2-4f54-82f2-a897bf964265", "value": "142f7785c2e28fd6454b367f918f7ee2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "7e455a7a-b23a-4350-b3b8-fd5f31d7ed7d", "value": "6d0831ef4dda029f3edd3bedaf6c3f7aaaec8752" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "24c8e5a3-4cb8-48d3-85a6-70872f88b18c", "value": "0e33e8bc0c064806d70900b210d5590393a3fd3e6450720f137adaa55366ec68" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055311", "uuid": "70aee2bb-57f7-4a3a-adfa-e0f9c7161010", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "489cfe00-8c7d-4b71-a80e-d2921facf603", "value": "2019-11-05T16:20:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "1ef955a3-c3cf-4694-98bc-b22ba5fc29f3", "value": "https://www.virustotal.com/file/0e33e8bc0c064806d70900b210d5590393a3fd3e6450720f137adaa55366ec68/analysis/1572970811/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "cdd93f13-9d6b-4b7c-b382-1708051c685d", "value": "29/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055312", "uuid": "57218619-38a5-49ec-866b-28d99faec70f", "ObjectReference": [ { "comment": "", "object_uuid": "57218619-38a5-49ec-866b-28d99faec70f", "referenced_uuid": "464709b0-9fd5-4f9b-a968-04d1f3e133e5", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-d584-4c6d-bf0b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "23568ad0-b124-4936-92b0-8ff3f950968a", "value": "8a97f2838cfacac27a436c8e5b972b10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "c1cf6164-8319-438d-ad65-575c1f7cfb04", "value": "8ef0a73ae5b34c615fbc37983382d883fe2baf80" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "47fa4e65-adb5-4995-9056-3c3682b455ac", "value": "c72f5072c7aea97e0bf562953dbd10743bb5a981d6a0baf88ccf28c881ad1435" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055312", "uuid": "464709b0-9fd5-4f9b-a968-04d1f3e133e5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "a66c75c4-82b8-48d2-9754-8ba6acc89471", "value": "2019-12-09T12:54:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "8bc1d41a-f349-461b-a89d-dfe436a711d4", "value": "https://www.virustotal.com/file/c72f5072c7aea97e0bf562953dbd10743bb5a981d6a0baf88ccf28c881ad1435/analysis/1575896060/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "8b0502a0-b6c2-42fd-825d-2e9afc6394b5", "value": "58/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055312", "uuid": "50f17323-e87a-471c-8d6e-de6e49ec3832", "ObjectReference": [ { "comment": "", "object_uuid": "50f17323-e87a-471c-8d6e-de6e49ec3832", "referenced_uuid": "0bd39994-6fa8-42ab-8327-3ac615d55235", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-70d4-4a2c-871d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "ca7da3bd-4f34-4c1b-b85f-3df9d526ed01", "value": "81699cab7013b21e81596d8f2b8a1b3d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "78fbc6ab-54fe-4451-864e-96fce2116e41", "value": "17d561ce0944e7b96d749b927b3550877fbd24e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "e0c99485-0ee2-4a91-8c6d-aef310cda2fa", "value": "87416ee1c0634db27523e23e9a62a0d934dfdd328b0e0a1131cb44007326859e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055312", "uuid": "0bd39994-6fa8-42ab-8327-3ac615d55235", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "76e7c5f8-9c4e-4a51-893a-86f18d0bbd92", "value": "2019-11-12T05:27:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "f57c487f-80d5-4051-bf5c-f3d8e7150f62", "value": "https://www.virustotal.com/file/87416ee1c0634db27523e23e9a62a0d934dfdd328b0e0a1131cb44007326859e/analysis/1573536462/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "fcf3ff7f-779e-4dc3-af3c-4fae7bf75792", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055312", "uuid": "ad04c4b6-3c89-40e1-8311-010c91a8dafb", "ObjectReference": [ { "comment": "", "object_uuid": "ad04c4b6-3c89-40e1-8311-010c91a8dafb", "referenced_uuid": "760bc727-d819-47ad-a487-f06db213eec0", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-b1cc-4984-a482-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "582611a7-780b-4d5a-b07b-9ff29f2a663f", "value": "0266136b6d57d493aeb25bcf6f977367" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "8f25904a-f3fa-4031-a23b-3b6c34d51213", "value": "2ddac7d27f6d197997df4930b8532f627ae23f08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "de73e749-d773-4c19-aa6d-be350df87f7a", "value": "1490120495ea192eda1987907729197bbcf56f3826e0f0406b545e52a8c69373" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055313", "uuid": "760bc727-d819-47ad-a487-f06db213eec0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "05501ea3-13da-4941-86ae-6a96102707c3", "value": "2019-11-21T10:42:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "8cadf61b-ed47-4c07-a189-a421ca0b8fb1", "value": "https://www.virustotal.com/file/1490120495ea192eda1987907729197bbcf56f3826e0f0406b545e52a8c69373/analysis/1574332925/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "84be4bcb-1c60-40c7-b8e9-64581031b513", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055313", "uuid": "5286af70-d331-4220-989d-b7ad41f09013", "ObjectReference": [ { "comment": "", "object_uuid": "5286af70-d331-4220-989d-b7ad41f09013", "referenced_uuid": "93bac262-1ef6-43de-99a7-a78933bb4cde", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-0dec-46c5-a915-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "d9816eea-048e-4b4b-aa97-ebed795fbe99", "value": "fc5684422aa14dde50f4903a5d48e21e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "ceb093d1-d85f-4b6e-b370-ed15c040232d", "value": "030cc677d648be7f2c9d91099c84570f1461cc50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a504cc55-0d26-483f-985b-186bc1b1e0c6", "value": "46ed1b8f223e4eebcda42b873dced8e19e25c769214494c785a762bb218ffa5e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055313", "uuid": "93bac262-1ef6-43de-99a7-a78933bb4cde", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "22838e9b-c327-495b-849d-23bc7c1b177b", "value": "2019-11-15T13:26:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "4310c059-a177-4c4b-9ffa-162f863aacd8", "value": "https://www.virustotal.com/file/46ed1b8f223e4eebcda42b873dced8e19e25c769214494c785a762bb218ffa5e/analysis/1573824368/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "7eb162b4-13df-4cef-b5ce-bdf4a388da51", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055313", "uuid": "027e0da7-33d3-4dd0-8368-8f321e6b1172", "ObjectReference": [ { "comment": "", "object_uuid": "027e0da7-33d3-4dd0-8368-8f321e6b1172", "referenced_uuid": "067e4870-d444-4651-b5df-a2b914aa08d4", "relationship_type": "analysed-with", "timestamp": "1576055854", "uuid": "5df0b42e-c928-445c-bac2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "b64cd738-becf-4506-a8c7-8b28b1aa40c8", "value": "f7df083c28f35bbc8e70b7cda97f366a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "e7d1e140-06ff-4c91-9199-18e0a9d9531f", "value": "32c64363bc9d0a39b41cbc132e1089f517112be6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "8cb57066-d3cd-447f-95ad-667e7a94ea80", "value": "f506deabc2b7589292aa8af68f7dd8de7326cbfa529d4a8f260dbdc0dd7126a0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055313", "uuid": "067e4870-d444-4651-b5df-a2b914aa08d4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "8463d595-0fe4-469c-b7ce-d64b0b62d994", "value": "2019-11-29T09:22:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "ff0108b9-6744-47c5-b9bb-ff7134e571a9", "value": "https://www.virustotal.com/file/f506deabc2b7589292aa8af68f7dd8de7326cbfa529d4a8f260dbdc0dd7126a0/analysis/1575019320/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "6e9133af-4deb-4687-ba6f-2c8886da32f5", "value": "55/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055314", "uuid": "155337eb-25c5-4eac-b29f-97bac3db5c2b", "ObjectReference": [ { "comment": "", "object_uuid": "155337eb-25c5-4eac-b29f-97bac3db5c2b", "referenced_uuid": "cc9f22a2-f853-4d5f-947c-d4942c4eff15", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-fda0-47c9-9d0f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "2106e799-6fff-4a1a-807f-31bab6a2e630", "value": "362272c10984c2e7eed26b2a964b9d92" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "0298392c-16fa-4e83-bead-028c9bfd83a9", "value": "f5425e9f92e8a098c1765022e7f2a9f936fa6f08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "c8abe7d6-b079-497f-84a2-63a6aa9dee58", "value": "f590bb5912105c0a4a8668dd7a88565c7dd7af5a4efeb1592d386337126f0af9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055314", "uuid": "cc9f22a2-f853-4d5f-947c-d4942c4eff15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "2034327d-10b5-4a45-92fb-1db612dae527", "value": "2019-12-01T05:02:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "95eb90ce-c49e-4507-8dc9-eea56d81af77", "value": "https://www.virustotal.com/file/f590bb5912105c0a4a8668dd7a88565c7dd7af5a4efeb1592d386337126f0af9/analysis/1575176562/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "52377067-50b2-432d-85a0-f33789a07273", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055314", "uuid": "c874f5bb-748d-4b33-961f-21eb9c2d12fb", "ObjectReference": [ { "comment": "", "object_uuid": "c874f5bb-748d-4b33-961f-21eb9c2d12fb", "referenced_uuid": "315bbda1-95cb-4da9-9452-f9cc93338e8e", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-ef68-4642-bd25-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "3f8c3f3f-d355-41e1-b276-3049b8f2dd73", "value": "6187a7a3b40287a78b46c079cb019f95" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "07844a23-c72c-4d40-b24a-ae5ebdc0d677", "value": "fa7db7e8128b6dbe4ce4dc863ad066df16e5c020" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "86664cd4-9066-40e4-8901-77215eba32cf", "value": "b91401f6ce92f63e1994669b0446261f10cec30633a57e6a14c583c52f16507b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055314", "uuid": "315bbda1-95cb-4da9-9452-f9cc93338e8e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "9007bb42-e839-4a9c-baa7-e34739f105c2", "value": "2019-11-16T08:40:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "9ea872ee-a6fd-425f-a5ed-dbd2b6e0c72c", "value": "https://www.virustotal.com/file/b91401f6ce92f63e1994669b0446261f10cec30633a57e6a14c583c52f16507b/analysis/1573893613/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "dfb1674d-ba92-441b-a96c-fa0ac0fd0f46", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055314", "uuid": "01a37991-491c-4dac-ac7f-f843b2467e3a", "ObjectReference": [ { "comment": "", "object_uuid": "01a37991-491c-4dac-ac7f-f843b2467e3a", "referenced_uuid": "163a4d7b-ba77-4981-980e-8223237f08b4", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-19d4-4ed8-956b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "84bc0b20-dd73-4a18-9dc9-3ff74fd86741", "value": "966133c5121cb6d568da42adc9f1df3a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "4f754a5a-02be-4e9c-a0a6-8186b85ebfc0", "value": "c8f563c44c580dec4e4c47a9c363167ea48eaa02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "2dd0afd3-df4a-44fd-bd7b-a57809fb1fd7", "value": "20f68227ad461fcff097a135fe39b6c1a9fcb5711d7b9e94830a3233e1ea3fdb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055315", "uuid": "163a4d7b-ba77-4981-980e-8223237f08b4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "6c74460e-ee19-45dd-87f0-d4938fee9525", "value": "2019-11-21T10:25:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "a73f5039-796c-4784-bc6e-cc45891f5d6a", "value": "https://www.virustotal.com/file/20f68227ad461fcff097a135fe39b6c1a9fcb5711d7b9e94830a3233e1ea3fdb/analysis/1574331918/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "d4b95a1f-41f8-4206-aab1-707b707ff763", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055315", "uuid": "70891908-cfa1-41b1-b79e-44d3aa835e33", "ObjectReference": [ { "comment": "", "object_uuid": "70891908-cfa1-41b1-b79e-44d3aa835e33", "referenced_uuid": "49c2af30-879b-40e0-bb29-8c7c4f36a98a", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-f6e8-445c-b84e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "b52989c2-ad62-41f1-a23f-c5aaa204cccd", "value": "5798fe99feb2dee41138a4fa75bfb34b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "a391c852-4235-4e37-881c-0c09fd4c9273", "value": "2a6c0d4238f28321f08e914fe299cd582eb19a74" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "4e5c49bd-db98-4bf6-80ae-4632a00d471f", "value": "19ef2012b0ef2026959bb8eb5f921238d42b7e82dd298443ae21debf1e3e85d6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055315", "uuid": "49c2af30-879b-40e0-bb29-8c7c4f36a98a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "64dbcb4d-7dec-4c01-a5cd-204b5375dfae", "value": "2019-11-10T22:42:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "2cc838ae-8590-40eb-b701-538416e9c5f0", "value": "https://www.virustotal.com/file/19ef2012b0ef2026959bb8eb5f921238d42b7e82dd298443ae21debf1e3e85d6/analysis/1573425738/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "dc3ddc2a-6de4-47fa-84a1-2152c3117b0b", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055315", "uuid": "1ff7bd52-ba3a-4e0d-98d8-1d1fad5c169c", "ObjectReference": [ { "comment": "", "object_uuid": "1ff7bd52-ba3a-4e0d-98d8-1d1fad5c169c", "referenced_uuid": "8e6ae9bb-6a42-45ac-8a6c-463adb7b41ca", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-b118-4155-b2bd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "3887fffb-d289-4217-a5b1-c38d8dd38c63", "value": "ef32bf654c7fb763b9c34b8d6f86f24c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "461db960-5f21-4c7f-b3ed-fa39e59e65ad", "value": "72a1346d6df379270390bcc968c5b5ab939d2f45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "a384d2ee-9936-4e48-82ab-4beececdaa20", "value": "257c041313c04b2dcf175ebe5cc874d0ce9aa4bad93e817279f4dc332aa09420" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055315", "uuid": "8e6ae9bb-6a42-45ac-8a6c-463adb7b41ca", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "763b1c1d-babf-4a5d-bf69-a43d621dc54a", "value": "2019-11-21T10:29:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "13e0190c-2ec1-41b4-b4e4-358c583acc32", "value": "https://www.virustotal.com/file/257c041313c04b2dcf175ebe5cc874d0ce9aa4bad93e817279f4dc332aa09420/analysis/1574332193/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "25b98736-62ef-4b5f-b811-8028cda6f6fd", "value": "48/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055315", "uuid": "02ca4e6e-8ca4-4d3e-a582-9f0c30fcacba", "ObjectReference": [ { "comment": "", "object_uuid": "02ca4e6e-8ca4-4d3e-a582-9f0c30fcacba", "referenced_uuid": "8e2cbb96-0ef2-4953-a62e-2b6348c450f7", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-3e58-4967-b227-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "d7ab847f-8f95-4cc7-b849-be0c9a05cc71", "value": "14ef7bbe014798d557fcbc5dcde68543" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "16135a53-32d0-42c8-a255-2d68c77fa3cf", "value": "5351b12f784e26e62062968a057cf8ce324afaa4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "fa65f90e-d12e-4210-87a0-1e98815722a5", "value": "6c083b167fbd3ed5290c6dc8e31c11e9b44bb8fd0e8386bde654cce5151ffd8a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055316", "uuid": "8e2cbb96-0ef2-4953-a62e-2b6348c450f7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "c5b385b7-feda-45e3-97fe-81a680e9d412", "value": "2019-11-17T10:15:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "af430373-49ab-4204-a390-699fb4e8d6f8", "value": "https://www.virustotal.com/file/6c083b167fbd3ed5290c6dc8e31c11e9b44bb8fd0e8386bde654cce5151ffd8a/analysis/1573985719/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "243629c1-5c51-4d3f-874a-21f1fb75728a", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055316", "uuid": "6492648f-3b49-431a-b533-f9672d741ebf", "ObjectReference": [ { "comment": "", "object_uuid": "6492648f-3b49-431a-b533-f9672d741ebf", "referenced_uuid": "ea818a51-b19b-48eb-b3ef-3e7471105ffe", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-0f74-4fc5-a8cb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "5dc13f72-8506-499e-9262-377136bbcf65", "value": "9ab7540ba4e82c25b2732c062f0aaba5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "2eedcbdc-6aa0-446f-b0a3-c8afcc05279d", "value": "21e3f3ce763e96081e9c3233d1fe9a6cabfcf1e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "c2f01524-14c6-4a77-a6d2-82f0926b9146", "value": "65eeca9512dd349debcb48151fa859e1b3c02d1e533d07fe6d4b6cdc465aa43e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055316", "uuid": "ea818a51-b19b-48eb-b3ef-3e7471105ffe", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "c834309a-cf86-4e23-be9a-0818eaa7efc8", "value": "2019-11-22T00:58:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "06968159-f42b-4e15-9ac7-b6dcec85f96c", "value": "https://www.virustotal.com/file/65eeca9512dd349debcb48151fa859e1b3c02d1e533d07fe6d4b6cdc465aa43e/analysis/1574384316/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "af7820fa-3157-4ace-9c00-0f2a4a65452e", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055316", "uuid": "c656aef6-991d-45da-821d-0e7a06b83a6f", "ObjectReference": [ { "comment": "", "object_uuid": "c656aef6-991d-45da-821d-0e7a06b83a6f", "referenced_uuid": "061414cf-10d9-4cc7-a728-49ae97e09078", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-dbbc-4498-bccf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "3bcd3f2b-dc88-453e-a995-80d4b1cee29b", "value": "d28230a17424ece4a447fa58a87dd2c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "28800b1c-82a1-43e8-b046-67d14b900ade", "value": "f05f0257b7aaa62d0a4f469e632ed5b7b2d66236" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "3563275c-28f6-48e2-97ac-3423dde7a698", "value": "f41ed53c0c864b4d60da5f6a8e31a1bad43d48fad76f39f36c7d351c401eed5e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055316", "uuid": "061414cf-10d9-4cc7-a728-49ae97e09078", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "6100c0a6-d720-4e98-b26b-466d1864043e", "value": "2019-11-29T06:40:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "2c87f06d-1697-4019-bbd2-1169952bc28f", "value": "https://www.virustotal.com/file/f41ed53c0c864b4d60da5f6a8e31a1bad43d48fad76f39f36c7d351c401eed5e/analysis/1575009633/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "7efba4e8-0be7-46a1-8f7e-ee942f4ea47a", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055316", "uuid": "c8200800-2b59-457b-9fcc-51aa49b1140f", "ObjectReference": [ { "comment": "", "object_uuid": "c8200800-2b59-457b-9fcc-51aa49b1140f", "referenced_uuid": "8f90af4f-a996-4a90-b933-4f22270b2ee9", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-3f98-4aeb-b885-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "f149d5be-e660-452a-87ff-ea83a14baf9c", "value": "6237f17efaeba1906f5a8c795fb72103" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "38a15495-05f9-4adb-8a04-c0a16d352d6b", "value": "cafe1943851a7d3b55cc81983997b9e672f51a91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "505a41d8-5c50-4247-b59a-ba2473cd43b4", "value": "efd75086b9da41dc65da3f002610280f83a7a9a188dfc2cd3b43228b3107cd46" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055316", "uuid": "8f90af4f-a996-4a90-b933-4f22270b2ee9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "48b01ed9-2b9d-400a-8bf0-e7345d557c32", "value": "2019-11-12T19:48:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "e2e8c235-f436-4af7-810d-096713ce878a", "value": "https://www.virustotal.com/file/efd75086b9da41dc65da3f002610280f83a7a9a188dfc2cd3b43228b3107cd46/analysis/1573588128/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "8b2db87e-3d4e-4aa2-bba5-1b2843256b6a", "value": "29/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055317", "uuid": "d48c1dad-ab04-4faa-8840-925beae7eabd", "ObjectReference": [ { "comment": "", "object_uuid": "d48c1dad-ab04-4faa-8840-925beae7eabd", "referenced_uuid": "242c1ceb-f1ec-419a-8003-5c4d20c7a000", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-9028-471d-8e3d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "c811a009-27f1-42fc-8575-58ffecb386dc", "value": "9cd5457b99dc1d8f584725a611d34a05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "1f5ff443-0cf1-49be-951b-c8f277a4b1cb", "value": "b8f7e3b8e5777bcef1b96cc274d241b296f307e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "9eec7502-fef4-4864-857b-743d762fecd3", "value": "8d32f91d955cd2b85d657cab932431097edc4b52aadf51e5e25d5eccc761132c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055317", "uuid": "242c1ceb-f1ec-419a-8003-5c4d20c7a000", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "628f0bfb-3984-45ff-87df-8cc7bea744cb", "value": "2019-11-24T16:20:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d321ce00-264e-4194-a10f-5c3da77ed21a", "value": "https://www.virustotal.com/file/8d32f91d955cd2b85d657cab932431097edc4b52aadf51e5e25d5eccc761132c/analysis/1574612423/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "f52f2c9c-2f32-419f-bf93-c5235d24b455", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055317", "uuid": "89372313-0fe3-43a5-8330-72763405d433", "ObjectReference": [ { "comment": "", "object_uuid": "89372313-0fe3-43a5-8330-72763405d433", "referenced_uuid": "56af0e8a-886b-4f36-9fad-f8ea6169b387", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-f3c4-4cb9-809a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054852", "to_ids": true, "type": "md5", "uuid": "1d687ef6-9543-462d-9eab-d45a76ae16a0", "value": "85bc7b1a2a3a7608c6a0906c06592a34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054852", "to_ids": true, "type": "sha1", "uuid": "7035e444-c53f-49a3-b882-b96f72f2f88b", "value": "82900010aa9585ff008b2f1bb038b81dcb8b1914" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054852", "to_ids": true, "type": "sha256", "uuid": "8bc83c14-0003-4393-9a3c-aae110a1aa64", "value": "aa4e6432312438a82dd9e4bfe897f915a2766ceb9dceee6c24ceed5bde6b4416" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055317", "uuid": "56af0e8a-886b-4f36-9fad-f8ea6169b387", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054852", "to_ids": false, "type": "datetime", "uuid": "6caa3306-9696-44e1-beef-ddae9bfcb846", "value": "2019-11-17T02:04:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054852", "to_ids": false, "type": "link", "uuid": "d90cc7e5-e8ab-482e-83dc-5d3d3f7d9a5a", "value": "https://www.virustotal.com/file/aa4e6432312438a82dd9e4bfe897f915a2766ceb9dceee6c24ceed5bde6b4416/analysis/1573956285/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054852", "to_ids": false, "type": "text", "uuid": "f7590821-9c36-408d-88bf-dffe00e5c38a", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055317", "uuid": "2d361394-c14b-40be-b1a4-1dce3e6fc98a", "ObjectReference": [ { "comment": "", "object_uuid": "2d361394-c14b-40be-b1a4-1dce3e6fc98a", "referenced_uuid": "ceeffab8-c4fd-4b76-a34a-6c1cb8f713dc", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-7b08-4047-93bd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "b688cb39-382e-4f74-b78d-7b0527a60fb1", "value": "80926b5e1a00d0121f2fd4e4a09b4a06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "3f3483f7-25e2-4f90-89da-5cf38cecfcd0", "value": "180cdbcac354e49137e522fff02af63e913f0860" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "882d0edd-8734-4148-adf3-0eb35f8f5d6b", "value": "71c60050983f8b37c3be0b0da31521992ed69d60a89e6fe97de67c437fd22302" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055318", "uuid": "ceeffab8-c4fd-4b76-a34a-6c1cb8f713dc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "b6e8b6db-ff5e-44d5-9bf1-8d6a24c43850", "value": "2019-11-04T17:35:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "2346b48b-88b0-4e20-903f-44fd23885066", "value": "https://www.virustotal.com/file/71c60050983f8b37c3be0b0da31521992ed69d60a89e6fe97de67c437fd22302/analysis/1572888953/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "87b45a40-1b7b-47f7-8051-c4e3b994f33f", "value": "9/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055318", "uuid": "d462d433-a3a5-4699-bb8d-843a484d999a", "ObjectReference": [ { "comment": "", "object_uuid": "d462d433-a3a5-4699-bb8d-843a484d999a", "referenced_uuid": "38ac9306-a074-4133-bb49-8d893dec7e1d", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-0488-4fc7-a67e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "3fa712b1-9433-4983-9e5d-6cd071f970fa", "value": "ee060fb16502ac82e82e3c7f77c514cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "143125e6-7a96-4279-afce-4a2a2f5b25d7", "value": "65ed88ec7879d9ed11cd1a580a3c78178357be11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "95b58639-f938-4294-b536-9ed87767881c", "value": "0ae75dac0dababdb13ebf9efadedf18c5bae3c09d919ea956e578b60e25725a5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055318", "uuid": "38ac9306-a074-4133-bb49-8d893dec7e1d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "08b8e379-7bbc-4084-855f-f64a3757cef0", "value": "2019-11-26T15:00:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "362f9535-f31e-4515-bcbe-9beb825eb200", "value": "https://www.virustotal.com/file/0ae75dac0dababdb13ebf9efadedf18c5bae3c09d919ea956e578b60e25725a5/analysis/1574780446/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "6a1b48a8-c4f4-4bb9-ad18-e2f26274041f", "value": "53/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055318", "uuid": "9f3fb18a-fb74-4e6b-ad53-544f17fd557c", "ObjectReference": [ { "comment": "", "object_uuid": "9f3fb18a-fb74-4e6b-ad53-544f17fd557c", "referenced_uuid": "9e2f72ad-7487-4fb2-86fa-3e9e22d31800", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-a2b4-4923-a504-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "6a10716b-45ca-4146-a579-af6e98379882", "value": "8996b98d4a0217d2f2a39d7e1396d52f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "6d06a301-1c53-47d1-8df5-a1ddc88252ee", "value": "5caac908eb60db938dca24f988a17be9c2ac5964" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "7ffbe7ba-8ef8-47a9-97d8-8f7f70778533", "value": "e258a486f192d62e58b5cb4dc903579ca62f5eea504962892869b479de7ba71a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055318", "uuid": "9e2f72ad-7487-4fb2-86fa-3e9e22d31800", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "53d7b6fb-0643-4d3c-bae5-0f013ff013fa", "value": "2019-11-21T10:32:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "a921579e-1892-4c0e-9ba0-00303a457fa8", "value": "https://www.virustotal.com/file/e258a486f192d62e58b5cb4dc903579ca62f5eea504962892869b479de7ba71a/analysis/1574332377/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "5b61dcae-6947-4215-8388-718580dd34a5", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055319", "uuid": "d8262582-33c8-4944-93fa-479041980c74", "ObjectReference": [ { "comment": "", "object_uuid": "d8262582-33c8-4944-93fa-479041980c74", "referenced_uuid": "ce967ff0-32cf-48aa-9880-d6e42b44c466", "relationship_type": "analysed-with", "timestamp": "1576055855", "uuid": "5df0b42f-0070-46e1-afe0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "bde0d22c-5892-4dbb-9c1b-38103544ccd1", "value": "c9833227d4938f31907ec02af5cdfc84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "b18e975d-887a-4b98-a897-e85d7d65d5c0", "value": "c1998d45f11e717667311e972d15d2cf3acb9ca1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7db8f253-d1c1-4874-a342-6e8ef51b0170", "value": "79efc9b5853a3beacbcc3e183e810d34b2745e3cbd74dc6533cb595a09d1ebc9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055319", "uuid": "ce967ff0-32cf-48aa-9880-d6e42b44c466", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "e5036613-aad1-48cf-a658-6cb48d60251e", "value": "2019-11-21T10:40:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "87f6520c-362b-41cf-b8ff-6448b591103f", "value": "https://www.virustotal.com/file/79efc9b5853a3beacbcc3e183e810d34b2745e3cbd74dc6533cb595a09d1ebc9/analysis/1574332850/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "04996484-1d0d-4b49-b547-aa460b18b270", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055321", "uuid": "28d13118-1a57-4449-be04-397881739a86", "ObjectReference": [ { "comment": "", "object_uuid": "28d13118-1a57-4449-be04-397881739a86", "referenced_uuid": "c037b8c4-36c0-468d-8a99-21a5b6619a15", "relationship_type": "analysed-with", "timestamp": "1576055856", "uuid": "5df0b430-9630-42a2-9472-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "018ed37b-a3e0-4659-bbe9-3955061ed006", "value": "87fcf1fd834a3476de7b191e0df9de22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "fbf748b1-6bf8-4f93-8343-598df37ed42c", "value": "f83e29de6ce2017ff19817a969aa180c2ee678ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "f2548279-9bf1-464e-bea4-7f431d40c22c", "value": "46f95e54a2156bc1109e824ea098af8a7495d00bb7375fb183d384ce23e12915" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055322", "uuid": "c037b8c4-36c0-468d-8a99-21a5b6619a15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "a5defd29-7dcd-427d-8a4f-28a9ec747581", "value": "2019-11-04T20:47:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "896be694-0cc1-4d9c-897f-59927c84e87f", "value": "https://www.virustotal.com/file/46f95e54a2156bc1109e824ea098af8a7495d00bb7375fb183d384ce23e12915/analysis/1572900476/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "0d29426b-1f77-4d84-b972-149efb858cde", "value": "12/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055322", "uuid": "c8f76e09-c13b-4ea3-86f0-2335a83af33e", "ObjectReference": [ { "comment": "", "object_uuid": "c8f76e09-c13b-4ea3-86f0-2335a83af33e", "referenced_uuid": "ced1cdcc-ab25-4e5a-bfc3-18e04ed4e89a", "relationship_type": "analysed-with", "timestamp": "1576055857", "uuid": "5df0b431-673c-4161-a913-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "2e3bf8df-de0c-4055-a8c9-b6aaed488dd0", "value": "744d05f56df84c987dba70cbbb52e80c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "7170db2e-1fdb-40fc-b7dd-885a84335655", "value": "ce98cf7ae112d31036d19cc1c02f22f1d8ecabf2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "0dae01e7-6467-4695-bd9a-9f19b38403b0", "value": "3b164c0b2ac9e86fb24e32cb0ac1a1d6087372c644107e4de4aac9dede085ef4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055323", "uuid": "ced1cdcc-ab25-4e5a-bfc3-18e04ed4e89a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "3d5d5448-dac5-4ace-91f3-4d5a22c07fd4", "value": "2019-11-12T14:30:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "f25fddff-66e7-42c3-a5f9-0d0c3fc557c7", "value": "https://www.virustotal.com/file/3b164c0b2ac9e86fb24e32cb0ac1a1d6087372c644107e4de4aac9dede085ef4/analysis/1573569045/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "8ef8f229-f54a-4bae-9c98-da9e328ee7e7", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055323", "uuid": "cc2a2628-8010-4d98-bad0-f6925aca44c8", "ObjectReference": [ { "comment": "", "object_uuid": "cc2a2628-8010-4d98-bad0-f6925aca44c8", "referenced_uuid": "d719e1e7-4515-470d-a2ce-ab8acad3e7c4", "relationship_type": "analysed-with", "timestamp": "1576055857", "uuid": "5df0b431-69ec-4e0e-b883-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "271b353d-5d29-4973-8531-ac9a807b3275", "value": "acf3b6d4ab647ca7358bc06654a3eb30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "fd68f2e2-d56c-40e3-8d2e-ac7513f350ea", "value": "d55d72b31631708bc5748105f157b89609b454d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "93364c12-45c1-42ea-93f9-ee3b97c4536e", "value": "f4802ff60ac9e87c230e21ea0909bbb0930390ac51cf97dacea41fd24211d5c7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055323", "uuid": "d719e1e7-4515-470d-a2ce-ab8acad3e7c4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "f5c5f97b-5f69-444f-81db-a4021989639e", "value": "2019-11-27T23:37:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "9f042b61-c82d-4b59-8478-4b355b7bcc14", "value": "https://www.virustotal.com/file/f4802ff60ac9e87c230e21ea0909bbb0930390ac51cf97dacea41fd24211d5c7/analysis/1574897864/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "88c64bf2-7d6b-494f-b032-286a2056a59e", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055323", "uuid": "1dbb3a84-2b1a-4a57-9b17-8f0b7ca1c525", "ObjectReference": [ { "comment": "", "object_uuid": "1dbb3a84-2b1a-4a57-9b17-8f0b7ca1c525", "referenced_uuid": "341993c1-a49f-475a-ab50-aa56dc25d7df", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-52cc-4c65-97d0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "9705783b-0ae3-48bf-957e-ca3247b7ce9b", "value": "c1158e9ac01987dfc9ab6f49adcebf0d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "e0477c51-2667-4b19-9c16-dffe63de2233", "value": "ec27aace27722653f24c7eb3a1d470926df7d676" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "c743e193-b892-4aab-a81b-8e8f241f220d", "value": "dafad7a4563e41c8b38e000508a54d7189246bb50a1bd021dffab164bfa79876" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055323", "uuid": "341993c1-a49f-475a-ab50-aa56dc25d7df", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "a3f1b638-be55-4763-b4a7-c0a537b73e3f", "value": "2019-11-09T09:44:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "22f3cf80-1f4f-47b6-98f7-95fdbf61bf17", "value": "https://www.virustotal.com/file/dafad7a4563e41c8b38e000508a54d7189246bb50a1bd021dffab164bfa79876/analysis/1573292650/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "874658a7-8751-4b71-9439-caa8d094dcee", "value": "37/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055323", "uuid": "ef192623-cc91-4453-885c-8ed4cfc7baa7", "ObjectReference": [ { "comment": "", "object_uuid": "ef192623-cc91-4453-885c-8ed4cfc7baa7", "referenced_uuid": "258e9e08-24e6-4022-8dff-046060944c15", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-57a4-4555-9ad1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "22e7cd1d-862e-4d1b-82cd-cb18602c7b50", "value": "d854cd4d47104e469350cf137ba2c3e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "5d501d5f-3923-4066-9383-031f1a477cc2", "value": "2c28542118e3d68a64fbd1769c9afedc3e9ae520" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "7fb2212f-3b82-4918-a041-7f069770ff0a", "value": "6f06ed65b8e0314d12bd54d861c9a7fdaa2c1409f3b91afc0ccb8bfabbfe47ff" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055324", "uuid": "258e9e08-24e6-4022-8dff-046060944c15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "84b86863-1d43-4087-8a96-876d394ddd7a", "value": "2019-11-23T22:15:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "afd556a7-9b30-4b0a-9027-9585545269e0", "value": "https://www.virustotal.com/file/6f06ed65b8e0314d12bd54d861c9a7fdaa2c1409f3b91afc0ccb8bfabbfe47ff/analysis/1574547309/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "cdaec7ec-30ce-4071-a208-bf47939eb79d", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055324", "uuid": "41478f83-05cf-49ec-a1c8-1cacbbc09e33", "ObjectReference": [ { "comment": "", "object_uuid": "41478f83-05cf-49ec-a1c8-1cacbbc09e33", "referenced_uuid": "608a6e2a-f326-4619-b78f-aeb942b24638", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-4de0-4bcd-8624-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "fe878abf-26ef-4ded-93c6-b0aed1d80470", "value": "f390eebc238b2e8b16e03d8d16dd9135" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "c2b6f94d-423c-4952-837a-5cbd48754e7a", "value": "88615dee93b9c2f4cbb67c890de85d80010f2b31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "3111c8f1-fffc-4e98-b684-68a0b074833d", "value": "588ec943d755cc0fd2c699c069e5328d49a6fc87dca234134a1a8b51aa18c93a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055324", "uuid": "608a6e2a-f326-4619-b78f-aeb942b24638", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "8d53fb65-5c7f-40bb-9585-50c2f16808f5", "value": "2019-11-11T10:10:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "6439fe6f-53e9-438d-9c94-a98dd6a9d9b5", "value": "https://www.virustotal.com/file/588ec943d755cc0fd2c699c069e5328d49a6fc87dca234134a1a8b51aa18c93a/analysis/1573467018/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "81ff42de-fad3-42c6-b77c-0f0ce5f92b20", "value": "38/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055324", "uuid": "ed93e93f-413b-43b4-96a6-7abbf8040d75", "ObjectReference": [ { "comment": "", "object_uuid": "ed93e93f-413b-43b4-96a6-7abbf8040d75", "referenced_uuid": "1b36bb45-fff1-497d-90b6-44c336c6348e", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-6ecc-4ed0-ae71-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "373ed36c-3ba4-4e04-93f7-0e9b586b4876", "value": "ccd6b00241fd3c432097fedebfe73160" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "2780540b-8adb-4863-963f-eb1875937569", "value": "bfe13495e3112c75a7287ab3bd93273292ff503b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "defa3374-3a6d-46ea-bb85-ed8fbe66fa5f", "value": "c55de9da7945deccfcd284a2516938a287d503218e5c7cceca8606a93e00cfcd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055325", "uuid": "1b36bb45-fff1-497d-90b6-44c336c6348e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "1cce200b-3298-4d95-b4c5-432c53c94e83", "value": "2019-12-09T10:13:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "5174822a-d125-4a39-ab7e-3c1273bca542", "value": "https://www.virustotal.com/file/c55de9da7945deccfcd284a2516938a287d503218e5c7cceca8606a93e00cfcd/analysis/1575886411/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "ed63eadc-be9d-4ce6-b4cd-d5578f725655", "value": "58/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055325", "uuid": "fcf29ec0-d5b2-474f-9b47-a009302fffd7", "ObjectReference": [ { "comment": "", "object_uuid": "fcf29ec0-d5b2-474f-9b47-a009302fffd7", "referenced_uuid": "9acdff64-6582-442b-b72e-400c5de70d40", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-4f38-46b9-b7db-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "9d4b6bb0-311d-4a80-ae3a-1c1c284324f9", "value": "60c021825cca7fa302bbb5c71031f445" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "039dc9cf-996f-49ab-8cf7-f025220e8c59", "value": "5a7d92d6c670ed1a34d035d57e9beece4b34a2ab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "8665e258-994a-42fd-927d-f3c1dd65d372", "value": "a0df4633a022ba93d73a75ad7e6b8e01c369407107c27aa8650cb5f5fc878fb4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055325", "uuid": "9acdff64-6582-442b-b72e-400c5de70d40", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "3457ee26-8d4c-4558-8fc7-4e24186cc307", "value": "2019-11-13T14:05:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "b5a96c3d-e189-4615-8d6e-5d5e54d6001e", "value": "https://www.virustotal.com/file/a0df4633a022ba93d73a75ad7e6b8e01c369407107c27aa8650cb5f5fc878fb4/analysis/1573653910/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2d08fbc9-6650-45e5-b6d3-9d1f7f2119ad", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055325", "uuid": "6aeb3879-bc39-4994-bc04-600eb8dd6fe3", "ObjectReference": [ { "comment": "", "object_uuid": "6aeb3879-bc39-4994-bc04-600eb8dd6fe3", "referenced_uuid": "9ca20ea2-6e65-445b-9676-3f62af9b5df3", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-a180-4b59-b63d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "d1365170-8727-471a-8113-49e38781648c", "value": "38a67d0a11c0e0167ad98d4c5f82b5db" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "cb994b08-30d5-4aed-b740-a429f004c006", "value": "ac9b96162efff24694b1b163cd89deb2cd49e18d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "4897e6ff-296b-4b74-bdcc-8c8b98a21d19", "value": "eb4387cfd0d30be5e985d58f7dc3935cd3bd5a7dca193699aaa9971bda082229" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055325", "uuid": "9ca20ea2-6e65-445b-9676-3f62af9b5df3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "682bff3d-4d94-4aaf-8c29-dc9b1bfd9c0f", "value": "2019-11-26T15:38:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "a3feed01-0cac-4096-80a7-8c1ec15e4407", "value": "https://www.virustotal.com/file/eb4387cfd0d30be5e985d58f7dc3935cd3bd5a7dca193699aaa9971bda082229/analysis/1574782702/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "474942ca-9b06-4c5e-a797-90480de55bb6", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055326", "uuid": "9e18c6e2-bebf-4581-a657-dcb4782bcd69", "ObjectReference": [ { "comment": "", "object_uuid": "9e18c6e2-bebf-4581-a657-dcb4782bcd69", "referenced_uuid": "2eeba3bb-9a78-4ebd-bf31-387ae7ec7c35", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-8ff8-4cfb-bafd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "a4974ff0-e1b7-486e-a251-478c8fb16713", "value": "88ab73e555ecd13f470c1960aa0a766b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "4646f3b1-3624-4142-b227-2d05c2397634", "value": "863e84c2510b469030c3fbc74833900f83f6b618" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b41e9db7-10eb-45dc-9133-0fd1976a58ee", "value": "e06ea82bd1fd49ae05791148c9e0fe4f327146911f434fcd3cba4db52e5c372f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055326", "uuid": "2eeba3bb-9a78-4ebd-bf31-387ae7ec7c35", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "69c8fb14-5d17-4880-be14-04f72f6b1b85", "value": "2019-11-15T13:32:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "14d956ae-a4be-437c-85d0-4e7a8a91f30f", "value": "https://www.virustotal.com/file/e06ea82bd1fd49ae05791148c9e0fe4f327146911f434fcd3cba4db52e5c372f/analysis/1573824764/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "a3cff82e-ad6b-4581-87e5-dcb60f7a05a3", "value": "47/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055326", "uuid": "ae856592-4152-4ad8-8d72-3af1f275d7b9", "ObjectReference": [ { "comment": "", "object_uuid": "ae856592-4152-4ad8-8d72-3af1f275d7b9", "referenced_uuid": "13f496f0-29b7-4a37-896f-1ce2ec1e7286", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-4b60-4050-95da-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "00886e76-c880-43e1-9780-21bcd69c29c5", "value": "b09347260c1a6689ebbea2912173ebbb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "384fed68-83dd-4f74-834d-6ea17851680d", "value": "00c96a6aa2d613b71ee4195412cfea0adc6f0133" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "061f4e6a-eeac-402a-92d3-1d78cdada894", "value": "96beeb7236cda9ae1fdbb692c03626f40e57ff55014838d5143ad461a3461770" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055326", "uuid": "13f496f0-29b7-4a37-896f-1ce2ec1e7286", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "c0329c84-c2ff-4400-b9fe-664d419e5ce6", "value": "2019-11-23T21:55:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "1c35f0ce-895c-491a-b3c0-a48424f877aa", "value": "https://www.virustotal.com/file/96beeb7236cda9ae1fdbb692c03626f40e57ff55014838d5143ad461a3461770/analysis/1574546111/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "81014be0-8078-4da9-b7f1-ee790ac84606", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055326", "uuid": "680d2e52-6fb4-456a-b196-07825f047910", "ObjectReference": [ { "comment": "", "object_uuid": "680d2e52-6fb4-456a-b196-07825f047910", "referenced_uuid": "0cee6148-5413-41c1-809e-5906a5637c40", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-adac-49e4-b014-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "d1952544-fd5f-4940-ac6b-8da010c7de7f", "value": "9635d575f7b5f451f4c74a0545e69b66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "8baa88d9-f3df-4352-a668-baa402b7ec20", "value": "3a9272fa645b358f9bc1efe441b9789d133c2bc9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "6103d9e4-6779-497c-8131-645b929d4786", "value": "fe531c3f1db56d1ab6d8294ab3753cac84e8becf8307023fac07d39d28a07e35" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055326", "uuid": "0cee6148-5413-41c1-809e-5906a5637c40", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "c120c696-4f9b-4c2e-830c-dda791e70dfa", "value": "2019-11-20T11:50:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b924dfa3-574a-4fe5-9f29-1a7b5abb0845", "value": "https://www.virustotal.com/file/fe531c3f1db56d1ab6d8294ab3753cac84e8becf8307023fac07d39d28a07e35/analysis/1574250625/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "8db21400-ebc6-4bd3-bb14-f805453b4956", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055327", "uuid": "3b29f7eb-dbaa-416c-a4df-cff9599465f5", "ObjectReference": [ { "comment": "", "object_uuid": "3b29f7eb-dbaa-416c-a4df-cff9599465f5", "referenced_uuid": "f33804ac-e880-46d4-8e34-0f25bddc3a72", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-4b84-46cf-9182-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "413be178-fcdd-4ce6-b7de-c3f32ce6a0a9", "value": "6516598c9dde3d1459a4a94d42e239b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "1870bb8b-0c06-4446-8b9a-ecb2397f5801", "value": "947100254dd39a254dab1fda9044f9b1a2d4c703" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d29304bd-b86a-4c86-90f1-308aed0b27bc", "value": "136d1366ec76a9e1ecc49c1020adea68c416c6c8696925ef50f549dd3564bcf9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055327", "uuid": "f33804ac-e880-46d4-8e34-0f25bddc3a72", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "7bd1db5c-9484-486f-83c9-c95e2d390f75", "value": "2019-11-14T09:10:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "ce540686-d018-4458-80e9-9b333982aecd", "value": "https://www.virustotal.com/file/136d1366ec76a9e1ecc49c1020adea68c416c6c8696925ef50f549dd3564bcf9/analysis/1573722648/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "af1f6067-7102-452c-ba37-88ac36cb89b5", "value": "43/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055327", "uuid": "f007ef4b-7c49-463b-8140-0e7833584ee0", "ObjectReference": [ { "comment": "", "object_uuid": "f007ef4b-7c49-463b-8140-0e7833584ee0", "referenced_uuid": "2969123a-0982-4b37-b0ce-d619dab67a7d", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-1ee8-425a-894d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "0589b00e-bc30-4e8a-81fc-2642b33635e1", "value": "d82f5076682cc387843414f7593de093" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "58d0776d-66e8-4ded-9141-5302de490ea3", "value": "3e73cc41cb034ad013f3ebaeb757e155f8b5e0c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "b667f399-de5f-4faf-9592-e4888c034ee5", "value": "9767c10a00326f9f167178d813afb963021e2f58aefd174a211978c4aa1a95f3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055327", "uuid": "2969123a-0982-4b37-b0ce-d619dab67a7d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "ef376af9-f25b-42bc-8aeb-f7deed01c361", "value": "2019-11-23T21:54:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d193ba11-d389-4b75-bbb2-5d891d0d6397", "value": "https://www.virustotal.com/file/9767c10a00326f9f167178d813afb963021e2f58aefd174a211978c4aa1a95f3/analysis/1574546053/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "cbd2b51d-8aa3-46ca-8c0b-064bb8cd40f0", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055327", "uuid": "733a51f4-bfaf-445e-b9d1-6f2aeb3e9e13", "ObjectReference": [ { "comment": "", "object_uuid": "733a51f4-bfaf-445e-b9d1-6f2aeb3e9e13", "referenced_uuid": "a2d4eae7-25dd-48d5-a73c-17b0e3be9fd5", "relationship_type": "analysed-with", "timestamp": "1576055858", "uuid": "5df0b432-cf10-49bc-80cb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "8232be81-6b7b-47ce-a319-0bd2c821bfa2", "value": "8b33d01fe5b6d5a325be4c053ef6b172" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "910848c7-7626-4ca7-859f-27873bc81bf1", "value": "48e49c53138699c74ab26799fef2df4c98f9f305" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "ee095357-5d5a-413c-ae5f-3f7a4955342b", "value": "b2739c0042bbff812ef3d9106fdb32a6554a4ccaad94253b79f280506acb61d8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055328", "uuid": "a2d4eae7-25dd-48d5-a73c-17b0e3be9fd5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "d839ff83-c23e-43ad-b1b3-33294452b542", "value": "2019-11-10T13:57:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "07a20227-11d7-45db-aa62-a7ece11ccaab", "value": "https://www.virustotal.com/file/b2739c0042bbff812ef3d9106fdb32a6554a4ccaad94253b79f280506acb61d8/analysis/1573394270/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "3a6a55f9-5e4b-40de-a444-7c7a8f850461", "value": "31/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055328", "uuid": "dc339a82-4290-4b72-825b-86c8e2ad63cd", "ObjectReference": [ { "comment": "", "object_uuid": "dc339a82-4290-4b72-825b-86c8e2ad63cd", "referenced_uuid": "566796ba-2887-481f-883e-5b87f2c294f0", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-5494-43da-a115-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "9ce7d440-3ad7-43e8-917e-7b77f5fca631", "value": "78840a16d291a181aca187f667606eca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "1026401b-c7cc-4efe-8197-35b9c4df3f69", "value": "3b8c2e33c0dcc0671aeaf396b4b8181e4ccdd63b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "b2ff723e-683b-46cc-8310-c1566e4bb6df", "value": "c52f02602bf5945fd62bc86c992f4d37e51857af76b67fd029f715a6fa695b3a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055328", "uuid": "566796ba-2887-481f-883e-5b87f2c294f0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "3b9e519d-55b3-473a-b86c-5092889be176", "value": "2019-11-29T20:49:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "9faa3923-c160-4812-a630-cd560311ad6b", "value": "https://www.virustotal.com/file/c52f02602bf5945fd62bc86c992f4d37e51857af76b67fd029f715a6fa695b3a/analysis/1575060549/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "3eb71f15-1a11-4a92-9271-15b8f568e2f3", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055328", "uuid": "94d47416-8a94-46a9-b15b-072940dad7d0", "ObjectReference": [ { "comment": "", "object_uuid": "94d47416-8a94-46a9-b15b-072940dad7d0", "referenced_uuid": "6694a7e6-ac32-4aa8-b716-1e85b713d64e", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-2edc-4e23-8223-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "9f371bd4-d79e-4060-be82-926e9029f605", "value": "eef2d389e54d1b2e6704adcce84c8b09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "44d40ae2-9f67-4043-89fa-b4c4fa6dcbe9", "value": "df967b977a2f0864bd85fb5a836710710cde48cc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "b4c8eb55-69b5-44b1-bca8-b832056b3925", "value": "ffbf659f15435ab3b684d61fb766ff8000819c2d2f48d29bc0b195cbf38db76f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055328", "uuid": "6694a7e6-ac32-4aa8-b716-1e85b713d64e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "638ec20c-8781-4751-95ae-1a5fa630a019", "value": "2019-11-04T17:39:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "d03ffa46-5818-42a7-ab56-10f383a82fa6", "value": "https://www.virustotal.com/file/ffbf659f15435ab3b684d61fb766ff8000819c2d2f48d29bc0b195cbf38db76f/analysis/1572889158/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "4c417f81-9ffc-4de7-83e0-e2ceb1811a64", "value": "10/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055328", "uuid": "ed520552-6513-4917-95ca-c0d15f0d74cf", "ObjectReference": [ { "comment": "", "object_uuid": "ed520552-6513-4917-95ca-c0d15f0d74cf", "referenced_uuid": "1f2f93a1-eb02-4b87-a2d0-c8caeca58406", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-7aa0-4665-874c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "61b328fb-227b-4f7a-9613-a62d88b71713", "value": "dbd6e92d9f5217484a9a47edbd48464b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "88281b07-48c8-4483-a716-b617cc2608a9", "value": "ac8198a51f57e8f5ee90a78f8d62b12a1e8daa47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "1e437d27-5b00-462d-b8af-7aa3ff7db9b0", "value": "a0ee7213974daf74c1940dcaadc9c729cfc3e2a5a2bb4e2a73684fc4037e49ca" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055329", "uuid": "1f2f93a1-eb02-4b87-a2d0-c8caeca58406", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "6df621a1-9a67-4b47-a8c8-c99b036d6e5a", "value": "2019-11-29T09:06:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "d505c356-28fa-4572-bff3-52aa63f458d9", "value": "https://www.virustotal.com/file/a0ee7213974daf74c1940dcaadc9c729cfc3e2a5a2bb4e2a73684fc4037e49ca/analysis/1575018406/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "1ce56195-81a6-45d9-89ff-777b03c65470", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055329", "uuid": "5ad6514f-d7af-47f6-87b0-372df8ea3b16", "ObjectReference": [ { "comment": "", "object_uuid": "5ad6514f-d7af-47f6-87b0-372df8ea3b16", "referenced_uuid": "2bba21b9-106d-4208-a5d6-0bb9ac801ca1", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-1bc0-40c2-9a20-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "6a343986-d2d4-45d3-b89b-616e26f97c74", "value": "0bfdd08f3d632d0a64cecec3e021b6bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "095cf15b-b48a-49ff-8999-f6871b5afd5d", "value": "47fda71bdbb29b585d528e3538a10eb3df9d14c6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "377844ae-60ed-4f09-9426-06b2ac97f248", "value": "3c705f31d7165350245d3fad4db9ab7a0b85475b10aa1cbe2030bd23458495d6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055329", "uuid": "2bba21b9-106d-4208-a5d6-0bb9ac801ca1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "10967b81-692e-4cd0-9d83-403cd6f94045", "value": "2019-11-14T09:10:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "41446938-e561-4a79-8f90-fe2e5753ec14", "value": "https://www.virustotal.com/file/3c705f31d7165350245d3fad4db9ab7a0b85475b10aa1cbe2030bd23458495d6/analysis/1573722652/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "8e9b2b45-d027-4804-91cd-80b5d53880b3", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055329", "uuid": "c1d78a4c-9ab4-42df-93d0-24cc1963f3e8", "ObjectReference": [ { "comment": "", "object_uuid": "c1d78a4c-9ab4-42df-93d0-24cc1963f3e8", "referenced_uuid": "9f576870-69ac-47d0-be4f-e77b9436dc99", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-f134-49d0-adb1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "616ee8d3-4091-4801-81af-7ae65f86706a", "value": "1eccf3fca2e926ece305faafc1456918" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "f4fc924a-6e24-432a-b308-23eefbfe8019", "value": "176f9bf97309ca84177cf88990bcfabb2b681f21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "968b59cd-88e0-4c09-8b80-2ccd4558cd76", "value": "723be12af49d00743b25237e0411053bd6ba684ed6026f91fae6c88e2b3736c9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055329", "uuid": "9f576870-69ac-47d0-be4f-e77b9436dc99", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "d756b1af-6393-4b10-a0e7-b35c2c7ca78e", "value": "2019-11-18T07:37:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "3f2ccc8b-2c50-4aa9-9a63-297173066486", "value": "https://www.virustotal.com/file/723be12af49d00743b25237e0411053bd6ba684ed6026f91fae6c88e2b3736c9/analysis/1574062646/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "414159c1-6ed4-49c5-b691-0da59a1b8d6f", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055329", "uuid": "3d5d7a8c-c996-4571-b8f9-f03d18a95bd9", "ObjectReference": [ { "comment": "", "object_uuid": "3d5d7a8c-c996-4571-b8f9-f03d18a95bd9", "referenced_uuid": "0e5a61b8-b5b2-4a86-8ed3-eebb7e258896", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-47c4-4879-91b2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "f1fa5a82-24f6-4d95-8b62-1485496fe466", "value": "1913ec9f3b82a0be9cf93850a5fcbb1a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "6281dd56-9d1b-425e-8631-a328adc49b3e", "value": "3413768f2dc50c584fc01cd3b41c76ecfb82f07a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "0ef24b6b-7bb1-4c50-b08e-be2f07a3c3f7", "value": "0b30436a70da6328b82022c227c7c3912ab0d1f998dde4ea0c846bc97099459e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055330", "uuid": "0e5a61b8-b5b2-4a86-8ed3-eebb7e258896", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "3cb3592b-016d-4388-be14-a0002f1057d7", "value": "2019-11-15T13:27:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "417eaf12-4e74-44cd-b353-de093bdda913", "value": "https://www.virustotal.com/file/0b30436a70da6328b82022c227c7c3912ab0d1f998dde4ea0c846bc97099459e/analysis/1573824433/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "56edc041-63e1-401f-a2e4-beb50d0c7049", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055331", "uuid": "eb13fb99-e9ea-45e5-992e-595fa5379eb7", "ObjectReference": [ { "comment": "", "object_uuid": "eb13fb99-e9ea-45e5-992e-595fa5379eb7", "referenced_uuid": "827ce421-4c33-4102-a38c-9a82d7ad034c", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-c270-4dd9-8aaf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "78f720d1-ebdc-4a6e-b46a-e2508787c297", "value": "ab245fcd7da855da68b7c2e2e96e7899" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "49d095d2-6d91-4d26-b554-68c54e960c1b", "value": "f1ebea52684ecfcfa7fb4ae8bb3730135a7c7b9a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "f9ffdcb5-f9e2-4fc2-a559-b42a7c36f6ea", "value": "1f4a92061c1a2d3f19d1e4f127395cd056f699b1db2f1ed8648cd406fb973b66" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055332", "uuid": "827ce421-4c33-4102-a38c-9a82d7ad034c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "d4ebd0bb-957f-44d4-a0ef-981cf597eb10", "value": "2019-11-26T13:50:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "6e813df8-bfd4-4287-9bb5-12e185e50ab7", "value": "https://www.virustotal.com/file/1f4a92061c1a2d3f19d1e4f127395cd056f699b1db2f1ed8648cd406fb973b66/analysis/1574776216/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "d945cd12-3012-4afb-84fd-191d79657289", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055332", "uuid": "39a79b60-8c0c-4d11-bca2-38537491f6b6", "ObjectReference": [ { "comment": "", "object_uuid": "39a79b60-8c0c-4d11-bca2-38537491f6b6", "referenced_uuid": "af12b4c0-e8d4-488d-876f-2d49989eca09", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-c8a0-4adc-b58a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "f428a519-9f0c-4c59-8990-b51d645c5c66", "value": "748fde5a990b5506a201fe256cca2153" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "9706ae74-3ac1-49e5-8b11-23db57a4e700", "value": "d2fb9624c339423cd4f9edcbe1b343762fba27e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b4d0a5fa-8e18-4b9f-a013-49ec72c1f080", "value": "8ed575d654411a68e86fe7794c96c9061cb2d79e08d83160085b15eab3443721" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055332", "uuid": "af12b4c0-e8d4-488d-876f-2d49989eca09", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "b0d7c844-6714-40da-9f69-eeb273771c98", "value": "2019-11-16T18:38:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "6dc10297-9e7d-4697-afd5-0d3fe4454e08", "value": "https://www.virustotal.com/file/8ed575d654411a68e86fe7794c96c9061cb2d79e08d83160085b15eab3443721/analysis/1573929532/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "0c2d9697-87bb-4f05-8179-bd76a868b80c", "value": "44/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055332", "uuid": "096eb58c-0bbb-4b98-8f29-f478d1aaae37", "ObjectReference": [ { "comment": "", "object_uuid": "096eb58c-0bbb-4b98-8f29-f478d1aaae37", "referenced_uuid": "fccc7090-fbf3-4298-a67d-83a1c81e2dfd", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-dd70-404d-bb1d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "f4b8044e-efd5-40ed-b538-08ca3a8df493", "value": "c75dead19c38895887a5905858d38ab7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "e30e4254-4591-461a-aaa4-0d1ea3219519", "value": "9de09647879a1479760b4c384f7ce244ca2bfdf1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "77d2be2d-20bb-4e32-88b5-bb3883f29786", "value": "be6cbb6d2c42472006c1c3f093a1015830e4fd45bcdf50bf89f5eb8a234d2c1c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055333", "uuid": "fccc7090-fbf3-4298-a67d-83a1c81e2dfd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "9ab648fb-b310-4d22-8b23-2eb55a8a1046", "value": "2019-11-29T04:06:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "a7d4949a-9c1b-47b2-9f46-c58fb6b51b40", "value": "https://www.virustotal.com/file/be6cbb6d2c42472006c1c3f093a1015830e4fd45bcdf50bf89f5eb8a234d2c1c/analysis/1575000398/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "e585d032-8528-4914-bf0c-6ce583b52d61", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055334", "uuid": "91d86c14-5d8d-49d8-85a6-62eb1f6660ac", "ObjectReference": [ { "comment": "", "object_uuid": "91d86c14-5d8d-49d8-85a6-62eb1f6660ac", "referenced_uuid": "28d1f5cd-035b-41ab-8939-160f3e815c0f", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-7798-4332-8666-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "74ebdc17-70ec-4149-8383-fa26446bfb75", "value": "e1f2fc2dfdb403f769eee148bf86f8f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "99ef01bc-b28c-4b9d-a4c5-e5ba4b1ada27", "value": "e4368fd43348ad0f8b6df73236b59b6d6aad8d89" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "f6a39457-dd1d-43ad-baf2-2371badf8356", "value": "69b5a1582c4398b3367c6fbb40c51eeda0deee719b9830c55c946da564fc737f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055334", "uuid": "28d1f5cd-035b-41ab-8939-160f3e815c0f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "0d106555-2247-456f-8fb0-ec01ecf9a1d3", "value": "2019-11-28T10:27:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "98472b94-c0f0-4d34-8f54-17cfc8b6d1fc", "value": "https://www.virustotal.com/file/69b5a1582c4398b3367c6fbb40c51eeda0deee719b9830c55c946da564fc737f/analysis/1574936820/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "75b535d7-f889-42c0-9836-2ff318b1448f", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055334", "uuid": "75f113a1-ef9f-4310-bb5b-989dee8f489c", "ObjectReference": [ { "comment": "", "object_uuid": "75f113a1-ef9f-4310-bb5b-989dee8f489c", "referenced_uuid": "1b05cb70-d19a-4aad-aac6-551661f56eb2", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-700c-407f-9a7d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "ffc687cd-61f3-467a-b837-c9d83f33b2f8", "value": "1996a7531385cbd60397b121aeddee27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "06a5c951-8086-4a36-b569-39c58adf5fcd", "value": "0e2b7ebca07e1266c01c92959f1413af10dd6bf3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "50f3e722-c97d-409e-bab0-4adced5809c5", "value": "9d5a0edd97c0689ca40a7ae9519f4992a538ff81a5d4c5a47e327afa192cac76" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055334", "uuid": "1b05cb70-d19a-4aad-aac6-551661f56eb2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "7bea0322-b782-4c84-ac8f-e3aa5954c4dc", "value": "2019-11-10T14:00:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "faba88a0-db00-45d7-b8cf-a5e9719b4031", "value": "https://www.virustotal.com/file/9d5a0edd97c0689ca40a7ae9519f4992a538ff81a5d4c5a47e327afa192cac76/analysis/1573394432/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "602eff93-4437-485d-9ecf-2327bd272d47", "value": "30/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055334", "uuid": "fc8fd229-2908-4983-a730-d85c9e352575", "ObjectReference": [ { "comment": "", "object_uuid": "fc8fd229-2908-4983-a730-d85c9e352575", "referenced_uuid": "dad20706-fc2f-4dd4-8d9c-f5796f819c6e", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-4b0c-41d7-a6a3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "d943fca5-ddd5-4215-a886-5cd799bb900f", "value": "6afa5f757ea642df8b2f036cd8f78a95" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "9df1f60e-8fea-4ef9-9530-e5f8a8300c6b", "value": "3982b7d37b75a501cde3ed41d11e4ee4ebbcb7a8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "646ec270-7917-4514-8b55-13693b9ccde1", "value": "b12737e22992e76fb0b07481696395ec69d92ff79e592d5d553a22f6825163f7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055334", "uuid": "dad20706-fc2f-4dd4-8d9c-f5796f819c6e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "1c8d9d83-8c4e-4a99-a4c6-308dde3773ce", "value": "2019-11-10T22:41:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "8505e4b4-df93-4642-8505-d13ba1e45516", "value": "https://www.virustotal.com/file/b12737e22992e76fb0b07481696395ec69d92ff79e592d5d553a22f6825163f7/analysis/1573425708/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "0f5fdf9c-4557-493d-bf22-cf1894d4a60e", "value": "33/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055334", "uuid": "7b8383e3-acd4-4fcb-845b-5cb36e10a7b3", "ObjectReference": [ { "comment": "", "object_uuid": "7b8383e3-acd4-4fcb-845b-5cb36e10a7b3", "referenced_uuid": "a1937f9b-ec9e-409a-bef0-adfea851fdee", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-f5ec-4694-8423-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "b5dd651f-ce0f-4ca7-a107-62195a1b0e04", "value": "8c7c901e8f69577bb9cd71efb0e3a905" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "2ee837a0-bd10-4fd6-9daf-cf359488a7c4", "value": "62499aeeff6defd15f16716ca08facd3078ce638" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "e23fccae-a948-4f56-acea-6d4982131d58", "value": "57933d84d9e4d9fedf9496972ac23510feacb2a4c867568b1b7ed490234e348f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055335", "uuid": "a1937f9b-ec9e-409a-bef0-adfea851fdee", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "eb1ee3da-5bbc-42b5-ad1c-9572470e27bb", "value": "2019-11-24T16:20:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "26264c92-6922-4f66-bd33-0b5e24c62294", "value": "https://www.virustotal.com/file/57933d84d9e4d9fedf9496972ac23510feacb2a4c867568b1b7ed490234e348f/analysis/1574612420/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "8300b448-ef0b-49fa-ab75-38ead4a6aab2", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055335", "uuid": "0eb9d16a-03f0-44e8-843c-b8df2c4c083b", "ObjectReference": [ { "comment": "", "object_uuid": "0eb9d16a-03f0-44e8-843c-b8df2c4c083b", "referenced_uuid": "9e66898e-3b53-4951-a5de-b420a21476ff", "relationship_type": "analysed-with", "timestamp": "1576055859", "uuid": "5df0b433-46b4-4b75-8216-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "317e4f27-abe2-4fb8-8a66-47827cc3682a", "value": "ece6331e2a979e5010d2f7b4efa182a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "ae818e10-7ae8-405b-94e2-c4ab3c78e99a", "value": "d114344d9fbe8bf07d75540a953fdf07c77f0c82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "1ff337c9-3af3-4691-8302-5621eb073d45", "value": "307792eb08705f14a9b31a2718fcf07bcda31bf21b147f69a8287d6c57362680" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055335", "uuid": "9e66898e-3b53-4951-a5de-b420a21476ff", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "a7f00614-6654-4ec0-816f-f7ef1123e304", "value": "2019-11-28T19:06:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "1186d92b-94bd-484f-bfc7-7456d9133ca7", "value": "https://www.virustotal.com/file/307792eb08705f14a9b31a2718fcf07bcda31bf21b147f69a8287d6c57362680/analysis/1574968019/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "121c9c40-1b86-4521-ab2b-873b167c18fa", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055336", "uuid": "58bef497-df6f-43a2-a37c-3739ec6982a1", "ObjectReference": [ { "comment": "", "object_uuid": "58bef497-df6f-43a2-a37c-3739ec6982a1", "referenced_uuid": "9fd11823-de41-477c-a350-c3e601be0c4b", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-cfb8-4ef2-be05-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "69af8d41-47cb-4e3d-a601-9854e376110b", "value": "3ead006e34a88f6295346c923c50bb2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "95d9b23c-e939-446a-99ed-b57eb0f4f0b0", "value": "5e8c14737e2714d06e13bf2837709d5776877173" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "b76c43a5-4f1a-471c-a018-20d816aa4dba", "value": "93533608231aeb71e1b7f96f0c5b37b8e781b525def4e3c21b6379a55b55cc11" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055336", "uuid": "9fd11823-de41-477c-a350-c3e601be0c4b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "f9133c33-c9c5-47ac-9d07-30a61a553bb2", "value": "2019-11-17T02:01:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "99c17235-3bfd-451b-a196-eedfab61e554", "value": "https://www.virustotal.com/file/93533608231aeb71e1b7f96f0c5b37b8e781b525def4e3c21b6379a55b55cc11/analysis/1573956071/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "01d9f2bb-8426-45dd-8947-34b5cc12e49a", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055336", "uuid": "454ad45c-85a9-460c-a56b-9ddb03bad44d", "ObjectReference": [ { "comment": "", "object_uuid": "454ad45c-85a9-460c-a56b-9ddb03bad44d", "referenced_uuid": "f2bc0b22-e168-4e10-8055-c642cdbad347", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-33b4-4027-b431-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "52ec66b2-cd11-4a85-a9e6-ecc1d70673ee", "value": "5ef185037fe608067da2e91dcb62f54c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "421695c4-49c8-44eb-9445-d0e8a2374011", "value": "f7a6f5a66ef937bb357cf258b8ac22c1363cd558" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "90571bd1-f2fa-4feb-9cc9-880d9f183904", "value": "d350d2d326c205e4a93442bf7b2f29683888d8a1a77023da769e8ce4d2cbd94e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055336", "uuid": "f2bc0b22-e168-4e10-8055-c642cdbad347", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "aaf68cba-371b-47e2-be45-145532877f31", "value": "2019-12-05T01:28:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "831fb392-09ed-4ea4-a8ba-63e17f032409", "value": "https://www.virustotal.com/file/d350d2d326c205e4a93442bf7b2f29683888d8a1a77023da769e8ce4d2cbd94e/analysis/1575509316/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "44d05091-1f31-430b-bd20-f38d8704087f", "value": "56/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055336", "uuid": "bb3ec885-0bcb-47f2-aacc-6cc62f5df396", "ObjectReference": [ { "comment": "", "object_uuid": "bb3ec885-0bcb-47f2-aacc-6cc62f5df396", "referenced_uuid": "7b9da427-bab9-46cc-b53b-cb15e0e7670e", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-142c-49f6-9617-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "f428b58b-df8f-4e30-a4c0-3584261980a8", "value": "4458c6a6e451341382b26f7402098efe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "6c4d7f2b-1ae9-428d-8e9e-e0da1f6f5ab9", "value": "f79389888ab5b1d1e47f1827376acee3debc8777" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "3a341e4e-f566-4318-8be8-ca7e90cd680c", "value": "6212b6073077941c534fc23d482128165b8d5d0d9ec165abd0b4184353de9c32" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055337", "uuid": "7b9da427-bab9-46cc-b53b-cb15e0e7670e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "f858f06f-e902-464f-a904-ebf056c798dd", "value": "2019-12-03T20:43:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "77119f3c-94de-4989-b921-7125042ae016", "value": "https://www.virustotal.com/file/6212b6073077941c534fc23d482128165b8d5d0d9ec165abd0b4184353de9c32/analysis/1575405794/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "6640ee1d-79f0-436d-9a03-9e3f9f57073b", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055337", "uuid": "1d70047d-25af-4bab-893c-1819ce2ee2b9", "ObjectReference": [ { "comment": "", "object_uuid": "1d70047d-25af-4bab-893c-1819ce2ee2b9", "referenced_uuid": "728bb84e-4c46-4cbb-b5b9-d61e905d206d", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-5a88-41a3-a966-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "1d91492c-bfdd-49b3-8ec0-8aae3ad7b9a4", "value": "cd25c1a67ce03194a3d935069ae90e84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "fb957dbb-f690-4db3-b3ef-2817a18c22ff", "value": "124b049ca47677bdb488477c9ff09e17bc7d4f91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "e852ea4a-fc55-4015-9616-348ad8f3f53f", "value": "26649e486ba1a9ad46837aa6e7c80b094b0b6e2af1f0a906310e1188afb35696" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055337", "uuid": "728bb84e-4c46-4cbb-b5b9-d61e905d206d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "c014f37b-c88a-4b00-a1e7-b4b76775fd5b", "value": "2019-12-02T08:52:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "b5b53a3c-c1b9-43b9-a585-98ba59f8b888", "value": "https://www.virustotal.com/file/26649e486ba1a9ad46837aa6e7c80b094b0b6e2af1f0a906310e1188afb35696/analysis/1575276779/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "cee181ab-ba8c-4db2-b056-117a8e70d2f3", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055337", "uuid": "d2f19e2c-8d0c-4282-8dd4-8717b98dab76", "ObjectReference": [ { "comment": "", "object_uuid": "d2f19e2c-8d0c-4282-8dd4-8717b98dab76", "referenced_uuid": "583eed35-20a2-4f3a-9c33-e2c329a021b6", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-8fa4-4042-90f9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "cee7c7ee-902c-4acb-9645-86f79d455421", "value": "4cc387caabaa4a3a685ac8afbd9fe170" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "46dba3ff-447f-4e2a-804e-5e45bd75a916", "value": "2a575949698530a5d6f564420326ba313579b17c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "f59c25ed-48de-4c86-b6d5-a751588e9c6c", "value": "484e8e202934f502bb1b0a944721845ff81879b4e91656d30c5fe4c490cb781a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055337", "uuid": "583eed35-20a2-4f3a-9c33-e2c329a021b6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "3d0ca14d-09dc-4217-9b62-0a565082503d", "value": "2019-11-30T10:38:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "fc8c8b4f-506b-4a78-8490-5cafc30258a1", "value": "https://www.virustotal.com/file/484e8e202934f502bb1b0a944721845ff81879b4e91656d30c5fe4c490cb781a/analysis/1575110320/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "54c9ed2a-18f1-49ad-a555-c8c4f03526c0", "value": "55/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055338", "uuid": "18f0a394-59e8-44f7-bef4-e629c8e2d48c", "ObjectReference": [ { "comment": "", "object_uuid": "18f0a394-59e8-44f7-bef4-e629c8e2d48c", "referenced_uuid": "5f4bcd14-cb63-4b73-9f04-0cd48d621451", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-4150-493f-8a03-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "562c598d-e33e-4ef4-88a3-0affe9e6b7da", "value": "c0aca5fa5b1c1d5b3ef4c3e3e61af458" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "749fa896-2b98-4fcb-9c1c-cee7ffa20ccd", "value": "8e791ccf0383b826fc13b966595b209f571bc0f8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "ec0503e8-b407-4241-9909-2f824aacd9c4", "value": "fad8f8c03505c21664bb6841de7e6dc7a19338ef2fb9400d832776365d258ac7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055338", "uuid": "5f4bcd14-cb63-4b73-9f04-0cd48d621451", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "c9b2127c-f661-4c3c-996b-bae84b97f4e9", "value": "2019-11-14T09:10:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "f0303de3-7a74-4810-8e8d-533d44ba9e2b", "value": "https://www.virustotal.com/file/fad8f8c03505c21664bb6841de7e6dc7a19338ef2fb9400d832776365d258ac7/analysis/1573722645/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "3d7f71b4-bdc6-4362-89b2-e946925b675d", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055338", "uuid": "844f9804-c3f3-4cd2-95a7-cd42db3561a4", "ObjectReference": [ { "comment": "", "object_uuid": "844f9804-c3f3-4cd2-95a7-cd42db3561a4", "referenced_uuid": "11e37e76-d0b7-4f98-a663-7e1deaad4dde", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-5f80-43fd-874b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "ef333644-e1e0-4372-b0f6-b152a9b8b99d", "value": "e249c9c6c07d5f10f44856bd59206da8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "385797dd-e0d0-4646-a537-1e46cee9a102", "value": "8410e4613411c2b2c9a0611259f9f2ff690de2de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "c743d85a-8cf4-4930-a4fc-ff84859cfb2c", "value": "04fc7a5e9d0f158883589a5fae04898457e45b1954c0ad1a258a23e2868b3b56" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055338", "uuid": "11e37e76-d0b7-4f98-a663-7e1deaad4dde", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "9cfc71ae-b411-4be9-8d98-78c55b7a7d8a", "value": "2019-11-10T21:32:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "9d6546ed-35db-4364-850f-6431fa194a64", "value": "https://www.virustotal.com/file/04fc7a5e9d0f158883589a5fae04898457e45b1954c0ad1a258a23e2868b3b56/analysis/1573421521/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "2cb26945-5c38-4a33-83bf-505444da3353", "value": "40/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055338", "uuid": "505c4912-ec7c-4bd3-800b-f96b928d60a3", "ObjectReference": [ { "comment": "", "object_uuid": "505c4912-ec7c-4bd3-800b-f96b928d60a3", "referenced_uuid": "37a3479c-7016-4207-a0b5-e1871d62918e", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-8414-413a-8d57-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c59db0d7-420c-484e-963a-10d232beeb4d", "value": "b3f57312145e96cd6b3dfc4599e7ee9c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "30d95a23-0172-4a37-80f3-e44a40558449", "value": "a67844a80ab94767a4cacf5caeaab391151921f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "dc01bfd6-b175-47d6-9940-4ffbc71491fa", "value": "20394dc816db696f7a9fe41ed1d6b581f91616e8de94b9810b580738fcc0baa7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055339", "uuid": "37a3479c-7016-4207-a0b5-e1871d62918e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "fc3d95c9-a088-43d9-a73c-feb9f8b5f3e7", "value": "2019-11-05T10:48:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "a650431d-0ead-4329-9293-4fff73c017ba", "value": "https://www.virustotal.com/file/20394dc816db696f7a9fe41ed1d6b581f91616e8de94b9810b580738fcc0baa7/analysis/1572950915/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "23195684-ad82-490a-8b16-fcddad2d142d", "value": "12/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055339", "uuid": "19df27ac-fb3a-4564-a333-92b694f65766", "ObjectReference": [ { "comment": "", "object_uuid": "19df27ac-fb3a-4564-a333-92b694f65766", "referenced_uuid": "f42a3419-4657-42b3-b6e5-e947e0c25827", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-7218-46f0-a96a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "dcf8a2c1-b894-4c78-8f65-8d2abe00fe76", "value": "6a7de11607a272c5a4d9931e0b768c62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "a0bd5a93-3887-4f14-aece-cfbcd59a19b6", "value": "4d9c9950349cf5c338de0d0e500edc8533abf1ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "c55e8df9-394d-4a6b-bf05-055a328b7520", "value": "ee008b9299dda630d5ff4217a43f7ca9a280001ed006db0008ef2716b6c7a5b4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055339", "uuid": "f42a3419-4657-42b3-b6e5-e947e0c25827", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "fd4d9a27-8217-4195-946a-e90769bf0165", "value": "2019-12-04T22:33:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "fc22f947-5b41-410c-973a-9fe03884d6a3", "value": "https://www.virustotal.com/file/ee008b9299dda630d5ff4217a43f7ca9a280001ed006db0008ef2716b6c7a5b4/analysis/1575498802/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "3c4e1e08-dc0b-46b6-9042-3a4f301760d2", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055339", "uuid": "ba3c7e43-259b-4b53-86bb-637a52cc5504", "ObjectReference": [ { "comment": "", "object_uuid": "ba3c7e43-259b-4b53-86bb-637a52cc5504", "referenced_uuid": "6a6d30d5-8af3-4c31-9b47-26cc1384e2a0", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-1984-42a7-b961-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "cb0e72bd-974c-44a4-b3ce-69afe90cb43e", "value": "c83079855879b80523e7392e8069afd9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "1a1c737d-f778-4c90-b8fb-66a8d2cc8aa8", "value": "123fdb79167fab65752849572278fc3f9d71e644" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "c1e48ad4-75a6-4347-bab6-1849caacf222", "value": "5f21b9e408d2fbc366e15204d4965cddbadefd113612a647987f9126961aec04" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055339", "uuid": "6a6d30d5-8af3-4c31-9b47-26cc1384e2a0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "1aae194a-1ffc-482e-ba12-f1cbf67c2772", "value": "2019-11-24T16:27:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "3760809d-167b-4a5a-ae15-dfda40b254d0", "value": "https://www.virustotal.com/file/5f21b9e408d2fbc366e15204d4965cddbadefd113612a647987f9126961aec04/analysis/1574612850/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "288a0d0d-1fc7-40cd-9ec4-60cdc91e00f8", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055339", "uuid": "801dda52-f305-4225-81ae-63a537e2d416", "ObjectReference": [ { "comment": "", "object_uuid": "801dda52-f305-4225-81ae-63a537e2d416", "referenced_uuid": "ceda2ab2-2d4e-4f23-ad1a-88370c893d41", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-0210-40ff-8921-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "32fe6d99-bde1-48fa-8025-842d99367ab8", "value": "d63ac5899ab35ac33c68213da4616ad6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "d394b419-2624-425b-9daf-8ee8f999f49b", "value": "1302222e6bd61286833650f8ad50ffbaf06b28db" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "942a0608-692a-4dff-aa5d-810518e792ee", "value": "47957ac381ddf4917b0ec2a325c6a68f4778196e4ace0035dd95d142858c4702" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055339", "uuid": "ceda2ab2-2d4e-4f23-ad1a-88370c893d41", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "a1f8e3ba-7b05-494d-9005-681f812c6816", "value": "2019-11-27T03:40:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "d015ec34-3557-4df7-89ed-a4cc231c94c4", "value": "https://www.virustotal.com/file/47957ac381ddf4917b0ec2a325c6a68f4778196e4ace0035dd95d142858c4702/analysis/1574826027/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "6235dd8d-ecca-4e14-b246-9762b436ba79", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055340", "uuid": "738b07c1-e0e9-44e9-9fcc-7724e09a8534", "ObjectReference": [ { "comment": "", "object_uuid": "738b07c1-e0e9-44e9-9fcc-7724e09a8534", "referenced_uuid": "0053d5cb-a02d-43a3-ba7f-5e5f5a645c5f", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-7014-40a0-be09-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "6bd33986-9cf0-4d0e-bcc8-29b56ab6fe71", "value": "feb89e1027dd2d4eb671f3f58478943b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "ad5fe77f-142a-4add-9359-d319b0011275", "value": "b65567805fd9f09eeaec0e65557ee8ca9491f6d7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b2a5a36a-95b5-405b-81b3-09ceaf130561", "value": "4d2e86301278a9e8859857bbf23ae2604946786fb8046a97ff1102a0df8fa520" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055340", "uuid": "0053d5cb-a02d-43a3-ba7f-5e5f5a645c5f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "c49c2b7b-4ce7-4fbd-b9ac-06ac573c78ec", "value": "2019-11-17T10:15:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "bf452510-8bb7-491c-b2ea-74e48c19cb23", "value": "https://www.virustotal.com/file/4d2e86301278a9e8859857bbf23ae2604946786fb8046a97ff1102a0df8fa520/analysis/1573985753/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "068a9130-15ed-476e-8f1b-519a614acf92", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055340", "uuid": "7c78d4ad-76b5-410f-b769-8ac2de68cc29", "ObjectReference": [ { "comment": "", "object_uuid": "7c78d4ad-76b5-410f-b769-8ac2de68cc29", "referenced_uuid": "fe7b8b9b-6817-4f6a-8161-df3ec4b0a993", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-0bcc-46f6-822a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "8a161b91-ed56-4afd-8ec4-e15a47387aed", "value": "af553ac3f81444bbe01a6ad3c92a34d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "e6c8f5f5-bc0f-4ca9-bd22-44b944b11e7e", "value": "79fad355c36a47adbf34c894590005f2af65961b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a88701c6-5295-4f54-8db7-74259ca7898c", "value": "7c6233499d1298c7cdac827e66e727c4b716cbfd3789e468f3e26693bee57467" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055342", "uuid": "fe7b8b9b-6817-4f6a-8161-df3ec4b0a993", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "b9aabb1f-150f-428c-9276-c09f91a90324", "value": "2019-11-21T10:38:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "1a4dbd07-46b7-4acd-901a-a09ea589a640", "value": "https://www.virustotal.com/file/7c6233499d1298c7cdac827e66e727c4b716cbfd3789e468f3e26693bee57467/analysis/1574332683/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "c7abe78f-e696-4881-94fb-283aec35df67", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055342", "uuid": "4a07ccfc-b2f0-4a9e-8fe3-f56da0287be3", "ObjectReference": [ { "comment": "", "object_uuid": "4a07ccfc-b2f0-4a9e-8fe3-f56da0287be3", "referenced_uuid": "aa2fa223-8f0c-4b45-91fc-a10098460bdd", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-4c80-4b4c-8475-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "97d7df23-717a-4330-9f0a-ab4737b40372", "value": "e9f07e3b499b5c8ab039acd9855a7d6b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "c141755f-f18b-4eae-b260-759dff9f835f", "value": "1d3ed18b63e9ef2e62177a2463311c3c0c21f77d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "95903869-d96e-4901-a8b6-8153e6d15e6b", "value": "f64551a882617ff5f18e45a8f26b2df9142526bf8dd534a02b1d193ea5f4c33d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055342", "uuid": "aa2fa223-8f0c-4b45-91fc-a10098460bdd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "d5de391c-74b6-45e0-99cd-8e924cb71419", "value": "2019-11-08T14:54:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "1596149b-a220-479c-b2d9-4348e6f897b3", "value": "https://www.virustotal.com/file/f64551a882617ff5f18e45a8f26b2df9142526bf8dd534a02b1d193ea5f4c33d/analysis/1573224845/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "aa84d7bc-62db-4dda-8a33-f1d651c93c30", "value": "11/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055343", "uuid": "30ad66a5-06a2-4526-984f-dc929f8e78e8", "ObjectReference": [ { "comment": "", "object_uuid": "30ad66a5-06a2-4526-984f-dc929f8e78e8", "referenced_uuid": "18ffb939-9527-4c34-95f4-6863b04bbaf4", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-ac54-4d13-8b1e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "6b79ea12-1ab5-4afd-bec1-ee55f7d51d7b", "value": "300c8b56f0349af99dfa32a5452efa42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "5a3342eb-8af1-4ac6-af34-3e5c228ba6bf", "value": "f72a7bbb4e9707c6327a6fe49d31765f25969d2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "983bdf57-b499-4c67-992b-03c2f1ecf012", "value": "986620e9e27ddeefef746b3ab85da4ed3a8d38cd36245a76fbc0b99a119c537a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055343", "uuid": "18ffb939-9527-4c34-95f4-6863b04bbaf4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "aadd318b-d47b-4069-bffa-392b20247d9b", "value": "2019-11-21T10:39:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "8e32055e-226b-407d-b2d3-05fcf25a8d97", "value": "https://www.virustotal.com/file/986620e9e27ddeefef746b3ab85da4ed3a8d38cd36245a76fbc0b99a119c537a/analysis/1574332758/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "8b4b488f-b2ca-4bd3-a238-29a33079708c", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055343", "uuid": "68ddc97e-64a7-4d39-8f72-ecb926dc6263", "ObjectReference": [ { "comment": "", "object_uuid": "68ddc97e-64a7-4d39-8f72-ecb926dc6263", "referenced_uuid": "8cc13a6a-0de2-4a47-8a0d-0884a02779ad", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-8364-4d89-8f1f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "929d37b6-3043-4a05-9670-e8e37daf2dc4", "value": "06e1eff3f5eee0a655f5e05d03135cb2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "a4fef8fc-9635-493e-9b25-3b5a0015c49e", "value": "c2bf75d2c10ffcae7b2c90e9e674240f39dd4423" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "d19dd869-8edb-4474-bbb1-bbb3b715d440", "value": "c2232604d5247808d7be0ff297a17c87129824209d8b8f17a6c5ae9c8cf50144" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055343", "uuid": "8cc13a6a-0de2-4a47-8a0d-0884a02779ad", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "7b064a12-0a8f-4ca2-a7e8-a77d4481d254", "value": "2019-11-30T08:28:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "caef533f-a0f7-43ec-850b-babb6440a309", "value": "https://www.virustotal.com/file/c2232604d5247808d7be0ff297a17c87129824209d8b8f17a6c5ae9c8cf50144/analysis/1575102483/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "51dcf886-8f7f-4a7e-9494-a2ef14c52013", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055343", "uuid": "31e0b85f-066e-4c0c-bba6-5c67b4ef5cb9", "ObjectReference": [ { "comment": "", "object_uuid": "31e0b85f-066e-4c0c-bba6-5c67b4ef5cb9", "referenced_uuid": "a8e16593-8a35-4cbe-9a7d-27a011ab0aaf", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-c28c-4103-906a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "6f01c4a3-df24-4b99-a076-3f1e202d9f1c", "value": "08ea2a701c83e68ec28b0503c454aaa6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "d062e7e4-6573-4547-b3de-39de62dc67c8", "value": "03f51aa3b1378dc7bff078df852450264612cfa8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "c5e2bb2c-b74b-41cc-8507-d9b4faf48c73", "value": "7b88bba3162b7ea96d9a93be491de293a856ba4d69449a0b37b14d924bdb963d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055343", "uuid": "a8e16593-8a35-4cbe-9a7d-27a011ab0aaf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "28743e54-4be7-4252-957f-979238f0ac8e", "value": "2019-11-11T10:44:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "820c9963-ae65-4a63-97a8-f3b0fb278891", "value": "https://www.virustotal.com/file/7b88bba3162b7ea96d9a93be491de293a856ba4d69449a0b37b14d924bdb963d/analysis/1573469056/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "97a798bd-0af8-4cc4-9422-c31fe02f2fbf", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055343", "uuid": "88c85dbb-b9e8-4798-aa8c-afd1bb83ee3a", "ObjectReference": [ { "comment": "", "object_uuid": "88c85dbb-b9e8-4798-aa8c-afd1bb83ee3a", "referenced_uuid": "dc6d7328-3b68-4028-8355-b1e4af009420", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-2e7c-4851-9800-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "6805bc97-6e98-43c8-b9e4-24d1c5af0c9d", "value": "cf31fa05089797c17d2d9477d074ca1e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "0edf841f-4d32-4b26-8476-0a5310f322bd", "value": "e90eee91e82ba6b30adcf9692b62b7557743941e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "8dfea091-1744-4186-b972-4d21adcbceb9", "value": "22f85d3891c4d59ed5276852118311c54779f86a4cb0a10fc98eadae96cebe20" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055344", "uuid": "dc6d7328-3b68-4028-8355-b1e4af009420", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "cdcbc596-e155-4eaa-8b91-b3b214f9a85f", "value": "2019-11-04T17:42:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "81bfe07c-0c34-43e2-a556-be8795431a69", "value": "https://www.virustotal.com/file/22f85d3891c4d59ed5276852118311c54779f86a4cb0a10fc98eadae96cebe20/analysis/1572889339/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "1ce6047a-eb0e-4555-86d2-21348a32a9b5", "value": "10/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055344", "uuid": "4ddfa380-3b6c-40d6-b390-266f76f1ebac", "ObjectReference": [ { "comment": "", "object_uuid": "4ddfa380-3b6c-40d6-b390-266f76f1ebac", "referenced_uuid": "871c3fde-844e-44b7-a6d6-5e987c48076c", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-5a7c-4570-8244-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "0a65a9f8-0879-441a-9b06-e3259889b45d", "value": "c284078d2eea8fbca84988b52be2425a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "59e8d990-584e-4988-9267-6b912db42fa3", "value": "769cff1eacc90b7d810676274194480bd6c091d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "cc67ae5f-b909-40e9-bf49-29e3fad42864", "value": "5e044a65acb4d8faf7caab4375a7fb995806691135ebd20cb3e199e9b2f29aed" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055344", "uuid": "871c3fde-844e-44b7-a6d6-5e987c48076c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "fadad4b9-e240-48b5-a875-2731e197ea8a", "value": "2019-11-16T03:08:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b7c36d27-a608-45dc-b642-2f1e4c4ab0fa", "value": "https://www.virustotal.com/file/5e044a65acb4d8faf7caab4375a7fb995806691135ebd20cb3e199e9b2f29aed/analysis/1573873728/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "a751b87c-ad1e-428b-9462-c598af5f4570", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055344", "uuid": "04e865d4-f9ab-4eb3-bb87-ec890c68e194", "ObjectReference": [ { "comment": "", "object_uuid": "04e865d4-f9ab-4eb3-bb87-ec890c68e194", "referenced_uuid": "483975a4-7d98-4a54-95a2-8cca2a3e727e", "relationship_type": "analysed-with", "timestamp": "1576055860", "uuid": "5df0b434-bd68-4c30-9f0e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "306425b6-c41c-4b5a-9e5a-621e80ca00f5", "value": "c1d5dd10de4512f4e884cd5d3c0efc16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "cca14ebc-1fe9-4476-a752-dba84d14644b", "value": "1c6a13852d9dec0feec378422fb07da905029e38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "be23adbf-39f0-4fd9-8d97-ba391a277147", "value": "bf01e71dddf875a6e1b9df0a9c672d267b21556e83ebb50239b7d4b83a695721" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055345", "uuid": "483975a4-7d98-4a54-95a2-8cca2a3e727e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "a923d494-0ece-4874-9391-3a17f8f64d7b", "value": "2019-11-26T15:30:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "bc21adff-4674-473d-8f5e-abc5e3531481", "value": "https://www.virustotal.com/file/bf01e71dddf875a6e1b9df0a9c672d267b21556e83ebb50239b7d4b83a695721/analysis/1574782259/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "3e1aeea8-f9ba-40a4-b472-1ac5a8fbe324", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055345", "uuid": "a7033e3d-da01-4bbb-9f21-4c5a7d34da3c", "ObjectReference": [ { "comment": "", "object_uuid": "a7033e3d-da01-4bbb-9f21-4c5a7d34da3c", "referenced_uuid": "18688fc5-95c7-40d9-b6bb-f6ac2ffad357", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-56cc-4eac-85b4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "1df4160c-3c3c-409c-96df-4d9fbb7dc96c", "value": "b4be22327086ac1d5053079d417af35f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "81ea7385-03d7-4f05-a0ce-bb30ed286d1a", "value": "e3529c36cfe3680759880ca5042c78b57d544786" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "3a597ded-bf4d-4d32-99d9-f8497146ce13", "value": "df502a4069b889ff8e73741352e7c3c07fb4a33478c92325d11b7fca3bfc1732" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055345", "uuid": "18688fc5-95c7-40d9-b6bb-f6ac2ffad357", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "c627be43-57ea-4cc4-85e1-280e32a119c7", "value": "2019-11-18T07:37:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "ba778009-2078-45c9-a343-b1165cd54102", "value": "https://www.virustotal.com/file/df502a4069b889ff8e73741352e7c3c07fb4a33478c92325d11b7fca3bfc1732/analysis/1574062638/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "8cdbe7fb-faa9-47e6-af68-599341337704", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055346", "uuid": "02663258-e7f5-4809-98ab-835c3dff4272", "ObjectReference": [ { "comment": "", "object_uuid": "02663258-e7f5-4809-98ab-835c3dff4272", "referenced_uuid": "8f2a5a0a-2756-4cd4-bc4f-22a7245eac25", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-c9c0-4e62-96dd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "1c0594a5-0162-4a1b-8c31-c0dbff827403", "value": "8d050967d1b70081ff9dd75d4076ff87" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "95f9d863-1042-4cca-9378-1d9819627475", "value": "7a286f740687c4582c8ebf63693ad1e0fbd7901c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "4fd8a939-c7a6-43e0-b96e-f6dbd4558841", "value": "0fb2fd7fbf71ab39078aa16528e06cd88e9a3e541c9e93721cbaeca081794bdb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055346", "uuid": "8f2a5a0a-2756-4cd4-bc4f-22a7245eac25", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "88500c21-d267-41b1-b438-827c14a1bd7d", "value": "2019-11-20T12:03:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "9a641ee8-179c-4d64-b954-2c3e44db9e92", "value": "https://www.virustotal.com/file/0fb2fd7fbf71ab39078aa16528e06cd88e9a3e541c9e93721cbaeca081794bdb/analysis/1574251430/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "a6130208-77e8-4330-9649-ffb9f97d0d28", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055346", "uuid": "a2e8a416-c2cb-4015-968c-0984172383f5", "ObjectReference": [ { "comment": "", "object_uuid": "a2e8a416-c2cb-4015-968c-0984172383f5", "referenced_uuid": "cfcdd3dd-5638-43f1-aee0-3bc1577d74d5", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-d190-495f-a8a9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "2e5e9794-fc75-4562-a75e-3163a5de4e35", "value": "a13cd0d2c5ffac903b03784af87a1e25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "b42842d0-0a31-4d1c-98fb-ddd4dc1d4ec4", "value": "c53e91f88ead48896e87ea148853f38154804195" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "ccb57c77-4035-4f27-b9db-433661a87fed", "value": "8ad3156593ffbf173177d099cfcbf40b356d4bef42ac6a5a70e6481785fdabce" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055346", "uuid": "cfcdd3dd-5638-43f1-aee0-3bc1577d74d5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "d2b790f4-3695-4b36-9599-a3451f4a42a0", "value": "2019-11-08T05:32:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "450a4a30-ba6d-4472-999b-b7c0cb7f846e", "value": "https://www.virustotal.com/file/8ad3156593ffbf173177d099cfcbf40b356d4bef42ac6a5a70e6481785fdabce/analysis/1573191126/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "3eef9403-dd31-4bde-b441-74d3ae25423d", "value": "11/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055347", "uuid": "f9604190-10c4-41ee-b981-2871bf53e73a", "ObjectReference": [ { "comment": "", "object_uuid": "f9604190-10c4-41ee-b981-2871bf53e73a", "referenced_uuid": "9e983312-376f-4ab8-9881-e110e5c4fa30", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-aec4-4077-8780-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "b67a254b-88f9-4236-921e-8d582cde1cc1", "value": "971f652c059ba8d1185d387609f0d7cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "2f930727-8544-4a7c-96c7-3ff9d98e5f32", "value": "2d41ce41d54558b2052915c36e03ed3460562f3e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "41364c37-4b88-40ea-9c91-4feea082d4b0", "value": "96689f58b3f9f44ca9c5bf133b1c880c03dfdada3b0c28cbb9cc6ee160974ce2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055348", "uuid": "9e983312-376f-4ab8-9881-e110e5c4fa30", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "b2e5c51f-1744-4db6-ba25-480ab18cd48e", "value": "2019-11-23T22:32:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "874ea461-ed17-441d-8cda-ed0b5330351d", "value": "https://www.virustotal.com/file/96689f58b3f9f44ca9c5bf133b1c880c03dfdada3b0c28cbb9cc6ee160974ce2/analysis/1574548374/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "9bcaff2a-6bda-4e32-96f3-64b42888332d", "value": "53/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055348", "uuid": "9eeda890-927c-464e-b272-333ccb1d3058", "ObjectReference": [ { "comment": "", "object_uuid": "9eeda890-927c-464e-b272-333ccb1d3058", "referenced_uuid": "6e50a755-b8dd-414c-b623-07ff6a2ac065", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-fab0-4e29-9ce7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "270a9727-1446-4ea8-a68c-f4a1094eac2d", "value": "bdb047644336ba19af0dfa6057e807c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "4d36f175-d09d-4a97-a0f3-a937c504ab43", "value": "8d49d21566513de1a70be762e20db3142635bd40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "57148dad-e256-4326-ae26-667d5da34d0e", "value": "60a0d505ed7870300d7f47928f551d39526a735f074bae05d163e2a62389f9fb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055348", "uuid": "6e50a755-b8dd-414c-b623-07ff6a2ac065", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "e1704928-c648-4d57-883b-8611e6241e77", "value": "2019-11-27T03:39:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "4e3ddd4f-49b0-43f0-86fe-68b76d451593", "value": "https://www.virustotal.com/file/60a0d505ed7870300d7f47928f551d39526a735f074bae05d163e2a62389f9fb/analysis/1574825971/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "10a74062-a036-4bbf-94d0-d044254a5027", "value": "56/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055348", "uuid": "b984b421-3546-43ec-8344-db330fd09d51", "ObjectReference": [ { "comment": "", "object_uuid": "b984b421-3546-43ec-8344-db330fd09d51", "referenced_uuid": "79699cf2-b8f5-47d8-befa-6b82e9355fe7", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-5e8c-4691-a71a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "78eaba45-c5f3-4a7c-a90f-ad34e5ea29fe", "value": "7a4f86cf957f2e3c32cf12df3b8dfcb1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "46da44c3-fd8a-4b39-afad-12abba114c7b", "value": "ae56a8149212a889286105e452f1937368576ca7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "48c28681-bced-424d-9448-af157e65e786", "value": "143572af9a036032d8a0ff56a8dd828220d0ef3aa0469058261beb9cb687c30a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055348", "uuid": "79699cf2-b8f5-47d8-befa-6b82e9355fe7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "704dd2dc-9dc8-4ef1-9d03-f1439e131d6e", "value": "2019-11-21T10:45:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d68e1d3e-0d5f-4d84-84c7-33880c85f3d7", "value": "https://www.virustotal.com/file/143572af9a036032d8a0ff56a8dd828220d0ef3aa0469058261beb9cb687c30a/analysis/1574333140/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "3b6aed8c-aef8-493d-9494-6578fdf6fd98", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055349", "uuid": "1fdac306-8c84-465b-8b79-04b0d475093a", "ObjectReference": [ { "comment": "", "object_uuid": "1fdac306-8c84-465b-8b79-04b0d475093a", "referenced_uuid": "ffdb3b2a-3c94-486f-a65c-987a2be986ee", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-4014-4432-9b03-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "44a72537-323a-4336-b538-b862fb18ccec", "value": "6b875a69b552a94d4763122347859d5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "bdbf48ab-8010-4bc8-98f0-5ec89fb7e858", "value": "295b261901c0ce65eed4f8cfbf23da7b78913892" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d23a3a87-afdf-47b0-b7fc-d6d0e2baee1f", "value": "1e67614d79d390bc8b2ceb10744b3015d545ca15bcaa688cffe1e066f227f776" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055349", "uuid": "ffdb3b2a-3c94-486f-a65c-987a2be986ee", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "abe073b4-d996-43c7-88b5-c599fad3c379", "value": "2019-11-20T13:20:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "ad4cfeb9-8e52-4e5b-b134-f29021d1e687", "value": "https://www.virustotal.com/file/1e67614d79d390bc8b2ceb10744b3015d545ca15bcaa688cffe1e066f227f776/analysis/1574256032/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "2db6bc20-73e6-4ca4-9242-0386e16e7133", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055349", "uuid": "e2312244-516e-468a-8cdf-97d0ada59a51", "ObjectReference": [ { "comment": "", "object_uuid": "e2312244-516e-468a-8cdf-97d0ada59a51", "referenced_uuid": "a639c694-9dd7-434a-bf7a-f51ad0e469d9", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-a084-47d5-9b30-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "f84e1e6d-e612-4958-9fc7-1bdc4e5491ce", "value": "001f6bb8e9d2c4dd140bd69d1ac58ad0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "6f1874a7-0074-414d-842c-e011744b9238", "value": "5f73628a8707e9ba6ae136ec3a3e8b6af37cd628" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "f184afda-f171-4e5c-8de7-10682d270e1e", "value": "95b4a039248c58c3886e6735ce41e3a2aa18ed7e4b9c60cfcf1ab0a4e013a275" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055349", "uuid": "a639c694-9dd7-434a-bf7a-f51ad0e469d9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "85de083f-ced4-4081-abc6-d5b08cd13899", "value": "2019-12-06T07:04:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "29aadbed-24b0-44ca-ab78-ff9f5e322c88", "value": "https://www.virustotal.com/file/95b4a039248c58c3886e6735ce41e3a2aa18ed7e4b9c60cfcf1ab0a4e013a275/analysis/1575615840/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "a9b1a5b7-d313-4b48-9f90-92c4a8834694", "value": "60/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055349", "uuid": "e47e2828-2a48-4ee3-b3bc-de782c7ef605", "ObjectReference": [ { "comment": "", "object_uuid": "e47e2828-2a48-4ee3-b3bc-de782c7ef605", "referenced_uuid": "c768ca64-4061-4565-8b5d-f720aa735f96", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-6390-40d9-bd5e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "08604b4f-3668-4a51-b1ad-5ee94b0720ba", "value": "2f583ecc03d2944bf4ce1b0f3bad439a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "b99d5e76-6ded-4042-9e5b-6484f6f463b0", "value": "1613ded85b175277f5f62fc48f596f504b584681" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a8fce696-ee71-47f1-beee-d9b71efcbe5c", "value": "0f3c3ba71c343b83234ec64f5567072b0c3104cbf042da63f1b250fec52a3193" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055349", "uuid": "c768ca64-4061-4565-8b5d-f720aa735f96", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "0c5f54f0-2397-41b0-9fd4-d6c2a5153cee", "value": "2019-11-14T09:10:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "6f14c46e-a700-4852-b1ae-9401580bf410", "value": "https://www.virustotal.com/file/0f3c3ba71c343b83234ec64f5567072b0c3104cbf042da63f1b250fec52a3193/analysis/1573722651/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "bd08fdfe-1b18-4284-a799-513093042182", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055350", "uuid": "5d137df9-f16c-44a3-82d8-f2f77bc2fe37", "ObjectReference": [ { "comment": "", "object_uuid": "5d137df9-f16c-44a3-82d8-f2f77bc2fe37", "referenced_uuid": "4cef0992-a69b-4bc0-8e3a-608234f1d26e", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-244c-44d2-bb12-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "6db38183-c477-48a2-8653-cf2e0478aae6", "value": "078563a69f3ce846dd39e5567e16cb4b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "37fe4f5b-afe6-4cbe-9a22-25602cfea999", "value": "f98159f23f4f0945c30d9fef2dbc80926a9917d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "66a27f28-aa96-4e9f-84e5-5c2cda554327", "value": "8618e3362f008deddb91a883b943bc250651d45016ecf8f98160c1ee30c31376" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055350", "uuid": "4cef0992-a69b-4bc0-8e3a-608234f1d26e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "d16bad28-b241-4b00-954e-38eda8eff154", "value": "2019-11-11T17:22:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "4d7b86bb-79de-4e29-9bd3-1658f2c46ba6", "value": "https://www.virustotal.com/file/8618e3362f008deddb91a883b943bc250651d45016ecf8f98160c1ee30c31376/analysis/1573492974/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "4303e3d2-7816-47e8-bafb-c9c5601019b2", "value": "33/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055350", "uuid": "b2f0df78-42f7-440f-8a3e-d0578ff2c69c", "ObjectReference": [ { "comment": "", "object_uuid": "b2f0df78-42f7-440f-8a3e-d0578ff2c69c", "referenced_uuid": "9e0d7701-e758-4b09-a953-2ea4a67743a6", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-9cdc-4ded-9051-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "9f46495d-84cf-4cde-aa95-d1ef300a5803", "value": "dcc6d47f3a8258b8d823ecac6f68b482" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "783fe65f-0cc9-4893-929f-9baf2fef51ae", "value": "189c97e30d132bb0ea78767fe2efc75a02d36b82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "3f031350-e354-45d8-aef2-34259d8829e6", "value": "ff30ff65e97407715f6d03b6912ca42d87b912ae1e40b473e6738887aa1c3264" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055350", "uuid": "9e0d7701-e758-4b09-a953-2ea4a67743a6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "bd8d59a1-1538-4d5a-be49-c3038433c7a6", "value": "2019-11-17T08:33:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "0f7db865-3adf-46b8-93ad-237239d2d6f5", "value": "https://www.virustotal.com/file/ff30ff65e97407715f6d03b6912ca42d87b912ae1e40b473e6738887aa1c3264/analysis/1573979611/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "ce020a54-a765-4d77-b733-75cf2af32ab1", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055350", "uuid": "8cd6651b-a7bc-4da8-aa76-4698e77aaac1", "ObjectReference": [ { "comment": "", "object_uuid": "8cd6651b-a7bc-4da8-aa76-4698e77aaac1", "referenced_uuid": "14d365b0-f7a8-4e2e-a026-e564567fb451", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-ef24-4222-b3ac-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "8a9cf733-29d1-44a9-bf84-0b0bf18dd477", "value": "22a81d03840e37e11e49d7c4a2fcc2d3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "b8275c9c-afc2-4274-9f84-7a96063bfe50", "value": "7e7bd195285117810963cd20975cfd8f900cc9bd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "c74a110c-1f04-4159-a733-1bedcdaa608f", "value": "95123b3142be5d6c9a3cdbce974d10cddc4b2796e243d2f64ea9f909cb00eb29" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055350", "uuid": "14d365b0-f7a8-4e2e-a026-e564567fb451", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "ef17cff5-1a20-4b5d-978f-33340f9e19ab", "value": "2019-11-04T15:58:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "1c487518-ef0b-477f-9eba-ba597ae1d54b", "value": "https://www.virustotal.com/file/95123b3142be5d6c9a3cdbce974d10cddc4b2796e243d2f64ea9f909cb00eb29/analysis/1572883106/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "dd0ee7cc-4baa-479a-bcf4-93cf4d37d8cc", "value": "9/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055350", "uuid": "52b2c640-0b6c-411f-8a0d-b194db9d6378", "ObjectReference": [ { "comment": "", "object_uuid": "52b2c640-0b6c-411f-8a0d-b194db9d6378", "referenced_uuid": "2e9e748d-071a-46ba-b209-0fcf55b57f0f", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-c1f0-4e5c-b71d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "d26acc00-f2df-4af7-9ee0-4b33b1092a37", "value": "b598a4fcb7ad305756e5f0b96de9e631" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "dd4211be-f039-46bb-9047-cb5e2b0ef52c", "value": "a80a3c1a9e107be1b5d6e9fd83060e0164469561" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "9b00a054-733b-4706-acdb-d51b5a769ca9", "value": "9aa74d061e986ac65dcf4243d6229122666d1ebe5e5c8c278f109d5d8a74ae80" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055351", "uuid": "2e9e748d-071a-46ba-b209-0fcf55b57f0f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "e470cd76-9422-4d76-8f01-f6b43297962e", "value": "2019-11-10T22:44:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "54593a66-8ea5-4d69-9bf6-3993f6ae82e8", "value": "https://www.virustotal.com/file/9aa74d061e986ac65dcf4243d6229122666d1ebe5e5c8c278f109d5d8a74ae80/analysis/1573425844/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "c51f3e08-b611-4bd7-a136-584b914b14d5", "value": "29/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055351", "uuid": "7df70663-58fe-4509-b0dc-d5d6315c08ff", "ObjectReference": [ { "comment": "", "object_uuid": "7df70663-58fe-4509-b0dc-d5d6315c08ff", "referenced_uuid": "95da7e68-522b-4946-a596-37288c33b6c6", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-54ac-4f48-ac52-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "21f85e5b-aa39-45fc-8780-34a1d75b14a0", "value": "903b19da8406407bf8968f8fbd90eee8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "ade772a9-9ad2-4acd-9271-fa8ca39540cf", "value": "41989ff9bd710925298dd9f9d25dfc213419d57d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "4c67cb50-8f5c-4031-903f-1534c6ddc579", "value": "c09a454de3ee3b814d0ad8530ea962596dc66ebc7366d9d731e273ff9560e87d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055351", "uuid": "95da7e68-522b-4946-a596-37288c33b6c6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "3bd51b0d-55e6-418e-8b80-7776390613dc", "value": "2019-11-21T10:44:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "afe6500e-6d56-4418-b25e-cd03288ed280", "value": "https://www.virustotal.com/file/c09a454de3ee3b814d0ad8530ea962596dc66ebc7366d9d731e273ff9560e87d/analysis/1574333068/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "f416b789-db97-42b0-8cd6-930ba4298ee9", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055351", "uuid": "d6289f73-5f31-4dc4-86dc-fc9c8a4e4d2f", "ObjectReference": [ { "comment": "", "object_uuid": "d6289f73-5f31-4dc4-86dc-fc9c8a4e4d2f", "referenced_uuid": "747ff1d3-f9a9-4d54-8653-269224f4abe0", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-be5c-4e37-a8f0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "4b14cf11-611d-4799-adc5-ea3197d4036f", "value": "191d1f7bed4ac6290d298ded5af9f549" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "85f2c82e-b01c-4201-893c-8ea240dea226", "value": "ac66566ce0c40c0fcb725a911a63d2082273b3dd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "fb5ab7ea-22fe-44d2-8437-185e347900b1", "value": "ffa4c0875faf1a430e725da129b5abaf874fe769dcfa88764554f53f866b9529" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055351", "uuid": "747ff1d3-f9a9-4d54-8653-269224f4abe0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "805139dd-59a3-4dda-9d59-a83dfdd06cd2", "value": "2019-11-04T17:21:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "c631b305-3386-459e-b35e-0ace443845fb", "value": "https://www.virustotal.com/file/ffa4c0875faf1a430e725da129b5abaf874fe769dcfa88764554f53f866b9529/analysis/1572888111/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "8597073f-c82c-4ac6-9996-f9f2d16461b5", "value": "10/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055353", "uuid": "73b0dd1f-f6ee-4dc0-b174-30a1d7645102", "ObjectReference": [ { "comment": "", "object_uuid": "73b0dd1f-f6ee-4dc0-b174-30a1d7645102", "referenced_uuid": "88f5e0ca-db40-49c6-ab76-631672d838e9", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-88b0-4894-8357-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "69d566ff-3abe-4c27-a4a4-63bed653f027", "value": "c560aa0ce5845ff01d0bff192582b4e3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "45d537d5-6067-4d94-b4c5-d16ffd44d0cf", "value": "0341893c34440f6dd695c73f97eb850c81042737" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "9b0c5206-0033-425d-beeb-aac8685f8de9", "value": "78caf93f28ed33a68d9c877e65d3329438f222c4069277fbaae540fc7912f6f0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055353", "uuid": "88f5e0ca-db40-49c6-ab76-631672d838e9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "3434dcff-0ae4-4674-95f0-ddcd9eb7a38a", "value": "2019-11-19T14:56:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "8d2a7175-4b58-4dce-8b44-aa6707c53348", "value": "https://www.virustotal.com/file/78caf93f28ed33a68d9c877e65d3329438f222c4069277fbaae540fc7912f6f0/analysis/1574175369/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "4731d086-87ac-4f80-9395-5238f739270b", "value": "30/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055354", "uuid": "834968d5-1a82-47c6-b38d-1d07cc666f1a", "ObjectReference": [ { "comment": "", "object_uuid": "834968d5-1a82-47c6-b38d-1d07cc666f1a", "referenced_uuid": "ad9a99cc-55a2-4be5-aa2f-57485a1c382c", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-11d0-444f-9da1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "44c38d29-7411-463a-b483-5ccb7cfcc2ce", "value": "ab34fd3745381d9ffa027dd95b6f330c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "6a2a95b0-4b7f-49f4-80e0-8c4a3d63c2ef", "value": "be2fb144d876df983c5385d81c968bb5a8876217" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "0e72cc74-4347-4f3b-b893-1a5e347ae261", "value": "b6e6975a76b305c753c8e85b854fb759622055f71fcc109f5d2074b394e0bf24" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055354", "uuid": "ad9a99cc-55a2-4be5-aa2f-57485a1c382c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "4b80859a-c626-4a97-966f-5fcf5f27407f", "value": "2019-11-14T09:10:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "1cf37e3e-77c9-45cd-9c1d-3b658eaaa1bc", "value": "https://www.virustotal.com/file/b6e6975a76b305c753c8e85b854fb759622055f71fcc109f5d2074b394e0bf24/analysis/1573722649/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "5024a0a7-de99-45cb-8bbe-c07d5d5d18e9", "value": "51/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055354", "uuid": "af18f7b6-3eaa-4a20-8b94-16ff1fea68c6", "ObjectReference": [ { "comment": "", "object_uuid": "af18f7b6-3eaa-4a20-8b94-16ff1fea68c6", "referenced_uuid": "855313e6-0a4d-48c3-8c9a-651443069d81", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-42c0-4c6a-8311-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "b6d2a115-0690-4ef4-9f2c-405156463fd6", "value": "35dfde67229abf292d8545b8e22ec8e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "26b7528e-6caf-4ce4-b235-c7dadd12e537", "value": "7e9a48ea5297c37aa6a75fb133e4d522b0e99bb3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "ceb028d6-482e-42c6-8212-9d399691f924", "value": "fd0014cc7ec0ba63e363f60e94870beace7e0f649d5609accb8d4cc83a559e20" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055377", "uuid": "855313e6-0a4d-48c3-8c9a-651443069d81", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "4d50fa2a-d799-4817-b99f-c32b467c80f4", "value": "2019-11-29T13:53:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "f56887c8-fbef-42db-acb3-cb1458eb18f9", "value": "https://www.virustotal.com/file/fd0014cc7ec0ba63e363f60e94870beace7e0f649d5609accb8d4cc83a559e20/analysis/1575035616/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "d1d5a03f-b002-4052-b839-ea009165320b", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055377", "uuid": "f621cf4e-e2fe-4191-baa7-bd7976d7e961", "ObjectReference": [ { "comment": "", "object_uuid": "f621cf4e-e2fe-4191-baa7-bd7976d7e961", "referenced_uuid": "6cce9811-cfdf-4980-9ebd-ac168212f216", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-daf4-4e93-873c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "acaa2c00-6ee6-48af-9a98-43d77674ab23", "value": "ed1f07046309c06fb0ad70141620050f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "303c8d23-1d83-407b-809a-32e5359da338", "value": "49d509716cc497964951b8d0e38c666c83cb13ae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "1a1cefd7-1af1-4649-b80d-a0f86fdb89af", "value": "d39c4d688026e814136165c76b8f4406c620353b9ff9c048a083b40293067e2a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055378", "uuid": "6cce9811-cfdf-4980-9ebd-ac168212f216", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "de55a884-51dd-4cda-b052-831e6c7b7fcd", "value": "2019-11-04T17:41:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "b63d6733-2c24-4645-9b98-c71c22f968f5", "value": "https://www.virustotal.com/file/d39c4d688026e814136165c76b8f4406c620353b9ff9c048a083b40293067e2a/analysis/1572889306/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "823f07df-0437-483c-8c79-5e142a9184db", "value": "10/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055378", "uuid": "6ef008fa-8022-452b-bbd4-5e069fb5d1ef", "ObjectReference": [ { "comment": "", "object_uuid": "6ef008fa-8022-452b-bbd4-5e069fb5d1ef", "referenced_uuid": "d4162df1-da6f-4448-b4b5-d6c6b8bf313b", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-2fb4-41b1-9406-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "ef93ac03-7db8-4dea-8d0f-2d9e659137b1", "value": "f6522e5b6952a9dbd399b1de16afce19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "6d9a056e-f46f-40fd-8703-2dc38e4f5819", "value": "9b585459a1a7c1a3bc73b5a2150f96b4840e397b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "d4b43d31-e7bc-4114-a303-ae37e1a0315c", "value": "3777619b23c946d08a275d374bcaf3add3e377722f9e24157cd2cac3861532c8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055378", "uuid": "d4162df1-da6f-4448-b4b5-d6c6b8bf313b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "a32e8218-3752-405b-85ea-4f3675ce3d9a", "value": "2019-11-26T12:23:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "c4819f81-d8cb-4016-99ef-6579d1f7a739", "value": "https://www.virustotal.com/file/3777619b23c946d08a275d374bcaf3add3e377722f9e24157cd2cac3861532c8/analysis/1574770986/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "c2b70550-521e-46bb-aad5-8c918040f829", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055378", "uuid": "debf20d3-7b2e-4364-80bc-ce7d116f0901", "ObjectReference": [ { "comment": "", "object_uuid": "debf20d3-7b2e-4364-80bc-ce7d116f0901", "referenced_uuid": "ac2df624-1ecb-4b0c-ba28-8948b4203c6b", "relationship_type": "analysed-with", "timestamp": "1576055861", "uuid": "5df0b435-6784-4411-a5a0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "e0283985-af42-4e96-b7db-835b165aa70f", "value": "e26edd7b1f318f4f44667bf915330180" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "cc4f0678-5fef-4806-acf0-882b2ebe9611", "value": "e83c613556b8a4f1604f8aa5908152af7283555a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "e117c6c5-16bb-4a8e-8d57-3404d3ba32af", "value": "0da7ebb8576f1ff0989c85b370bd8113bba622619509f64570dcfcc751bbd5eb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055379", "uuid": "ac2df624-1ecb-4b0c-ba28-8948b4203c6b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "e49f6436-ad75-47d3-8342-0d9b021713e1", "value": "2019-11-17T03:34:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "9a622d0c-c886-4045-a2a0-360a4a287a87", "value": "https://www.virustotal.com/file/0da7ebb8576f1ff0989c85b370bd8113bba622619509f64570dcfcc751bbd5eb/analysis/1573961683/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "b8f05ddc-a7cf-47bd-9446-e5cacd279111", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055379", "uuid": "1d2b033b-9412-4234-ba79-ecc2b81ee7c8", "ObjectReference": [ { "comment": "", "object_uuid": "1d2b033b-9412-4234-ba79-ecc2b81ee7c8", "referenced_uuid": "32b4bfb7-fa21-471f-ab73-c2107993457e", "relationship_type": "analysed-with", "timestamp": "1576055862", "uuid": "5df0b436-16cc-4f9b-89c9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "cead371b-de9f-4020-9a82-0336996afa73", "value": "e9b79d08fe6d48317ffb5f46b46cdf10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "9a9a2cf4-6709-4456-ac22-b34d466e179b", "value": "ee61162ab3dcc6fbe10a9f95d6616527db3c350e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "376493ea-5fbc-45e4-a286-75c5ce999fd0", "value": "ec8983d519b411aeef042ad15f794e817855421f0cf4d00c3e858c4e6817cedb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055379", "uuid": "32b4bfb7-fa21-471f-ab73-c2107993457e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "b5b3fa95-d8fd-4756-b73c-dbb8440de595", "value": "2019-11-14T05:43:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "c81529ae-9f90-4860-803b-a980cb557cbf", "value": "https://www.virustotal.com/file/ec8983d519b411aeef042ad15f794e817855421f0cf4d00c3e858c4e6817cedb/analysis/1573710197/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "2a712caf-6426-4412-a63b-7c6e859ff3ef", "value": "49/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055379", "uuid": "19cc2434-e10e-41ab-8507-f4fdafb4d98f", "ObjectReference": [ { "comment": "", "object_uuid": "19cc2434-e10e-41ab-8507-f4fdafb4d98f", "referenced_uuid": "ba0df8a7-c288-43c1-9721-e9471d8d902b", "relationship_type": "analysed-with", "timestamp": "1576055862", "uuid": "5df0b436-c204-40a0-87e9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "dbfb2ae6-6501-4e82-9ff2-03d63420865a", "value": "482e67212aea2c19178a77b958478d07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "8f344383-e688-4d18-810b-8a2d0be9203a", "value": "51c73bc65b75cf273cc15d538ad2b489001f797e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "d31eff3b-5282-441e-8d45-a9bb3a007356", "value": "43bbf8b4bfa3ead1ceac9c7813c1d848f446886c83274dcd1c98ff2240249684" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055379", "uuid": "ba0df8a7-c288-43c1-9721-e9471d8d902b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "7d74727b-b0ad-441d-a958-7dd7ca602629", "value": "2019-11-11T17:30:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "e9ad8915-24bd-4388-94e1-a6c5f1527e3e", "value": "https://www.virustotal.com/file/43bbf8b4bfa3ead1ceac9c7813c1d848f446886c83274dcd1c98ff2240249684/analysis/1573493445/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "50bb23a8-fc5d-4323-98dd-e3f6cdbab1ff", "value": "39/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055379", "uuid": "990911cd-1546-4834-8afe-22d4f992f8f2", "ObjectReference": [ { "comment": "", "object_uuid": "990911cd-1546-4834-8afe-22d4f992f8f2", "referenced_uuid": "f9578ad9-21bb-40bc-8fd9-a0c401d70399", "relationship_type": "analysed-with", "timestamp": "1576055862", "uuid": "5df0b436-785c-498a-8c97-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "7f03ff5b-f06e-43e0-b7ef-56dc4d9ee26c", "value": "e199264e51501ff1e7a28b02b974540c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "995f86a6-57ea-474e-9012-8435cfde675e", "value": "b1924fd0fdb23aa2d16fcaeba718fbe3f54cb055" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "264786e8-d653-42a6-b6ca-a9ad57e6b250", "value": "9756df0c33af1509974388fc6f1c01ba737ff750a010fe33f6b310c29232bd99" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055380", "uuid": "f9578ad9-21bb-40bc-8fd9-a0c401d70399", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "51359e8a-ddb6-44b1-9919-87e9bde261a8", "value": "2019-11-04T17:32:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "70a32908-65b2-49ba-a0e5-4ee4fe62f543", "value": "https://www.virustotal.com/file/9756df0c33af1509974388fc6f1c01ba737ff750a010fe33f6b310c29232bd99/analysis/1572888725/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "614c1d28-d3ef-419e-889b-49e321ac15a1", "value": "10/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055380", "uuid": "61649bc8-85ea-4a00-a42a-ab2733d534ff", "ObjectReference": [ { "comment": "", "object_uuid": "61649bc8-85ea-4a00-a42a-ab2733d534ff", "referenced_uuid": "03f94760-3040-4661-97dc-901931fcdba8", "relationship_type": "analysed-with", "timestamp": "1576055862", "uuid": "5df0b436-68a0-4962-981b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "962810b2-708e-4cd5-8c6e-db16e55629ef", "value": "30d1e8ea9539ced99a9ac78163c23a88" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "86cc3c19-1ce3-4417-9e47-9a5d9b345b7f", "value": "2e999fbfe02969863c801be20adcd6d8f606ec27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "8a3eed06-e52c-4615-822f-bbe5f9ca4187", "value": "64ecad0a55b2950a40af2c2c6b67177b54ccac3a97e417ca42d0c55ce4b365bb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055380", "uuid": "03f94760-3040-4661-97dc-901931fcdba8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "1e6d7bec-dcb0-4790-bf70-b25645223d4d", "value": "2019-11-17T03:36:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "71e745ca-c237-4959-a694-7db627254d00", "value": "https://www.virustotal.com/file/64ecad0a55b2950a40af2c2c6b67177b54ccac3a97e417ca42d0c55ce4b365bb/analysis/1573961787/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "47b40950-2ff8-429b-8e06-8ac87f3d5a2d", "value": "40/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055380", "uuid": "4f14f254-78de-4214-bc39-c0df5a560d29", "ObjectReference": [ { "comment": "", "object_uuid": "4f14f254-78de-4214-bc39-c0df5a560d29", "referenced_uuid": "93e1d54f-78bb-4456-9ad9-20a0684a8c5a", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-29c0-4788-91d1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "f36352a5-2d9f-4fe1-8e17-0408413efcd8", "value": "0524f6867de7c46bcdb40f8104d899e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "b908e705-19a5-4527-90f6-fdd6059f3f34", "value": "4fcd95350adfde60b1ff4048c75d4061c3d24704" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "153c3671-9fa0-40d9-8643-38f5b5c0b196", "value": "c7c31829c31467ef1ec99d169682c80a15ea6940249dd28e5d206a493e66b0a1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055380", "uuid": "93e1d54f-78bb-4456-9ad9-20a0684a8c5a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "9b37653f-2cce-4196-99eb-275b5528f53d", "value": "2019-11-10T08:12:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "31567505-23e9-48e5-b37b-f345dfa48b07", "value": "https://www.virustotal.com/file/c7c31829c31467ef1ec99d169682c80a15ea6940249dd28e5d206a493e66b0a1/analysis/1573373543/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "e29230a5-8361-4e3c-81bb-2f02e9c0eb03", "value": "14/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055380", "uuid": "1cc552f1-b224-4112-a745-d38d157a1970", "ObjectReference": [ { "comment": "", "object_uuid": "1cc552f1-b224-4112-a745-d38d157a1970", "referenced_uuid": "011facc9-5dcd-4acb-9b28-35f8abb33b32", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-7a40-4554-9023-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "ea72d8c2-d83e-4751-9f5e-0647e9b58781", "value": "5525502305d74d0b9af894b97a7c58e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "de02178b-3e12-4936-b7e6-f31d5bcbea59", "value": "c7bf167b27d0555d8fca888560484f316814fdc2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "778a259e-9943-4244-a023-f9387f712b8a", "value": "3fff30a09c222236dcbbe2ba82d30222a391b6d6fc5e11660b5e32910990b097" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055381", "uuid": "011facc9-5dcd-4acb-9b28-35f8abb33b32", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "5254b494-741d-47b3-8714-fffa64c7b053", "value": "2019-11-18T07:37:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "e6fb0ea7-602a-4a6b-8ccc-7b0de92c430d", "value": "https://www.virustotal.com/file/3fff30a09c222236dcbbe2ba82d30222a391b6d6fc5e11660b5e32910990b097/analysis/1574062643/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "4c10175a-cdd5-4a1b-a7d4-a2f769220a50", "value": "51/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055381", "uuid": "6451bdc5-05f7-46ac-bb4a-2ebbe7779aa7", "ObjectReference": [ { "comment": "", "object_uuid": "6451bdc5-05f7-46ac-bb4a-2ebbe7779aa7", "referenced_uuid": "1c344cfb-d472-444d-8ac4-89d0a9fe796f", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-04a0-40e9-96f6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "ef368df9-2943-4d09-85cf-b103a722e857", "value": "2177272c65f8e1795f4110e277abd0a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "926debca-c729-4a28-85dc-91c1e408ca08", "value": "a112102cd58e7c09df74c8d40ad382bac3b4222d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "2838f789-0663-42ad-95a0-b867a8c8c561", "value": "28496862543b5f6201b033f7ab19e390b3a7915b7d3557629f3d2f2f8292a586" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055381", "uuid": "1c344cfb-d472-444d-8ac4-89d0a9fe796f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "6f9d2ca5-c123-4d54-94bc-2ff6af1b3de2", "value": "2019-11-17T03:33:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "700c10a6-5341-4e83-ae9b-ffad2c4bc9ce", "value": "https://www.virustotal.com/file/28496862543b5f6201b033f7ab19e390b3a7915b7d3557629f3d2f2f8292a586/analysis/1573961621/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "bee63a98-a27e-4ae8-834e-edaa1b41a97d", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055381", "uuid": "7c830d89-4fd2-444c-b4e9-dee3d0c4c995", "ObjectReference": [ { "comment": "", "object_uuid": "7c830d89-4fd2-444c-b4e9-dee3d0c4c995", "referenced_uuid": "993b393f-8537-40ce-98a2-0b9c885656ea", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-c530-4246-bd64-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "fe95fe0a-2ff0-4b12-85e0-5ce84616563c", "value": "abec55126b258d3fc41c54f59b3f5da0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "356afeea-a273-48aa-ac68-7f946c7776d0", "value": "702c200316ab16450d49b90664f197326f6e1517" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e3fa316d-249d-485b-b3c7-dbe4d65102de", "value": "9df13782a06a77cffe00501500a6c75edecf37d04bd532eb3a1c7995167e087b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055381", "uuid": "993b393f-8537-40ce-98a2-0b9c885656ea", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "60b5f2b3-c602-4f72-b1d1-678d3b919c41", "value": "2019-11-14T17:14:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "0a0857f8-bda4-450c-9d27-65736dc4f279", "value": "https://www.virustotal.com/file/9df13782a06a77cffe00501500a6c75edecf37d04bd532eb3a1c7995167e087b/analysis/1573751682/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "f206f0ce-9b7e-4b0b-86d1-df5501fc4071", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055381", "uuid": "7b69acd0-5b57-43b4-bb0e-8533ec34f7eb", "ObjectReference": [ { "comment": "", "object_uuid": "7b69acd0-5b57-43b4-bb0e-8533ec34f7eb", "referenced_uuid": "4a5a3841-ab89-40a4-bd73-520e5c71800f", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-2930-4935-a598-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "742a7d92-1837-4ac8-a1fc-b30515077356", "value": "08e12ed3fc6fde77eb8da82f6be7c4ce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "3655548d-3cba-451d-9ed5-0fd0a456f95d", "value": "b92363b2f5f9ad7866fc540503aafd2e79f142c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "39ef8a2e-9655-4930-b839-606ac8fd43e5", "value": "cda99d9277b3b982db98b7896280ca67dfb7e7434ef99b1a31f4de8e3faf4d81" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055382", "uuid": "4a5a3841-ab89-40a4-bd73-520e5c71800f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "5730891c-a51a-431f-a1d0-31d1a505c0bf", "value": "2019-11-10T21:30:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "5ee57ec0-cf50-477d-9e23-84738d1a0505", "value": "https://www.virustotal.com/file/cda99d9277b3b982db98b7896280ca67dfb7e7434ef99b1a31f4de8e3faf4d81/analysis/1573421453/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "64ade015-1e59-4467-a30a-81b0499ca714", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055382", "uuid": "015ec164-a274-4459-a93d-7f10c3d98b92", "ObjectReference": [ { "comment": "", "object_uuid": "015ec164-a274-4459-a93d-7f10c3d98b92", "referenced_uuid": "8bc83cd6-5f03-42df-ba44-f321406ab01f", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-3f70-4d78-b410-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "c327a71d-a7e3-448c-86ba-e2c829a53a03", "value": "c70ffa3be5016526a8e83d705d618220" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "e8cdd8ef-c8e2-4c1b-b49e-73cadab58b5f", "value": "01660923057d7f7922b328fa9bb40c080c00c2b7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "72804851-2ecf-4d55-b22f-47195eb112a2", "value": "eae7fa17ec085510884e359794e7bd645ea09a541f8056c364622fb972b83e7b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055382", "uuid": "8bc83cd6-5f03-42df-ba44-f321406ab01f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "8c867e12-4db4-42cc-85bd-8e695c3fb444", "value": "2019-11-10T21:32:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "c6808a2f-1546-4b3b-ad87-89a6556e47de", "value": "https://www.virustotal.com/file/eae7fa17ec085510884e359794e7bd645ea09a541f8056c364622fb972b83e7b/analysis/1573421540/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "4b4b8600-770e-4337-bce0-589f7368e1a5", "value": "40/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055382", "uuid": "aa2a4eab-c640-495d-88e4-0c396fde1f7a", "ObjectReference": [ { "comment": "", "object_uuid": "aa2a4eab-c640-495d-88e4-0c396fde1f7a", "referenced_uuid": "1423a5bf-6b87-40a1-ba85-90cb015c11bc", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-5ba0-40eb-bbfa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "7ec75ae9-50c5-4d10-a1b2-249ce6218c65", "value": "a692d7b4287352419217323e6b1fec1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "201e828f-dcd6-43c8-ac3f-5131942aaf8b", "value": "7680a46865358e61460fef09155690d1663adc6b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "13bcbef9-1866-412f-9958-758f01aecdae", "value": "6fad038452d694046a6040b37057598bb05cbd6d898b92da03d9af7d8bae9d64" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055383", "uuid": "1423a5bf-6b87-40a1-ba85-90cb015c11bc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "ef369b82-316c-4d1b-9674-8753fa274221", "value": "2019-11-29T11:39:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "dd960e97-c650-4803-b5e1-69b0fb8f7a87", "value": "https://www.virustotal.com/file/6fad038452d694046a6040b37057598bb05cbd6d898b92da03d9af7d8bae9d64/analysis/1575027561/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "4145de73-a2f6-4c29-83dc-d71a334becfe", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055383", "uuid": "ace7defc-9735-4613-b3fb-9e31125f1eda", "ObjectReference": [ { "comment": "", "object_uuid": "ace7defc-9735-4613-b3fb-9e31125f1eda", "referenced_uuid": "577481d1-9d6f-4c45-aa66-1db3601b5411", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-b1a4-4f52-8938-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054878", "to_ids": true, "type": "md5", "uuid": "aaaff6e5-2a39-4028-9684-347e6e952e56", "value": "efd98b175d9920697712732364ec5114" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054878", "to_ids": true, "type": "sha1", "uuid": "c5a347f2-4515-4a56-bda8-a02771b947dc", "value": "87895e1372a0f953d7ee7c8bfeaf6833ddf09b2c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054878", "to_ids": true, "type": "sha256", "uuid": "9f7abc13-97b2-4358-8bff-69b2a757b2d1", "value": "9e655561670e1d8c0b424a935b58d1b9e62dd507fdd177b7695bcbf47ae1e7a8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055383", "uuid": "577481d1-9d6f-4c45-aa66-1db3601b5411", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054878", "to_ids": false, "type": "datetime", "uuid": "71725104-3744-4e29-a3f1-a3b0f1161dfc", "value": "2019-11-17T10:15:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054878", "to_ids": false, "type": "link", "uuid": "ec13cb74-b1f9-491b-8396-be670609583e", "value": "https://www.virustotal.com/file/9e655561670e1d8c0b424a935b58d1b9e62dd507fdd177b7695bcbf47ae1e7a8/analysis/1573985735/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054878", "to_ids": false, "type": "text", "uuid": "71c15372-4d43-48ad-9023-20fff9d4ea68", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055384", "uuid": "675f1102-34a2-470f-9f12-3fcb2530b2da", "ObjectReference": [ { "comment": "", "object_uuid": "675f1102-34a2-470f-9f12-3fcb2530b2da", "referenced_uuid": "81363ce4-7dce-4ffd-bd43-7f1056a446fa", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-f6e0-46bf-932b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "e2e771bb-ba32-4b7e-968a-1a37cf7b1e49", "value": "92f6e45fbc289d7f8af63a9ebeadc175" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "c6de31ec-b071-4371-a6e0-102d1214257b", "value": "df7d3259998b6b8d9a97d4f10c44e5e7bb984eee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "c1836378-6f1b-41a2-bcde-7730421597ba", "value": "118c8b83363e1361c0e5687df0e6c8d4d5d265cd84ba778a6b7bd7a27f179c54" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055384", "uuid": "81363ce4-7dce-4ffd-bd43-7f1056a446fa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "2eab96ef-b98f-42f3-8720-8bb5dbab38c7", "value": "2019-11-26T14:07:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "11e17d21-c530-4e69-8822-5de2a8546973", "value": "https://www.virustotal.com/file/118c8b83363e1361c0e5687df0e6c8d4d5d265cd84ba778a6b7bd7a27f179c54/analysis/1574777243/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "adcb378d-8812-470f-a47b-bff3b76e0b39", "value": "55/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055385", "uuid": "6db377f7-be37-4153-be95-4aa62e6fcd17", "ObjectReference": [ { "comment": "", "object_uuid": "6db377f7-be37-4153-be95-4aa62e6fcd17", "referenced_uuid": "e05a9b63-89b4-45cf-b76b-cbde69e1641c", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-bb58-451a-9f32-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "7f8408ec-e1d1-4a7f-8a29-fed2dcd4f6bd", "value": "7f570b96698db9352a05824272457c31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "dce1032c-53a5-4830-bd5b-cfd62abd5287", "value": "015a87a15943cc7dcf1b1b4dcce55fa8839ae3ad" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "e3ea92b9-7840-4578-a1b4-6149fd6b6726", "value": "1eb43cca04f207dd7a107c81496a9dea67c457827c593ede89e75b4bd5b317f3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055385", "uuid": "e05a9b63-89b4-45cf-b76b-cbde69e1641c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "f166d8d4-3317-46be-bf98-a13329fc246e", "value": "2019-11-17T10:15:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "97a5ee98-0dc9-41ff-99c2-548fd3c315d4", "value": "https://www.virustotal.com/file/1eb43cca04f207dd7a107c81496a9dea67c457827c593ede89e75b4bd5b317f3/analysis/1573985744/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "4d1270a0-c2bd-491e-9b70-25736200d0a5", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055385", "uuid": "a3b2ddaa-5eb1-4e4e-9679-718ef9d63591", "ObjectReference": [ { "comment": "", "object_uuid": "a3b2ddaa-5eb1-4e4e-9679-718ef9d63591", "referenced_uuid": "b38f14f9-08fd-4d10-88a0-a050bbb3de6f", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-0674-4075-9787-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "f5b64b89-d0e6-4420-860e-4a2c7edca404", "value": "875aca73e60ec9be5eab257a24287bd7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "da6fc63b-a3a9-4502-9057-95e204c88c49", "value": "54afaf6f72c076dd1650a5ea2fce20e099aa3b03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "465cdb1d-1ad6-4fd1-b46f-1467576b925e", "value": "7a7c7d75c04c7a22240ee8223dd9161c4cc06d3f5f442ceba055af748aec487e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055385", "uuid": "b38f14f9-08fd-4d10-88a0-a050bbb3de6f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "e1800865-988c-442a-a001-b727f2fcf9ab", "value": "2019-11-29T15:11:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "a7617fff-cf17-4d86-957b-896b141c4974", "value": "https://www.virustotal.com/file/7a7c7d75c04c7a22240ee8223dd9161c4cc06d3f5f442ceba055af748aec487e/analysis/1575040308/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "26e9399d-d247-4d20-aaee-9cc1156fd35c", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055397", "uuid": "91cb5c59-36ac-407f-9255-7fbbd82f25a6", "ObjectReference": [ { "comment": "", "object_uuid": "91cb5c59-36ac-407f-9255-7fbbd82f25a6", "referenced_uuid": "59db51e8-4f1a-449c-94fe-e24d0a282761", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-1674-440d-9587-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "d9d97f4f-175c-46a0-bb67-2427cb4e0ad3", "value": "a9a638a304a5a6d3d25583e60c438b72" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "522e7843-3321-428e-8e65-4493125e81c1", "value": "02103ba4cda03fda90c51e453b4c238286f3a449" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "343b1225-57f3-4f44-ab30-6c8e5d56f51c", "value": "6b74139432e8eb9cfa5d695952798be4dcc2930e0718ff1e5ea9fbed0e9fe15b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055398", "uuid": "59db51e8-4f1a-449c-94fe-e24d0a282761", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "41033cec-6172-4ea7-bf60-0b751774d798", "value": "2019-11-20T12:07:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "05bf3c87-f606-4a8e-ae16-97100b7ff822", "value": "https://www.virustotal.com/file/6b74139432e8eb9cfa5d695952798be4dcc2930e0718ff1e5ea9fbed0e9fe15b/analysis/1574251620/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "b0f1dfaa-6781-48c2-8f15-fe340faedb96", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055398", "uuid": "c706bcc7-088f-4f88-a120-ffc65a6a06e6", "ObjectReference": [ { "comment": "", "object_uuid": "c706bcc7-088f-4f88-a120-ffc65a6a06e6", "referenced_uuid": "c6d0459f-086d-497c-9855-c5447d1825d3", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-01bc-491e-8c71-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "6c550f45-f7ae-4162-abe4-970bb99c1184", "value": "8d733714b962d08709dea8b2fa6ba342" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "e4c6fc3a-c295-4459-9af9-020719a0dbf6", "value": "fda40d854a2ada108330a43a978922f1518ea2fd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "09ce8cfe-6f83-43b7-9075-272c86d80f13", "value": "43ff3a3e53fe58d6b356a772b77df9caea2bb07e133a0bba78f64332b415d4ce" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055398", "uuid": "c6d0459f-086d-497c-9855-c5447d1825d3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "1045087f-6144-4fd4-bc92-a2b7abb10a52", "value": "2019-11-16T18:16:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "31670568-1a57-4176-8541-d992087d2122", "value": "https://www.virustotal.com/file/43ff3a3e53fe58d6b356a772b77df9caea2bb07e133a0bba78f64332b415d4ce/analysis/1573928188/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "6c09089a-16cf-493e-9f25-6d917e4e62f8", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055398", "uuid": "1c7b7be9-c366-49d8-b8a9-754aa1b93f55", "ObjectReference": [ { "comment": "", "object_uuid": "1c7b7be9-c366-49d8-b8a9-754aa1b93f55", "referenced_uuid": "e287d0a2-e783-49d0-8410-7f42e413f841", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-8bf8-4439-bf73-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "33da300e-06de-477c-b5b2-56411a73f5f1", "value": "556124dbf325a39c42c790fc035a76d7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "c00b370a-64e4-4bef-959c-89543ce7da76", "value": "dfbfe998648d375ea20dc6152e976ce361879125" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "83d3cf1e-42c0-49c9-9fe1-6b96d6070f61", "value": "e9b23b87a3d7cf6c408c0eeb588ff11f73c6e3ac8a2496550a3c0481758178c5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055399", "uuid": "e287d0a2-e783-49d0-8410-7f42e413f841", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "c39e090f-507e-4326-b65e-837e0cea9bcc", "value": "2019-11-26T15:24:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "c2d4181a-aeed-4094-873d-03c7f7fd4bde", "value": "https://www.virustotal.com/file/e9b23b87a3d7cf6c408c0eeb588ff11f73c6e3ac8a2496550a3c0481758178c5/analysis/1574781862/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "52de6381-6c5d-4f43-a3ed-a3625cea8bb4", "value": "56/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055399", "uuid": "3f6d211a-d796-40ed-bc41-c369ed217261", "ObjectReference": [ { "comment": "", "object_uuid": "3f6d211a-d796-40ed-bc41-c369ed217261", "referenced_uuid": "2aad3842-22c4-4221-b87d-12265d43a1b4", "relationship_type": "analysed-with", "timestamp": "1576055863", "uuid": "5df0b437-f918-48df-9cd6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "d3bf3df6-2457-436c-83d3-78ba9c17bbfe", "value": "0b05361bb9164460a23766bf077ee61a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "c6207667-459b-447e-ad02-5924fd05e07f", "value": "538a4370b9fb6e20ab09b715fb9298b45da176df" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "f167ad6a-95ba-48d2-b621-117b8c6bfd62", "value": "0f3bf370122c4d1ebcad5f2dcb6f4b60486953427ba8c95176df3298d1b5db85" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055399", "uuid": "2aad3842-22c4-4221-b87d-12265d43a1b4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "a037844a-afae-43b6-abdf-9f9e20ac0bff", "value": "2019-11-17T03:33:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "8c637415-d618-4fbe-b040-e727923ab0ea", "value": "https://www.virustotal.com/file/0f3bf370122c4d1ebcad5f2dcb6f4b60486953427ba8c95176df3298d1b5db85/analysis/1573961629/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "1dac213a-9d3f-4957-b8cd-c24acb663fa8", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055399", "uuid": "0ea2d283-1a5d-4367-8812-0fa934532135", "ObjectReference": [ { "comment": "", "object_uuid": "0ea2d283-1a5d-4367-8812-0fa934532135", "referenced_uuid": "e0e2a5a5-ef08-4488-8570-06d814722566", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-a5e0-41e7-8cf8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "40efe422-5b26-4717-a993-67ae97d8d209", "value": "4f7f584708193cfc5661680c7baa4766" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "7bbddd69-0864-43c3-9f24-07ad806f5488", "value": "3a65b4728573c818f47284e3e06f7ad37de5ef83" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "db5f31b3-f1e6-4082-af44-ff2c937de3bf", "value": "e9f6f49c3ca9a3eb7a4007b42b14c0621e5a01af78c9cdf2994cdc4c3333c4ee" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055399", "uuid": "e0e2a5a5-ef08-4488-8570-06d814722566", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "2a234ae5-2265-4c94-8ec9-da9a829134c6", "value": "2019-12-03T20:33:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "56ca0025-2621-4e0c-b541-5e0eff0cbb3a", "value": "https://www.virustotal.com/file/e9f6f49c3ca9a3eb7a4007b42b14c0621e5a01af78c9cdf2994cdc4c3333c4ee/analysis/1575405181/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "24aefe1a-58d1-4ba3-8008-b4edfa1806f7", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055399", "uuid": "8da2265b-d8b2-4191-9bf2-c7267078f161", "ObjectReference": [ { "comment": "", "object_uuid": "8da2265b-d8b2-4191-9bf2-c7267078f161", "referenced_uuid": "c3af7af2-ddde-4ee9-8d96-17be802ef8b2", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-8998-4651-b130-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "679340da-5cee-4ba8-859a-b7643d63de2a", "value": "b7b184ebf29fe761eb84074e143dcd29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "d017f35f-051d-4203-8c8c-b8b16d805d8f", "value": "296e7eee893e6f590cf469b37fb9ca54822e8e5c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5703c756-c68d-40a0-ac82-68e9bd941533", "value": "9bc659247414c693997f6f7dae795f529a35ccd4bb21184b35b205a022f4985a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055400", "uuid": "c3af7af2-ddde-4ee9-8d96-17be802ef8b2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "bbcdb34f-ec1e-40e8-8854-5ada101f3c77", "value": "2019-11-20T11:56:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "469634a0-ddc5-4575-9f0a-70f56c8016d8", "value": "https://www.virustotal.com/file/9bc659247414c693997f6f7dae795f529a35ccd4bb21184b35b205a022f4985a/analysis/1574250997/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "0eb9c9e1-ada6-40a0-9198-789a0884a829", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055401", "uuid": "0a5b77d6-e8ee-44e7-b9c6-4d6a1344883d", "ObjectReference": [ { "comment": "", "object_uuid": "0a5b77d6-e8ee-44e7-b9c6-4d6a1344883d", "referenced_uuid": "a5e5117c-32e1-431a-80af-f302be915453", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-a89c-4769-a682-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "c2c79af9-9317-4b7e-81f2-181416215b52", "value": "da538e50b129da152f58576f9bed0aee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "58280c13-8110-4958-9e45-fb0519e50888", "value": "2d5b82194a5673726d22d46f7c8b19ef4d21982d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "426c26b9-f586-4343-aa58-0991355438f7", "value": "98e70fef469167aa28027be07072243d4bde148f8af364d245b761729fe735de" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055401", "uuid": "a5e5117c-32e1-431a-80af-f302be915453", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "5320cb49-7ee1-4ced-bf17-fdaad8bdc81a", "value": "2019-11-18T07:37:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "07af7209-f7b2-45e6-857b-98018eba1c92", "value": "https://www.virustotal.com/file/98e70fef469167aa28027be07072243d4bde148f8af364d245b761729fe735de/analysis/1574062641/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "138f5972-f202-4f16-8b13-307e4828a723", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055401", "uuid": "e8c1cd66-8313-44dd-baa4-e5d56c6cb036", "ObjectReference": [ { "comment": "", "object_uuid": "e8c1cd66-8313-44dd-baa4-e5d56c6cb036", "referenced_uuid": "369fc7e4-6cec-4030-81a2-6ddab8cad305", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-0e8c-448b-81eb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "21abafc0-50ff-4637-9942-4ddd104a7976", "value": "eaa4a1e55fafdf295bdfc93e1e889304" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "a5a34c69-63c1-4dfd-a403-eed090846def", "value": "803873d38a16fa470a0d57706bd05029893d776c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "b0bc4ff7-250c-4c00-8328-f7aca69afe51", "value": "f09818b84326d48a0b7984283679e999111b47aa06e5ae5647e8b28c06256ce1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055401", "uuid": "369fc7e4-6cec-4030-81a2-6ddab8cad305", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "2d966e3a-81d2-4d04-b10c-eca9a9e58791", "value": "2019-11-20T12:09:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "e6be2a4d-7cc1-4de0-9b2c-216045673ee6", "value": "https://www.virustotal.com/file/f09818b84326d48a0b7984283679e999111b47aa06e5ae5647e8b28c06256ce1/analysis/1574251776/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "b33698d1-822f-4181-a3f8-b6d54dca45f9", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055401", "uuid": "c7bfd5e1-211d-4900-8e62-017d2241fa53", "ObjectReference": [ { "comment": "", "object_uuid": "c7bfd5e1-211d-4900-8e62-017d2241fa53", "referenced_uuid": "bf234a47-3939-440d-a2b0-977f4ddc4990", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-6798-46eb-a85d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "f7653fcf-ec96-4748-901a-d1ef1a76a779", "value": "94d017f2a9e6c649954237ef47ab3336" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "f61b1e8a-f350-4993-8244-18fc8e79b803", "value": "4cf851b693768b6ec2905e4ae08b146fdc5574e5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "da1c9c3d-375a-449f-b944-f4a3fa225af3", "value": "44e6c50c223f82ebd0700bfe9a0c1d4f9f9d95bd49f82e2a6f6d800e60c53bf8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055402", "uuid": "bf234a47-3939-440d-a2b0-977f4ddc4990", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "fdf122e5-1b40-4449-a667-20c2998d364f", "value": "2019-11-23T21:59:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "754376c9-4a54-40de-a401-c7643bdb73c5", "value": "https://www.virustotal.com/file/44e6c50c223f82ebd0700bfe9a0c1d4f9f9d95bd49f82e2a6f6d800e60c53bf8/analysis/1574546369/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "6c70e2d0-3189-4c0a-ae00-4d2c1b4bd911", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055402", "uuid": "47d1ccaf-3093-43cd-8a5f-abb12fef0733", "ObjectReference": [ { "comment": "", "object_uuid": "47d1ccaf-3093-43cd-8a5f-abb12fef0733", "referenced_uuid": "dadd1af2-cc8a-4206-bbfd-4b710a5a569f", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-4444-43da-8f66-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "701d47f1-c896-46ec-bd87-c8a98cf91024", "value": "9bde0ec5506e44db25abfc0d5d8ba71a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "550a9ff1-dc4d-4aca-b220-6549f0113d3b", "value": "0930b4c9b578d25a0d782a8dc78a8edaee82bb7d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "07247737-1cb8-4f37-ba3f-6e16398a9294", "value": "bd8bfa884d792afc2d037da121f3bf122b90a724d406cff50b9fa34739ab7095" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055402", "uuid": "dadd1af2-cc8a-4206-bbfd-4b710a5a569f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "10127293-eeb7-45fb-984c-12314878457b", "value": "2019-11-26T14:25:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "40a5e49b-6e19-4c37-bb89-eae74d272646", "value": "https://www.virustotal.com/file/bd8bfa884d792afc2d037da121f3bf122b90a724d406cff50b9fa34739ab7095/analysis/1574778347/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "f0177219-5f26-4cb9-8355-0984ad918dcd", "value": "56/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055402", "uuid": "e636c9f8-0933-4361-8337-e8098023cb5e", "ObjectReference": [ { "comment": "", "object_uuid": "e636c9f8-0933-4361-8337-e8098023cb5e", "referenced_uuid": "16aaef18-7758-4ba3-9812-1ae52cdd54a3", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-387c-4720-ad3c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "d05d21a6-3a98-49b9-8af6-bafef186343c", "value": "0d5166a4067b16696a520a5f7252a516" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "a09e89e7-7bf8-48ac-8ca4-f5062936ce4a", "value": "08a66a288695b241ee60381c528a20e2453d7253" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "59f90c5d-a144-4420-8500-8d2834dbd63c", "value": "7e1b9dc4c57c34e2c2acf28e6032cc7b944cd840de765c97cd6b1d936836498d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055402", "uuid": "16aaef18-7758-4ba3-9812-1ae52cdd54a3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "0e31d8ba-aee2-4fa1-bc94-51f82acf5dea", "value": "2019-11-21T11:01:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "fd7b2178-1ba5-450a-8f28-20d8aac2e8ef", "value": "https://www.virustotal.com/file/7e1b9dc4c57c34e2c2acf28e6032cc7b944cd840de765c97cd6b1d936836498d/analysis/1574334113/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "18a884fb-7599-4c46-a156-55fb1e2efcbd", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055403", "uuid": "155289df-5fee-414c-aae6-246a6d8d67af", "ObjectReference": [ { "comment": "", "object_uuid": "155289df-5fee-414c-aae6-246a6d8d67af", "referenced_uuid": "2498acd6-03c0-4697-8313-4dc82677d7af", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-9594-4c77-b3cf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "23bf94fb-e3e7-42f1-90c3-1474a635e9e6", "value": "ac931edd5585f89d011cf0487a64de16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "6cdb54b0-37dc-4b07-bce4-2280e5ddf7cb", "value": "312d3dc9e588675cf0fcb83332cd045b18d32b38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "f1a9c001-e72a-4cd2-b1b4-89422f256e12", "value": "ef5c29d77fd28e3263573cfd998650040d586316a37b82d6b7646872255ef3b0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055403", "uuid": "2498acd6-03c0-4697-8313-4dc82677d7af", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "0c546e3a-65e5-432d-9326-e8f4e66fd02f", "value": "2019-11-29T07:26:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d2724ef7-c870-456d-8b6f-6ce35ab2a8b7", "value": "https://www.virustotal.com/file/ef5c29d77fd28e3263573cfd998650040d586316a37b82d6b7646872255ef3b0/analysis/1575012406/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "a20c5ad8-6c7c-440c-8aec-df41016c92d2", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055403", "uuid": "a453afe2-b3af-428c-8bc2-7556df970d28", "ObjectReference": [ { "comment": "", "object_uuid": "a453afe2-b3af-428c-8bc2-7556df970d28", "referenced_uuid": "40ee550c-f33f-416f-8062-f598e5df8cea", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-8348-48f5-afa2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "17cd40c6-ef9c-4766-89a9-da4b035aa304", "value": "fe675ec0daffce8776e0fde217d5cb29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "01755aa3-15b9-40df-8416-209c5d706dba", "value": "5e58c147a005af32f3501fa34d8c7d4f9485d77e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "16d598db-8aa8-4de7-af48-fcca8639869f", "value": "305cf6af8c1e6d52eba30a3f826d9b0439b80d9fc78c194ce50559321d62df1c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055403", "uuid": "40ee550c-f33f-416f-8062-f598e5df8cea", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "8e8edbd4-3bb0-461d-a1a9-6dbe98c012a4", "value": "2019-11-27T04:39:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "f16ba806-84a3-480d-8f0f-ef4796038a36", "value": "https://www.virustotal.com/file/305cf6af8c1e6d52eba30a3f826d9b0439b80d9fc78c194ce50559321d62df1c/analysis/1574829563/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "2dd55813-f083-4eeb-9e90-ce22fdaf89ea", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055403", "uuid": "d92a99d2-502b-4f2f-97a0-c29bb9d7700c", "ObjectReference": [ { "comment": "", "object_uuid": "d92a99d2-502b-4f2f-97a0-c29bb9d7700c", "referenced_uuid": "ae563ce4-619c-4135-834f-765f58f1f407", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-48d0-407e-ade2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "1630e070-940c-449c-bd2e-811268d60b29", "value": "c81fcd8f0cec4bc592ac8190b6ef5c3b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "a71e1f1a-2845-4b82-b982-3cbaee45d7c3", "value": "2d44aa3d8183fb671239c3424ce1b0391cec260b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "4d6fc817-28b2-4848-a224-f3e8ba7db076", "value": "964fd889c72bc6b5e553c6548001795d10c1d87cadcbfe248c766a5a7c931424" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055403", "uuid": "ae563ce4-619c-4135-834f-765f58f1f407", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "b91ce030-9228-4a86-92e2-7ae13898f0d5", "value": "2019-11-14T09:10:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "5f4a997e-9261-4ab0-9e84-b5c52be912f6", "value": "https://www.virustotal.com/file/964fd889c72bc6b5e553c6548001795d10c1d87cadcbfe248c766a5a7c931424/analysis/1573722654/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "ce49141c-9ec3-4434-ba93-9b98dcdaca71", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055404", "uuid": "8aedd19c-eb4c-4633-9ca0-0aeddb3f9b25", "ObjectReference": [ { "comment": "", "object_uuid": "8aedd19c-eb4c-4633-9ca0-0aeddb3f9b25", "referenced_uuid": "120de50a-2248-4f0f-815c-514de8b09acb", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-30f8-4360-8eb6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "a91f1581-5815-4e06-ac44-7c4b66d2f14d", "value": "94482f0d86edaa499615c0692ecd26e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "4b28679e-ae0b-4e5e-bb64-5d2fa642aec1", "value": "c0fa7209f19b5659007cdac3ce97ab31233ce235" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "62e70875-c9b5-40d4-9c0b-a831c2cf0ed1", "value": "9d7f87b56eafb20acf39a0be08e077c02f40e2f8f08cf661b57902600de78c70" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055404", "uuid": "120de50a-2248-4f0f-815c-514de8b09acb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "15ac9e54-89e0-4d1b-8ae1-514bbcea953f", "value": "2019-11-21T10:47:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "fc25bf91-b8c5-4e11-b64a-f641d9a9aafd", "value": "https://www.virustotal.com/file/9d7f87b56eafb20acf39a0be08e077c02f40e2f8f08cf661b57902600de78c70/analysis/1574333279/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "7c1a5fd4-4f12-4334-9868-00c1669638d6", "value": "43/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055404", "uuid": "ba5ab5ce-0a33-4542-a2c6-acf788063952", "ObjectReference": [ { "comment": "", "object_uuid": "ba5ab5ce-0a33-4542-a2c6-acf788063952", "referenced_uuid": "3f175ab2-692a-475c-866b-75cdea27be4e", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-cabc-499f-af9b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "4f1e944a-0997-4f7b-8f79-071d691d0551", "value": "18325c0cd3a99e7c6000fae5a30b7715" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "f0f1765e-53e0-41db-9bda-13097757a9cf", "value": "84ff8afb5569b5af694eb5489f8e73a94c5da89e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "f44a2050-dc1a-42b7-8d09-d4e6ac20be70", "value": "3e9666def4f1f0d096d02d0c15738e99da05da2a52b64dd5a4229d6548ad37e9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055404", "uuid": "3f175ab2-692a-475c-866b-75cdea27be4e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "55118407-b89c-4aa8-b88a-be1ff23138d6", "value": "2019-11-21T10:27:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "be91c606-2b60-460d-bbd4-26d5b8553bc0", "value": "https://www.virustotal.com/file/3e9666def4f1f0d096d02d0c15738e99da05da2a52b64dd5a4229d6548ad37e9/analysis/1574332055/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "378e60c2-7459-4278-b906-2704e530e885", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055404", "uuid": "9fdd4876-a0f2-41c1-8920-8c5639670d0f", "ObjectReference": [ { "comment": "", "object_uuid": "9fdd4876-a0f2-41c1-8920-8c5639670d0f", "referenced_uuid": "e1e38f60-2397-432a-a393-b1b28a3ba0ce", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-ea18-40c6-877a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "46540ef3-afdb-43a4-b1ad-0ed50cac8b0e", "value": "36995ba1fb1f685d76f96c68f38f682f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "aea61426-9174-438a-b12b-fdd70cf2ee02", "value": "a5278b409228aeb0add5c72494d9f4202b5fda88" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "86b29098-314f-4884-af66-490d9dbe31d5", "value": "14baf0bc72990bb2cc414f2384825a5985be5cce2bdec55e1f3fc1c3c404490a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055405", "uuid": "e1e38f60-2397-432a-a393-b1b28a3ba0ce", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "47e4db4b-5ec9-45ed-87cc-5b5abb9a0805", "value": "2019-11-10T21:36:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "ccbf180c-c1e6-4ac0-8275-0e48842c92af", "value": "https://www.virustotal.com/file/14baf0bc72990bb2cc414f2384825a5985be5cce2bdec55e1f3fc1c3c404490a/analysis/1573421760/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "4555f483-a5ce-46f8-a6b5-ffac3a941425", "value": "41/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055406", "uuid": "02377d96-8f68-42a4-aafe-e7c43db64444", "ObjectReference": [ { "comment": "", "object_uuid": "02377d96-8f68-42a4-aafe-e7c43db64444", "referenced_uuid": "455b6ebe-18f0-4ac4-ac15-e7f2af8eb699", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-99d8-499c-b907-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "9e2faaba-5251-4b2d-98fc-86eb50006458", "value": "680cc92eb16fb4863d51c8d47304c6e9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "662644bd-1ea7-45df-9e74-5fe1d5f24896", "value": "64c9ac6aa0c14e1f019b3010690b22ca91281e9d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5db7986f-21e6-4d09-9da8-a069745c9061", "value": "2843f7de1d188c9a2f962d64ab487c600c1d9ba38a9d3982f6d8fef7dcbd098b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055406", "uuid": "455b6ebe-18f0-4ac4-ac15-e7f2af8eb699", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "fd2a6c54-2618-4a82-b207-47beee49ee63", "value": "2019-11-21T10:36:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "98403f93-d643-488f-905d-985669f66489", "value": "https://www.virustotal.com/file/2843f7de1d188c9a2f962d64ab487c600c1d9ba38a9d3982f6d8fef7dcbd098b/analysis/1574332577/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "2eb854e5-843d-4292-8a45-da3842e797fa", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055406", "uuid": "beb1e4fd-15b4-4f26-a4ce-4e4b33b11e04", "ObjectReference": [ { "comment": "", "object_uuid": "beb1e4fd-15b4-4f26-a4ce-4e4b33b11e04", "referenced_uuid": "30c54480-288a-4424-ac2d-0072ec9b2fba", "relationship_type": "analysed-with", "timestamp": "1576055864", "uuid": "5df0b438-80f4-48b3-90c4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "8020423a-a32a-443e-b229-266936c6e13c", "value": "e6a4c20e92708fa52cc2c864e2e125c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "2bbf65b8-4cf6-47ed-81e9-fd9e130a95db", "value": "53139df79067629035cdc9caa8ee3119d9b92bc5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "be3132e8-015b-4372-a22d-b9f2c763b83f", "value": "9be8d48ac5d6d49b306802ae9f5fc4a1e2de1feb453f4c1c49f64002548b0c9c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055406", "uuid": "30c54480-288a-4424-ac2d-0072ec9b2fba", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "bfde81b4-9d5a-4c13-bacc-cd622c08c91a", "value": "2019-11-06T17:25:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "15de50de-e084-40bb-a6d1-f03d247507a3", "value": "https://www.virustotal.com/file/9be8d48ac5d6d49b306802ae9f5fc4a1e2de1feb453f4c1c49f64002548b0c9c/analysis/1573061119/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "5cf08dc0-1767-4b65-b898-3adba95ddcfb", "value": "37/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055407", "uuid": "f59feeaa-3635-48d2-8271-a8ba1ad32842", "ObjectReference": [ { "comment": "", "object_uuid": "f59feeaa-3635-48d2-8271-a8ba1ad32842", "referenced_uuid": "761365d3-43d7-4c24-a9a2-5f7f6c437746", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-aa1c-4682-a5c0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "7527f6e3-99ae-4762-99d8-935fa3bef336", "value": "e2b2e3dc28849607f1506a882ff4a426" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "daf3a5d3-76f2-40fc-ad2f-973ce6ac8c38", "value": "f65f7c83bf02c4657c92fc8a9781aecb737aa39b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d7302bc8-6e26-4903-b464-f13b8c562bb7", "value": "4a03361f7f8e42e62ca7e0d6bb843c67547e5f564d9bb484c326a10d70cf868c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055407", "uuid": "761365d3-43d7-4c24-a9a2-5f7f6c437746", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "f4e76b9f-0b57-44c2-b71f-515089cdd7a5", "value": "2019-11-13T06:05:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "efd08c90-e6d1-48fb-b854-85c0db0525a8", "value": "https://www.virustotal.com/file/4a03361f7f8e42e62ca7e0d6bb843c67547e5f564d9bb484c326a10d70cf868c/analysis/1573625124/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "9f4e0fa4-9907-4843-976f-7b9e512883f4", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055407", "uuid": "4c380efd-b92e-4540-8b0f-cd6758f8b8d7", "ObjectReference": [ { "comment": "", "object_uuid": "4c380efd-b92e-4540-8b0f-cd6758f8b8d7", "referenced_uuid": "50513047-46b2-4b1a-9072-a647b4e3c329", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-ee94-4a1f-a254-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "4b533266-350f-4cba-a610-02388619e4db", "value": "d38c25ed1bfa7f86d09a98ad56a07e2d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "f2ff2977-dd26-4ebe-81ef-2960e8729342", "value": "00cfa9f7c6896a379ca547a577006ba61e6eee5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "b5e1db00-8a16-4713-a78d-3f975b16cf5c", "value": "41ac143274f38597ad8cd849b40194a9ce8a340f2ac3ca81b00d03f78393c01d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055407", "uuid": "50513047-46b2-4b1a-9072-a647b4e3c329", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "5aee9e79-3e94-49ef-a537-bc152f8bd00f", "value": "2019-11-13T09:33:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "974cb84f-2bf9-4b78-b585-83594958243d", "value": "https://www.virustotal.com/file/41ac143274f38597ad8cd849b40194a9ce8a340f2ac3ca81b00d03f78393c01d/analysis/1573637598/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "cb105ff5-cb97-43af-a9ab-f6eb61b00077", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055407", "uuid": "1505983b-85d8-4be4-ae57-08b47195939b", "ObjectReference": [ { "comment": "", "object_uuid": "1505983b-85d8-4be4-ae57-08b47195939b", "referenced_uuid": "69b4d08e-f41a-4e06-8e1e-ffe262cae494", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-48ac-43b9-8439-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "9cd0ab44-a861-4814-83e6-e4f66dd59773", "value": "b28f24076e89b67f981ced42512e2d25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "67fb0389-0b36-44e5-83db-1bf389983d66", "value": "02eae0fc4b0a8089e374670d5817562467b285d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e47165fd-2466-4226-83e6-7daa0ce4b60b", "value": "32cec4a49f598adebc5858e6b6514968a5b6e367b6b0434361371e65c45bfe21" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055408", "uuid": "69b4d08e-f41a-4e06-8e1e-ffe262cae494", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "4aae916d-5e5f-4d1d-a90a-83abc43e93fb", "value": "2019-11-05T14:03:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "0700249f-e3df-47c7-ac85-b264d99038f5", "value": "https://www.virustotal.com/file/32cec4a49f598adebc5858e6b6514968a5b6e367b6b0434361371e65c45bfe21/analysis/1572962628/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "74c2ab5a-8433-490b-a7d7-7ee4c0645ba7", "value": "15/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055408", "uuid": "524b27f3-92b9-471e-a88e-06274ac0bcdd", "ObjectReference": [ { "comment": "", "object_uuid": "524b27f3-92b9-471e-a88e-06274ac0bcdd", "referenced_uuid": "2761f328-46ae-4324-8cf3-e9aee76859af", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-ad50-47b1-a7d9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "5df1eda0-2e50-4453-98d2-a98618e89a74", "value": "327f6f19a638af19448aef2fc6bb93c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "22defe71-615a-4874-9b6c-07e5269d73b2", "value": "600722658b71097ec753466b00adc879a7b3d159" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "b5d35f77-f20e-41e8-a848-bbc54c82bf7f", "value": "5a0da68d7f847acdbc07bef59b2f6cefae83ba6d0f10686ec2fc37526c0f9c91" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055408", "uuid": "2761f328-46ae-4324-8cf3-e9aee76859af", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "99a8869d-46b9-47ec-8e60-810a74e3609b", "value": "2019-11-17T03:37:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b3e1f258-ea59-4f0e-82d0-6a29ccce2a94", "value": "https://www.virustotal.com/file/5a0da68d7f847acdbc07bef59b2f6cefae83ba6d0f10686ec2fc37526c0f9c91/analysis/1573961825/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "511f0f59-3ae0-42b4-acb5-ca73c79504d1", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055408", "uuid": "e014ea4e-91c1-47f0-8716-dd67fc7e1091", "ObjectReference": [ { "comment": "", "object_uuid": "e014ea4e-91c1-47f0-8716-dd67fc7e1091", "referenced_uuid": "18b8939c-3f03-4037-bb05-bfa7cfa7b3aa", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-5110-49b1-924c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "fd2dba76-bfaa-4731-bfda-6d395cd81c43", "value": "ba1aa28a2b6d7359437e8d0db7a2733c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "2d905023-b799-4aa7-9389-7468f7aa5155", "value": "731b4bcd385c1bf5336cd40b606390cf02866269" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "0c4f63aa-2d25-493e-91f3-d035a68b1dc5", "value": "9ab1db2fad7f75fd1fa2eb742d92e1a4d35e81627fe5fff55444956e5260b81b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055408", "uuid": "18b8939c-3f03-4037-bb05-bfa7cfa7b3aa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "190bd1a8-cdb1-4580-88f9-1ebb17382ae8", "value": "2019-11-17T03:36:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "f9165177-9872-4b22-9dc6-b900e32bea2e", "value": "https://www.virustotal.com/file/9ab1db2fad7f75fd1fa2eb742d92e1a4d35e81627fe5fff55444956e5260b81b/analysis/1573961802/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "853effe0-41b4-4daf-b762-60e82fb9f703", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055408", "uuid": "f9985ce2-8055-475e-a517-a1a61e519d7c", "ObjectReference": [ { "comment": "", "object_uuid": "f9985ce2-8055-475e-a517-a1a61e519d7c", "referenced_uuid": "a709d916-083e-40b8-84ae-e72053d94392", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-dfe0-49a3-b6f7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "bcdecd39-ae6e-465e-b90e-99032c633735", "value": "46e9909b5483e52a87265eaef5e2b5cb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "39a3098f-472f-4c2d-818c-4ced9f1a5d20", "value": "55e353fc5958474a88c405c6a44236886e6ddd36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "8cb75230-e0ec-46e2-aa98-3c28dc7ccac3", "value": "20fead8a77400ccc5979691974048f9350cfeed23a6e5b2436ab0a9e314569aa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055408", "uuid": "a709d916-083e-40b8-84ae-e72053d94392", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "762d9860-876f-4263-b32a-20a351b1a93c", "value": "2019-11-21T10:52:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "7ee13d20-6a8d-4517-852f-734d5c2842b5", "value": "https://www.virustotal.com/file/20fead8a77400ccc5979691974048f9350cfeed23a6e5b2436ab0a9e314569aa/analysis/1574333522/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "d262b203-3e2a-480e-b6ac-564c7d301f5b", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055409", "uuid": "c9a0bfbc-49ed-4f12-95da-d2e7edfd20c6", "ObjectReference": [ { "comment": "", "object_uuid": "c9a0bfbc-49ed-4f12-95da-d2e7edfd20c6", "referenced_uuid": "ae2c2a2d-efb9-4a40-a0e7-01e923a24d31", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-11a0-4758-95fd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054887", "to_ids": true, "type": "md5", "uuid": "9f21f7e5-e697-40ba-896a-11431f25b07d", "value": "9d609151674a3e920b742974765c16f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054887", "to_ids": true, "type": "sha1", "uuid": "ceaa306c-261b-4ce9-9714-2f87f2258743", "value": "5e375991421e260c5ff3b7186b3fe6ffdaf7bf03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054887", "to_ids": true, "type": "sha256", "uuid": "a2e7c41a-d43a-47e6-9ae6-7fb84c7944bf", "value": "f705030ef79d322bd6cfd6e08b53c2e62d5365d701df30a9fe3aeafe451a55e4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055409", "uuid": "ae2c2a2d-efb9-4a40-a0e7-01e923a24d31", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054887", "to_ids": false, "type": "datetime", "uuid": "f10748fe-6ce7-4cc3-bb64-f07310bbc477", "value": "2019-11-17T09:16:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054887", "to_ids": false, "type": "link", "uuid": "4c8c2c69-060a-4b77-a89d-fc2a5cc2d52e", "value": "https://www.virustotal.com/file/f705030ef79d322bd6cfd6e08b53c2e62d5365d701df30a9fe3aeafe451a55e4/analysis/1573982180/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054887", "to_ids": false, "type": "text", "uuid": "13fccd55-a4a8-43e0-b2a2-27b54d5231ff", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055410", "uuid": "7bea7e57-e22f-40c7-974b-33d10278a526", "ObjectReference": [ { "comment": "", "object_uuid": "7bea7e57-e22f-40c7-974b-33d10278a526", "referenced_uuid": "7c0200be-0e96-40f3-b1f4-fd77050ea522", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-533c-47a3-afb4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "1b30d5ae-7a03-4a66-8122-b9d20d12a63c", "value": "b9ded22c338dd45296e55b6995c62aea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "96d81ca7-57ef-41e8-a076-3a980f27853e", "value": "4898a509118e871c1a601751cc7a82f70f638714" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "0d741a07-ce4f-43f1-9530-5b31666aa286", "value": "49c92940302ac4222b5d21359b50e30517b3b9cb05b2143d7f4384864652bdd9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055410", "uuid": "7c0200be-0e96-40f3-b1f4-fd77050ea522", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "0a75ac90-8305-4f74-b298-3f24a8ed0ad3", "value": "2019-11-27T03:19:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "71ea09ae-0e9a-410b-b4bb-3b1a1ccf87f2", "value": "https://www.virustotal.com/file/49c92940302ac4222b5d21359b50e30517b3b9cb05b2143d7f4384864652bdd9/analysis/1574824740/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "d9915556-e426-42d0-b1ae-d8fd30d712fa", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055410", "uuid": "6288f9a7-f50b-4de6-ad89-3a208e06ff99", "ObjectReference": [ { "comment": "", "object_uuid": "6288f9a7-f50b-4de6-ad89-3a208e06ff99", "referenced_uuid": "a801038a-da64-40d9-98ad-4a679fea56be", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-f4f4-4ecc-b1cd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "bd95f4c7-ba71-4f68-a007-0559d9d74c06", "value": "d7ade5a254b8dd593ecddf2622509fc0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "2c380fa8-b603-4cb7-a5b1-a11761db0f5a", "value": "4a0e33581a3fd264126968064f22a84aabcc237d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "bb78ce50-0ccb-4d64-998d-67204b97e238", "value": "84efdb78987a8fdbe3df5b927fccd2ab184ea905e29e3ac98176dfc0584570a4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055410", "uuid": "a801038a-da64-40d9-98ad-4a679fea56be", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "77d3aaab-8d8d-4f75-b2d9-ed40975935c6", "value": "2019-12-04T10:02:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "6075ef86-bf33-445c-af5a-6d86acb93222", "value": "https://www.virustotal.com/file/84efdb78987a8fdbe3df5b927fccd2ab184ea905e29e3ac98176dfc0584570a4/analysis/1575453750/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "b779a103-0ae1-4d75-b928-fcab18cc2c9c", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055410", "uuid": "c134528e-87e8-4503-9697-134891ede3f4", "ObjectReference": [ { "comment": "", "object_uuid": "c134528e-87e8-4503-9697-134891ede3f4", "referenced_uuid": "b4b2203f-cecd-407e-ae29-2748c97aa26b", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-3b84-4a3a-90e0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "8670cb19-aa22-44f7-8486-c433d32e0da4", "value": "5e677d37d79ca042a793c4f3e482323c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "93de936c-bddc-4b51-8509-5c99577b12be", "value": "3a9293723063ce3a877e81fd4d64ae472da76edb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "11341937-d455-4a18-be58-f15da407bdda", "value": "d5861e71eba45e19297cb1c120e37718e191c65c41478a50e5eed96b9cd4254b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055411", "uuid": "b4b2203f-cecd-407e-ae29-2748c97aa26b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "555bd0bf-906b-4f88-a441-3df5cb3cca21", "value": "2019-11-14T09:10:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "294da1f1-4ec4-4f3d-97ae-a53c43ed0e29", "value": "https://www.virustotal.com/file/d5861e71eba45e19297cb1c120e37718e191c65c41478a50e5eed96b9cd4254b/analysis/1573722648/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "7fd23099-9468-4907-9528-3ec763744820", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055411", "uuid": "22b3dace-f93e-4359-a836-03a21ca924d0", "ObjectReference": [ { "comment": "", "object_uuid": "22b3dace-f93e-4359-a836-03a21ca924d0", "referenced_uuid": "d2dd428d-ad1f-4676-b67f-8de340cb58c0", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-7b0c-41b1-b1ed-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "5a446c22-dc38-4a78-b953-5c36074cf489", "value": "572b0b0c32ca640f24f7ed5b53700d09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "e0a5e50b-0ef0-4751-8847-615cbe5fcbdd", "value": "587b4e4a7f90e7b1a1b4c9340b21e3f0d138de27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "d5811808-04a0-4634-9673-8a133e652f35", "value": "a5d257e59a105af5c7002665a87c96c9c50b849d6fb7e0de686d6bfadf11cdc4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055411", "uuid": "d2dd428d-ad1f-4676-b67f-8de340cb58c0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "9f39bf10-47f5-4a18-901f-012f358c29af", "value": "2019-11-12T09:27:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "177d3b04-0a1a-4427-840a-cc2294b92b21", "value": "https://www.virustotal.com/file/a5d257e59a105af5c7002665a87c96c9c50b849d6fb7e0de686d6bfadf11cdc4/analysis/1573550873/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "91dc0c4a-355a-4df4-9dbb-d5dc41aea997", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055411", "uuid": "f780104a-9c5a-4335-930c-7d273716381b", "ObjectReference": [ { "comment": "", "object_uuid": "f780104a-9c5a-4335-930c-7d273716381b", "referenced_uuid": "4fdd419d-ea30-4669-8e1a-94000db3f917", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-916c-4bd2-b213-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "39f1186b-bc55-464e-9675-7e0600911ff5", "value": "f5b63fb9de6d26300bf8457830a499d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "853f5059-2b2e-479b-a55b-fbb75c17147d", "value": "8374284a7fa32f3909f2d34747dea43149165528" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "be8ecb23-997d-4bf3-9afc-3eef365fa144", "value": "34e500bbaf855bb4bd7208899b40a42a15d6c38ed09bffc1dcc64f481439ce15" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055411", "uuid": "4fdd419d-ea30-4669-8e1a-94000db3f917", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "89d201da-8e71-430f-9221-408bba7fcef0", "value": "2019-11-24T16:22:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "e506e33a-5d33-4244-9001-41518e5b4432", "value": "https://www.virustotal.com/file/34e500bbaf855bb4bd7208899b40a42a15d6c38ed09bffc1dcc64f481439ce15/analysis/1574612530/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "5ccefe73-5291-42e2-8f5e-6a3c2c4edf3a", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055411", "uuid": "f139ab3e-03f5-42e8-a2ff-a83a60d04010", "ObjectReference": [ { "comment": "", "object_uuid": "f139ab3e-03f5-42e8-a2ff-a83a60d04010", "referenced_uuid": "68d7863d-3c4a-49af-afde-b71d15fe2078", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-aca0-4231-996e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "34cc9f2b-c283-4e5e-9c55-3aed4f13f453", "value": "f23199d68146eda90c1dd2b919ef0cdc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "e91272cc-b5f1-4356-9298-62389e55134d", "value": "376b7251d69813cb25ecb4d2db2415596d829c5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "7c531734-6a0b-4cb8-b39a-17ca02a51b87", "value": "d18604d8582e40a5b4dd358aff12f1ce422faaa204ef86264a5779ee2cedd0f7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055412", "uuid": "68d7863d-3c4a-49af-afde-b71d15fe2078", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "a2e57717-d95b-4d1c-a22e-f67a3d0d9be3", "value": "2019-11-20T12:01:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "9af162a5-8ff4-4957-9bf8-d8302771e8e7", "value": "https://www.virustotal.com/file/d18604d8582e40a5b4dd358aff12f1ce422faaa204ef86264a5779ee2cedd0f7/analysis/1574251293/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "16afe49a-7326-4211-a4c8-f3965e40e8eb", "value": "45/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055412", "uuid": "83ac84b2-0bc6-4376-8c04-ac09e8e07d57", "ObjectReference": [ { "comment": "", "object_uuid": "83ac84b2-0bc6-4376-8c04-ac09e8e07d57", "referenced_uuid": "e7340379-0531-4697-bc6d-7d79e0c2185b", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-4fa4-4a94-9716-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "db23849b-7cc1-4622-8074-ddb864dc77eb", "value": "676b2c8617ab25d7e355d7c668711412" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "741fd439-4c94-4587-8d89-9b9b8c658fc5", "value": "33ab975880d895d244cde1125d762fb6e284be2d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "e597deb5-03d6-4ead-a446-151945aee786", "value": "63c4cce6d4abac25062b3826bbddf3fcf9920e86257bd0fbf32b78a1cea48b17" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055412", "uuid": "e7340379-0531-4697-bc6d-7d79e0c2185b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "1f7d3ce7-2195-4486-93a8-c50a5f0df441", "value": "2019-11-28T06:26:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "33be97ff-15f7-4816-ac5a-d1fdc53ae9c1", "value": "https://www.virustotal.com/file/63c4cce6d4abac25062b3826bbddf3fcf9920e86257bd0fbf32b78a1cea48b17/analysis/1574922398/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "92baa110-ac9e-4e2b-9922-01bba25b1f88", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055412", "uuid": "5a5b32bf-40e0-46d3-b152-78769ce84014", "ObjectReference": [ { "comment": "", "object_uuid": "5a5b32bf-40e0-46d3-b152-78769ce84014", "referenced_uuid": "40d0eb49-b028-43e6-9060-8ab02e096e7f", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-4cc4-4987-887b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "a02b1624-ae05-4b1f-b6c4-58082a962a3b", "value": "b1ccfd87caf7e3338615216377d49678" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "2443e269-e22f-4e25-8e80-e357ec46aee3", "value": "c06e85c2e165570c21b615c49dee16e2492defb3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "6019fc9f-d9ca-4914-9a0f-e7a32f10038f", "value": "d619f315ca6b1e9212d92e361a09ad01a2214326a435e25a33c20689343c6f42" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055412", "uuid": "40d0eb49-b028-43e6-9060-8ab02e096e7f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "1a5c919b-851e-4dfb-b8a5-b98b2a334a3c", "value": "2019-11-21T10:20:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "a24a3755-d0a5-406e-9463-bc4a8402b6d8", "value": "https://www.virustotal.com/file/d619f315ca6b1e9212d92e361a09ad01a2214326a435e25a33c20689343c6f42/analysis/1574331640/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "e450b640-cdf1-40d3-ab58-cf824ee7557a", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055412", "uuid": "b3c43005-5e8b-4a20-a478-2ab60bb3a0b5", "ObjectReference": [ { "comment": "", "object_uuid": "b3c43005-5e8b-4a20-a478-2ab60bb3a0b5", "referenced_uuid": "f1f0f739-5357-4e7f-95bf-487cc2e7e6dd", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-a53c-4fd2-b509-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "81524920-23c7-4eb1-accf-3cb758f9dfba", "value": "180cfbb40f697e852ab76e9d9ca0c4d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "4cf15f96-74de-40f8-afd5-71d90a2e2e32", "value": "b270db2f73db25a4e7a9ea66d350bd5f01ea5640" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "8e545a9b-fa58-4eb9-b7a8-89c6d6012b88", "value": "eab2961d1e43ebfe346bf69d1d424efa3553f9726299a40e45bdf2f743c101c2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055413", "uuid": "f1f0f739-5357-4e7f-95bf-487cc2e7e6dd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "f42d7630-38d3-4a7d-bb12-a76cc9e5dbe2", "value": "2019-11-21T10:23:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "5c8fc654-a7d6-4d39-9f2c-3f59cd7268ce", "value": "https://www.virustotal.com/file/eab2961d1e43ebfe346bf69d1d424efa3553f9726299a40e45bdf2f743c101c2/analysis/1574331782/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "2052017f-54fa-4e8b-afe1-84c6cb9207d0", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055413", "uuid": "f9c1c6c0-12fb-4f2e-bf0f-bc2bf5a23885", "ObjectReference": [ { "comment": "", "object_uuid": "f9c1c6c0-12fb-4f2e-bf0f-bc2bf5a23885", "referenced_uuid": "87c726c0-e744-44bc-9aca-2fb279195878", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-7b78-4b65-8896-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "b2a447e9-e731-447f-b4bb-1ef65f44a2e5", "value": "f42fd153853ebfd4be2991c2235bc805" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "baeabed6-8659-4989-8e58-de2abf69db59", "value": "3d065558c25f6dbbb5efecf94ee141eb1831fc72" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "c3d6418b-f467-4f4d-b022-83545f381976", "value": "5b12baad329c9492712ab1c57b7e1e89ac507172d61d99da6f9fd2caf23be9be" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055413", "uuid": "87c726c0-e744-44bc-9aca-2fb279195878", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "343839ec-3a59-44e1-856c-206085b034ee", "value": "2019-11-18T13:13:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "5a64f5c5-a68b-4a56-9830-b3c957e3b6dc", "value": "https://www.virustotal.com/file/5b12baad329c9492712ab1c57b7e1e89ac507172d61d99da6f9fd2caf23be9be/analysis/1574082783/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "ddfcc352-0166-4ca6-9c7c-e0f8ddacf067", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055413", "uuid": "e49b9428-97fa-4838-a129-b688d3c83d4e", "ObjectReference": [ { "comment": "", "object_uuid": "e49b9428-97fa-4838-a129-b688d3c83d4e", "referenced_uuid": "5b535b86-7c4f-46aa-822c-2a6308169766", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-104c-4ba5-837a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "4540c9e4-359f-41fc-926c-2ece2419a4e5", "value": "0af99e4d7e439d9297eb9a4fb244dd30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "5891873f-acf7-43d7-a34e-688bd6ea7420", "value": "f17f32b7870ec8930020dec871422ab21830f41d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "4f729657-bd81-4df2-9535-fcc6d664d757", "value": "904f9899b4b829c44d8238d9510c487a16b053d38617d701c986438fc479e7d7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055413", "uuid": "5b535b86-7c4f-46aa-822c-2a6308169766", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "ba713540-9e1f-4a8d-8921-062dbb0e86eb", "value": "2019-12-05T04:44:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "ff5d9888-0939-4045-a65e-f3eed4387f91", "value": "https://www.virustotal.com/file/904f9899b4b829c44d8238d9510c487a16b053d38617d701c986438fc479e7d7/analysis/1575521088/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "342f523d-d660-46b4-a0d1-f01a761fdb91", "value": "58/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055413", "uuid": "5e6120dd-95d3-4678-861e-06421dd709e6", "ObjectReference": [ { "comment": "", "object_uuid": "5e6120dd-95d3-4678-861e-06421dd709e6", "referenced_uuid": "4a0916df-a51e-4f95-9090-8237d80b625d", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-e0e4-4fba-888e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "359fe5ca-798d-4783-a8c5-2897aac989ae", "value": "2c539838644f812d4a55abd29d54e05f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "d7e8aee8-dc0b-4f61-b9bd-f7f32a068359", "value": "27571c2ed8f1a68ea52b70913037c1cd70a7ac68" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "a2c0bba3-0ff7-48fe-85c3-434cb1d9d8c1", "value": "c8f3516e6579f1182c2387d42e28c9c26397b0ffb5819aecdd38e1dc60313ff4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055414", "uuid": "4a0916df-a51e-4f95-9090-8237d80b625d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "f1c06f13-3562-4e52-a9e7-daeb5beb9a6a", "value": "2019-11-13T06:12:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "7d6f8da9-b23c-4a97-8c6f-90fbe30fa49f", "value": "https://www.virustotal.com/file/c8f3516e6579f1182c2387d42e28c9c26397b0ffb5819aecdd38e1dc60313ff4/analysis/1573625559/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "7ed17f69-ae0a-46aa-acc5-e06a37593e42", "value": "43/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055414", "uuid": "640f6907-c758-4746-9a05-b0e07c7d89c6", "ObjectReference": [ { "comment": "", "object_uuid": "640f6907-c758-4746-9a05-b0e07c7d89c6", "referenced_uuid": "203c3941-4c2a-41d6-be23-fea6313f70f1", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-8b10-4554-994b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "719b1bed-3c5c-49b5-bd7e-444fff9f8543", "value": "fe8e675427b100aeb6dd744cbc4f33dd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "3ee217c7-d49e-4fcc-8168-0a6b16a1115e", "value": "040425f9c6914e41ea873e4b1a336f072886210d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "d0529931-10e2-435a-a5dc-83be1a401adc", "value": "b264af7a7700b8fab2a66a501ae033728f9fc11fe4b4f9e9f72544c7a8c85646" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055414", "uuid": "203c3941-4c2a-41d6-be23-fea6313f70f1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "d2063c21-3efb-4083-8856-297f6f85bbf1", "value": "2019-11-18T07:37:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "e8c5d061-8aca-49fd-b9e4-b393939b785f", "value": "https://www.virustotal.com/file/b264af7a7700b8fab2a66a501ae033728f9fc11fe4b4f9e9f72544c7a8c85646/analysis/1574062653/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "3991f2ee-799e-4822-9c32-560901a4a09f", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055414", "uuid": "26b40d0e-f672-4efe-b54c-e6dbc07452e0", "ObjectReference": [ { "comment": "", "object_uuid": "26b40d0e-f672-4efe-b54c-e6dbc07452e0", "referenced_uuid": "131dfefb-6bc2-4c4b-a51c-13eb4b59ad44", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-06e0-4dce-83d2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "63328b6a-1116-4a6c-b6ca-43cfbdab7abd", "value": "e9b4e6d169b5f92dbb4786f65d0c077e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "de3696b2-91c3-4b81-944e-5f0fd798e898", "value": "34978ad9ea3c41b9ee42d2467643d6527c1a7d32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "65e16cb5-d9f0-4bc5-a5a6-509163bfd91f", "value": "64eb9c3b8f0dc2bda117596f50c751bfb6d90b72b7096b59eed72b8ec4613de8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055414", "uuid": "131dfefb-6bc2-4c4b-a51c-13eb4b59ad44", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "6bfb3e60-6f01-4716-a58a-4373f55ed016", "value": "2019-12-02T12:35:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "ee7adbca-396e-4be2-8a89-2b312c2ec087", "value": "https://www.virustotal.com/file/64eb9c3b8f0dc2bda117596f50c751bfb6d90b72b7096b59eed72b8ec4613de8/analysis/1575290105/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "76d04657-3238-466a-8adc-cdeaa9e723be", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055414", "uuid": "c9350a97-54b8-4b16-96d5-08b6546d09b6", "ObjectReference": [ { "comment": "", "object_uuid": "c9350a97-54b8-4b16-96d5-08b6546d09b6", "referenced_uuid": "f253f18a-314d-41f9-91ce-7267ac60bcb5", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-97e8-4c5a-a221-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "a29253cd-370d-4414-9376-377e23a7cd89", "value": "3f4ad319e1d4d1e16ccae5dd1ae50889" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "00d5011a-9195-460c-92b5-e6aefa41c4ec", "value": "1e1419a794ce402d961fc0d277412cd68e6c887a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "9944c9cd-ea60-457a-b75f-6044aab0a402", "value": "0ef0ca713cef3958447c81d34d78ab8f940111671878d66a56a3ce73fc7b3d41" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055415", "uuid": "f253f18a-314d-41f9-91ce-7267ac60bcb5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "3e9df085-9352-4d1f-803b-6538aaab382f", "value": "2019-12-01T05:27:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "54c8f855-e857-482a-a0d6-1baa53d4ecf4", "value": "https://www.virustotal.com/file/0ef0ca713cef3958447c81d34d78ab8f940111671878d66a56a3ce73fc7b3d41/analysis/1575178068/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "25d746c4-7a6f-4948-b238-1bd45d752cb4", "value": "55/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055415", "uuid": "1679843b-577b-4504-adf2-dee263fdf152", "ObjectReference": [ { "comment": "", "object_uuid": "1679843b-577b-4504-adf2-dee263fdf152", "referenced_uuid": "935eebfe-1960-444e-a06c-15246c5cb4dc", "relationship_type": "analysed-with", "timestamp": "1576055865", "uuid": "5df0b439-f840-495e-9682-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "939ee76f-f805-4e0c-aaa5-fd059d43ca92", "value": "6a49fd406f82b0ddaa4367fce8b5aaa5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "ccbc8bbf-fd57-4c47-a6e5-bb34268e6162", "value": "c17837a5bf8be651798199f3aefeb47175231967" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "69920c17-8c9b-40b1-9651-f972d05c7026", "value": "9b2da6540c7d3d44704c115996d25dd504be05c6a3232746efe3b1d3ed3a0e91" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055415", "uuid": "935eebfe-1960-444e-a06c-15246c5cb4dc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "1201feb7-6e09-4306-b9a9-d1a8824a2e03", "value": "2019-11-11T04:52:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "8527b081-a07e-4a63-b3ce-a64457ef1f38", "value": "https://www.virustotal.com/file/9b2da6540c7d3d44704c115996d25dd504be05c6a3232746efe3b1d3ed3a0e91/analysis/1573447942/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "a77d65d3-f2dc-4f4c-9924-69bc1de596bb", "value": "33/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055415", "uuid": "1cd2d9a6-7b0c-400d-8832-b0a99caaf9ae", "ObjectReference": [ { "comment": "", "object_uuid": "1cd2d9a6-7b0c-400d-8832-b0a99caaf9ae", "referenced_uuid": "74100cda-75a4-4cdb-87e7-f04b7faeb90f", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-0114-4e75-b6a4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "7a505c69-5349-475e-b6c8-f49f8a5d09ab", "value": "4a747fbed544ec5be547316e2efe9e6e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "2d277731-65b5-41df-ab5e-b553af23ea0d", "value": "13e0b9b487602409875207c175445dcb2ca702ac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "b52a7792-e9f8-4232-8064-69ff417a08d8", "value": "b2a3431fc7c46594be458f821eb4ecfcdb3417a0dc30d20c933c0c753adeb44e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055417", "uuid": "74100cda-75a4-4cdb-87e7-f04b7faeb90f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "0e996a37-6677-4119-a4d1-7f62bfe78249", "value": "2019-11-27T23:03:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "9d2bd332-23ff-47f6-a7df-635069d38bcc", "value": "https://www.virustotal.com/file/b2a3431fc7c46594be458f821eb4ecfcdb3417a0dc30d20c933c0c753adeb44e/analysis/1574895809/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "ab8730c6-5932-4c5a-a171-dec848c846a3", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055417", "uuid": "b2aaba6d-0711-459d-9744-3e7289111728", "ObjectReference": [ { "comment": "", "object_uuid": "b2aaba6d-0711-459d-9744-3e7289111728", "referenced_uuid": "86d7fe43-b9c8-4f18-809e-389a95f58132", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-90f8-4b20-a38f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "5b50fa80-7e80-4923-8181-6c7ec0dbadb9", "value": "3d7164b071679ea1a1b52414fcc76a68" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "c31e0269-cc4a-42a9-9c8a-c70d0aec6de7", "value": "a4b78ca96438ba4a3d3ce417dc2f01a926844247" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "0b9f785f-2743-432b-b83a-406478fc7452", "value": "a8b4a2bd90274affb16e5c551ea2d4c8da0356b83d20595078ffe619eaf4bbdf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055418", "uuid": "86d7fe43-b9c8-4f18-809e-389a95f58132", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "e3053372-aeee-4640-8ab1-e90fbfef6635", "value": "2019-12-11T01:25:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "857a686d-0eef-47ea-b0a5-37be55924d5a", "value": "https://www.virustotal.com/file/a8b4a2bd90274affb16e5c551ea2d4c8da0356b83d20595078ffe619eaf4bbdf/analysis/1576027529/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "d0ac9c9d-8517-4805-a1a3-1512f2865d56", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055418", "uuid": "579b5a05-074e-4bbb-be13-b63f6858e7a2", "ObjectReference": [ { "comment": "", "object_uuid": "579b5a05-074e-4bbb-be13-b63f6858e7a2", "referenced_uuid": "a91f6684-8fc2-4f39-b683-9cd4e2b9a770", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-8304-450c-ab3c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "515dfc7e-30e9-40e2-be8c-72c02e096e18", "value": "5039c17bbb3963c1851fa870487d8457" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "0b7442ec-0cbe-4dd8-af64-fe92198ac25c", "value": "badd39b54c22294815b20abf63d06198f2ea4df3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "e400ebca-f4e1-48ca-9fc7-1db60f6feaf6", "value": "a46cea0a797e51ebe1e29dada58a6fc7c8f119813ac76ff85055630f2ba7ca27" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055418", "uuid": "a91f6684-8fc2-4f39-b683-9cd4e2b9a770", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "b9eecd6c-f3cd-4480-b838-b492815dad83", "value": "2019-11-21T10:40:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "546acaa9-2202-4059-b289-bf8e21396369", "value": "https://www.virustotal.com/file/a46cea0a797e51ebe1e29dada58a6fc7c8f119813ac76ff85055630f2ba7ca27/analysis/1574332830/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "77b4344a-0908-4877-99a4-e86c56535f51", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055418", "uuid": "a7e94977-9343-4e7d-a6e8-158e386489db", "ObjectReference": [ { "comment": "", "object_uuid": "a7e94977-9343-4e7d-a6e8-158e386489db", "referenced_uuid": "093e6e02-6a8c-4617-b8d0-3c6b539ec3af", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-26f4-4126-91b6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "6ceeb19d-3e68-498f-8cf9-790ab8bd48e2", "value": "aabc44ac469110fd4805597336a24c2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "d45c5b4a-6958-4dbe-bfb8-81004c4497e5", "value": "4e7efcd54ef2fa444c71f9c1b4508f871fd43e25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "417b75ca-3bb3-405a-bdac-d8f5d0fa4dad", "value": "5c2590abc22bdffa9a7ff469b6caf8b64c66242aeef5f6b6229b1ca600ecf387" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055418", "uuid": "093e6e02-6a8c-4617-b8d0-3c6b539ec3af", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "539f2826-e8da-4c33-b6a9-af75eb38b801", "value": "2019-11-24T16:23:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "154c864c-852e-4ac5-97f8-74f685fd3f8d", "value": "https://www.virustotal.com/file/5c2590abc22bdffa9a7ff469b6caf8b64c66242aeef5f6b6229b1ca600ecf387/analysis/1574612623/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "64c01843-6885-493e-b4df-025624079e16", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055418", "uuid": "77089a38-652a-4032-8377-5951c6749eb1", "ObjectReference": [ { "comment": "", "object_uuid": "77089a38-652a-4032-8377-5951c6749eb1", "referenced_uuid": "26598531-087e-456f-acb0-81740dc24465", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-b800-46b2-a369-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "2261368a-185a-45e9-a2b1-b19089c8af79", "value": "a41e39289f1fc02b1cb0e223b94c6d13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "868c73fe-1813-4c1a-ac91-8a51dcf5407a", "value": "e5a368ed8e03187dc8cc38e933918186452f3280" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "8571d633-a944-40e8-a8cb-7e6a6bc291ea", "value": "d347250ecf7a9209a2f3af83ad1be9ce2f48ac5f2af622a7385c3e6e0044b29b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055419", "uuid": "26598531-087e-456f-acb0-81740dc24465", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "0968703e-515a-4184-b009-07cb65e86d5b", "value": "2019-11-18T07:37:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "4f8a200c-a742-4368-aeae-026d6c925d19", "value": "https://www.virustotal.com/file/d347250ecf7a9209a2f3af83ad1be9ce2f48ac5f2af622a7385c3e6e0044b29b/analysis/1574062643/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "220581e8-015d-4867-a8e5-561770bc4903", "value": "52/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055419", "uuid": "7c72eee4-3ece-4ef1-8970-8421b8b49fd6", "ObjectReference": [ { "comment": "", "object_uuid": "7c72eee4-3ece-4ef1-8970-8421b8b49fd6", "referenced_uuid": "a50a31d7-dd93-4e57-82f6-8c2d86f02eeb", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-4030-40bc-9836-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "a85e477f-b3eb-4fbf-804a-e37f971f8d9c", "value": "4dfcb4842f8f8081595088f573516f66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "cb2ab090-ade5-438e-b18d-2e06c8df032e", "value": "d9ca1b03087c3e1d40a2faf92644053f1936b35c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "fdbf309f-29e8-4dfa-820c-19e83461528b", "value": "e728fea893b9018848a4e88764c64f22ba98b2e4a9904c11376e9e60c688949c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055419", "uuid": "a50a31d7-dd93-4e57-82f6-8c2d86f02eeb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "ce874663-9880-412b-aabb-d1bc77e319cd", "value": "2019-11-18T07:37:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "2f4ea6c8-7f5f-420b-bbcb-136c2cc46569", "value": "https://www.virustotal.com/file/e728fea893b9018848a4e88764c64f22ba98b2e4a9904c11376e9e60c688949c/analysis/1574062656/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "b7860f9f-13e2-44ad-8825-6a2f36956821", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055419", "uuid": "8d4316ec-22b2-419f-b8d0-2ad091d8fe3d", "ObjectReference": [ { "comment": "", "object_uuid": "8d4316ec-22b2-419f-b8d0-2ad091d8fe3d", "referenced_uuid": "a3cef8c0-e867-4fcc-90ad-4560b0b862b8", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-d410-4330-8a8d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "4e2b6db2-3080-4bc7-9287-74622e98550d", "value": "f682e4b70c158c3080e742bb9279a46c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "b1cf61d3-bdcf-4544-9e6f-a4a49ea0f7b5", "value": "c206397290a5a6aa2d082eeb5d88b2b94850f39f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "04e0b831-3302-482d-a096-98fb81ecf2d9", "value": "d838184152595edbd8093289a71d84670cad912010d07c309d1321295b1cad09" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055419", "uuid": "a3cef8c0-e867-4fcc-90ad-4560b0b862b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "79a9f40e-8d69-4195-a503-0b810bd78eae", "value": "2019-11-28T10:26:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "af81e7d4-2202-48d0-8717-6a41e5ffbb97", "value": "https://www.virustotal.com/file/d838184152595edbd8093289a71d84670cad912010d07c309d1321295b1cad09/analysis/1574936814/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "3aafa479-b6d0-4bfe-8026-804ce936a4cd", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055420", "uuid": "092a4d19-c82d-4c39-9d3d-4c8a59684860", "ObjectReference": [ { "comment": "", "object_uuid": "092a4d19-c82d-4c39-9d3d-4c8a59684860", "referenced_uuid": "ef9876f0-2be5-48b4-b385-34c6e1a8b5bb", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-02ac-45f5-88fb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054883", "to_ids": true, "type": "md5", "uuid": "febb468c-b11e-4d77-be97-c230f9f0e7ac", "value": "0c83f163af8ef462a87fb7317c5109ad" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054883", "to_ids": true, "type": "sha1", "uuid": "ae755038-4009-4d02-9bda-29abb7749fe0", "value": "78e21aabd19fde64402f5b6d4bda0cd284662e2c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054883", "to_ids": true, "type": "sha256", "uuid": "82899c93-029f-43d5-b47e-5bade63f369b", "value": "09f3d9d701210797c5aac3e7f2825f7f17f186649474592f2a6ba6a2df5924a1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055420", "uuid": "ef9876f0-2be5-48b4-b385-34c6e1a8b5bb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054883", "to_ids": false, "type": "datetime", "uuid": "454727a9-2d84-4078-a422-506a85be6f07", "value": "2019-11-18T07:37:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054883", "to_ids": false, "type": "link", "uuid": "c6ede068-2689-4fa4-9a16-735b289bf4c1", "value": "https://www.virustotal.com/file/09f3d9d701210797c5aac3e7f2825f7f17f186649474592f2a6ba6a2df5924a1/analysis/1574062641/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054883", "to_ids": false, "type": "text", "uuid": "ea380a03-8025-4523-8b96-d68ffba26a62", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055420", "uuid": "c83b4e3e-8a89-4a7d-83e9-e90305c8b85c", "ObjectReference": [ { "comment": "", "object_uuid": "c83b4e3e-8a89-4a7d-83e9-e90305c8b85c", "referenced_uuid": "9e3681ba-3155-49d2-b043-dc95c8156bd6", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-fc74-43fd-9df8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "63a15256-a6da-4d65-9f81-79418801b492", "value": "85abf7e2562a7ad455865a72b301f79c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "797badd5-f901-4c55-89f8-2d985f5bb734", "value": "1f3b8036e9e287aabfe392a52a13952d6a6a1f5b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "389b08e3-7f44-475a-acfc-67169324a8fc", "value": "503fbb210c018225ffd88965de25b23c3a9e9daa3ec78a41171a32ac9cc19e05" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055420", "uuid": "9e3681ba-3155-49d2-b043-dc95c8156bd6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "d3615545-3ee7-4f9b-8cbf-20529f869886", "value": "2019-11-04T17:41:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "6550b015-49f6-429d-a5c1-ae79b994aff4", "value": "https://www.virustotal.com/file/503fbb210c018225ffd88965de25b23c3a9e9daa3ec78a41171a32ac9cc19e05/analysis/1572889272/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "1c6aa5e1-7b9d-4374-8884-618e70f1dda0", "value": "10/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055421", "uuid": "32d80030-0d4e-482b-a898-803cf9bc334c", "ObjectReference": [ { "comment": "", "object_uuid": "32d80030-0d4e-482b-a898-803cf9bc334c", "referenced_uuid": "ffe6a7bf-bd47-4cd4-b4da-eaf078136bf5", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-6a94-4ac1-b30a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "5bd9acb3-49a7-418f-bb88-06bd70288ba1", "value": "4e28b21b28416a2c79b3cb0f43c68995" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "40c79acc-e1bb-4825-94bb-2c6a8f145884", "value": "47f64bfd0a5cc634e36bd62eaa753673211d07e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "417e84f8-0171-4ca5-9fa8-154f4f27eb88", "value": "5c12654e62f6b7038e594dfa85c75e5be6bb55010c29ddf16f37fa6e525a832c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055421", "uuid": "ffe6a7bf-bd47-4cd4-b4da-eaf078136bf5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "a679695f-0e3f-41cb-89b7-22071d669625", "value": "2019-11-04T15:50:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "d4720d53-0b50-43ea-a72b-c25b10b3ef41", "value": "https://www.virustotal.com/file/5c12654e62f6b7038e594dfa85c75e5be6bb55010c29ddf16f37fa6e525a832c/analysis/1572882616/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "c6a24841-a719-4954-9dfa-4bbacb683800", "value": "9/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055421", "uuid": "554f48fe-4bf6-45ac-97de-d340b97dff19", "ObjectReference": [ { "comment": "", "object_uuid": "554f48fe-4bf6-45ac-97de-d340b97dff19", "referenced_uuid": "30c7946f-9ae0-4d5f-80aa-8d898cfb3804", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-fa34-4d5a-8647-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "770e969c-c4f4-4404-b07e-63cbf532493f", "value": "af44536e45135548fbdb259a91f6b309" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "434faffa-dbf6-474d-9558-dcf7a3778422", "value": "255f009b01531a26aff564a798523d1b7f089f02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "1407fd24-c3aa-40ef-8bf2-cf45aaa93b35", "value": "d9e5d44db6bb8faf66be54b55986ee4c0597f2b5b31ea0683bb0f543adeb9d43" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055422", "uuid": "30c7946f-9ae0-4d5f-80aa-8d898cfb3804", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "bbfe57f8-e6fa-4824-bf9f-c2de0452aea7", "value": "2019-11-21T10:36:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "3ed74a6e-1c70-4d23-a19d-14d3df8a6060", "value": "https://www.virustotal.com/file/d9e5d44db6bb8faf66be54b55986ee4c0597f2b5b31ea0683bb0f543adeb9d43/analysis/1574332600/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "8e6c4589-647a-4321-8b0b-506b624bdc88", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055422", "uuid": "778ae72a-499b-4228-b976-7206cf015fed", "ObjectReference": [ { "comment": "", "object_uuid": "778ae72a-499b-4228-b976-7206cf015fed", "referenced_uuid": "4a008bfa-f123-4fe9-b7c1-512c3dab17db", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-70ec-41cf-9eaf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "44a4dd05-d2e3-44d6-802b-86e280e537c0", "value": "23694a9a51e36d18c50ff0d582c03b3e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "150f94f8-ea6b-4154-8a9a-0f729cb10c1c", "value": "00939eff9c52d982d4497d9bcd010320bd999cd7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "a1fb4903-4dbc-4350-be19-2fab0bc0495d", "value": "c4ddc6723d9bd47512558929a7e39f2fbbc997f0bda8221f2349990efd52cfcb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055422", "uuid": "4a008bfa-f123-4fe9-b7c1-512c3dab17db", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "be1d6a13-74b1-4d6e-b41e-821f4b265df0", "value": "2019-11-05T11:21:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "e171ad09-ba44-4b81-8b1e-2b89fc47c160", "value": "https://www.virustotal.com/file/c4ddc6723d9bd47512558929a7e39f2fbbc997f0bda8221f2349990efd52cfcb/analysis/1572952866/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "15e724fb-bf92-4841-978d-37ac0c17634c", "value": "29/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055422", "uuid": "11fa24c7-61a0-4ca7-8b53-c47d33ec8457", "ObjectReference": [ { "comment": "", "object_uuid": "11fa24c7-61a0-4ca7-8b53-c47d33ec8457", "referenced_uuid": "4b2305c1-09ba-4219-bac1-7c7aac4c423e", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-392c-4097-bdb6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "6eff9462-5d25-4c5d-ba28-3d710ffebf6d", "value": "5f789ea6ca2dd09ed4ad50da1ddfe07b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "c3fd63fe-99cf-4ff3-8ece-5419faa544a2", "value": "f25edd977242a74cd8e7763888156ee32f16b35d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "c6985e43-81fd-4d9f-a83e-00a5ce114247", "value": "0d6de4ced4581620ad4da96c8b885b74ae31c987426da8e31e5d680a0f515b96" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055422", "uuid": "4b2305c1-09ba-4219-bac1-7c7aac4c423e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "7c8f06b4-a409-46a5-b440-e4783a474514", "value": "2019-11-16T03:07:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "abd8a0b9-42bd-47eb-bcd2-5d2d8ea013ab", "value": "https://www.virustotal.com/file/0d6de4ced4581620ad4da96c8b885b74ae31c987426da8e31e5d680a0f515b96/analysis/1573873642/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "d3ed3d9c-7b88-428a-a977-95900ed448ba", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055423", "uuid": "fc263859-499a-4ba8-a1ca-4b3065114f5e", "ObjectReference": [ { "comment": "", "object_uuid": "fc263859-499a-4ba8-a1ca-4b3065114f5e", "referenced_uuid": "24e00e33-40a9-4a20-bc4a-f40c105d5616", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-1f64-4397-9192-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "67f6dca2-c693-4504-b6e3-6799bd79bf06", "value": "d53db66cb5488a475ef59f3244cc505a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "e9af8970-0930-403d-87d3-43a8e81b3a54", "value": "19f8c51c7cdcae9eb60e5f63ac1e1dae2aeb4a00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "b8ec82b8-9d3f-46e1-a6eb-6aec8b3c913f", "value": "2b99b9171cb3d2f13b8e21ebd70be56cc2475ced28ef7868cb7f537e65209714" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055423", "uuid": "24e00e33-40a9-4a20-bc4a-f40c105d5616", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "168ab00b-5148-4bfc-95ce-e69175d59298", "value": "2019-11-18T07:37:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "adcd31f9-543c-479e-a020-136834d0667c", "value": "https://www.virustotal.com/file/2b99b9171cb3d2f13b8e21ebd70be56cc2475ced28ef7868cb7f537e65209714/analysis/1574062635/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "f44fbbc8-a8e9-4bb4-ace3-081ce2f6717a", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055423", "uuid": "f41b5936-5091-43d5-b8c8-10b828a44ce3", "ObjectReference": [ { "comment": "", "object_uuid": "f41b5936-5091-43d5-b8c8-10b828a44ce3", "referenced_uuid": "afefc42d-7075-460f-9942-056893327173", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-0b74-480f-9458-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "02fe6b7b-85e3-47fa-b2f5-4a7606b2ce84", "value": "3c673e97f4c1872407e006450f1ac728" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "b057ef21-f9a7-4ea0-99e1-c4112bb0935a", "value": "af19d6ceec637ee1bca32b8897e119188005d677" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "c39aef54-7c61-4935-928f-ab9673375ccc", "value": "98dcb64b12c9a0cb858adf937105f53525786452c63a67986458f4bf091ba804" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055423", "uuid": "afefc42d-7075-460f-9942-056893327173", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "08799b83-fcc9-4fbf-847a-fdf115720b30", "value": "2019-11-20T18:13:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "8f390919-a9ff-40da-801c-52abc1aa3382", "value": "https://www.virustotal.com/file/98dcb64b12c9a0cb858adf937105f53525786452c63a67986458f4bf091ba804/analysis/1574273597/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "8d57fd8b-6fdf-4172-8fa9-5bf626758550", "value": "42/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055423", "uuid": "790661b9-5abc-41a4-b941-490796a36e39", "ObjectReference": [ { "comment": "", "object_uuid": "790661b9-5abc-41a4-b941-490796a36e39", "referenced_uuid": "f54ecbf1-94d8-48d7-918b-25db40ef69f9", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-6848-4af6-a4a8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "ea9834e3-9aa9-4c62-83ec-1ff454bc72eb", "value": "3c96a2062c31cd61a9cba3ae9498fa70" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "acb5d714-1af3-4367-b7d6-fd7cbe844389", "value": "828042a83a9d5c8708448b8185fce82cf6c62da6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "13a72952-6f84-4e7a-b268-368f3135ff7a", "value": "c8d02b63d5d973233f3f72a608c991c48cdb799c314287e7de3a1a8e327111bd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055423", "uuid": "f54ecbf1-94d8-48d7-918b-25db40ef69f9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "6456d703-7713-42c5-b15f-87681a87f7ee", "value": "2019-12-09T15:15:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "4f21cd12-7974-43ac-849c-559eeb411916", "value": "https://www.virustotal.com/file/c8d02b63d5d973233f3f72a608c991c48cdb799c314287e7de3a1a8e327111bd/analysis/1575904500/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "5a47c44d-6811-4500-b9f5-d7cc84328c40", "value": "60/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055423", "uuid": "9248c2fb-b379-4e16-8dfc-a1f50b2f7635", "ObjectReference": [ { "comment": "", "object_uuid": "9248c2fb-b379-4e16-8dfc-a1f50b2f7635", "referenced_uuid": "db05e4ed-64be-44c8-b71f-19fcc1b090dc", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-7d78-4f74-9f63-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "acdafbf1-4c4b-445f-b048-f4ad92329205", "value": "cfafc7682eb3eb7705718ad6852367e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "ae6881ba-1dbb-442c-8aa5-e037ae77c82b", "value": "6ddc4e6aa4d7b64330aa3d5d5176d0b8552569e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "bd5f099d-c53a-433e-8822-5265edf9636d", "value": "5eec8ae262bcc5d47f42cb57a742bc95691278d80f6f5dd3dae50a0461a2d746" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055424", "uuid": "db05e4ed-64be-44c8-b71f-19fcc1b090dc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "81941889-f74f-49d4-806b-93227460c245", "value": "2019-11-23T22:57:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "15272a04-22a5-4de0-a112-a83c53453496", "value": "https://www.virustotal.com/file/5eec8ae262bcc5d47f42cb57a742bc95691278d80f6f5dd3dae50a0461a2d746/analysis/1574549835/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "47feef1e-220d-4647-82a2-9a0216bee653", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055424", "uuid": "97826163-af4a-4b54-bc10-c2a879c26bc4", "ObjectReference": [ { "comment": "", "object_uuid": "97826163-af4a-4b54-bc10-c2a879c26bc4", "referenced_uuid": "72dd2f88-9263-4b6a-be00-9255dd1d602c", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-9fac-49f8-a415-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "b4c3c8e7-3de7-4106-91f1-6e30e2dc62c8", "value": "8bca301a29079e5d3257958c4928193b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "83110071-ea4f-48d6-91b2-07118df157c1", "value": "3b216e6aaa478255914430667a8769f687d2e033" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "39a8ba34-5c91-47ee-b1e2-2fe37211380a", "value": "3da6aadcadf81b15f1117771e79dd6b78bdd28405a35e8213de97c046fb30447" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055424", "uuid": "72dd2f88-9263-4b6a-be00-9255dd1d602c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "fd5a59d5-2c06-403b-b8f7-ad08abc9c8e2", "value": "2019-11-21T10:51:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "5eabe6da-4416-4596-80ab-0f81733d97e5", "value": "https://www.virustotal.com/file/3da6aadcadf81b15f1117771e79dd6b78bdd28405a35e8213de97c046fb30447/analysis/1574333469/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "225e7e71-db9c-4fd0-92d9-424f61f40591", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055424", "uuid": "be252845-2208-462d-9c4c-db7003378a71", "ObjectReference": [ { "comment": "", "object_uuid": "be252845-2208-462d-9c4c-db7003378a71", "referenced_uuid": "7c90a156-0032-4733-8e34-241a4cc01652", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-71f8-4f4c-8426-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "b271d36f-ab68-4241-aced-7dbd008ff5dc", "value": "705aaaf7c3a50cdb2014ee97757ca3a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "367b64ca-bd1b-475b-99e2-332b5b6bfa79", "value": "27ead761a4f289e44d81393bad0bdf0ffa23eb1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "566b5f6d-6e18-4095-96b1-7fe300624593", "value": "4e3ce5e255d3f1134feacc559bac6e4f8f838af09432943cb8acb2b112258811" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055424", "uuid": "7c90a156-0032-4733-8e34-241a4cc01652", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "ec234b27-0b77-4b03-8098-f58322ec4929", "value": "2019-11-04T17:42:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "cf2dc7f0-654a-4961-812b-23d636175441", "value": "https://www.virustotal.com/file/4e3ce5e255d3f1134feacc559bac6e4f8f838af09432943cb8acb2b112258811/analysis/1572889338/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "a73d9027-a7e1-4fed-90ec-56570796409a", "value": "9/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055424", "uuid": "d10d07d8-f413-4f92-9afc-b1f9c5a932f3", "ObjectReference": [ { "comment": "", "object_uuid": "d10d07d8-f413-4f92-9afc-b1f9c5a932f3", "referenced_uuid": "5625b2c9-c4df-45ed-879a-2b27bd0ea47c", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-b45c-437b-9c5c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "81f60c32-3279-43d2-934e-ebe243cd7ff9", "value": "c957fb5c992e797a3c42b1758335a402" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "0ffa36ad-a3e5-4956-a74e-df41064bf80c", "value": "4ba02154a50060decc30e1e963358075ea6410f8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "10e9a9ef-d4a8-496e-b32c-23e091d8e2f4", "value": "efda6986f9c71d4bb89efe56c1a5c0b12c88e2f88e42e941668df5f8f95a56ff" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055425", "uuid": "5625b2c9-c4df-45ed-879a-2b27bd0ea47c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "ecb07cb8-83c1-40ef-8b98-7a536720a973", "value": "2019-11-10T21:36:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "13c7a1f2-d2d8-41f1-b8c1-6e23dbcd92bc", "value": "https://www.virustotal.com/file/efda6986f9c71d4bb89efe56c1a5c0b12c88e2f88e42e941668df5f8f95a56ff/analysis/1573421765/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "33398962-996e-4de8-92ed-f0f4da827b10", "value": "39/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055425", "uuid": "c2c3a5ab-3fca-45df-a938-1945f6a88540", "ObjectReference": [ { "comment": "", "object_uuid": "c2c3a5ab-3fca-45df-a938-1945f6a88540", "referenced_uuid": "6752c41a-88ce-409e-aa3b-147affa33d30", "relationship_type": "analysed-with", "timestamp": "1576055866", "uuid": "5df0b43a-e41c-4890-b1c4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "c62b5484-e958-48cb-b654-3f7e431f2b5f", "value": "fa07c78b3b584938c47c1777df4142c4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "5e4b4f4f-efec-4376-abeb-03117ca5fcf2", "value": "09c6769a73f2edc3c7562081b1fcab047e395111" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "a07d6acc-085b-450c-bf53-446f877cfe69", "value": "f9061958003b279ec0cab8c53ce83c588ef2be18d5840a8bf0a9a57ad2adf51a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055425", "uuid": "6752c41a-88ce-409e-aa3b-147affa33d30", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "e5416494-8a3a-4d25-9970-3591ca368ecc", "value": "2019-11-21T10:40:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "47b54001-ab89-44ec-8e0e-334680ce3c5c", "value": "https://www.virustotal.com/file/f9061958003b279ec0cab8c53ce83c588ef2be18d5840a8bf0a9a57ad2adf51a/analysis/1574332849/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "fd39e7d3-f759-4676-9389-40360a75d565", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055425", "uuid": "4c379350-7ab8-4d9a-ac2e-fd6e22d67175", "ObjectReference": [ { "comment": "", "object_uuid": "4c379350-7ab8-4d9a-ac2e-fd6e22d67175", "referenced_uuid": "75bf21eb-4910-45b9-aca5-140ebdd73228", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-f56c-4bae-a884-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "14a55d5d-3b4f-4450-a767-e5215277ac03", "value": "6b8763561af43250ed20fa3adaffe942" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "e438abfa-edf4-49c9-992c-f198f909b74d", "value": "4c57513a6e55dd3659aba3402292fe01d4ca00c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "57bcbfba-3280-45ba-9af9-d4af01d87457", "value": "c792044608784e566a7d45a5ec30ea21eba7b2df2215e3f679c7564b983ccf04" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055425", "uuid": "75bf21eb-4910-45b9-aca5-140ebdd73228", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "98482bab-467c-42c7-8ee6-fd67fb95d2e9", "value": "2019-11-12T07:43:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "14d87563-9547-48cf-9864-f0208d6a36b2", "value": "https://www.virustotal.com/file/c792044608784e566a7d45a5ec30ea21eba7b2df2215e3f679c7564b983ccf04/analysis/1573544586/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "647a76ea-ba2b-4c1b-a313-a5ad6ae54da4", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055425", "uuid": "b9a392ec-a68b-43a6-bb0a-8190b3e61a82", "ObjectReference": [ { "comment": "", "object_uuid": "b9a392ec-a68b-43a6-bb0a-8190b3e61a82", "referenced_uuid": "54bee58a-c009-4395-a517-3e4eb31920b8", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-2aa8-43cf-948e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "30323113-891d-4f1b-9d9f-ec80623ba218", "value": "fd9d207aa52d3109cd3f300d609c4db5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "8c3b72a3-ce80-4af0-a4fc-ae7540d83e5a", "value": "55de841a572563b65e161bafc2755ad513e6edc2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "504f9acf-d5a0-4267-b550-9acfb39b562a", "value": "a9db888bd80d8c94393e815f0e7810fd12365ed9be183b4babf61a5e7124a7bd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055426", "uuid": "54bee58a-c009-4395-a517-3e4eb31920b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "222404dd-35b5-474a-906e-85d0cf486259", "value": "2019-11-24T16:28:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "f9802939-da95-49a6-bd9c-87ced15275ed", "value": "https://www.virustotal.com/file/a9db888bd80d8c94393e815f0e7810fd12365ed9be183b4babf61a5e7124a7bd/analysis/1574612908/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "8f3db9f7-d4d4-44c8-8867-6ebe2dbbfb3c", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055426", "uuid": "704d9b2b-ba91-4907-8141-20c2ef96d4d4", "ObjectReference": [ { "comment": "", "object_uuid": "704d9b2b-ba91-4907-8141-20c2ef96d4d4", "referenced_uuid": "595a372e-8d2e-46a7-af22-f9951cdaac88", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-9e14-46d6-ad58-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "79bf4443-3eaa-47cb-b975-94a25929c8f3", "value": "91ca62f2e4313d08860389ff61dc75de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "62aff2b2-6c47-4e04-852b-8cfcf7686490", "value": "78c69fc31e6cb1a0c5b382e639ea730539a911b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "3056a213-a57f-42d4-81fe-72d54084f005", "value": "814162b87fdb59e4b04b1cbe83d67c07ddb97950f221e31a81674e3346f5f078" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055428", "uuid": "595a372e-8d2e-46a7-af22-f9951cdaac88", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "3b8f1de1-4226-4124-9535-863e14609179", "value": "2019-11-17T03:34:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "e466e2d5-f13f-4682-9fa7-0e72e97420f7", "value": "https://www.virustotal.com/file/814162b87fdb59e4b04b1cbe83d67c07ddb97950f221e31a81674e3346f5f078/analysis/1573961659/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "ad07e9d6-4ae4-4b8d-8dfa-b5f14ae940c0", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055428", "uuid": "6d2d9af8-e198-4722-bdf9-8af7c3c95ddc", "ObjectReference": [ { "comment": "", "object_uuid": "6d2d9af8-e198-4722-bdf9-8af7c3c95ddc", "referenced_uuid": "f205d829-81be-4736-af7c-14d5e42515a8", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-019c-4bd0-b550-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "67ae39c4-30cb-4e1d-8790-78671b812416", "value": "889635174693823a75865a893946fbbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "5b438ce1-80e1-441e-8361-951a551ed6f2", "value": "90b395da9e85da3d8d6d63551733dab021badc77" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "ce847d57-f5c0-4ff6-b35c-ce7a074a5ff7", "value": "c3e1cd68273ab34264ed21f73247d10d51086bd65f8dc3dbf8e6c155b3aa68fc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055428", "uuid": "f205d829-81be-4736-af7c-14d5e42515a8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "6e55bd02-45cf-4098-86fc-170406756fd5", "value": "2019-11-18T07:37:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "6baf72b6-5a88-4642-a52b-02f72c62fab8", "value": "https://www.virustotal.com/file/c3e1cd68273ab34264ed21f73247d10d51086bd65f8dc3dbf8e6c155b3aa68fc/analysis/1574062647/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "1082ec9d-f6a8-4a75-9fe5-0b7245bddf99", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055429", "uuid": "be5860a9-26a7-4525-a2fa-d595d89447b6", "ObjectReference": [ { "comment": "", "object_uuid": "be5860a9-26a7-4525-a2fa-d595d89447b6", "referenced_uuid": "ae75e2b7-9bfd-4189-8aed-4fe5ed12ad92", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-96ac-407e-ab1f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "23230149-f146-49e7-a4f0-690a17efab92", "value": "a2a9970b925a51c3554bfa99caa99dd2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "a246405a-9585-449f-b096-1b9e9c9855f7", "value": "63b9558399f0943f38afb8d0d8d2131a73e22394" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "e1d958bf-0ec9-433e-ad1d-50aae39d2841", "value": "f0a8d23efcf2c50479a878dea17207424b0294f6b03f5b72910579b0f490d22a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055429", "uuid": "ae75e2b7-9bfd-4189-8aed-4fe5ed12ad92", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "e2fbe418-36cd-4616-9db4-7cf1d3a97b58", "value": "2019-12-05T17:46:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "4429f254-c7a6-46d8-8b0d-bd6a6123cb14", "value": "https://www.virustotal.com/file/f0a8d23efcf2c50479a878dea17207424b0294f6b03f5b72910579b0f490d22a/analysis/1575567990/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "67071fc1-7003-43eb-8f91-d1462119eeb3", "value": "58/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055429", "uuid": "9e1259cb-bc1e-4c7f-8edb-a09e082ff79a", "ObjectReference": [ { "comment": "", "object_uuid": "9e1259cb-bc1e-4c7f-8edb-a09e082ff79a", "referenced_uuid": "8fcf3f77-2a48-48a9-ae78-16bce9c47cac", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-b118-4ddc-ae54-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "b175f7a7-6bf1-4ccf-85d9-96d962bb84ca", "value": "bfeef650f3bb62aa77a99619223dde9b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "ab7a63fd-6ff8-4b4b-9fbf-cedc4b17609b", "value": "a5c1e9deda2bc303a8fbda2e6f390d9f8b5026ea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "16197738-6d82-4832-bd6f-7faa9221d089", "value": "924a8b62fd55d59d80701387c86651ca455d5e6044dc6c836198dbe3577e8202" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055429", "uuid": "8fcf3f77-2a48-48a9-ae78-16bce9c47cac", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "acc69da4-5150-4544-a36d-3b0a5f6c0282", "value": "2019-11-28T19:17:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "c482da92-7f47-4a09-ab91-f5c84e4ee28d", "value": "https://www.virustotal.com/file/924a8b62fd55d59d80701387c86651ca455d5e6044dc6c836198dbe3577e8202/analysis/1574968646/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "b5cae1e7-799f-4d6e-849f-453301e2cfe6", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055429", "uuid": "03665592-a692-43b3-ae7c-5c44042a9611", "ObjectReference": [ { "comment": "", "object_uuid": "03665592-a692-43b3-ae7c-5c44042a9611", "referenced_uuid": "af5c999b-6767-40bb-8949-ce6fdb0e348e", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-69b8-49bc-b7bd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "048575bf-2b8b-4cb3-b5f3-f604933cf6a2", "value": "fbb52a5e4e82a5b564babf3fec21bebe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "7bd4b833-8c13-4dad-adfd-655e8ddc05be", "value": "9d5d01ee055e3480569ff2c39960dd2fae1882b5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "a2b9c864-9527-4460-b022-bcba2bb5b4b0", "value": "29d157f73ce559467d99ba16ca2d867eb5abc086c2ab0b92373d6adf91f77683" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055430", "uuid": "af5c999b-6767-40bb-8949-ce6fdb0e348e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "367ad2c6-7909-433d-a690-efdf19116fb3", "value": "2019-11-20T12:07:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "2279b949-0492-4fdf-a4ec-ff2d422aaaee", "value": "https://www.virustotal.com/file/29d157f73ce559467d99ba16ca2d867eb5abc086c2ab0b92373d6adf91f77683/analysis/1574251635/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "aadaaea0-529b-4644-a971-b9ca9cdff29a", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055430", "uuid": "7f985195-63be-4130-8570-2eb74d1c65d2", "ObjectReference": [ { "comment": "", "object_uuid": "7f985195-63be-4130-8570-2eb74d1c65d2", "referenced_uuid": "ad0c7ee7-17b3-4d04-87a6-a56cb3b0d0a3", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-47cc-4622-a592-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "ab4ddcf3-cb59-482d-bdba-8f07ab4d6c00", "value": "95d601c584f8614d6785f16771acc6a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "205ca478-ec03-4b2a-8bde-20549cf80129", "value": "6178c525426df3b1526847a625fbbe5b4e9e40bd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "a70dead4-d292-408b-bcb1-22f353f99223", "value": "73399f5f04cdbf8fd8d61d730a24399a1058f727577cbf33b31c37bd6bc820aa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055430", "uuid": "ad0c7ee7-17b3-4d04-87a6-a56cb3b0d0a3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "9c41c445-3b87-4aae-8f51-ea1a53fb54e0", "value": "2019-11-30T10:50:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "f64a69ef-cb25-49fc-8c04-fc313b023623", "value": "https://www.virustotal.com/file/73399f5f04cdbf8fd8d61d730a24399a1058f727577cbf33b31c37bd6bc820aa/analysis/1575111048/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "71d63319-0f50-46e5-a3f7-5947e72a7c8c", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055430", "uuid": "af868be2-d87f-4f4c-8ae7-aa156542e19f", "ObjectReference": [ { "comment": "", "object_uuid": "af868be2-d87f-4f4c-8ae7-aa156542e19f", "referenced_uuid": "7ce83015-b2e2-4464-9236-d9fa1aba1fe4", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-0f14-4407-9640-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "3c559430-1b43-459f-ae44-1080ae1eb1d5", "value": "351ec9df3df2a8c29a940aeb1a9a8b60" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "4424ddf0-1abf-4b86-b5c9-0ec747355075", "value": "26085f18f1fe5c0dd81f3421b968e47b4d50b638" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "70e23dc5-5420-462e-b3dd-21c9bac3572e", "value": "dc440fdd3bd43d22a0da4928055c62e62d58dd0b13d96fccf125d47a00cd6aac" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055430", "uuid": "7ce83015-b2e2-4464-9236-d9fa1aba1fe4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "b52726d0-a61f-43f4-9138-5795a735f944", "value": "2019-11-06T16:00:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "ebb0f63e-e1c1-4c0f-8eaf-f126e99d8c3b", "value": "https://www.virustotal.com/file/dc440fdd3bd43d22a0da4928055c62e62d58dd0b13d96fccf125d47a00cd6aac/analysis/1573056039/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "9b8b6aa6-cede-4656-9cdd-f2ab34687491", "value": "10/58" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055430", "uuid": "1a3e8cbd-32d7-4fa3-9e02-142d5e212517", "ObjectReference": [ { "comment": "", "object_uuid": "1a3e8cbd-32d7-4fa3-9e02-142d5e212517", "referenced_uuid": "c5bc33a7-1263-4c90-81ee-0c21da76e67f", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-1e6c-4368-9206-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "0674bd52-1ead-4bc6-8de2-75c20dc63872", "value": "87fbf5f3a7096891c13e7ea70e39b2de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "ea38f811-16f3-4870-be5c-bfc6a20ef894", "value": "612facc36c9f276c1c7da31762d394120e6154cb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "1bc16369-3886-4f17-b93b-6112f6af6ead", "value": "aaab37892423fd94d199cce24360c53ea240a0a81b63b7d7169c7b7595c2fcd3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055431", "uuid": "c5bc33a7-1263-4c90-81ee-0c21da76e67f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "a918e663-bc8a-4b65-9115-e0f0f39cdd47", "value": "2019-11-17T08:39:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "238f06fa-6f29-4748-857d-2c5b22827bc2", "value": "https://www.virustotal.com/file/aaab37892423fd94d199cce24360c53ea240a0a81b63b7d7169c7b7595c2fcd3/analysis/1573979941/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "0150e61d-de75-4f69-9639-4f57f52ab8c0", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055431", "uuid": "7b4b65fc-7250-47ed-a17b-7ea0880f45e0", "ObjectReference": [ { "comment": "", "object_uuid": "7b4b65fc-7250-47ed-a17b-7ea0880f45e0", "referenced_uuid": "3f48ed89-af7e-40ba-938b-e74dd9c91e55", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-9da0-49d0-95c9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "04a6a3a6-7324-4a12-a0be-e252f37af7b2", "value": "fc009a145aa3db6f163cc0757a126cef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "f9817673-cc1e-48e1-b095-5f7110ccbe44", "value": "3fc1f0685737819cce3827c1c054c6bdaac12fb9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "4c890de3-fff2-4bf6-9dd2-8611570e0735", "value": "02f89e7b87262d14560f46006633246541d521d41b8e90b9466e61e578dc0aba" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055431", "uuid": "3f48ed89-af7e-40ba-938b-e74dd9c91e55", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "6fa8d75d-7459-4100-869a-df816489f01c", "value": "2019-11-21T11:11:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "45567cd1-8ddf-46e3-b5f0-0703e33bebf9", "value": "https://www.virustotal.com/file/02f89e7b87262d14560f46006633246541d521d41b8e90b9466e61e578dc0aba/analysis/1574334697/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "f5b59cf2-0f06-4d5c-8196-99837aae24ed", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055431", "uuid": "a0058eb1-5f03-47ed-afab-2efd3e995eea", "ObjectReference": [ { "comment": "", "object_uuid": "a0058eb1-5f03-47ed-afab-2efd3e995eea", "referenced_uuid": "07576deb-5352-41b5-a479-2c5317d0c86b", "relationship_type": "analysed-with", "timestamp": "1576055867", "uuid": "5df0b43b-d1e4-461c-af6e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "6da1c90e-4864-4894-a163-70a3e6fa5226", "value": "40c822f14961200744ef3e2afb654d27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "9b13459b-9197-4890-a68b-0d5da31a7cc0", "value": "509d0e331fa56a234518d9d32dd3523b4d636bcc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "8dee80f9-4691-4458-9efc-a20fbf5c47ea", "value": "192e68746552b5546de223be6ec1f65adb4abb9c05a11ba8fcf159c1738872ea" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055431", "uuid": "07576deb-5352-41b5-a479-2c5317d0c86b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "a01852ca-5328-4560-a1b4-d9dcd89ecbf6", "value": "2019-11-28T10:27:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "d3b1801f-330f-4911-bfad-bc8219ef491a", "value": "https://www.virustotal.com/file/192e68746552b5546de223be6ec1f65adb4abb9c05a11ba8fcf159c1738872ea/analysis/1574936823/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "5ef1abab-a496-4683-8ce7-f857174ddea4", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055431", "uuid": "80d35444-5e69-489e-90cb-5042335a6fbc", "ObjectReference": [ { "comment": "", "object_uuid": "80d35444-5e69-489e-90cb-5042335a6fbc", "referenced_uuid": "1b4c7c89-9561-4419-b2f9-1c274ee62854", "relationship_type": "analysed-with", "timestamp": "1576055868", "uuid": "5df0b43c-f90c-4478-a1ca-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "a07063bf-1bfd-4799-af9c-0748aefcd312", "value": "d44db8da96bb89a3d3b8cd15656b3ff6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "2a9edb9d-e2f1-431a-a920-f81a01c4b3e0", "value": "ee2d70e18ffcf977519cd8cefdc9999c84f3ccd8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "a96c87be-9e85-4e4f-9681-b7f2b91f6811", "value": "7a68d875c499fd6987c5fa1a46272bd7c2969f900807e51de43b49d9934aa59e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055431", "uuid": "1b4c7c89-9561-4419-b2f9-1c274ee62854", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "9dacdad1-d38b-4c27-baaa-8c9289f68b93", "value": "2019-11-23T22:06:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "f8f14512-adc7-42a0-b65c-2cbabed258bf", "value": "https://www.virustotal.com/file/7a68d875c499fd6987c5fa1a46272bd7c2969f900807e51de43b49d9934aa59e/analysis/1574546798/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "62931e77-2146-457e-bfa5-07a99da0f02c", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055433", "uuid": "48c053b3-3044-44cb-a28f-a7d52591daf4", "ObjectReference": [ { "comment": "", "object_uuid": "48c053b3-3044-44cb-a28f-a7d52591daf4", "referenced_uuid": "4cb3c70c-abc8-41b8-be9e-a03b38671347", "relationship_type": "analysed-with", "timestamp": "1576055868", "uuid": "5df0b43c-f4d4-4bd9-b6a9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "f4de3bf1-c115-406b-8485-255c7215abcc", "value": "4d17ce4ece308cbb51874a0c60d409c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "1b7d6f08-3cf3-4d80-98f1-e06675884cfc", "value": "5635a5a8bd2d9d8ce05425638c080509d226ca1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "d9e5cfd2-f547-4968-96d0-1d6ad81fc1b0", "value": "09ec80f99e85ccf0df9ee0ae4c6520eebde71bc3c87b2726d84b981259164639" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055434", "uuid": "4cb3c70c-abc8-41b8-be9e-a03b38671347", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "fe3f5d88-a3ae-409e-8d8e-d5fde7aa886c", "value": "2019-11-22T01:08:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "cf753170-dc05-475e-b1f6-dce240ee3030", "value": "https://www.virustotal.com/file/09ec80f99e85ccf0df9ee0ae4c6520eebde71bc3c87b2726d84b981259164639/analysis/1574384937/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "30a0e159-1828-4665-a1e6-af855423b98a", "value": "47/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055434", "uuid": "e16742e5-9cde-41ba-af1d-091d8bedf4b0", "ObjectReference": [ { "comment": "", "object_uuid": "e16742e5-9cde-41ba-af1d-091d8bedf4b0", "referenced_uuid": "3b5f9f6d-5343-4f06-a8b5-31861c2e1de6", "relationship_type": "analysed-with", "timestamp": "1576055868", "uuid": "5df0b43c-7d04-4e56-8896-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "950816b4-7b9c-4c36-958c-205d3b2388d2", "value": "e47a5f825576f07305376fad0740e88a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "d4bda53b-ca68-45b4-85d2-5129ae965735", "value": "f2234a464215f8c29920f32235c5a8caf34ba251" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "18f1ab47-391d-4c89-a012-ec64fa9188b5", "value": "41e978655f6b85f444b99c91865c0221c27a54a20e3fc55d4e61c3e106af73c9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055434", "uuid": "3b5f9f6d-5343-4f06-a8b5-31861c2e1de6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "a274ffca-9b69-4d28-a712-f24dccd573a8", "value": "2019-11-17T09:12:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "52b2bfec-7a02-418b-a0ae-ad366b9ed8d9", "value": "https://www.virustotal.com/file/41e978655f6b85f444b99c91865c0221c27a54a20e3fc55d4e61c3e106af73c9/analysis/1573981970/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "523cfe09-7200-4f73-aee1-892f0b732efe", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055434", "uuid": "1acdcdf2-193d-4bdd-8360-a26ed49a0793", "ObjectReference": [ { "comment": "", "object_uuid": "1acdcdf2-193d-4bdd-8360-a26ed49a0793", "referenced_uuid": "d5e4bd27-6691-4b2d-8eec-2fbf4e24baa7", "relationship_type": "analysed-with", "timestamp": "1576055868", "uuid": "5df0b43c-0cac-44dd-8cab-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "6bcb3d34-26d0-4f35-98b6-683988365f3a", "value": "d84638ebb022bd43aad2ef9978722fc5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "d6138b90-4165-4ea2-b581-7a5a9724c5fb", "value": "50d21a87add9dfd422f658f8d435ffbd2fa9a882" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "c8033c28-f39a-4936-91f3-c977591c44f7", "value": "dbc858c551a2b73228898aef3689239432eb9273acf745034ec86caa2f19b2be" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055434", "uuid": "d5e4bd27-6691-4b2d-8eec-2fbf4e24baa7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "d1afe8b2-17bd-4240-a03d-03617ed02275", "value": "2019-11-17T10:06:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "5bc0c39b-5298-43b4-98be-4b580fb4f7a2", "value": "https://www.virustotal.com/file/dbc858c551a2b73228898aef3689239432eb9273acf745034ec86caa2f19b2be/analysis/1573985182/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2469b3c1-9125-490a-871e-2f60fd2a5c9c", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055434", "uuid": "b401a8db-a6fc-4176-b07d-10973bd9bcf4", "ObjectReference": [ { "comment": "", "object_uuid": "b401a8db-a6fc-4176-b07d-10973bd9bcf4", "referenced_uuid": "6a8e60ae-a643-4b5e-b5e6-57405a6c8597", "relationship_type": "analysed-with", "timestamp": "1576055868", "uuid": "5df0b43c-48a4-4f09-8966-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "c9f43887-545a-4c54-bc48-cc0a27f87a45", "value": "fb5c6e8ba4c3bea45dca75558678cb27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "c8077cfb-672d-4fea-a34e-cd08d3470d85", "value": "f7badae4239217664645556181208d7eebe066e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "c2c44866-33a5-48f2-b44a-5801cce5e993", "value": "2807b45cf41bea348f00df06ebb82a983261e3fabe4ee6342246e0203fead610" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055435", "uuid": "6a8e60ae-a643-4b5e-b5e6-57405a6c8597", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "92ba81f8-b66b-4d26-a0fe-f90a576a799f", "value": "2019-11-10T21:30:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "c8ef37e2-603b-466d-8562-d12e8480fd3d", "value": "https://www.virustotal.com/file/2807b45cf41bea348f00df06ebb82a983261e3fabe4ee6342246e0203fead610/analysis/1573421432/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "d09d9b8c-ac95-463b-888e-faf175e3a0d4", "value": "41/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055435", "uuid": "4d42dfa2-8146-4ce4-9bb2-ff4cc7aed489", "ObjectReference": [ { "comment": "", "object_uuid": "4d42dfa2-8146-4ce4-9bb2-ff4cc7aed489", "referenced_uuid": "1bfd9b32-6528-405b-9df5-1bc170d35ab9", "relationship_type": "analysed-with", "timestamp": "1576055869", "uuid": "5df0b43d-4550-4c84-8ebc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "62353773-95eb-48a9-a72d-436b2c91cd85", "value": "114c623bd10a1d270074d94ed617acf1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "72d6f3fa-3795-454d-a065-46c089c06e1f", "value": "0d7a74fc4bad318bd5ad223f59e23180eba3ec3c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "92acdcf7-0860-4109-a366-26b9f84dd4be", "value": "9ec7482e56c1a048351a1b9f9825352fd535089359e232b70bf2023d3a0143e7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055435", "uuid": "1bfd9b32-6528-405b-9df5-1bc170d35ab9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "ec23ac9b-5d90-4a11-90f7-3b761413c322", "value": "2019-11-21T10:42:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "91de8d1c-531b-401b-a8e1-1315a93ecdad", "value": "https://www.virustotal.com/file/9ec7482e56c1a048351a1b9f9825352fd535089359e232b70bf2023d3a0143e7/analysis/1574332932/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "e7d46b8a-6e42-4aaa-875b-b3266c64b67a", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055435", "uuid": "675e1716-6a26-42ea-a062-e6da3b6ad681", "ObjectReference": [ { "comment": "", "object_uuid": "675e1716-6a26-42ea-a062-e6da3b6ad681", "referenced_uuid": "c18b282e-e307-422e-bb53-905e3acaba81", "relationship_type": "analysed-with", "timestamp": "1576055869", "uuid": "5df0b43d-0f4c-4ae5-8be6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "cd5f83ba-f44b-4978-83e4-049e3fd6d8b9", "value": "b03db26ee53dbf5d6277c181107dd09a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "ae1ebe9b-ff2f-4256-b39d-e9c5fbb74086", "value": "c51f465dec98362b87c1db9ba592f3d47032a658" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "65ef219f-60d7-4a27-9d6c-b83dfaada302", "value": "e782789646de1f1b58323d2961870f9aa574c59901a560396cb72f7a7ceaf6d5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055436", "uuid": "c18b282e-e307-422e-bb53-905e3acaba81", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "9589fff5-a870-48b6-abd4-b5eaf622630a", "value": "2019-11-07T16:26:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "ec6869bf-3aad-4966-9d07-ec47faf66595", "value": "https://www.virustotal.com/file/e782789646de1f1b58323d2961870f9aa574c59901a560396cb72f7a7ceaf6d5/analysis/1573144018/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "a7b3bd29-fbf2-4780-94f0-b075702191a5", "value": "10/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055436", "uuid": "334a5d8d-d499-44cb-a4bf-a1b09f5c957c", "ObjectReference": [ { "comment": "", "object_uuid": "334a5d8d-d499-44cb-a4bf-a1b09f5c957c", "referenced_uuid": "34d09d98-c515-4fd3-a13c-cbfb8f173195", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-dc98-4d00-8ad3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "b3254eae-5dc1-4089-aee5-d4f949c30f56", "value": "da504e1b3f0d07ccdeb5bec01677a2da" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "18466c0b-5c55-46b0-8279-087f14f0181d", "value": "6ae47dbd973fa337c53ea6dd7209f367b4ebd1a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "c9c1fd74-9be4-4d7f-b257-2adfaf50bc3e", "value": "7a34cd84c913e1e6c2e1a6f94c34d62d3a261cd1a75da85c0f3d73df9259c5dc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055436", "uuid": "34d09d98-c515-4fd3-a13c-cbfb8f173195", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "e6b2c456-5436-405e-9418-760ae8dda6bc", "value": "2019-11-23T22:00:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "2f7c210b-2f46-40b7-becb-49a6ef24eac1", "value": "https://www.virustotal.com/file/7a34cd84c913e1e6c2e1a6f94c34d62d3a261cd1a75da85c0f3d73df9259c5dc/analysis/1574546424/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "4696cd14-a4d7-4f0d-9cfa-7ace467f5495", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055436", "uuid": "7376a665-9c9c-4711-8f68-1f45047546f5", "ObjectReference": [ { "comment": "", "object_uuid": "7376a665-9c9c-4711-8f68-1f45047546f5", "referenced_uuid": "ebf1c6f5-884c-4017-b8a7-6420e0f653f8", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-ccf0-4a32-89ee-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054894", "to_ids": true, "type": "md5", "uuid": "b1fee105-4f10-483e-9a7d-8c22c23b7e72", "value": "0e01c42b96d3b591f3dade6734871d98" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054894", "to_ids": true, "type": "sha1", "uuid": "fbe0caa6-509b-48a7-87d4-0b9effdf5f3f", "value": "ca9b80a216c9b7e644d9f4db197ac90bd4a65c77" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054894", "to_ids": true, "type": "sha256", "uuid": "70cb8036-06ff-4a6b-97fb-73a9818364c7", "value": "c1d650ab6aef15a7170da9d2c2060c6c11d2989282a27cfd63f9afc478027a79" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055436", "uuid": "ebf1c6f5-884c-4017-b8a7-6420e0f653f8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054894", "to_ids": false, "type": "datetime", "uuid": "edf92171-8d51-480b-b7bc-b59af2b50b44", "value": "2019-11-22T12:12:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054894", "to_ids": false, "type": "link", "uuid": "28b46b72-b5b8-4cab-a874-9f8eb245b6cd", "value": "https://www.virustotal.com/file/c1d650ab6aef15a7170da9d2c2060c6c11d2989282a27cfd63f9afc478027a79/analysis/1574424723/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054894", "to_ids": false, "type": "text", "uuid": "c8c6d433-8313-477a-989a-d684aee79bac", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055437", "uuid": "b4de5a4e-2a19-43d8-9da1-57730d22dab3", "ObjectReference": [ { "comment": "", "object_uuid": "b4de5a4e-2a19-43d8-9da1-57730d22dab3", "referenced_uuid": "b156f377-075c-41ec-a520-dd934705382e", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-47b8-4d14-b0b0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "a7bc88c1-a254-46bf-8afe-414a0a454fd2", "value": "58365ae5f3301af655a0fa0b8565c147" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "a9955d65-ee99-4713-9b09-5ac0d9e050d7", "value": "aafc93a1faf3feca19c2b5a654c04d3ebf1c7458" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5eb9735b-fdd7-4d6b-80c5-a8ab99c0f02c", "value": "220a65657f754a4b46670b3666f8e14545c0dd286e8caad4591ddb8172e56105" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055437", "uuid": "b156f377-075c-41ec-a520-dd934705382e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "3dab8ed2-aee1-4c5a-87c8-75d827b6a005", "value": "2019-11-23T22:53:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "907f04fd-450c-42d4-a83f-c4a4669aaf59", "value": "https://www.virustotal.com/file/220a65657f754a4b46670b3666f8e14545c0dd286e8caad4591ddb8172e56105/analysis/1574549630/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "9a15656d-e448-4ba4-87fa-ceb477903cbc", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055437", "uuid": "56cc4fcc-15c0-489d-8bf0-7f683885a03e", "ObjectReference": [ { "comment": "", "object_uuid": "56cc4fcc-15c0-489d-8bf0-7f683885a03e", "referenced_uuid": "622a2879-7329-4bfd-a8a6-58f0523d1ebb", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-8c34-4964-8219-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "10d4a783-a799-4796-987f-bec3f5c1e698", "value": "e2b9af11e6d33640f7d9d8ca6aad77b3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "da29ac09-5112-4e61-8729-1b024f1cca98", "value": "614c2cd7e17f1df66e8934421d2eeeb7f232d56c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "f88d208a-f36b-4b53-874f-ead73e309db3", "value": "3665c04c797a7effbc3edd7e4465e2728e81b0d7f0fbc9fe478f03063bb1bcfd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055438", "uuid": "622a2879-7329-4bfd-a8a6-58f0523d1ebb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "c068e0cd-2191-4c21-985e-5f8c8bb2c7d6", "value": "2019-11-06T17:47:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "a3a481ce-9ab8-485a-a849-23b9face7213", "value": "https://www.virustotal.com/file/3665c04c797a7effbc3edd7e4465e2728e81b0d7f0fbc9fe478f03063bb1bcfd/analysis/1573062473/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "19f8dfca-a7a8-4600-9657-79a51948864a", "value": "40/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055438", "uuid": "d10942f1-7e0b-4700-932c-37a24ca2a7b9", "ObjectReference": [ { "comment": "", "object_uuid": "d10942f1-7e0b-4700-932c-37a24ca2a7b9", "referenced_uuid": "8d74ec39-ab53-4434-a82a-4cad16a3a23a", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-25fc-48c4-a3ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "1992dcea-2632-4ddf-adf8-965b26c9493c", "value": "6313679a73898caf7fadc34e717e1a88" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "2c6729aa-2048-4bf7-bfe1-511dfff904c2", "value": "a39b6c1949f94136f9a06de84d586328e366cb4e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "836f0a8c-fadc-4307-af97-345ac432b359", "value": "a19cb57464849401b6b3550182b359fd662673aaa44103c2d698a6b19612cb63" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055439", "uuid": "8d74ec39-ab53-4434-a82a-4cad16a3a23a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "eed57b92-fcd0-48ce-9335-ea221f9dcf5b", "value": "2019-12-05T08:47:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "7111662f-3155-4ed6-b3d4-c98e85ab9d9e", "value": "https://www.virustotal.com/file/a19cb57464849401b6b3550182b359fd662673aaa44103c2d698a6b19612cb63/analysis/1575535640/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "921dc011-1894-40ca-8245-fe452ec1fb50", "value": "57/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055439", "uuid": "7aaf28e3-f95e-4803-ac53-ee1c1c50272b", "ObjectReference": [ { "comment": "", "object_uuid": "7aaf28e3-f95e-4803-ac53-ee1c1c50272b", "referenced_uuid": "1b0fff68-525f-40d9-88dd-df82f4ef0a94", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-d834-4340-a165-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "7cfdc4ba-1101-491b-9985-b9f957e6e03d", "value": "7dd5c274eb948db3641cb324205f4824" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "8421147f-d12c-4991-9038-d0fd6231cb00", "value": "5c419f352beeb8b9bfaf9abd3eb4d45e8e3c41ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "60d940c8-dd2d-4cc7-b641-9b5011fa22f7", "value": "9ffc171e07bd76e75957d7a6d6ee25505c33401c50830a2b7f2524f802336c72" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055439", "uuid": "1b0fff68-525f-40d9-88dd-df82f4ef0a94", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "9c8e567c-60bd-4df9-8a2a-c5a0995a0224", "value": "2019-11-21T11:03:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "d5edda4a-fcf9-46ab-8f51-ed213e493695", "value": "https://www.virustotal.com/file/9ffc171e07bd76e75957d7a6d6ee25505c33401c50830a2b7f2524f802336c72/analysis/1574334230/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "c565a7db-15e7-4058-86ae-af71432015a2", "value": "41/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055439", "uuid": "aee07c40-25ea-4b3c-b4ef-b37feb1ea25f", "ObjectReference": [ { "comment": "", "object_uuid": "aee07c40-25ea-4b3c-b4ef-b37feb1ea25f", "referenced_uuid": "fb6f45ed-fd7b-4bb4-92ca-05b6fe37d18b", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-249c-4dea-bacc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "91ba477d-df58-48d7-919a-bd23a4ca2f01", "value": "396bce37d4b5a59da5b8f252ed3aaa36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "255b2e33-bed1-40b2-950d-97d482c36db1", "value": "1c92c45581163a2de5734ddfe5edeceb8aaf6dba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "2d674620-652f-4984-800a-35af8d311e76", "value": "aae033ea6ac16ca78663191b8248ce7d6caa2c00fab27610cace73ac26f7286c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055439", "uuid": "fb6f45ed-fd7b-4bb4-92ca-05b6fe37d18b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "0ce9a2c0-a1fc-4c16-902e-48e8ef6aab47", "value": "2019-11-11T22:43:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "99652023-81d4-4173-8304-626f49e8ef7b", "value": "https://www.virustotal.com/file/aae033ea6ac16ca78663191b8248ce7d6caa2c00fab27610cace73ac26f7286c/analysis/1573512227/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "ac4723c6-6c31-49fc-b667-a1dcd2128794", "value": "14/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055439", "uuid": "7f4b6869-ebf6-46d7-82c8-947888af0c08", "ObjectReference": [ { "comment": "", "object_uuid": "7f4b6869-ebf6-46d7-82c8-947888af0c08", "referenced_uuid": "ffb7dc9b-afec-47cc-884f-4e1dc971a3ac", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-a654-462c-91b9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "986d1c43-fc58-414d-8ecf-a12c917769ff", "value": "185fd4445b254e4f16f609c8f44480c6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "f7e175f7-675d-48d3-9c77-a3580f09dc13", "value": "76f80c40ff28939c828695544a5893620f70fec5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "130eb82c-fcde-48e2-85b9-919497c05614", "value": "d643b32810d7b5fe56ca5148590e7e8079d0d2c7de248905f773f1832dbc8c0a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055440", "uuid": "ffb7dc9b-afec-47cc-884f-4e1dc971a3ac", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "38103c47-50c3-407c-8563-87aa386a60cc", "value": "2019-11-21T10:35:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "a4070f21-05d1-42fe-a038-fa3722920a14", "value": "https://www.virustotal.com/file/d643b32810d7b5fe56ca5148590e7e8079d0d2c7de248905f773f1832dbc8c0a/analysis/1574332527/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "b3f13513-1d25-4ae9-9922-5c9f6348b30a", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055440", "uuid": "190115c7-882d-4856-9092-b742108a2eab", "ObjectReference": [ { "comment": "", "object_uuid": "190115c7-882d-4856-9092-b742108a2eab", "referenced_uuid": "15b205a8-cb6e-45d7-9aad-da527c8ff5de", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-1220-4406-8448-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "a239afd3-e329-4425-b930-b49b008d91b7", "value": "ed0e42d5979c4261588dad9dd2909043" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "52b837b8-7922-41ff-ab60-6be3f7504fbe", "value": "4bcb02486ed4b0bc5356946162fa421d4227ec0f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "72fd6a83-ad5a-4193-a4ba-7b2c020945fb", "value": "21f19a65a0194ead3ad5b624e44c7b32510be96633d6e778827adacb311f8877" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055440", "uuid": "15b205a8-cb6e-45d7-9aad-da527c8ff5de", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "55dea321-7465-4a7f-9a2d-d31da3e2648e", "value": "2019-11-21T10:36:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "9cd4432c-c5b2-47c5-a7be-9460ccf50981", "value": "https://www.virustotal.com/file/21f19a65a0194ead3ad5b624e44c7b32510be96633d6e778827adacb311f8877/analysis/1574332572/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "4afc9d08-5f78-48f9-8070-26614d2be4ec", "value": "41/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055440", "uuid": "6e916952-29d1-4de6-bba2-d3fc796e53d4", "ObjectReference": [ { "comment": "", "object_uuid": "6e916952-29d1-4de6-bba2-d3fc796e53d4", "referenced_uuid": "95526d28-ceb8-4f8e-aa22-f14c264d5a47", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-c4c4-4ab0-bc03-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "c3b69872-3ffc-4d42-9e30-71ee15ffd8b5", "value": "c445eb0b1a2df5affef41bb388ec1c1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "7153fe71-c81f-42d8-bb47-c407e9bf4bdd", "value": "b086f1a59ee9ff5e9970eb7913ced4e8a37a8c84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "220a4ec2-9e45-4d88-9bd2-d3d7310ba5a0", "value": "63a1b92800d420cf3441021474f937833e56fa067144a36b74a15af49abf1128" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055440", "uuid": "95526d28-ceb8-4f8e-aa22-f14c264d5a47", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "05736475-a140-4b60-9f80-d401435e83a9", "value": "2019-11-26T13:38:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "5b284240-ee1f-4427-b619-d83ba340a23e", "value": "https://www.virustotal.com/file/63a1b92800d420cf3441021474f937833e56fa067144a36b74a15af49abf1128/analysis/1574775486/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "12f2b0d1-c707-4bfd-866a-8bed92fda243", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055440", "uuid": "68313563-5349-4294-9eee-4a4b6930b3ee", "ObjectReference": [ { "comment": "", "object_uuid": "68313563-5349-4294-9eee-4a4b6930b3ee", "referenced_uuid": "491197e9-5698-4c91-85a8-0f83e94954e8", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-ce84-4b0b-a364-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "0a136d55-7623-4f28-8bfd-8ee5b47ee7da", "value": "28ba6b1546048fc36df86c81ca180934" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "d74ae9e3-1619-470d-b9ae-714fcee83bd5", "value": "b0fedc1cac631ad33d46fe716f5bf6b47a8847e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "dbd87e03-d399-41a5-a4d0-327f663df3f6", "value": "9fe0f0fe473163b358923164a9d1f3287bcfe48f54b9b52aa2712a3f8a8e9ca8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055441", "uuid": "491197e9-5698-4c91-85a8-0f83e94954e8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "7749c10b-88b3-4575-a730-8ad538750169", "value": "2019-11-18T07:37:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "a464a6c6-5c5f-4fb6-ae40-204774e6ed0e", "value": "https://www.virustotal.com/file/9fe0f0fe473163b358923164a9d1f3287bcfe48f54b9b52aa2712a3f8a8e9ca8/analysis/1574062644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "7bd9e82e-6bfb-401c-9996-526e6f0fbd69", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055441", "uuid": "64dd15b3-2453-408f-b6f5-699ea53bf1b0", "ObjectReference": [ { "comment": "", "object_uuid": "64dd15b3-2453-408f-b6f5-699ea53bf1b0", "referenced_uuid": "e253786c-c98c-4560-9b8b-7646ef35d4c6", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-00c0-48b7-90e0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "649c39a7-1a28-49fe-98df-feb79b2f2e45", "value": "cf9f3cbd5d01f8fc82dcb34f9622bb72" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "1711ff6c-b08d-480a-95d6-b818112764c3", "value": "09b5c515eb256fb4e97b6b9bc0632a2e31829e4a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "d0e4241b-a375-49cc-9871-5d49369c9970", "value": "6c9cfef6b7e2312183b7140e1949ed712a28ed9e906580c25bc371c7d2c6f559" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055441", "uuid": "e253786c-c98c-4560-9b8b-7646ef35d4c6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "af4de519-c57e-457a-9adc-20372dc97bba", "value": "2019-11-16T08:57:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "6d528a28-5b54-488c-96e6-615774f80e00", "value": "https://www.virustotal.com/file/6c9cfef6b7e2312183b7140e1949ed712a28ed9e906580c25bc371c7d2c6f559/analysis/1573894658/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "9736445f-1543-44aa-955c-da24538d5130", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055441", "uuid": "ee0adf9c-a186-4916-9c43-bbc20ddf6742", "ObjectReference": [ { "comment": "", "object_uuid": "ee0adf9c-a186-4916-9c43-bbc20ddf6742", "referenced_uuid": "6c819924-59ed-4ba8-9075-9b44378c194b", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-a938-4ca3-b101-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "aaa51e02-30ee-4b25-ad5b-4641824c75bf", "value": "bd65cf7b1dfd1fb281732c25b6dd0ecc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "5063be31-95cf-4214-b53b-4df18439b3b7", "value": "331aee325d364a9320b48f9fbed6b6a351cb1978" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "d3b7b714-14f4-4a03-acaa-fb2344533c17", "value": "fefbd626a8986fe0c42ad78e59421e0dd05bae31c26ee51a4376c58d99d3dfe5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055441", "uuid": "6c819924-59ed-4ba8-9075-9b44378c194b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "e4aed69c-61c9-4025-8d84-bd7a6682af8b", "value": "2019-11-21T10:27:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "5f957ab6-b7b9-452e-892b-28ee18580b0b", "value": "https://www.virustotal.com/file/fefbd626a8986fe0c42ad78e59421e0dd05bae31c26ee51a4376c58d99d3dfe5/analysis/1574332061/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "9110341f-eab3-4c38-b187-517797c24cbc", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055441", "uuid": "32858727-1f3f-46c2-835b-d92df8fbbe42", "ObjectReference": [ { "comment": "", "object_uuid": "32858727-1f3f-46c2-835b-d92df8fbbe42", "referenced_uuid": "03b98b00-c2d4-4bab-8c3b-994435c9d01f", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-41f4-4abd-b669-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "d1f201e5-d3ee-4c40-b8b6-69f7ec47922f", "value": "de75f6f8b25f8a5efe9bc7ab59c3c2e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "4c71b9a5-2299-4945-b68d-e4b36b829649", "value": "c300411ba6174a7fd302f9a8ea939bdb77c24720" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "f38145fc-6383-44c5-888b-874189fa09d3", "value": "ac0a3eef0ee842e7377a81a4b64470ec90e3e3d871c4b0bbbba027d6dd73d839" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055441", "uuid": "03b98b00-c2d4-4bab-8c3b-994435c9d01f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "d8be51fd-5df9-49c3-a1f3-36a49888979c", "value": "2019-11-21T10:42:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "05b8513f-d3d7-4ed9-9684-43b02167bfb3", "value": "https://www.virustotal.com/file/ac0a3eef0ee842e7377a81a4b64470ec90e3e3d871c4b0bbbba027d6dd73d839/analysis/1574332938/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "730cf75a-0c9b-485b-9ce3-93f37cc4a575", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055442", "uuid": "af710a53-521f-4c89-bc1e-e0009e897980", "ObjectReference": [ { "comment": "", "object_uuid": "af710a53-521f-4c89-bc1e-e0009e897980", "referenced_uuid": "a7ff9f45-3a50-4e9a-8f65-66403d663a62", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-b120-4564-a4f6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "bd821e6b-bc8b-4ae5-afcd-3e176433b123", "value": "b71d6d55d88c1bdb0cbbbdc00a6626ec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "948a1bb2-3ebc-413c-b133-f52244ad1632", "value": "b462d886415aabb4c649e42750d1cf6e5e20549f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "68e422ba-4a77-4c4f-98d4-1d4c09945324", "value": "2f88813ba2a9fd0c09d188c305482a94ddc809200750f7ab979affd944b8b019" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055442", "uuid": "a7ff9f45-3a50-4e9a-8f65-66403d663a62", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "d299bbcf-56b5-48d5-b3a4-d2215222e688", "value": "2019-11-16T03:05:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "cc6ee223-d301-47e5-a37d-e3e32431586e", "value": "https://www.virustotal.com/file/2f88813ba2a9fd0c09d188c305482a94ddc809200750f7ab979affd944b8b019/analysis/1573873501/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "843a807e-5a28-4687-bab2-21032c8973b1", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055442", "uuid": "5e0029f8-d3d4-4f3b-b46b-f1338edec78a", "ObjectReference": [ { "comment": "", "object_uuid": "5e0029f8-d3d4-4f3b-b46b-f1338edec78a", "referenced_uuid": "cfd88dae-dc3a-4c99-9f6e-95c373ebd3e9", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-8498-4e2c-82d5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "128677c3-91e2-4dac-bc12-e2f4896f070a", "value": "6b1edfe1f3be758bd59ced177d0d025c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "bbb40f37-1f1e-4a8e-8de5-be922b2e69ab", "value": "6e722b77336e54b2c6baa575fe319f4d9299ecd9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "0e991aae-562c-4142-bf02-47db43e68111", "value": "e908dcbfc6a2d0dda43f4fb1aed61a3279b0f8cd383e796cf7d13d45049a0d7b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055442", "uuid": "cfd88dae-dc3a-4c99-9f6e-95c373ebd3e9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "7509eac2-4a83-4d34-99c2-242957a909eb", "value": "2019-11-28T10:26:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "29ba0bda-5ab5-48ac-8c0a-43cce3875214", "value": "https://www.virustotal.com/file/e908dcbfc6a2d0dda43f4fb1aed61a3279b0f8cd383e796cf7d13d45049a0d7b/analysis/1574936782/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "a0e80914-bed7-4200-9914-7ef69b75e0db", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055442", "uuid": "9abf1fc2-6b35-4683-ba31-9f6e137d9c08", "ObjectReference": [ { "comment": "", "object_uuid": "9abf1fc2-6b35-4683-ba31-9f6e137d9c08", "referenced_uuid": "a64a8a55-a61b-4d0d-8b08-54ee89ee7ea6", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-9ccc-44b2-a1f1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "3626d810-7299-42d7-a342-57ab4d9a0f81", "value": "96c94032ec01fe3b5c74af8c987ade2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "315fc8ce-8773-4f91-8b76-08d521d4dae8", "value": "87bcd2fa2e1340c6b6ea9510bdcd961c2dadfd96" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "6baf0b81-73da-4f4d-9294-5da5d83e6c0e", "value": "5871169ac3ab263569ed138888cd17a3770d375854e7734fa03c339c7ed9e916" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055444", "uuid": "a64a8a55-a61b-4d0d-8b08-54ee89ee7ea6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "c804776e-add6-4635-ab93-a2fab46888e5", "value": "2019-11-14T13:22:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "70405ce1-1459-44dd-a285-30201ceef394", "value": "https://www.virustotal.com/file/5871169ac3ab263569ed138888cd17a3770d375854e7734fa03c339c7ed9e916/analysis/1573737745/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "70588e30-3e9b-4638-8e42-c766bd998e63", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055445", "uuid": "e79989fd-61f9-4ddf-8828-2d65e697945e", "ObjectReference": [ { "comment": "", "object_uuid": "e79989fd-61f9-4ddf-8828-2d65e697945e", "referenced_uuid": "fd5f1ceb-997e-441b-b218-5304fd5ab648", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-bab8-4137-baf6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "931fc178-3606-4dcb-89d4-ddc241178822", "value": "f442fda3a255a6e5344595b558b887a6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "6864a414-ddf3-49cb-98f0-4857dd6ea7e7", "value": "1f08422761b0e553e42d8083676f5ac59e77a97e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "74e45119-61a1-468c-9455-eca7eb311142", "value": "ab8028bc96c4000430bd8da9f5c7f86fc58f001080dc022fcb0fa61daf4aa3d5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055445", "uuid": "fd5f1ceb-997e-441b-b218-5304fd5ab648", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "4b33ddaa-1f23-4a27-bfce-97c8db23428d", "value": "2019-11-12T12:31:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "576c8725-27de-4afd-8298-1710e2f93a45", "value": "https://www.virustotal.com/file/ab8028bc96c4000430bd8da9f5c7f86fc58f001080dc022fcb0fa61daf4aa3d5/analysis/1573561886/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "cf145167-d74b-44fd-88d2-ec5e105f4868", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055445", "uuid": "076ec3fc-a672-44ff-a43b-f6931a75b962", "ObjectReference": [ { "comment": "", "object_uuid": "076ec3fc-a672-44ff-a43b-f6931a75b962", "referenced_uuid": "4ebc765f-3147-4a56-b87d-d57279baaa14", "relationship_type": "analysed-with", "timestamp": "1576055870", "uuid": "5df0b43e-4794-40ec-ba6c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "c0e6eaeb-fe93-40f7-b404-ef15f0e5c018", "value": "ee0478db2c34ed6cbfc21bb79193c6d3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "eb1cb448-bf8d-4fa9-bae4-5080b98087de", "value": "9bae94e6450b0508f916b2c6b2149c18f7407d0e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "1e0f1138-2ffe-428b-83f6-7936c5588135", "value": "ec22ee792afd1e0428019c172aa3382df34771f9671a2a9b5cb67aee9267edc9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055445", "uuid": "4ebc765f-3147-4a56-b87d-d57279baaa14", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "22520359-b4f4-4873-92cc-a299a139c2ae", "value": "2019-11-10T14:40:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "6ca1ac3f-aa65-4d00-9c24-21779d8232a6", "value": "https://www.virustotal.com/file/ec22ee792afd1e0428019c172aa3382df34771f9671a2a9b5cb67aee9267edc9/analysis/1573396810/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "1a42d1a5-84b4-44c2-8c71-ad7978cf2326", "value": "39/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055445", "uuid": "9197aad4-39a3-45a4-9ccd-7d919989468e", "ObjectReference": [ { "comment": "", "object_uuid": "9197aad4-39a3-45a4-9ccd-7d919989468e", "referenced_uuid": "6b7d265f-5cac-413c-8cd9-95c902b73228", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-edbc-4e40-a0be-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "266638bb-e193-4e95-a99c-ff03276e4dfe", "value": "7388a4a7ccf1aa473404adb9d3834318" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "c363798f-63ed-43f9-b469-7c4db4f76cb0", "value": "4720f604455c7771aa214da024e8425b6e6fd8eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "b5e23023-5258-4484-ae27-1cb584ae76c6", "value": "0793a789afe30dcd3a93bda8b77cd75ba2f1a9d28a371f0f96cce03efb3c1849" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055446", "uuid": "6b7d265f-5cac-413c-8cd9-95c902b73228", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "1286ba7f-17e2-479e-b7b2-2a3f94aad69c", "value": "2019-11-16T08:52:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "51d9ea15-ecbc-43dd-89c1-2c3f3f33c52c", "value": "https://www.virustotal.com/file/0793a789afe30dcd3a93bda8b77cd75ba2f1a9d28a371f0f96cce03efb3c1849/analysis/1573894363/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "ae7899e7-6607-41c8-b63e-795279e5fbf7", "value": "44/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055446", "uuid": "508c47de-d7b2-405d-87a1-47752784e5bd", "ObjectReference": [ { "comment": "", "object_uuid": "508c47de-d7b2-405d-87a1-47752784e5bd", "referenced_uuid": "c8f8cb6d-5af5-43ea-bbb0-06f60165a41d", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-9cb4-4d8c-b24c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "74d748c5-fa20-40ef-9bed-051c305175f9", "value": "daa490f7355de3b9b399ff356d0ae1dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "c5a0694b-e9e8-47fd-a2a7-636cc5cc5405", "value": "4e316155c20a5f03fdf23eb5c3f24abc57cc55de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "893a642a-515e-47f3-b4bd-28b10bbc6da5", "value": "62f4fab29c4f69c9bc911b6ec388ed93543889b6f58883e0513304fdb9210c8d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055446", "uuid": "c8f8cb6d-5af5-43ea-bbb0-06f60165a41d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "66c71b45-7053-4856-ba25-7099a4d77669", "value": "2019-11-10T22:41:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "3576cf07-152f-4590-9791-3a8bace13b6f", "value": "https://www.virustotal.com/file/62f4fab29c4f69c9bc911b6ec388ed93543889b6f58883e0513304fdb9210c8d/analysis/1573425677/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "53e49120-1a1e-49fb-a02c-3a8c162eec8c", "value": "29/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055446", "uuid": "e38e5407-e670-42ef-93cf-b00573c36cd6", "ObjectReference": [ { "comment": "", "object_uuid": "e38e5407-e670-42ef-93cf-b00573c36cd6", "referenced_uuid": "69360a5b-7dcd-4424-b1f7-edc91902d8fd", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-7904-4546-8865-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "388813a3-6006-421c-8bce-0698f52916dd", "value": "cae97db02e33891829bcb5323db32d79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "1c890fcd-2372-4b9e-b71b-56fffa19f1b8", "value": "5aaecb24042358bbd240129e8ad730e92265a8aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "b8657c92-affe-4e4b-9caa-954ac3dee73b", "value": "b5beb26498be7bcdc7339b4df0e98b1efd052287706d8677a46c85cf1924fc22" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055446", "uuid": "69360a5b-7dcd-4424-b1f7-edc91902d8fd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "1dadfd24-75d8-4f8b-9a31-004bdf44f726", "value": "2019-11-17T08:45:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "402dc0ee-47de-4179-bde0-daaa40e424ef", "value": "https://www.virustotal.com/file/b5beb26498be7bcdc7339b4df0e98b1efd052287706d8677a46c85cf1924fc22/analysis/1573980323/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "745a2a9a-fb60-4a56-8885-b3f1b1fd3b60", "value": "43/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055446", "uuid": "0b989039-6f0c-462d-9b45-cf9cb3f1b3c5", "ObjectReference": [ { "comment": "", "object_uuid": "0b989039-6f0c-462d-9b45-cf9cb3f1b3c5", "referenced_uuid": "a8607e7c-7ff2-4432-8535-b79232cff49e", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-3ae8-4549-b383-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "f34b17bb-3d9c-4679-ae49-b11a4f33ceb6", "value": "7a020fb4cabffada9d25788a8d41f3b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "b5f4c443-44ef-4b48-ae96-38b98c70f67d", "value": "82255dfc8ab4b3848dfe0d9c2d9d62280986a5cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "98ee0ef5-3d74-4549-b1e9-567aa9b36767", "value": "eea7cc92f6d27c6a67c1fd0767dc4d97be238d7b8ae3aa93020d80aa7ff65d44" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055446", "uuid": "a8607e7c-7ff2-4432-8535-b79232cff49e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "129214e7-5604-4b31-9d83-1f1f4c7b3d9c", "value": "2019-11-23T22:21:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "4f3ffbd0-b867-4bda-9abe-a5548ca415fc", "value": "https://www.virustotal.com/file/eea7cc92f6d27c6a67c1fd0767dc4d97be238d7b8ae3aa93020d80aa7ff65d44/analysis/1574547687/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "036b83b0-900f-4927-8618-10097d067c6e", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055447", "uuid": "7ae255ca-988f-4503-974a-d7f3176d71ce", "ObjectReference": [ { "comment": "", "object_uuid": "7ae255ca-988f-4503-974a-d7f3176d71ce", "referenced_uuid": "722c1268-12a8-4655-b6d2-92d8e2067996", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-e1b4-4b5e-8c36-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "f6afb5ae-d921-4580-8492-4f05a3cf1fe1", "value": "27a7c179fe4c829de2c002801bae4f48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "4fd48e62-621c-48b7-932a-0dbf2a0051c3", "value": "d021c6d53e97e9374ba945f420e2270fab008ff8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "82a33117-c04d-40af-a76a-95ae059f1acf", "value": "a1a25ccadda246f3d7a560a95bdea9957950045f11595308df5624485be320b6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055447", "uuid": "722c1268-12a8-4655-b6d2-92d8e2067996", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "8064bfd8-5b5a-4d9e-bcb7-e7e4bca1578d", "value": "2019-11-21T10:42:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "f0ae43fe-e741-4fbb-b71d-88d24fcdf2e0", "value": "https://www.virustotal.com/file/a1a25ccadda246f3d7a560a95bdea9957950045f11595308df5624485be320b6/analysis/1574332958/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "3b7f75b8-1da4-409a-9996-42ad6c7e8a94", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055447", "uuid": "3daaa8a6-a836-4877-8f62-d16e6a99cd89", "ObjectReference": [ { "comment": "", "object_uuid": "3daaa8a6-a836-4877-8f62-d16e6a99cd89", "referenced_uuid": "31a94059-6a6d-4b60-9d34-ffaec33d6bbb", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-8410-414b-b823-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "3d61e703-4e2f-44bb-a2c4-0f69e7578bc5", "value": "08264544c50ab5af05eab1243a4172c1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "f09cac70-e3fb-4f4b-bba5-de5c8023e8f0", "value": "be35a4e4083d06880785683fe2ba8024b75ea880" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "12935193-9fea-4193-9500-741f0009f61f", "value": "3bc7c49d2b4bc9caa3d54c884679ff2b278df3a3821c80186fe258bd1cbd4eaa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055447", "uuid": "31a94059-6a6d-4b60-9d34-ffaec33d6bbb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "5ab94725-11b1-42d2-9464-f6de36b85b75", "value": "2019-11-09T08:40:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "0d813cdb-7eee-426b-913e-973fd9dc1017", "value": "https://www.virustotal.com/file/3bc7c49d2b4bc9caa3d54c884679ff2b278df3a3821c80186fe258bd1cbd4eaa/analysis/1573288824/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "966a05f6-d170-495e-8d93-41b67fbd4352", "value": "44/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055448", "uuid": "7d0baec0-5a8c-479c-b612-010d1cfc2de1", "ObjectReference": [ { "comment": "", "object_uuid": "7d0baec0-5a8c-479c-b612-010d1cfc2de1", "referenced_uuid": "9c2f4bf4-446d-4a13-a18c-e0e3a5c904a0", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-3c2c-4e84-b67b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "fae665c0-3c2f-4430-8900-d32ce17f262b", "value": "c2e4ee48563d948d0514e6a2d16eb87a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "41014417-aa59-474f-a5c7-d6b15ff3848d", "value": "4d091c1a443bca2a0e711eab59c3f5f3aa7940a2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "fa875526-4b8b-4e85-b437-b61e6bec7c4a", "value": "8ec3ddea193714bd2fef447d33c11b71e5d6f6b87b019fe76a16ad08f425c49c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055448", "uuid": "9c2f4bf4-446d-4a13-a18c-e0e3a5c904a0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "01cd6e68-abdc-496d-8ada-54554824610e", "value": "2019-11-10T22:41:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "487c8bdb-5bfd-477f-8cd1-4e6a87a27488", "value": "https://www.virustotal.com/file/8ec3ddea193714bd2fef447d33c11b71e5d6f6b87b019fe76a16ad08f425c49c/analysis/1573425695/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "c5bc9819-3fa4-488d-9505-c3d7abd39891", "value": "29/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055448", "uuid": "600fa261-6de5-4436-9730-3ccf84bb3bec", "ObjectReference": [ { "comment": "", "object_uuid": "600fa261-6de5-4436-9730-3ccf84bb3bec", "referenced_uuid": "2d1cd09f-2c06-4db7-8079-15d878241205", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-aad8-45f7-86d1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "9d4a8dd4-0edf-46e3-b696-9b636ee1a809", "value": "4bc277d1c06a14cb57a4beb8b70ba693" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "0471d312-ebc4-4bb5-a5b6-2504a81a25cf", "value": "d66b2888d062234bd4ad73fa6e94aa491a49fa84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "92219e87-1bad-4435-94c6-a6bdab01bbde", "value": "77db29ae7db276b52c2c4f8dacec831896523d8bbfa2cb21a161fa5a50d63476" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055448", "uuid": "2d1cd09f-2c06-4db7-8079-15d878241205", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "743efac4-0abf-4150-8693-bdfff9afdefb", "value": "2019-11-23T21:46:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d2721b2f-98cd-4db5-beca-d6a3596437a9", "value": "https://www.virustotal.com/file/77db29ae7db276b52c2c4f8dacec831896523d8bbfa2cb21a161fa5a50d63476/analysis/1574545610/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "e9778e88-fa57-4a9d-86b8-ca62251852b5", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055448", "uuid": "0e29bb53-4317-42ed-8b7d-4919f4b831b5", "ObjectReference": [ { "comment": "", "object_uuid": "0e29bb53-4317-42ed-8b7d-4919f4b831b5", "referenced_uuid": "7e548b9b-5d25-4628-856a-0d559a6b67a5", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-4ff0-471b-90a3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "121d56d7-64a9-44fa-a3e9-49bda456ef1f", "value": "44fe13c0c25a706c46247158fb4c932b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "54db2f82-16cb-4903-b01a-66d392089e32", "value": "46b183a1089a1e42cc510f662047c11610019656" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "e429b9e9-35f1-4169-ac0e-260a243b0d12", "value": "5868d46bd51c706f79a968ee4020810bffaed8a85a8c67a37d0c656a10a9eeba" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055448", "uuid": "7e548b9b-5d25-4628-856a-0d559a6b67a5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "c7f66163-201e-4514-aebe-6d75aeb50a24", "value": "2019-11-15T13:19:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "097f46a9-2cd9-43b7-8675-7204cfd3b499", "value": "https://www.virustotal.com/file/5868d46bd51c706f79a968ee4020810bffaed8a85a8c67a37d0c656a10a9eeba/analysis/1573823945/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "770438c0-7777-47c3-9f9a-e51eb42429b8", "value": "47/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055449", "uuid": "11df11e9-c64d-45d9-9474-b234b06cdb98", "ObjectReference": [ { "comment": "", "object_uuid": "11df11e9-c64d-45d9-9474-b234b06cdb98", "referenced_uuid": "52beb6bd-475a-4dd5-9d70-fbd1aa29c3d5", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-579c-4a0d-bab2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "ebc119cb-e998-4098-9ec4-7901b6c39376", "value": "6b8009b8b493815314e10368a24a916b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "b45ce3c1-9090-4500-ba04-474e42c97d9c", "value": "bad88aa8859f6017c544f8bdce36d4def05017fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "d39f5026-586a-438d-8f2b-43c67d89d3fc", "value": "940b78c80d87d87ec29b645857635886addc471f8c70b865e49288feec5059a5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055449", "uuid": "52beb6bd-475a-4dd5-9d70-fbd1aa29c3d5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "b4f384bb-3f5f-4a46-942a-11a978836105", "value": "2019-11-23T22:59:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d592c89f-5646-4ff9-aa78-415ac199cd15", "value": "https://www.virustotal.com/file/940b78c80d87d87ec29b645857635886addc471f8c70b865e49288feec5059a5/analysis/1574549965/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "59223a99-9ea6-4d4f-8014-8017f52a05e8", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055449", "uuid": "321ff7b0-34b7-479f-8dd0-41c259ebbe25", "ObjectReference": [ { "comment": "", "object_uuid": "321ff7b0-34b7-479f-8dd0-41c259ebbe25", "referenced_uuid": "64d45127-0af1-44cf-9934-4f1d4d4a9840", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-ce38-49fb-96bc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "349a4526-628e-42d8-b8ed-f0581e65935c", "value": "3f5e33f1cff14ab311595851ad52f523" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "f3882627-db24-4764-b0e3-d86e6166e4b9", "value": "de73412d7748850833d269d7998fd2d5a2444877" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "b291b6e6-2ae1-4b32-aadc-6d3eaed6ab82", "value": "eed0c51f66ef52f2fe6eeb4b2809e1aecd48922fb090f2ef19fb1ac689e1e628" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055449", "uuid": "64d45127-0af1-44cf-9934-4f1d4d4a9840", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "7ba5d57e-6a27-4cd5-beb9-d871cdc6672c", "value": "2019-11-20T12:09:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "ae02398b-6394-45da-bcd5-5f7d1cb4a87b", "value": "https://www.virustotal.com/file/eed0c51f66ef52f2fe6eeb4b2809e1aecd48922fb090f2ef19fb1ac689e1e628/analysis/1574251769/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "9bc74ece-7d49-450e-b235-554b58291cbb", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055449", "uuid": "64429339-5b9d-4b6a-9614-167fa0e883cb", "ObjectReference": [ { "comment": "", "object_uuid": "64429339-5b9d-4b6a-9614-167fa0e883cb", "referenced_uuid": "5ccd21bd-6cca-4733-8961-9b0e4906afe1", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-8c50-4c19-88d9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "012166ed-28de-426f-99b3-3a1ac138f479", "value": "ea68eca52a4f4c00a36b4bcee979e8f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "639f1673-ed9f-4a4d-b9e7-f5d79b4e27fa", "value": "ca40a277801ee46de7440ee6b6095be304ad19ac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "36d0f417-95bd-4875-a19e-c6e322f8bfd1", "value": "13d9fce3701ddc48ae25113120decc21d458765bf655e3dff640b993b31a6614" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055450", "uuid": "5ccd21bd-6cca-4733-8961-9b0e4906afe1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "e3317d24-7ffc-4fd8-b251-712d33fc7728", "value": "2019-12-01T05:05:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "b58b1090-9fee-4331-8f1c-b31ab1a24cae", "value": "https://www.virustotal.com/file/13d9fce3701ddc48ae25113120decc21d458765bf655e3dff640b993b31a6614/analysis/1575176743/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "f914430b-e63d-4ab6-88d6-4703bc81f6c1", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055450", "uuid": "62ba4a06-02e3-4eaa-9f23-156bd0911684", "ObjectReference": [ { "comment": "", "object_uuid": "62ba4a06-02e3-4eaa-9f23-156bd0911684", "referenced_uuid": "4cca88bb-70ad-4884-b433-e3803ea0a1f3", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-6b38-44cd-932e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "5a1a2122-8a7d-448a-a406-7d37c3b338e9", "value": "b4af44f22253cfab72796ef1a5642d49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "400ffc67-0113-40ec-b50b-fde95e5c49a0", "value": "efc70c16ad673b34312f8df4ee7f100e6502ad2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "f735f22b-97f3-4225-a8ef-c1db7cbb14f7", "value": "6bb35ab59734e874c72d8142ff21892ecf003e0341ff689f0bee003ff8bbc324" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055450", "uuid": "4cca88bb-70ad-4884-b433-e3803ea0a1f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "24f63817-f9cd-4287-874d-69b2811e7e11", "value": "2019-11-04T17:39:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "88db6feb-32ee-4eca-bb3d-5f5bccf9c1dc", "value": "https://www.virustotal.com/file/6bb35ab59734e874c72d8142ff21892ecf003e0341ff689f0bee003ff8bbc324/analysis/1572889148/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "949ed066-62b3-4588-ba83-660d8ee9d60f", "value": "10/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055450", "uuid": "bc9f7c61-9813-410d-8947-bd622d3428f5", "ObjectReference": [ { "comment": "", "object_uuid": "bc9f7c61-9813-410d-8947-bd622d3428f5", "referenced_uuid": "22676db9-d003-43e6-8e61-bb9751963fb7", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-911c-457c-9e2f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "d88c87af-6799-4c9b-80ba-8be47e7623bc", "value": "e0670df0c9b2de2c5551c84950a8841b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "75ce0051-455d-402b-a5c3-bbc4a4ae2c3a", "value": "efe48904b62643eae2607976a67dd0f51c2017f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "16f9c1eb-97ac-48d1-b1c6-dede7ff00f2e", "value": "3a7fe7796e70149b80f41d070b2d0050e2055cba3bd2e6cda7752441a736b8d9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055450", "uuid": "22676db9-d003-43e6-8e61-bb9751963fb7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "7cb91144-80fa-4b1f-b4c5-361c36b91a32", "value": "2019-11-24T16:25:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "5c6f5100-2376-4384-865e-5f343f035e43", "value": "https://www.virustotal.com/file/3a7fe7796e70149b80f41d070b2d0050e2055cba3bd2e6cda7752441a736b8d9/analysis/1574612747/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "c655436a-0b67-406f-8f19-85b9a0ed7f58", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055451", "uuid": "d9749493-6aa2-49b2-aefe-f207ff3a8aba", "ObjectReference": [ { "comment": "", "object_uuid": "d9749493-6aa2-49b2-aefe-f207ff3a8aba", "referenced_uuid": "e25bb58d-f313-41ce-ae1f-fdc088624f99", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-1a78-40f8-8637-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "04e46ab4-da44-49fa-b51e-faad92572bfa", "value": "62d3b72da63afa1c0a555a31c7f458de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "aa19a645-a6a4-42f1-b448-e5b9c37ea6c2", "value": "51038e980566c30cadc83cfcb9c858d5bdc94cba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "4226d2dd-7a82-4535-963d-d2d381ca0011", "value": "bedcab7f3878611ff761325d62ee183f5496edc8dd2381afea34ced2bfc64db7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055451", "uuid": "e25bb58d-f313-41ce-ae1f-fdc088624f99", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "2ea5a611-8c07-499f-837f-171d65ee5430", "value": "2019-12-03T06:43:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "d3ffbb8e-76e3-4492-b6a1-5e90aa2573da", "value": "https://www.virustotal.com/file/bedcab7f3878611ff761325d62ee183f5496edc8dd2381afea34ced2bfc64db7/analysis/1575355428/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "d7a0747e-26f2-4abe-b8c5-d9d49fd9135a", "value": "48/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055451", "uuid": "cedddf8b-6830-4953-8a90-eac2e56849fa", "ObjectReference": [ { "comment": "", "object_uuid": "cedddf8b-6830-4953-8a90-eac2e56849fa", "referenced_uuid": "c3319757-81fd-449d-9452-0034f18e4e50", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-bba8-492d-80f2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "cc3edac8-9df8-4b8c-ac46-b2b2ca100987", "value": "b483216f8164ef08234308669292be7f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "438c71ca-bb42-4f4a-9ab8-1302eb5343fc", "value": "1096d2044e13dba82e6277939d889059337eeab2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "e013945f-db5d-469a-910b-2aac5be2f3b0", "value": "737444d7942052e791619adb10261afa045159ea0873ad75d6389ebe60e1325b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055451", "uuid": "c3319757-81fd-449d-9452-0034f18e4e50", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "18d0f57e-6f07-485c-b0af-2cb8923895cb", "value": "2019-11-05T13:45:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "f4e861ea-edd5-4be6-8065-b987cb769bfd", "value": "https://www.virustotal.com/file/737444d7942052e791619adb10261afa045159ea0873ad75d6389ebe60e1325b/analysis/1572961505/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "bfe6fc36-ff18-4d50-9d8f-e330c086ec29", "value": "13/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055451", "uuid": "c2d8cb4c-350a-4881-b1ed-ab623c674f91", "ObjectReference": [ { "comment": "", "object_uuid": "c2d8cb4c-350a-4881-b1ed-ab623c674f91", "referenced_uuid": "7af9923b-7777-4df1-9ecf-86d8db86dae1", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-5a1c-4961-9802-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "674040ea-790e-4aac-886c-8158a0e53991", "value": "020592b68529b5b7fd950eab699f568c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "343d02b9-becb-4da7-aaa6-56d8fd9e555b", "value": "65941ffd70c42cabfff1a831cef70819e61e9bd0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "f054983a-4f36-4f28-a053-9342b18babc0", "value": "46cd5c3efbd83d66e3752be1d8229c6eb597d7d24ab68c6cec249f6b0368e57a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055451", "uuid": "7af9923b-7777-4df1-9ecf-86d8db86dae1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "96aeda7d-0ef1-4f05-8b8d-8f88623034aa", "value": "2019-11-21T10:36:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "0a9bfbaa-5092-463a-9add-e77bf0356919", "value": "https://www.virustotal.com/file/46cd5c3efbd83d66e3752be1d8229c6eb597d7d24ab68c6cec249f6b0368e57a/analysis/1574332604/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "35ab8b5b-bfa0-41f8-b0c8-f07c0f032f96", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055452", "uuid": "16144424-d01f-4a4e-b9db-53fdcfc431be", "ObjectReference": [ { "comment": "", "object_uuid": "16144424-d01f-4a4e-b9db-53fdcfc431be", "referenced_uuid": "58833fab-1a5c-4762-99b5-55e98ce88973", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-7618-434c-b6bc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "f4e315c7-1214-4d74-a9e2-0de92a20ee24", "value": "f13fe3479a5f6b6b53e8d763f3093fcf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "b3f1569a-aacf-4ea8-bcb1-93f6123b34dc", "value": "0ccb854ec4cc5eb75e0ce5d0394edac076189722" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "55645e8f-4263-4612-a325-b9c27e4b4519", "value": "9c1c4166a5f5861823f981c7e16932351844b0d62251eb79f73e7a25844b7dbb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055452", "uuid": "58833fab-1a5c-4762-99b5-55e98ce88973", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "09cf0ac0-34a5-4cfe-8aad-840b6053e922", "value": "2019-11-15T01:25:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "59c23655-9d16-4d36-98e5-744156bf3217", "value": "https://www.virustotal.com/file/9c1c4166a5f5861823f981c7e16932351844b0d62251eb79f73e7a25844b7dbb/analysis/1573781119/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "080ec92d-9848-41a7-9d19-b7a98f8187ea", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055452", "uuid": "4bd10b1a-3756-4b4b-8767-0d9a3c9259e3", "ObjectReference": [ { "comment": "", "object_uuid": "4bd10b1a-3756-4b4b-8767-0d9a3c9259e3", "referenced_uuid": "cc5656d8-39da-44e3-ba60-194af764034c", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-e41c-43a4-8e9f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "bc0a5d5b-3d3b-4f95-99a1-3339c4534804", "value": "31cb517437d31fd564756d5bf87fe412" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "d2be2ac9-3ff2-4daf-bcc8-ce5f7ea35702", "value": "40f95a78c6dc734bce2c30c34782c63ab7f89316" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "59b043f9-18fe-4415-947a-0ab7686d44b4", "value": "f888524b88358c2f1bd11a7a98dfcffab0997d13e214116d73d23d7d905c8df4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055452", "uuid": "cc5656d8-39da-44e3-ba60-194af764034c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "e16c2bcd-3902-4b41-bfc2-d1e99d8287f4", "value": "2019-11-23T08:59:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "40259fc4-72ae-49fd-a1a4-2f1d0187bb47", "value": "https://www.virustotal.com/file/f888524b88358c2f1bd11a7a98dfcffab0997d13e214116d73d23d7d905c8df4/analysis/1574499589/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "27401a5e-9d45-4398-a051-9e5da6f839a0", "value": "50/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055452", "uuid": "2e87724f-2380-4b47-8c65-e7972a25ca50", "ObjectReference": [ { "comment": "", "object_uuid": "2e87724f-2380-4b47-8c65-e7972a25ca50", "referenced_uuid": "5adfe6db-846d-4c5a-819c-8c457b28f2cf", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-5f68-4128-8739-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "bf634484-394f-4f4b-90d0-361fb8d9e8ea", "value": "88cfd6c9ce0f4022aafcecb754f65afa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "8e4449e8-4aca-4ca8-a534-cde6c9e4520b", "value": "00a14dfc281750202ae8c26f49dfc14c655d2e88" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "7e147600-6c42-4964-8c3d-6f448a6e683d", "value": "57a99264787fecbb4acc9f317f460916acb380ac941ccb66d7c7521b1ec17e46" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055452", "uuid": "5adfe6db-846d-4c5a-819c-8c457b28f2cf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "db2924bf-c6b3-4a4c-a9c4-4f1c6f780d7b", "value": "2019-11-21T10:18:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "78dced09-c087-4fb5-9f1b-2b2cbc806849", "value": "https://www.virustotal.com/file/57a99264787fecbb4acc9f317f460916acb380ac941ccb66d7c7521b1ec17e46/analysis/1574331527/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "b79264bd-eae1-43ef-ac73-bb419099bc36", "value": "48/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055453", "uuid": "8f0a49e1-0ce9-4944-9200-1e2db8abfcb7", "ObjectReference": [ { "comment": "", "object_uuid": "8f0a49e1-0ce9-4944-9200-1e2db8abfcb7", "referenced_uuid": "492231b5-8f97-406b-9e0c-41ea31df35b8", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-53ac-4728-927c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "c8426835-14ad-4afa-848d-a47e4d67430d", "value": "fff1f674b4bb3a25ecc9aa5d2c857ecc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "55f44d78-c53b-4a73-950b-b55137361e5b", "value": "f7112cca7ab076d196f8c10df4286a54850787bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "c415d5f4-656c-4ca0-bf96-f93377a53ff5", "value": "1727fe93ee7f5cdce528dcd24d36c425fa90ea91c293c58fd38fc71fcff64e32" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055453", "uuid": "492231b5-8f97-406b-9e0c-41ea31df35b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "aee11c72-0ccf-4fc7-922c-855af9086479", "value": "2019-11-18T07:37:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "206b22f1-e62d-4dda-a1ef-1edb76a9bcbe", "value": "https://www.virustotal.com/file/1727fe93ee7f5cdce528dcd24d36c425fa90ea91c293c58fd38fc71fcff64e32/analysis/1574062634/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "4e3fc20a-5b64-4b4d-84e3-fef46df14c44", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055455", "uuid": "e09181c3-54f6-426f-836d-630195f98612", "ObjectReference": [ { "comment": "", "object_uuid": "e09181c3-54f6-426f-836d-630195f98612", "referenced_uuid": "0815fd32-3f74-418b-b2c5-bffb1186f647", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-f4dc-4692-b50c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "97d3554c-f0d2-4693-839c-59110af91d2b", "value": "daf07016320e55fe8ac114223ccf083f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "b086fb54-dcee-4587-865f-87ce195b6156", "value": "7cf99e81a6542ab06342c9aa29f206d7e497a21d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "033f578d-16b1-4c21-95f1-61bc5f842d57", "value": "98a7b6c06daf06711cca53955d7b4f74d18197442c426d745421bdbd802d8ee4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055455", "uuid": "0815fd32-3f74-418b-b2c5-bffb1186f647", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "e70b8d4b-0643-4a25-bf03-52d4e63c9195", "value": "2019-11-11T06:51:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "fca8be74-ffc5-4948-8bf1-8a898f94c1f3", "value": "https://www.virustotal.com/file/98a7b6c06daf06711cca53955d7b4f74d18197442c426d745421bdbd802d8ee4/analysis/1573455081/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "b8b534a6-d1d3-4031-b41f-471c340ddb1b", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055455", "uuid": "376494e4-19fe-4182-abfa-864ac7c9c6d2", "ObjectReference": [ { "comment": "", "object_uuid": "376494e4-19fe-4182-abfa-864ac7c9c6d2", "referenced_uuid": "19270c9a-bdf2-4e27-911e-b793dc82e57a", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-388c-48e4-87da-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "77943618-0df1-477f-bd7a-92bf43199776", "value": "c8ee571ad84110390ea5f31ee9abaa17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "dd68c0c4-7041-46e2-a427-466261d0f8d4", "value": "72eab1c99478af21428480c7b467c9edfa49f4e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "cd1ad8ef-ff14-4889-b77d-e40f1a8dc0d8", "value": "d9f32d7b5404638a9d14fc4632936c89c9c6420cb63356a232d4e4db891bcf1d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055456", "uuid": "19270c9a-bdf2-4e27-911e-b793dc82e57a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "f6a49c29-a757-4133-834b-8ce78b42499b", "value": "2019-11-10T14:00:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "d786046c-5b34-4529-936e-37c702c8a70f", "value": "https://www.virustotal.com/file/d9f32d7b5404638a9d14fc4632936c89c9c6420cb63356a232d4e4db891bcf1d/analysis/1573394426/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "825ae8c8-cad2-468d-a91f-966472e2aa4d", "value": "42/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055456", "uuid": "d35e9b13-b591-4c3b-ba81-7d6ebcdf1ee9", "ObjectReference": [ { "comment": "", "object_uuid": "d35e9b13-b591-4c3b-ba81-7d6ebcdf1ee9", "referenced_uuid": "dc362422-092c-4b92-b4c1-ad3c5a322fb4", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-a524-4040-96d5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "486da274-e21b-4a3d-ad72-4e08d50455eb", "value": "9438e4d62d2acd94b18777f3e19799a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "3b5e11a0-02fd-46d4-9507-2e22749117a1", "value": "e633fba9e12ad34c11114ee1ff72e68561f51f1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5a292cf4-66d0-4de5-b1a9-31751f981ddf", "value": "606941e440a5e3c93654b8e66e697ee644582afe3bd183de8eced61219e31ac7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055457", "uuid": "dc362422-092c-4b92-b4c1-ad3c5a322fb4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "b7e3334c-b83f-43b3-9e1b-94617f2d311e", "value": "2019-11-10T01:23:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "5b317696-f9da-4d20-a77b-170bd83092e6", "value": "https://www.virustotal.com/file/606941e440a5e3c93654b8e66e697ee644582afe3bd183de8eced61219e31ac7/analysis/1573349018/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "5df50e08-4a97-4935-972e-2a92684bad6b", "value": "40/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055457", "uuid": "4db3dcc5-b9ea-4f99-949c-1373ba9efcf3", "ObjectReference": [ { "comment": "", "object_uuid": "4db3dcc5-b9ea-4f99-949c-1373ba9efcf3", "referenced_uuid": "7bc644f5-5b56-4fc1-99da-77653550379d", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-9e9c-4e93-94e2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "d529f4f8-11ea-4aba-8d9a-4f2187cac6f2", "value": "e40b6d64cc3ea5e20b5e366af6ae3056" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "faeec3e5-7fdf-4acc-97d9-1b58e75d561c", "value": "e5d6386464fc01429b6dd5061d40d19a6c4b0700" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "3c442b20-1414-4935-8a60-970e993037bc", "value": "21d2ae10a5a809222b67ffaca166e2a76732b47615597ea2f408f19d43ae0493" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055457", "uuid": "7bc644f5-5b56-4fc1-99da-77653550379d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "b77ad0d9-effb-4684-99d3-e23061f3a2f4", "value": "2019-11-16T09:09:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "78cf2f30-6346-44f3-8f55-8e1bc10d56fa", "value": "https://www.virustotal.com/file/21d2ae10a5a809222b67ffaca166e2a76732b47615597ea2f408f19d43ae0493/analysis/1573895359/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "7716b355-676f-438d-8df2-6512a3e18500", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055457", "uuid": "76057e00-e1a3-4d4d-9234-8491d141c504", "ObjectReference": [ { "comment": "", "object_uuid": "76057e00-e1a3-4d4d-9234-8491d141c504", "referenced_uuid": "d38800a2-86e8-4e1b-ae74-91b94534efe8", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-facc-4394-980a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054885", "to_ids": true, "type": "md5", "uuid": "cea78a99-6ad9-43af-b044-794d9b873327", "value": "2e0e7ddb2609e9a574ea32eaa1b9c78c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054885", "to_ids": true, "type": "sha1", "uuid": "3402ffbc-fe4a-4cae-b37d-230451a5ab61", "value": "bca5b41451d4020dd25fb8a8b4e773e9bce4fcb1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054885", "to_ids": true, "type": "sha256", "uuid": "3e8fe866-b62d-487c-bd20-9d198f8b56aa", "value": "2a33c66d6bab81782a1efc66c740cd1e1e38b138c76fa09c8eaf9dbcb7620e0b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055457", "uuid": "d38800a2-86e8-4e1b-ae74-91b94534efe8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054885", "to_ids": false, "type": "datetime", "uuid": "e81bd250-a2bf-46e2-ab35-d191f5cf0a4d", "value": "2019-11-17T10:14:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054885", "to_ids": false, "type": "link", "uuid": "74295210-794c-472a-aa1d-49edece1b587", "value": "https://www.virustotal.com/file/2a33c66d6bab81782a1efc66c740cd1e1e38b138c76fa09c8eaf9dbcb7620e0b/analysis/1573985684/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054885", "to_ids": false, "type": "text", "uuid": "1bc2a48e-5c07-4153-be40-daf4a78dd675", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055457", "uuid": "3297203a-bd22-4cd1-921c-c9b13bca5da5", "ObjectReference": [ { "comment": "", "object_uuid": "3297203a-bd22-4cd1-921c-c9b13bca5da5", "referenced_uuid": "aa505ab9-f601-4648-a1b6-4da40901ae55", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-686c-44eb-aa9c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "a0104c51-c95a-458b-9346-8dbda562de45", "value": "da378c615869d24b2b1b454e420b5897" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "130c56c8-4620-4acd-acbc-5adff86e864d", "value": "68bed749f12efde2f22f34e8a5c55db7fcbf42e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "002d82fb-79dd-4add-bfad-3db31f71d33e", "value": "ca543b40cfd9041fc4a3a4774e8b809c1fb0c1d9611e63cb12c375433902903e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055457", "uuid": "aa505ab9-f601-4648-a1b6-4da40901ae55", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "62a68274-f734-4053-b011-3bdfcd0ec2b7", "value": "2019-11-05T13:54:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "c28c2504-50b2-4ed2-b956-2f39f893242a", "value": "https://www.virustotal.com/file/ca543b40cfd9041fc4a3a4774e8b809c1fb0c1d9611e63cb12c375433902903e/analysis/1572962080/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "226a13b7-e95c-47bf-b0e7-177211bf2ee2", "value": "13/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055458", "uuid": "2df84a4d-abea-4e71-8580-bda849f4db82", "ObjectReference": [ { "comment": "", "object_uuid": "2df84a4d-abea-4e71-8580-bda849f4db82", "referenced_uuid": "0a24cc34-7c45-46a6-9f16-0ff607c41ee3", "relationship_type": "analysed-with", "timestamp": "1576055871", "uuid": "5df0b43f-3c40-47f0-9d01-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "999dae91-c963-4371-a29b-8f9fab75778b", "value": "ac5c97d9ffda26a21a2675e958998006" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "c283f288-42bd-4042-8c2c-b0b41d43ed70", "value": "931f0859d6df5b68cc93ddaa80bc35b4c08e9477" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "c6db1235-058d-42cc-a7e6-f295a3cf5cbf", "value": "dc0c06608a9d7c44ed27d16bc64d75ae72c31d14135440208d36fafa5220a76e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055458", "uuid": "0a24cc34-7c45-46a6-9f16-0ff607c41ee3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "c0ab97b1-aaf1-4c5b-9b99-64294aa7b720", "value": "2019-11-07T08:40:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "1537feef-054c-4e5c-a7be-57e6a26a5fbb", "value": "https://www.virustotal.com/file/dc0c06608a9d7c44ed27d16bc64d75ae72c31d14135440208d36fafa5220a76e/analysis/1573116024/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "15879886-d061-4b10-b604-486c9772614f", "value": "16/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055458", "uuid": "2dc85285-8460-49c6-959e-6766a6124fdd", "ObjectReference": [ { "comment": "", "object_uuid": "2dc85285-8460-49c6-959e-6766a6124fdd", "referenced_uuid": "48201af7-1b01-48b8-a9b0-18b859fe71e9", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-276c-42ba-80b7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "c5960bd9-ffdc-4062-97a5-f5e5ecf10727", "value": "6b09d556363ba4074e72a31610630901" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "d9a7e913-2f94-4f54-bff0-f30db7adccd0", "value": "86d552e54a5f86f81248b89f51689d0abb5f6e58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "88ee207d-d93d-4a83-94a6-050e25c04a67", "value": "7046577f74929156e1a0e8b8a267a254074ad941a58cbfa808fe95f248c7687d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055458", "uuid": "48201af7-1b01-48b8-a9b0-18b859fe71e9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "3e8cccc6-5a7f-4676-a1e8-f175f0cbf530", "value": "2019-11-21T10:26:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "923b3bc7-0222-4c7b-a2e8-f4a463488032", "value": "https://www.virustotal.com/file/7046577f74929156e1a0e8b8a267a254074ad941a58cbfa808fe95f248c7687d/analysis/1574331996/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "4e6d529d-6f56-40e9-b1f5-6e0a3ba5ffe9", "value": "48/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055458", "uuid": "93e653fd-f737-4eec-91f9-ccea68f69d57", "ObjectReference": [ { "comment": "", "object_uuid": "93e653fd-f737-4eec-91f9-ccea68f69d57", "referenced_uuid": "06dd20c3-b244-4c18-bc92-a85103e4c889", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-b5dc-4ff0-9e40-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "3491e617-10e5-47e3-8bed-28b8345c66e2", "value": "6389b1220100586207fba707c2568ec5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "ca9b9fb5-ed9e-41b9-86d5-7d509426da8f", "value": "00af72ec8099e863cd7319280d2b635fae5dbb5a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b433ddbd-e342-49cf-bb73-ac313e648b1f", "value": "5ca46047bf29b4838397231f505f6a2c52219449933cb4156402a3f906e29a47" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055458", "uuid": "06dd20c3-b244-4c18-bc92-a85103e4c889", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "c37fd285-ffe0-41ee-8b62-70a5c038247f", "value": "2019-11-16T08:40:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "67031aa3-dacb-4ed8-b087-6753c1885c00", "value": "https://www.virustotal.com/file/5ca46047bf29b4838397231f505f6a2c52219449933cb4156402a3f906e29a47/analysis/1573893652/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "5481dee7-fd23-4989-8567-74d27e794cce", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055458", "uuid": "fb75d84e-2cfd-49e2-9227-a78141eb1d28", "ObjectReference": [ { "comment": "", "object_uuid": "fb75d84e-2cfd-49e2-9227-a78141eb1d28", "referenced_uuid": "05ba90e1-fe79-490c-830e-e2e3127e4bd1", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-5924-48f8-85c7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "8d93811d-bfb4-4bc9-b43c-a322433b883a", "value": "89ce7d3e86c60ec4616915b50bbe7af4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "c2cf282a-9620-4a6a-8d4b-a9a71de4602b", "value": "72799bd25b3098019fb8398aad848b393e40c00a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "6591edac-7a12-4231-aa86-3811cc76fab7", "value": "9e15e1cb09224f97d4473389080ef7a811bb04df9c6ad6e1764471a1186008c1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055459", "uuid": "05ba90e1-fe79-490c-830e-e2e3127e4bd1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "6ef9cc67-4dd7-402e-8880-139fd30fc323", "value": "2019-12-03T21:18:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "5d31307f-0626-44d2-aa83-83fb9abfde3e", "value": "https://www.virustotal.com/file/9e15e1cb09224f97d4473389080ef7a811bb04df9c6ad6e1764471a1186008c1/analysis/1575407916/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "392c4ddd-fb3e-41f2-9e8a-6062c4adcc37", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055460", "uuid": "f3fb5ee8-ed83-41a0-94ad-8ea9fb6daf99", "ObjectReference": [ { "comment": "", "object_uuid": "f3fb5ee8-ed83-41a0-94ad-8ea9fb6daf99", "referenced_uuid": "7f9ff2ed-5ec2-4c8c-b849-4703420ccd75", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-caac-49bd-9e01-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "9ad93bec-041a-4277-8bcb-d9157725c4db", "value": "ab67f3368cabc182a01fb04f4c8b6ece" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "224a2d11-f6e6-4935-a285-6803d16a188c", "value": "b065a3e442e59a86274f6c70bff16e7d3e38ce1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d3a1712c-ae56-412b-ac1b-46f30ec3483a", "value": "528c6ce5c450d901c81dc9bf8eb5b7023cd153303f3c3cb4d43396280d932b9d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055460", "uuid": "7f9ff2ed-5ec2-4c8c-b849-4703420ccd75", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "ae750a80-fd87-437e-b696-4150604677f2", "value": "2019-11-16T03:20:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "65b5b163-e70a-4390-9f50-0f2fdd89b0e0", "value": "https://www.virustotal.com/file/528c6ce5c450d901c81dc9bf8eb5b7023cd153303f3c3cb4d43396280d932b9d/analysis/1573874419/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "1d97039c-cea1-48ec-9163-98cb78783f78", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055460", "uuid": "2c8d7a6f-dd71-4981-931f-da97c781a7db", "ObjectReference": [ { "comment": "", "object_uuid": "2c8d7a6f-dd71-4981-931f-da97c781a7db", "referenced_uuid": "3850e17f-7108-401a-8f24-ae76491b291e", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-29d8-42ad-a138-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "7b924a45-5e67-4272-ac82-0a06b1388a80", "value": "c57cb52375c51b401d6c4707ad7e0455" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "ced621a7-1331-49f8-bc93-002bf1c87c7e", "value": "33f39f082269e9234053b3e53f6dc2916911e3a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "9688c0cb-6563-4d49-8c4a-5fe526357297", "value": "8fed723fdc0793a7a130e6327d5e8feff1feded7555142d01a3d788404a1b3cf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055461", "uuid": "3850e17f-7108-401a-8f24-ae76491b291e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "cc971a58-c025-4c64-a15c-69db1822a663", "value": "2019-11-21T10:29:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "1a1fc8d3-fb7a-4b23-acaf-8af697a842bb", "value": "https://www.virustotal.com/file/8fed723fdc0793a7a130e6327d5e8feff1feded7555142d01a3d788404a1b3cf/analysis/1574332193/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "90d7c37f-5459-4cc4-80f9-e91c23d48070", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055461", "uuid": "a330fbbc-71ff-4351-ae7d-6778300ecade", "ObjectReference": [ { "comment": "", "object_uuid": "a330fbbc-71ff-4351-ae7d-6778300ecade", "referenced_uuid": "2d60e889-6d1e-4213-9dd1-26cad6266082", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-3f0c-4070-9acc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "57ed11df-2308-408d-9859-d3eb826821b5", "value": "b2c334aa8145be71c8be7ede882da901" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "3cf620ab-5dfd-47cd-a19c-7e0f1e07946b", "value": "c57385f073e6802cd5e7ea2a844bb72ac9e69855" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "2edb103e-7b9e-4a53-a45f-faa544f05797", "value": "3e028086b6244035187b2847baac76b627dcfae5b10be55f1363ab5531af4d45" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055461", "uuid": "2d60e889-6d1e-4213-9dd1-26cad6266082", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "9a534d2d-edd2-4124-a4bc-830ec4f3d760", "value": "2019-11-17T09:17:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "3fc3563e-2bfb-4370-886d-65e448712f3f", "value": "https://www.virustotal.com/file/3e028086b6244035187b2847baac76b627dcfae5b10be55f1363ab5531af4d45/analysis/1573982230/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "25166f54-1c3e-405a-a73b-5f55972cec3c", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055461", "uuid": "e42db255-fa7a-4fe5-888b-bf13513a1e95", "ObjectReference": [ { "comment": "", "object_uuid": "e42db255-fa7a-4fe5-888b-bf13513a1e95", "referenced_uuid": "d60cbc76-f3aa-4e86-b35a-3c42054618bf", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-d6dc-46b9-bd30-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "e0e9350b-23ec-4628-a22e-e23d201ee4b2", "value": "fccf1c44aac9c3c0cca5223a7e34a99f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "3059547d-71e9-4a4d-a33c-7619bc5ca5ac", "value": "331e00817f9b996c700a627c5df52460ac474e1f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "c5331362-79b0-4273-b797-f575cbcc8ae3", "value": "9c0cb9e43e2fc4cbc2cb3728dbfa41d015cdfedaf4111f28726df8f36fc929d5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055461", "uuid": "d60cbc76-f3aa-4e86-b35a-3c42054618bf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "161aa3b4-8490-4024-8bd4-1816c8165b64", "value": "2019-12-05T18:29:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "34b2bf56-0984-4417-a5c0-1b6aad1c0d39", "value": "https://www.virustotal.com/file/9c0cb9e43e2fc4cbc2cb3728dbfa41d015cdfedaf4111f28726df8f36fc929d5/analysis/1575570563/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "1f43f5c1-654f-4d06-9753-062508e4b5a4", "value": "50/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055461", "uuid": "e4e7f5b0-cb82-4bec-9022-8acb50bde3a2", "ObjectReference": [ { "comment": "", "object_uuid": "e4e7f5b0-cb82-4bec-9022-8acb50bde3a2", "referenced_uuid": "e4818923-cb6d-4bb8-aaf6-dd22ae551267", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-bb10-4e39-96ff-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "8e236613-f217-45a8-a750-5218deb0abb3", "value": "a3c39b9cc1721cbd5798ead7a285531f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "b030bc11-cf4d-4950-a576-68d630a300aa", "value": "a86a33d7644efd3263a71c3164471c692cb0e946" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "46593b4b-2b4b-4bd1-aa7f-ddc7781154ca", "value": "dd5279f4d1936a2875bffcdb28cc5020cf6aea41c51a7c45ac3cd16dcaa2e0a7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055462", "uuid": "e4818923-cb6d-4bb8-aaf6-dd22ae551267", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "145db302-403a-419f-ac94-779646e1b764", "value": "2019-11-30T06:27:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "64ecc201-42ba-48fb-ad90-3243cfaf32ef", "value": "https://www.virustotal.com/file/dd5279f4d1936a2875bffcdb28cc5020cf6aea41c51a7c45ac3cd16dcaa2e0a7/analysis/1575095276/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "432cc0a5-511e-41f8-8497-5fff015351ed", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055462", "uuid": "c10d988c-86e1-429c-acfe-62eba6fcdc3f", "ObjectReference": [ { "comment": "", "object_uuid": "c10d988c-86e1-429c-acfe-62eba6fcdc3f", "referenced_uuid": "694e010b-ef72-4745-8003-038028ec9c82", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-a69c-4f36-8c8b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "a611ca22-3ae5-4179-a536-5dae33423def", "value": "1b0711bb84ef3c9c5de91e06a628f04e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "749ab9cf-eae2-4748-b9c4-578fa5533925", "value": "0fc028f5452158265cbd34b333c14ec0a772c9a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5d36132f-3946-4b43-aca0-15f518548386", "value": "2c03ed5b6081c3fa6561c6d20c502cb4c47bb88c64f33263972b856215be982e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055462", "uuid": "694e010b-ef72-4745-8003-038028ec9c82", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "082b1a0b-9c74-400f-aebd-9d060781d5ba", "value": "2019-11-23T22:45:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "eb68f8e8-3d06-4b78-a806-6dd2e9e7b1dc", "value": "https://www.virustotal.com/file/2c03ed5b6081c3fa6561c6d20c502cb4c47bb88c64f33263972b856215be982e/analysis/1574549125/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "174395f0-0688-4752-b6fb-c3f8bd6d6346", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055462", "uuid": "3f0a0ea4-7de2-4468-82b0-05957a73095c", "ObjectReference": [ { "comment": "", "object_uuid": "3f0a0ea4-7de2-4468-82b0-05957a73095c", "referenced_uuid": "ccd798a2-85b9-494a-96ca-92ff60d480e6", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-28d4-4296-9cea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "c598a0ca-1048-4cd0-b0b4-32c28a62b600", "value": "56495728882d487b41f3cad1e98bb48b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "055d8ed5-e7e8-43aa-8125-091057ae70ae", "value": "5f0f745027c0e3b059cfd9cc6563d0ef6498df18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "aef63e08-63e1-475a-9376-e5197188df73", "value": "40668f08878740fd7eab3c521702a5504f8c5fea2b803252962927e5d50c2950" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055462", "uuid": "ccd798a2-85b9-494a-96ca-92ff60d480e6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "93ef22de-e452-485f-90ce-252cb9419186", "value": "2019-11-24T16:21:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "a6e83025-ccba-42d6-8167-5bfaae996cba", "value": "https://www.virustotal.com/file/40668f08878740fd7eab3c521702a5504f8c5fea2b803252962927e5d50c2950/analysis/1574612489/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "222d8394-2993-4794-85a5-566b188016e6", "value": "49/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055462", "uuid": "45848e9c-e246-4efe-ae50-99e816a1fa44", "ObjectReference": [ { "comment": "", "object_uuid": "45848e9c-e246-4efe-ae50-99e816a1fa44", "referenced_uuid": "87726c1e-2cbc-4272-b3e6-4a72c3639ad8", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-5efc-4e4d-8681-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "c973891a-a630-4b0c-8178-efd679ef2354", "value": "b2d0dc4d2e0a129a50f3281d2ad6fdc2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "43d49948-3fb4-4170-972f-a6b1b645f223", "value": "c08ca7f9c8e71944d5dc14a7987cfe97f3d46ec0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "3ad05ff6-9ba0-43a7-99fb-cbc362c8afd6", "value": "a7d52d0e385159e745d6495a4285a6e4fc96c83b775e79db98ba1fa4e46c292c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055462", "uuid": "87726c1e-2cbc-4272-b3e6-4a72c3639ad8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "f1a4a2d9-3108-4c4e-971e-7e027ab29bc8", "value": "2019-11-21T11:20:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "934123fb-3594-4e35-85f8-379f7c06e4a6", "value": "https://www.virustotal.com/file/a7d52d0e385159e745d6495a4285a6e4fc96c83b775e79db98ba1fa4e46c292c/analysis/1574335231/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "c12bbec4-b033-47ba-93e7-c7eeec5f8aa7", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055463", "uuid": "6f6ce68e-1adf-467c-b9bd-3706a9f28e58", "ObjectReference": [ { "comment": "", "object_uuid": "6f6ce68e-1adf-467c-b9bd-3706a9f28e58", "referenced_uuid": "94b20788-3705-46e4-9ab2-166139b97539", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-309c-4326-a3b2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "2f778954-5155-4e5c-acf5-fc7e4cc83104", "value": "bb46e3d28480cccb96fa7a3be4c73990" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "32e25e30-3696-41cb-8c80-8da840e5d3d9", "value": "22424e338f2227b352e5273f013577a8fd8a9828" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "221a43f2-8acc-41fa-867a-761095ddad8c", "value": "444a564c7466ed4b60dbf70c215067ffa99ab773b8c8c1b0a383617777bde650" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055463", "uuid": "94b20788-3705-46e4-9ab2-166139b97539", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "85fa1ef4-fb0e-4bd3-9140-66f05ff79432", "value": "2019-11-30T04:56:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "2c260c7b-29b0-4a93-a080-123878eba2c6", "value": "https://www.virustotal.com/file/444a564c7466ed4b60dbf70c215067ffa99ab773b8c8c1b0a383617777bde650/analysis/1575089782/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "37dd5cfa-73a6-45f4-aee2-753087358327", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055463", "uuid": "12ba9b4e-ef1d-4b74-a1f1-7755d6f100d7", "ObjectReference": [ { "comment": "", "object_uuid": "12ba9b4e-ef1d-4b74-a1f1-7755d6f100d7", "referenced_uuid": "f052f615-c2e5-45f0-9e0f-fa089034617a", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-ee90-47fa-9301-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "06520fcd-0957-40e6-8fb4-91ee3016ced8", "value": "43099108456fd5b51349bdf4f59c1566" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "0bebd65d-e2ae-4573-a622-91bcbe5c0151", "value": "9203ae985ce8af90ba70e1c296daea2a5b2a8015" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "7b228190-b028-48d5-aad2-9ae806ab5ebe", "value": "887176ece756575c44404450f80ede32fe518222cc0a45935b788128f23619e5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055463", "uuid": "f052f615-c2e5-45f0-9e0f-fa089034617a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "8c245074-0dda-4a16-a9a0-9554decb0677", "value": "2019-11-07T19:05:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "60f36e7c-4161-48de-a056-572796a446f4", "value": "https://www.virustotal.com/file/887176ece756575c44404450f80ede32fe518222cc0a45935b788128f23619e5/analysis/1573153510/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "166f9645-8577-4102-beac-9d757069d32d", "value": "37/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055463", "uuid": "b96a2951-99bd-49a6-b34e-059d4af7a1eb", "ObjectReference": [ { "comment": "", "object_uuid": "b96a2951-99bd-49a6-b34e-059d4af7a1eb", "referenced_uuid": "69dd4883-4cc8-4c53-92d8-ac366fb4e9b1", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-c418-4fb5-9dd8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "dd14f5b9-15bb-425c-a615-7bb5f68b2ffa", "value": "f09397388a6988b8e4041f5b0c7a7c0f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "5e069a28-83d3-41d4-8716-cdccd841ddc7", "value": "90057e3932421faf6c266d511dedf3892b513b70" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "bbf4f415-89f3-46f8-9cef-73811a3fae9f", "value": "0cbeb4d718e24f83387b5956f8ba06d54be4ff800543b6a8e29764fe64fbf8eb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055463", "uuid": "69dd4883-4cc8-4c53-92d8-ac366fb4e9b1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "902ecfde-ce37-4b7d-a692-f9a15c6b2423", "value": "2019-11-16T14:45:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "cdbed26e-b923-4b97-8526-e019a7dc2ccc", "value": "https://www.virustotal.com/file/0cbeb4d718e24f83387b5956f8ba06d54be4ff800543b6a8e29764fe64fbf8eb/analysis/1573915500/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "f8ea1eab-a43f-4509-8bb8-89e74fd63327", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055464", "uuid": "e6bc0b01-e272-4a47-a5ec-0fca029e1d9b", "ObjectReference": [ { "comment": "", "object_uuid": "e6bc0b01-e272-4a47-a5ec-0fca029e1d9b", "referenced_uuid": "e524cc07-e321-4478-b1a7-155c1045b2b8", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-c778-47e8-9055-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "a113ea40-df45-491e-85ad-db67a230f520", "value": "3fedbed5e1594218edbfee94c5e0294a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "b0a0c999-f460-457a-8e5a-b09bcdb0d575", "value": "593971a0824a787446a529bfbdcb2836e2d28989" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "d7000c96-5d69-45e2-8129-eb85d87ea7dd", "value": "94116b1efc4fb3208bca075dd55ba04321803bd14a5d91f8038313ed816f5560" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055464", "uuid": "e524cc07-e321-4478-b1a7-155c1045b2b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "5d39d7b9-81b8-4f99-a218-b9b88e102e6c", "value": "2019-12-05T01:56:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "53d959df-7a38-4875-bfb8-c80e632b0f7b", "value": "https://www.virustotal.com/file/94116b1efc4fb3208bca075dd55ba04321803bd14a5d91f8038313ed816f5560/analysis/1575510987/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "1f2f15d0-ceb7-46b0-a133-1c9e816d8a47", "value": "57/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055465", "uuid": "abc5a718-9535-48bd-868a-54740ddc4773", "ObjectReference": [ { "comment": "", "object_uuid": "abc5a718-9535-48bd-868a-54740ddc4773", "referenced_uuid": "70f154df-8874-4f39-a4f8-1078e3df16bf", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-7e24-4beb-a548-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "71907bc2-f44f-403e-aff8-05eb9e8e4f26", "value": "9c1dc2ffbee0727c4af1b086d123718e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "b5a21e45-4b60-4575-95cf-28374660e325", "value": "b119e6a7c1ee05a42cd379355b6656d19b43213e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "fac9a8f2-0e5f-4a5c-ac60-40228c0671bd", "value": "61f53a66eef46ebed5318e21eee3b03c91dabbd7e87e291b072b24351f47db2a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055465", "uuid": "70f154df-8874-4f39-a4f8-1078e3df16bf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "ae99b752-e71f-4fc9-8638-961581a1b9f6", "value": "2019-11-12T10:42:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "9c9eb7e7-3943-4e2d-b9d4-6d9e3bbaa076", "value": "https://www.virustotal.com/file/61f53a66eef46ebed5318e21eee3b03c91dabbd7e87e291b072b24351f47db2a/analysis/1573555345/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "81f29dec-ac97-486e-be04-f084e5ad1111", "value": "35/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055466", "uuid": "398657cd-cb88-41ce-b9ac-90ef2f426d6f", "ObjectReference": [ { "comment": "", "object_uuid": "398657cd-cb88-41ce-b9ac-90ef2f426d6f", "referenced_uuid": "ebfe3901-8768-4d85-8970-fbb9efbd2d21", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-a528-4e9b-a608-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "90a1068f-189f-48e3-89e9-23aec0b6da53", "value": "7f0f704f145fbe64924ca3eb5b0a391d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "e8ee4b83-2a0a-4703-8bc8-916c4a30cc63", "value": "93ecf07018863c7a5ab66447a2caf5e2c9becae8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "f684f5db-edc7-4bdd-844e-733d509a0600", "value": "afdcc114586c5720dbecef9911e1b3b30a54cabe7912b5a8bd3d46c868d7343c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055466", "uuid": "ebfe3901-8768-4d85-8970-fbb9efbd2d21", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "016a6505-302d-462f-827c-5281841fa428", "value": "2019-11-26T15:06:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "c942487a-677e-4ffb-a337-78b9f22ca3bb", "value": "https://www.virustotal.com/file/afdcc114586c5720dbecef9911e1b3b30a54cabe7912b5a8bd3d46c868d7343c/analysis/1574780787/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "8ae82837-90ad-428a-b8ff-2cd40c909810", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055466", "uuid": "6413791e-00b5-4ffb-83d4-ffee0cd2ca0b", "ObjectReference": [ { "comment": "", "object_uuid": "6413791e-00b5-4ffb-83d4-ffee0cd2ca0b", "referenced_uuid": "da879160-458a-4dab-a126-245cf0f7a285", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-5384-4c6a-a70c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "759bcb29-a5be-4885-85d2-790562f8c3a7", "value": "a379e4dfd0d8b858e7cfead64de4f198" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "e0a26234-148f-4369-9a31-e4719974fe51", "value": "60e502b09d23e844476efcc18e8d027fc6abfc7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "3b6c964d-0a9a-43c6-b50a-72c04973c66a", "value": "815d74755a6ff3bb73d93df564abfce3e5479d942a23a6fca202c61e5c2c4d62" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055466", "uuid": "da879160-458a-4dab-a126-245cf0f7a285", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "647274aa-ec22-4fd8-a049-6debb69c3764", "value": "2019-12-01T04:55:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6de3c074-0418-4d00-9e29-986e7cfbe18a", "value": "https://www.virustotal.com/file/815d74755a6ff3bb73d93df564abfce3e5479d942a23a6fca202c61e5c2c4d62/analysis/1575176148/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "5395e636-7af8-46c6-8c27-1e53c8172679", "value": "58/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055466", "uuid": "07fc0794-5e29-44e0-9cee-faf0ee755c32", "ObjectReference": [ { "comment": "", "object_uuid": "07fc0794-5e29-44e0-9cee-faf0ee755c32", "referenced_uuid": "b17d7848-e8ad-496f-96de-51da10e952f3", "relationship_type": "analysed-with", "timestamp": "1576055872", "uuid": "5df0b440-38ac-4488-a89d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "deaf2c75-3937-4d00-84a4-79085775d73a", "value": "a047011ce78244acdf0f6f5f6e29cdbe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "76df0788-dbd2-4c71-b7f9-70f7f9ab0c53", "value": "c1f6e1bfd5c010d6f6478447608b049f34ef34c5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "ee15f793-3b48-44f5-a504-1dec88dabf1a", "value": "5c7b6ee00f7c96912e4f5391be445daf2eeb90d5f81cae7b6337b6329fe59165" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055466", "uuid": "b17d7848-e8ad-496f-96de-51da10e952f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "5c497750-5ec2-4e0e-8b14-700078a5ba6b", "value": "2019-11-21T11:11:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "2376d1f5-7f72-4a55-9f56-a2116201a603", "value": "https://www.virustotal.com/file/5c7b6ee00f7c96912e4f5391be445daf2eeb90d5f81cae7b6337b6329fe59165/analysis/1574334696/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "74d9a81c-14a4-4880-92e1-ad5c654e8e25", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055467", "uuid": "005be038-8a2e-4cc5-a0f0-57f5df4df5f6", "ObjectReference": [ { "comment": "", "object_uuid": "005be038-8a2e-4cc5-a0f0-57f5df4df5f6", "referenced_uuid": "ab5ce77c-edac-43f9-8955-f9b70ca25c78", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-424c-467a-a30a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "90b57f4e-50bf-48da-9fbb-1b488fd435c9", "value": "7b68b955ca03add2277f317f7f1ef04b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "b172be02-e73f-4887-83ff-a591004118e5", "value": "c2ddbb6fb696a6316f0767868ab09cb60fc79085" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "5a6cec40-2d93-433d-ba70-68593fa16e69", "value": "5ee264316db1e2c32603a31b99a0d871d6b4d253aca53d76336aaecbf76cf6f7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055468", "uuid": "ab5ce77c-edac-43f9-8955-f9b70ca25c78", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "9e4ae5df-d621-4f3f-8fcf-ddd0ce70245f", "value": "2019-11-16T03:07:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "9ae2ab30-af8e-435f-bfde-a2f48ecc6fc2", "value": "https://www.virustotal.com/file/5ee264316db1e2c32603a31b99a0d871d6b4d253aca53d76336aaecbf76cf6f7/analysis/1573873657/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "ba9ebe26-b4a5-4f64-b0b1-e62fe109123a", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055468", "uuid": "bea1130e-4cb9-42ba-be62-dc58d29271fe", "ObjectReference": [ { "comment": "", "object_uuid": "bea1130e-4cb9-42ba-be62-dc58d29271fe", "referenced_uuid": "fb0d63a5-2ef7-41ec-891e-318ad1af405d", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-ff78-4c37-ae19-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "82fa7953-b96d-443d-953d-85ee6b1f6a32", "value": "902962e24fab066d292655f9c238f137" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "718fcca9-c799-4f0b-bdd6-37d024c5899b", "value": "46f6f227799c567f9b107ba6068c6ca72cd783ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "85c645d6-c200-4691-9d6c-713406b547be", "value": "83dd15c56492c897da410681b15890e7b760a95aae1bd6981bceed56b66124d8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055468", "uuid": "fb0d63a5-2ef7-41ec-891e-318ad1af405d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "20a623bd-1692-4254-b5be-27a34d7495af", "value": "2019-11-27T03:05:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "43b7144b-e0ed-40bd-a0a6-07b27c208687", "value": "https://www.virustotal.com/file/83dd15c56492c897da410681b15890e7b760a95aae1bd6981bceed56b66124d8/analysis/1574823920/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "930f085c-7f69-477b-8291-7539a6ac7bd5", "value": "54/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055468", "uuid": "7c06d918-976c-4d51-9e99-8d3e37432ebf", "ObjectReference": [ { "comment": "", "object_uuid": "7c06d918-976c-4d51-9e99-8d3e37432ebf", "referenced_uuid": "ae92dd95-4a6a-4791-b9a2-859713516919", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-9bb8-4053-b96a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "df294e93-4a9d-4b32-a977-5eecb7ce47bf", "value": "2bb020e5ae84fe581cd9a757ef2671fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "836cbb99-c7bf-43c1-b4a8-3ed4c169132d", "value": "a462685ef7e3dc2c8591c0c2a1a0d57228d6b5cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "bbf1bef1-b299-4619-9c56-471eb372f9a3", "value": "a572358457bb15ae137df1c26dcd82345cefc50832b63417b9d57f4795534c07" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055468", "uuid": "ae92dd95-4a6a-4791-b9a2-859713516919", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "b5d7ac43-5656-4c3b-9837-4daf25bd1512", "value": "2019-11-15T01:55:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "38624e00-441d-48ec-8d4d-445efbce6715", "value": "https://www.virustotal.com/file/a572358457bb15ae137df1c26dcd82345cefc50832b63417b9d57f4795534c07/analysis/1573782922/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "b57ea2a1-8cf0-4d84-8af5-117ccebdea31", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055469", "uuid": "0970bf3c-d0ae-495d-a9bb-8f0850d31d02", "ObjectReference": [ { "comment": "", "object_uuid": "0970bf3c-d0ae-495d-a9bb-8f0850d31d02", "referenced_uuid": "6faf13be-b871-4263-8384-a4ea165c6dbe", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-6350-4e5e-a5be-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "ee71fa66-5209-4efb-bb34-8a85439d32fe", "value": "f713df926228b0c1cab1a9cabf50ed11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "8e4d6ab1-a95f-405a-867c-7993ed490d4c", "value": "faeb51956d6f47218e5cf0ed77f52ad0dad7ad26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "6552ca12-40bb-4bd2-a91b-19f1d70d665a", "value": "d6a3834a9368528d2d6d49a44f44dd4a6f25318d44af7c5072f0621a14373e75" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055469", "uuid": "6faf13be-b871-4263-8384-a4ea165c6dbe", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "70383a93-5cfa-411b-9d4c-0daa47a0c1bf", "value": "2019-11-18T09:20:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "20598f04-7f4e-463c-9558-32a160ec9d72", "value": "https://www.virustotal.com/file/d6a3834a9368528d2d6d49a44f44dd4a6f25318d44af7c5072f0621a14373e75/analysis/1574068847/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "e7dd37d7-b277-43db-89a6-0685f0821a31", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055469", "uuid": "805c7a97-f0b2-4be5-a3a7-3d5ed004fe8a", "ObjectReference": [ { "comment": "", "object_uuid": "805c7a97-f0b2-4be5-a3a7-3d5ed004fe8a", "referenced_uuid": "c33d8677-d9e8-42aa-a109-9c077c74fa7b", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-c74c-478e-be7e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "401e6ac8-0e37-4eee-aa3e-8b0a5db1d738", "value": "a1e4fd533d6d4697f295b58b64d02145" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "e50b8e3e-c080-435b-9f00-602a61a9c35d", "value": "81e2bfb98c8bf378e0b6396d676ca32e8e02deec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "915349b8-9a2c-4b03-8123-21570269fcd0", "value": "430e929301f32f2eaa12f78750a26e0e358dc53211fd3780c91381beafec605d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055469", "uuid": "c33d8677-d9e8-42aa-a109-9c077c74fa7b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "89e8f4ad-88ca-4074-995f-76e02d1949c1", "value": "2019-12-03T20:34:34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "82dcdde2-f3aa-4c5a-87c6-eb6a9084bf33", "value": "https://www.virustotal.com/file/430e929301f32f2eaa12f78750a26e0e358dc53211fd3780c91381beafec605d/analysis/1575405274/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "249f370b-489f-4661-8d91-335e998ff400", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055469", "uuid": "6d4d528c-aa9a-4678-acc9-706dc617b813", "ObjectReference": [ { "comment": "", "object_uuid": "6d4d528c-aa9a-4678-acc9-706dc617b813", "referenced_uuid": "13daa6ca-eeb6-4793-b7f4-b240a5694a49", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-87ec-4064-bc9f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "65fd3d60-50aa-43ce-9bd2-d004e83cc806", "value": "b9080ccf22c6d8d3c9e1681f1e5820b0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "c570ca43-c037-4a00-96ef-2d1912cea4a7", "value": "8e42fa15e9b495f8a88199af4a9aa1c527ad1989" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "7add5ffd-45e4-4b18-8cf5-a71f441fe8f3", "value": "6c69d1c6a51d6e5254f6ce3a1c55d91571421835033259d7052f3ac759820a18" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055470", "uuid": "13daa6ca-eeb6-4793-b7f4-b240a5694a49", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "11e568fa-a90a-4f85-b7a8-d0c03e05e7cc", "value": "2019-12-02T18:49:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "cf9ff0c5-8862-463a-9583-ee9620b2e7b3", "value": "https://www.virustotal.com/file/6c69d1c6a51d6e5254f6ce3a1c55d91571421835033259d7052f3ac759820a18/analysis/1575312551/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "5479e8b9-5572-4e3d-ba01-bf5199b98af9", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055470", "uuid": "c52e2698-5238-4c6a-acd7-878cfeeb08bb", "ObjectReference": [ { "comment": "", "object_uuid": "c52e2698-5238-4c6a-acd7-878cfeeb08bb", "referenced_uuid": "77daaa86-1ca8-4829-848a-2ab124fbde2a", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-8f9c-42f4-9ab0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "5846bff7-2ff7-48c0-8a9e-43c738e7a540", "value": "3da2b62ede687e036c9828384dc0a9a3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "cd7771ff-034d-4cf2-9579-704f59086d0e", "value": "13aacd0e5e50d4c14117c99c6544e14985dbbbcd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "61eee293-baae-4114-89de-cb09c8fd5044", "value": "ec7e696dff324e9b1302069dfbd49a684d820ad0b5c79a16b305ab2478a144eb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055471", "uuid": "77daaa86-1ca8-4829-848a-2ab124fbde2a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "5a5a3faf-395c-438a-a3aa-95e30ec31994", "value": "2019-11-21T10:56:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "7867c4fd-9961-4701-8035-58872e7cbee8", "value": "https://www.virustotal.com/file/ec7e696dff324e9b1302069dfbd49a684d820ad0b5c79a16b305ab2478a144eb/analysis/1574333816/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "b09917b6-82b6-4a7e-bb2d-7d506558f977", "value": "48/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055471", "uuid": "53be0e4b-423b-498e-a3d4-7b7835134977", "ObjectReference": [ { "comment": "", "object_uuid": "53be0e4b-423b-498e-a3d4-7b7835134977", "referenced_uuid": "368db7b2-fd52-4253-bfd3-0e8d6b1128c0", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-c7c0-4fb6-bb65-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "1d08cfe6-bbfd-4a09-a70f-f84647205d83", "value": "56c21faa39a29ecc4773513b25d22bb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "b742d2b0-0763-4a6f-850e-a0dbc7b0e2b8", "value": "2af3216d655d40d51f0a5792a00641335aea24cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "2c0ab604-2c3c-46e0-b70c-c7b2624d9d81", "value": "fab5fa63e2e623ae86d7ba93b938b0ff6f796aa1ce57cea300570c57139db602" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055471", "uuid": "368db7b2-fd52-4253-bfd3-0e8d6b1128c0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "0368cbdb-c6a1-4bd9-b788-21662529c9c1", "value": "2019-11-14T04:25:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "bd5a3028-f646-49d4-ac8f-203d75ea0ab1", "value": "https://www.virustotal.com/file/fab5fa63e2e623ae86d7ba93b938b0ff6f796aa1ce57cea300570c57139db602/analysis/1573705527/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "c2abda4c-aaad-4336-be39-cdcb62cfa9d8", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055471", "uuid": "5f78f768-d3e3-4c57-b99e-c9ca1afc0719", "ObjectReference": [ { "comment": "", "object_uuid": "5f78f768-d3e3-4c57-b99e-c9ca1afc0719", "referenced_uuid": "3bf6bec5-5936-463d-b7eb-72f996f0b0dc", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-d834-4d1c-b7ec-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "fb4597d3-a96e-4f1a-aba8-d6ba3ca72a67", "value": "4867efcca775ebc44c2b65b1cd56acb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "a7da4592-262a-4c37-98ee-60747050e786", "value": "c928c1dec10097aff8a2775b143c011c7d674e87" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "1a61e5e6-3b37-4aca-b65d-1e8d162a1a7b", "value": "1e5e5820d5465402d2247e890127ee4d1e337742efe78ffafee046461483de0d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055471", "uuid": "3bf6bec5-5936-463d-b7eb-72f996f0b0dc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "527fd6ca-2ecf-4c13-8dcd-0d6a58d39fdf", "value": "2019-11-18T13:04:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "5441a5fa-a408-415a-aaf5-9f739b1c63fd", "value": "https://www.virustotal.com/file/1e5e5820d5465402d2247e890127ee4d1e337742efe78ffafee046461483de0d/analysis/1574082292/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "b7db158c-410c-4d3c-872d-26227a7a14ec", "value": "52/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055472", "uuid": "72f0eb8b-cd3f-4b91-865d-29034d6fa578", "ObjectReference": [ { "comment": "", "object_uuid": "72f0eb8b-cd3f-4b91-865d-29034d6fa578", "referenced_uuid": "c990f842-45cc-4c91-9362-7e36d9ea686d", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-eeb8-42c1-8e94-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "e2aa711d-8495-4e43-ac89-0011a530fb24", "value": "94fdb9e3a6486a858b619f751fc3432e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "39871f11-cd45-4c56-b291-cc7f067b4a1c", "value": "89d48a2938837efefa7a18195fde2b34aecf56b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "978c7f5b-5e95-406a-bca0-46cfa46df346", "value": "f75316d27f864577b461e88b4797e3d00c87dfd6f729fd519353ea7cb2d06858" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055472", "uuid": "c990f842-45cc-4c91-9362-7e36d9ea686d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "66cef81a-2b35-41cb-97d4-1cc40660795b", "value": "2019-11-08T17:40:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "70e0cacd-b419-4aab-a5e7-dce1f5e070de", "value": "https://www.virustotal.com/file/f75316d27f864577b461e88b4797e3d00c87dfd6f729fd519353ea7cb2d06858/analysis/1573234830/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "cde2160a-f9c4-409f-a127-4b678298be71", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055472", "uuid": "b85e20d8-4cb7-4223-ae59-3ad7b984a218", "ObjectReference": [ { "comment": "", "object_uuid": "b85e20d8-4cb7-4223-ae59-3ad7b984a218", "referenced_uuid": "bd96673a-9739-4b1c-90a7-cf93e7983d65", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-d484-46d5-8ef8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "e9435fe5-3f07-49ef-adfa-a3a2c20fe56d", "value": "4730b22e2d3b1662be1d56dd53385402" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "166b6811-01dd-4586-b6a3-2cca8312e0ba", "value": "4d4e55e3ee6e65b7834d5a0a41756c54c6bed35b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "18a7e934-bfde-4c79-9207-e4351867b456", "value": "a20196011e8fe6929f0d565c8a080b62c4ba29874896ec08ed4af0709aa36f04" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055472", "uuid": "bd96673a-9739-4b1c-90a7-cf93e7983d65", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "b5d11919-71a0-4a3a-84fa-581537256753", "value": "2019-11-14T09:10:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "b5320d36-a5ed-4384-a39f-796631c04dc6", "value": "https://www.virustotal.com/file/a20196011e8fe6929f0d565c8a080b62c4ba29874896ec08ed4af0709aa36f04/analysis/1573722649/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "edb08ddd-7fc2-4e37-90cf-7a2ddaf1fa97", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055472", "uuid": "8853e5c5-1501-4b21-8b6f-908bb944d562", "ObjectReference": [ { "comment": "", "object_uuid": "8853e5c5-1501-4b21-8b6f-908bb944d562", "referenced_uuid": "90821f3b-1e17-4f71-92cd-5d7575010e48", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-7574-4c0a-80a8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "4fc6ee3e-0aac-43ec-b9d4-a48703075e9a", "value": "d08eeebfcb9a41672c4e68bc97826d56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "c629a70d-24c1-432e-bb31-2a1e6bf31664", "value": "2942c35b1035a455b23598a7e77789b3b6aea01c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "340b3458-9743-4564-9cb0-c8d12c2f7097", "value": "710d2f297fb305a1648274801bfbab0aa21f1b67c17de9d8a930dc6cfa162f6c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055472", "uuid": "90821f3b-1e17-4f71-92cd-5d7575010e48", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "3aa82a64-9ba5-4355-9b5c-4c991fd017e4", "value": "2019-11-12T05:34:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "ea22ff22-e89d-44a1-aebd-63746403106e", "value": "https://www.virustotal.com/file/710d2f297fb305a1648274801bfbab0aa21f1b67c17de9d8a930dc6cfa162f6c/analysis/1573536893/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "f23c83d0-c355-4b06-b65b-94af27371dfa", "value": "35/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055472", "uuid": "765924d0-c38b-4999-aec1-9a458db95dab", "ObjectReference": [ { "comment": "", "object_uuid": "765924d0-c38b-4999-aec1-9a458db95dab", "referenced_uuid": "8db06b60-3ee5-4c7e-abf4-89fc457b7ca9", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-c928-40d1-98c6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "c23efebd-672f-4c94-baaa-221e7d9b9a6c", "value": "3535432d692701387833c41e5a869528" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "8c278c0b-1cf3-46fe-9f0a-70cdabeb7b67", "value": "f5f23965069ecd90913cc8d07c33a28592e52313" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "ce5b3604-89f8-4dda-9553-53b78a37e117", "value": "d1bbeed4dc9881d31df1bab35c03593d874d3fcd5d8d65cf4201fdb479d42c5f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055473", "uuid": "8db06b60-3ee5-4c7e-abf4-89fc457b7ca9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "3a96ea25-44a6-4766-aca9-445f5d9f7bea", "value": "2019-11-15T04:01:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "de453401-820b-436a-8e7b-ba29a5df573b", "value": "https://www.virustotal.com/file/d1bbeed4dc9881d31df1bab35c03593d874d3fcd5d8d65cf4201fdb479d42c5f/analysis/1573790471/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "bfe8f22d-ca76-4597-831a-8645acd092de", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055473", "uuid": "5acb8ec4-b43f-4dd4-a054-52c01028f440", "ObjectReference": [ { "comment": "", "object_uuid": "5acb8ec4-b43f-4dd4-a054-52c01028f440", "referenced_uuid": "509ca6ee-3003-4a6e-85a0-f088ee39013c", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-026c-4655-8088-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "f087d8cd-27ba-4d46-85c0-fe491e4ba90f", "value": "1f25abd5fb07d7b9bf5ae547da381d0e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "cab4cca5-a533-4512-bb94-8be882647829", "value": "88a1da472a05256632960f1b94835d445cb9106c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "bd7a80cc-5861-4192-a6c0-8b6d1140fcb4", "value": "91f7de5bb9002d63e079bfa3998a6ee460d2d496ec412d1a19e6ad0ce416c22c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055473", "uuid": "509ca6ee-3003-4a6e-85a0-f088ee39013c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "d24eaff6-2e25-49a0-b39f-3fd879dbcbc0", "value": "2019-11-18T07:37:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "b6ae4f5f-82b8-41ce-8444-3ad4a04030ae", "value": "https://www.virustotal.com/file/91f7de5bb9002d63e079bfa3998a6ee460d2d496ec412d1a19e6ad0ce416c22c/analysis/1574062649/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "6c313039-6144-4d5a-bb83-7bde0979fb75", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055473", "uuid": "eaf72681-d495-4bcc-ad7c-a28fae80cad6", "ObjectReference": [ { "comment": "", "object_uuid": "eaf72681-d495-4bcc-ad7c-a28fae80cad6", "referenced_uuid": "a9fbf066-90b4-479a-b421-249d0eb7fb88", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-5920-4e31-a9ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "f61a9074-1471-41cb-8018-aeb6720b8a0f", "value": "32a7ac9d67c369aa9002f5f9fc5f4013" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "3926ad5b-ac1b-4efd-9f66-475fd59d6068", "value": "d78eb67b3cbb89ba733264e1e23f4964ec4a2261" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "cce2eb4a-9b46-418a-86dc-8d738e681cfb", "value": "460a87ff9ac1302a2189064447c092c8388af958e14da48a85070b71f0478e60" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055473", "uuid": "a9fbf066-90b4-479a-b421-249d0eb7fb88", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "f8eabfd8-afa7-406c-ac6c-cc6fdf08d625", "value": "2019-11-24T16:22:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "33c4af83-2bff-4020-8703-1aacd8c62d3c", "value": "https://www.virustotal.com/file/460a87ff9ac1302a2189064447c092c8388af958e14da48a85070b71f0478e60/analysis/1574612541/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "e9a3deb8-4d9c-4671-b62b-d101bd2d3d94", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055474", "uuid": "1357b011-56bc-4256-9daa-e8e58a0bb2c7", "ObjectReference": [ { "comment": "", "object_uuid": "1357b011-56bc-4256-9daa-e8e58a0bb2c7", "referenced_uuid": "b6d9408e-2eb1-4a92-b402-a87daf6b32c3", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-bd1c-4e68-870e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "d25350ef-2ac8-4f89-a9e8-d442a215f4d7", "value": "3cebe4b8b28be2721057d0e49b3f8635" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "96c0190b-b180-4a64-a9f1-d3cddb8944cb", "value": "b0eecc0491424eb6ac884e1dde9455cba11a6280" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "3f9bfefc-e065-47b0-8168-a1d4ddc90348", "value": "218cdf63771e1d0481456f26bf130b71cd22c578631e2c2759e940b854bd54b9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055474", "uuid": "b6d9408e-2eb1-4a92-b402-a87daf6b32c3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "9e3d0f83-3081-49c7-af86-fff55571016f", "value": "2019-12-10T18:04:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "5ea54858-69a3-4e84-b787-81565b6aadf8", "value": "https://www.virustotal.com/file/218cdf63771e1d0481456f26bf130b71cd22c578631e2c2759e940b854bd54b9/analysis/1576001045/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "e066cace-54ec-4f02-a7ea-f51f907974e4", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055474", "uuid": "63103b77-e89d-4f87-a9eb-4bc77fc2848d", "ObjectReference": [ { "comment": "", "object_uuid": "63103b77-e89d-4f87-a9eb-4bc77fc2848d", "referenced_uuid": "05b819fd-e576-4d36-a984-73b763610cd3", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-68b8-4b41-ae99-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "2943602f-0103-44aa-b3e3-376d9edf6e57", "value": "39c89ec1cc3ae390f8dfcfd002d372ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "709d99b2-7aa0-4cf5-968d-45716becb98c", "value": "7d1ad3f29b4ee8ee35e28d2247a747093c8dbf59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "8c8b23aa-34ca-446f-bfc9-d07bfbc24154", "value": "9a5986bfc4ae1e3436813670e1ce3924cbd950aae3045c965295fb33853d1232" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055474", "uuid": "05b819fd-e576-4d36-a984-73b763610cd3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "6ff0a72c-9496-4253-8ad3-2c4fb3f46d96", "value": "2019-11-14T09:10:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "4f5a83aa-2302-4ed9-b55a-e63866ee1edf", "value": "https://www.virustotal.com/file/9a5986bfc4ae1e3436813670e1ce3924cbd950aae3045c965295fb33853d1232/analysis/1573722648/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "84151c2a-ea39-4520-bb46-db0390d2f4fc", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055475", "uuid": "89debb59-6a70-4aba-97b5-f77df678a97b", "ObjectReference": [ { "comment": "", "object_uuid": "89debb59-6a70-4aba-97b5-f77df678a97b", "referenced_uuid": "ad5d9831-f2ea-48e5-a022-dab7337f9f49", "relationship_type": "analysed-with", "timestamp": "1576055873", "uuid": "5df0b441-c074-4a13-9763-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "982bc5c2-3b61-4c01-b708-0e83bb163841", "value": "fac9beb46c0ee1b0c2d87eae378526fd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "6d515052-0ec1-41f9-8dda-01b0511645cf", "value": "55f6f1bdc109631236797ca629d49299f1144109" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "3dfff8fe-b8e0-45de-98f5-b9a62920b025", "value": "5c87e2f8867987ff3a194f428f8cf0f190015e586ab269b52a309ea088c4107b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055476", "uuid": "ad5d9831-f2ea-48e5-a022-dab7337f9f49", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "aea1c54e-2fe4-47cf-8f09-b9bedaa30703", "value": "2019-11-11T10:41:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "fd20fa01-de2c-48bc-89b5-bbe6eac6aa23", "value": "https://www.virustotal.com/file/5c87e2f8867987ff3a194f428f8cf0f190015e586ab269b52a309ea088c4107b/analysis/1573468875/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2d497e11-d8ae-4a51-a659-9a0292989312", "value": "31/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055476", "uuid": "e20c0aa3-0cf4-419b-baef-4d2d30a38f23", "ObjectReference": [ { "comment": "", "object_uuid": "e20c0aa3-0cf4-419b-baef-4d2d30a38f23", "referenced_uuid": "1d4e08cd-ae5c-4f22-9f30-44f4fc820458", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-dbac-4c2c-9d07-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "f08e0789-1132-495e-833d-3e889636ca82", "value": "622e870c23e3e6a0d292401e69f7dbcc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "12556ed0-81e6-4949-befd-24f351d389bf", "value": "af6acf348806197b7828e21382f35a9d62506394" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "efdf4bfb-473d-4bb1-a558-97354a28166e", "value": "e0be60f48d6e3e9517be583678b1b4760e021bf77a6502782c66b2581c044b1b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055476", "uuid": "1d4e08cd-ae5c-4f22-9f30-44f4fc820458", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "099744cd-7f82-4790-98b9-6ad0c3ee99f1", "value": "2019-11-26T15:35:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "b3927642-9324-4dd9-a898-a12a20f973cf", "value": "https://www.virustotal.com/file/e0be60f48d6e3e9517be583678b1b4760e021bf77a6502782c66b2581c044b1b/analysis/1574782558/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "756b6043-09c8-43d9-89d0-b7f2fc158ce1", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055477", "uuid": "68c04910-f986-4c23-9521-62f771f9ebe2", "ObjectReference": [ { "comment": "", "object_uuid": "68c04910-f986-4c23-9521-62f771f9ebe2", "referenced_uuid": "ecb65e70-f259-4ecd-9423-946c1b5648d7", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-db44-422a-b016-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "5ec5a2f5-3067-4004-8106-27936abcb930", "value": "b36932fbcaa65f6a4b40194f984d3881" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "3fff65cd-88e7-447e-8341-0ae9d0c2bb4f", "value": "69363d2139a5feb21413ba4a45f09c836bd0994b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "2989bd2d-5dbf-4041-9417-8554f0abdd7d", "value": "2dc1d4732a00142eabecb7d91bef13580620210e8376114dbe5d4ae1e67a1052" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055477", "uuid": "ecb65e70-f259-4ecd-9423-946c1b5648d7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "c25f8d49-8c5f-4713-880c-24eda3303b77", "value": "2019-11-05T20:33:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "a8674dfa-3098-4c8d-a8c3-58b35bc7fa6a", "value": "https://www.virustotal.com/file/2dc1d4732a00142eabecb7d91bef13580620210e8376114dbe5d4ae1e67a1052/analysis/1572986012/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "a017650e-ba25-4c50-87f6-c5ab17c6982c", "value": "9/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055477", "uuid": "98c067a4-1ab0-4b27-8776-b278725b50be", "ObjectReference": [ { "comment": "", "object_uuid": "98c067a4-1ab0-4b27-8776-b278725b50be", "referenced_uuid": "a2680e73-6889-45e4-a65d-a298f11c2d17", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-e7c0-4d0d-8f7d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "4089b8cb-4378-4104-9fa8-64b3b4ff86f5", "value": "b5757094da00277585a1cec55fdfb9f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "ebae2c40-47ef-4d38-9123-13de4caf3556", "value": "7ccc911af61de3609c25acb7fe8bfda33ca0a61f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "7bc1d4b6-401c-4c81-a9ea-b25325207d25", "value": "f5d15646962641710bd0af8169423b16cac279d6b78af0bc7f6f720d7c30ec01" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055477", "uuid": "a2680e73-6889-45e4-a65d-a298f11c2d17", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "f12be0df-2241-4df1-82cb-c563792b61c0", "value": "2019-11-29T10:53:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "cac9dde9-528d-49b4-8ed0-91c7acbcf825", "value": "https://www.virustotal.com/file/f5d15646962641710bd0af8169423b16cac279d6b78af0bc7f6f720d7c30ec01/analysis/1575024824/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "a3a9dfe5-e135-4c3d-adb3-ed3a0d1ece72", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055477", "uuid": "ec9966dc-77de-4518-8609-95eff444388d", "ObjectReference": [ { "comment": "", "object_uuid": "ec9966dc-77de-4518-8609-95eff444388d", "referenced_uuid": "795a1fdf-49e1-4e50-a85f-3a4176494389", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-04e4-430a-a4c7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "c23a4e2f-7eed-4deb-ad87-a83a26f49c13", "value": "39518cde140e696647c84b8c5f68f6ac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "0c98211a-7c52-4b6d-b28a-33298dbd09df", "value": "e20d4e9de7b947730d32eed24fbc40faf766efe8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a07f012f-47ee-41f2-951b-6feb4b6d0015", "value": "957f3631844a1981e02551916a6e3ac788aa468cc30130f0da01166a02588268" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055477", "uuid": "795a1fdf-49e1-4e50-a85f-3a4176494389", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "1a2e9fa6-bbad-4b7b-820f-23a90719a628", "value": "2019-11-21T10:42:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "b7a54619-8c02-44eb-af68-ddb559b061cc", "value": "https://www.virustotal.com/file/957f3631844a1981e02551916a6e3ac788aa468cc30130f0da01166a02588268/analysis/1574332942/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "be06c626-cdf7-4c62-a9eb-f4fdf4af000d", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055477", "uuid": "fa646c42-4280-46b4-9cf0-4aca39a04070", "ObjectReference": [ { "comment": "", "object_uuid": "fa646c42-4280-46b4-9cf0-4aca39a04070", "referenced_uuid": "bfdc67ce-6583-447f-8e13-7569e81ea7e1", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-6bbc-4d76-b18a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "a52e1d16-639c-4b75-a167-49ad9bd5b92a", "value": "9718ecc3bb67bc1e9c5ccfcf356ce646" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "94bf548b-0845-4377-8261-e0d636781b31", "value": "b45b105c430ab61df5e39392e0d9197d98cddcb0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "54502ac4-35be-4180-8c36-826e12ebc80d", "value": "28f108aae9808c8751112e789f8987902d57a51f283f8cac6c4f8ec333ebc168" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055478", "uuid": "bfdc67ce-6583-447f-8e13-7569e81ea7e1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "410070af-09ba-4f35-8e5b-8ee6526725e7", "value": "2019-11-23T22:10:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "e0b03f51-11a2-4e4f-abf9-1201226a0147", "value": "https://www.virustotal.com/file/28f108aae9808c8751112e789f8987902d57a51f283f8cac6c4f8ec333ebc168/analysis/1574547036/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "137585a0-4d23-44d4-90dd-088deb24f129", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055478", "uuid": "e75026c9-90fc-4278-93b3-ec2f98892005", "ObjectReference": [ { "comment": "", "object_uuid": "e75026c9-90fc-4278-93b3-ec2f98892005", "referenced_uuid": "a7cde723-daa2-469b-9dec-4ab357ab0656", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-7f60-4b61-8a24-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "063e99cf-37ce-4505-baed-a7c0c084cc10", "value": "4ddeacde4dac94f233b47b669a9e71e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "f6ac2f59-56cc-4efd-b0e1-3f8da176589f", "value": "ff51adbd948517062b78660da8ecf0268291f0f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "3aec747c-d24c-4907-964b-64ec9c2227e9", "value": "1b39f0dd28bf86f78bb8e9727c43aea0ebef4a229b9d696f490eb0aa3b43e06c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055479", "uuid": "a7cde723-daa2-469b-9dec-4ab357ab0656", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "86121d6a-94da-49a9-af24-3626adb84d56", "value": "2019-11-12T10:43:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "bbe48f16-1750-4ea2-8b74-dbfab351d40b", "value": "https://www.virustotal.com/file/1b39f0dd28bf86f78bb8e9727c43aea0ebef4a229b9d696f490eb0aa3b43e06c/analysis/1573555408/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "e9592e40-ed92-4e6a-9aab-eaa42af578c4", "value": "35/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055479", "uuid": "7b1f82c4-364b-4993-b254-be89999295c3", "ObjectReference": [ { "comment": "", "object_uuid": "7b1f82c4-364b-4993-b254-be89999295c3", "referenced_uuid": "b9e9b270-e201-48d8-959d-c53b47510fb5", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-c994-4568-aa4e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "fb25f224-23de-4db1-8645-d9ab2f5eb726", "value": "6f733dcc673501307e9030d0d20f1b82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "fb37d18f-2740-49f6-856f-55d26e6f93bc", "value": "3941a384a7ec67854e65ed32787200f7c68918f4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "e9b3d3cb-5fda-475c-a222-a1bdec307e76", "value": "8577330adc83aac74476e9f3a70103a2ce7bc2a57d87032a8f5443b4d4f18517" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055479", "uuid": "b9e9b270-e201-48d8-959d-c53b47510fb5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "0861a013-5a0d-40a6-900d-22ee3fe2b6c5", "value": "2019-11-21T10:47:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "ff8b31d4-ef53-4cd0-88b6-9f8851feb244", "value": "https://www.virustotal.com/file/8577330adc83aac74476e9f3a70103a2ce7bc2a57d87032a8f5443b4d4f18517/analysis/1574333256/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "702572b0-0407-4276-b6fb-a0ee53b44b55", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055479", "uuid": "b58e3ceb-0d5c-436d-9d6e-98c592d75ee7", "ObjectReference": [ { "comment": "", "object_uuid": "b58e3ceb-0d5c-436d-9d6e-98c592d75ee7", "referenced_uuid": "ae22c98a-7e4c-4576-bad3-daae1a313c19", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-23dc-4332-9a17-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "6e2221f3-83c7-4da3-9598-fe6552f4f1d7", "value": "53b05ce36d48f486f4d0929f0cae30f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "333a82d6-95cf-4597-bd90-db61de775ef4", "value": "497f581b6d3bc6015fb463e7dd93275fdc1e9c44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "05cfa811-70c7-4a51-b908-c55fd0107da6", "value": "cf32204e546d98b585d28b0fbdb8b13f845e7ef8f5d819f6fa7517a98e9b552e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055479", "uuid": "ae22c98a-7e4c-4576-bad3-daae1a313c19", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "0e234e86-e70b-4ca3-aa75-5bbd6df5237a", "value": "2019-11-14T17:30:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "534b4907-c11e-4695-b77c-604a50251c56", "value": "https://www.virustotal.com/file/cf32204e546d98b585d28b0fbdb8b13f845e7ef8f5d819f6fa7517a98e9b552e/analysis/1573752613/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "66d61883-a1d2-4dad-92a7-3cdca2887a5c", "value": "52/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055480", "uuid": "e4ab5c2a-0f29-49ed-8101-f53735fd9327", "ObjectReference": [ { "comment": "", "object_uuid": "e4ab5c2a-0f29-49ed-8101-f53735fd9327", "referenced_uuid": "841a3d54-f045-4cd9-b58f-0bde95db27e1", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-f664-48bd-894f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "50d69978-4ee5-4c9a-ba4d-9b33ae3c6dbc", "value": "b2b2894733b62357d8400ced79fe6447" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "4673d0f8-a30d-4891-add7-e4fb522072a9", "value": "a5b05aaf3246b6f9a6463a2c9ca969be2abc564d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a41cf3d7-088b-47bc-baac-f5a063fdaee9", "value": "beab3e5de052dd4686e48fb37b756e648a261b264d6cba66c265ef8a1ea9239f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055480", "uuid": "841a3d54-f045-4cd9-b58f-0bde95db27e1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "20b76f7b-511a-4e39-abb6-5431bc7f9136", "value": "2019-11-11T17:21:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "cc692d09-29f6-4793-8657-55b3fd33a315", "value": "https://www.virustotal.com/file/beab3e5de052dd4686e48fb37b756e648a261b264d6cba66c265ef8a1ea9239f/analysis/1573492888/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "b9a3a93a-7d91-4e55-bb5a-4b65b20e0f42", "value": "38/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055480", "uuid": "1d2c8766-dca7-489f-9550-73fe0f885d1e", "ObjectReference": [ { "comment": "", "object_uuid": "1d2c8766-dca7-489f-9550-73fe0f885d1e", "referenced_uuid": "2bc88896-973b-4215-8f4e-11ae835bfdf2", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-7298-4666-9e32-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "d67cb2ce-87af-4a87-9c8f-128e204f83fa", "value": "0d8427b7ad10f95539c259eb1e00c414" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "ae8e0ab9-d304-43e1-90b2-cefbdc7ec51b", "value": "ab3920838f6c617fb64e1cdbc6a9085e1fac32b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "b5dbc651-d966-4599-973c-6a5f911fb72b", "value": "2610797b258f6fbc974c389f2c76ae291197753f8f67ad74eccbfcc064760279" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055480", "uuid": "2bc88896-973b-4215-8f4e-11ae835bfdf2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "f4cbd23e-b4a4-4f45-a5c4-8a32e9f185a7", "value": "2019-11-10T09:47:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "0512dc72-02c0-49cd-904d-1282dbedce00", "value": "https://www.virustotal.com/file/2610797b258f6fbc974c389f2c76ae291197753f8f67ad74eccbfcc064760279/analysis/1573379267/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "5979f229-09c6-49fa-9170-4532ea55acdd", "value": "35/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055480", "uuid": "c0b27747-705c-4d72-9e95-f231e6b93f53", "ObjectReference": [ { "comment": "", "object_uuid": "c0b27747-705c-4d72-9e95-f231e6b93f53", "referenced_uuid": "628f43d4-9f52-4a66-84d2-6dbfdfe969c4", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-25ac-4cd4-a417-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "6cf9e84e-d03e-4482-9cfb-f6372c1ac981", "value": "3d2576d106fcecb1117ab0a2dd02c1a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "0e19e864-1302-495a-86a5-eaa823230a5c", "value": "f15d00d4a3ef278b43df8d296293ce9dee9cd365" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "fbea215f-6d22-4b21-8a87-ee587d6f25b2", "value": "131cdc02a4abf3ac05609389d1f1391fbe2340831ee105b80ecd88877dc83d1d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055480", "uuid": "628f43d4-9f52-4a66-84d2-6dbfdfe969c4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "2726f2cd-a826-4832-9700-4fc798b96c42", "value": "2019-11-05T13:44:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "c3260553-946b-49a6-9621-a6b9cd62aeee", "value": "https://www.virustotal.com/file/131cdc02a4abf3ac05609389d1f1391fbe2340831ee105b80ecd88877dc83d1d/analysis/1572961464/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "2203e8d1-dd76-4791-a1c6-4713d61f1048", "value": "12/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055481", "uuid": "8a376444-9c79-42d9-928a-25dd1a1afa29", "ObjectReference": [ { "comment": "", "object_uuid": "8a376444-9c79-42d9-928a-25dd1a1afa29", "referenced_uuid": "d3c2b24c-f847-4414-85c2-e71fecb4d9af", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-a660-4d44-8620-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "42a7992e-d906-4e35-aa25-f53af465509c", "value": "d40f4dadeb706ba978c73cc44cef76ed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "664d031d-10bf-4aa7-b439-04ac84c0f0e3", "value": "669cc0f8d697db54032b122b791b8a8fe5bd7287" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "a2976293-1e10-4502-be78-55520251e28a", "value": "65fc3e576108db04a432776c0806fbee72f388ef18334069f99708032bc53c3e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055481", "uuid": "d3c2b24c-f847-4414-85c2-e71fecb4d9af", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "462b3b65-3d78-487b-82a1-ad78515d8853", "value": "2019-11-16T08:52:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "a0054b01-552b-48dc-a081-73e722dda089", "value": "https://www.virustotal.com/file/65fc3e576108db04a432776c0806fbee72f388ef18334069f99708032bc53c3e/analysis/1573894363/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "e4122d3c-ead2-4626-86c2-53a44d19ebb4", "value": "46/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055481", "uuid": "6195996f-6bdc-4e2b-bf9d-202df3c89f50", "ObjectReference": [ { "comment": "", "object_uuid": "6195996f-6bdc-4e2b-bf9d-202df3c89f50", "referenced_uuid": "e1983e63-f280-4191-8fca-6fa561bc028e", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-c600-4a60-b22c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "0148f223-4fcc-4de2-94ae-973eac2a4aab", "value": "5cb4bee1fbac557846018a68ceb0ab6e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "ca8289b6-56d5-4c6a-ad5d-7d590f660115", "value": "1311612f15b815a1bd88d65ddc8e2632762ed599" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "fdebd27d-6838-4f82-9bcf-9b93a948db56", "value": "c204d91f556a9102c196cc649289e4cf68db2a31c17b28f5c3b3b70ab65f0431" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055481", "uuid": "e1983e63-f280-4191-8fca-6fa561bc028e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "54ad7a78-0bc4-4e02-b646-5a13bfd69f89", "value": "2019-11-23T22:51:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "8b35fb75-ed0a-4a36-aa2f-e7771d5966b1", "value": "https://www.virustotal.com/file/c204d91f556a9102c196cc649289e4cf68db2a31c17b28f5c3b3b70ab65f0431/analysis/1574549477/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "4c380b6f-d68c-4b59-971c-cfad2806f8b2", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055482", "uuid": "c9ab032a-2aaa-4363-8145-5daa9a819b0a", "ObjectReference": [ { "comment": "", "object_uuid": "c9ab032a-2aaa-4363-8145-5daa9a819b0a", "referenced_uuid": "81933a57-b24d-4a30-817f-22ba642fd14c", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-acfc-4a58-9cad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "4f26daa3-0174-4745-afbc-68968e4387ea", "value": "18c220807607df6b7f9f8bd7379e6a50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "462c89ab-c8e6-4601-b9e7-435ecede1699", "value": "79e8ab5463dc9188f15f642896bb5b52d666b208" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "9b26d511-b4ec-44d8-a202-15204ae45213", "value": "3fd07c1d65ed0ad52a78f5a128a1fcbb83472896c1d61037137f95ac09cb5b53" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055482", "uuid": "81933a57-b24d-4a30-817f-22ba642fd14c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "4ba88480-cd8a-4b14-b73b-3ff38afd2a75", "value": "2019-11-16T08:54:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "b6ca6784-68aa-4181-8404-4ea028c6368b", "value": "https://www.virustotal.com/file/3fd07c1d65ed0ad52a78f5a128a1fcbb83472896c1d61037137f95ac09cb5b53/analysis/1573894445/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "c973f78e-2e7b-49f9-9c44-dbd0bdde9fa2", "value": "48/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055482", "uuid": "9218748e-8966-484b-aa99-5803ed53ec7c", "ObjectReference": [ { "comment": "", "object_uuid": "9218748e-8966-484b-aa99-5803ed53ec7c", "referenced_uuid": "3ad4d357-5277-4598-9d15-a362ab9519b3", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-9ea0-40d7-8091-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "297eb9e3-53ad-4284-9354-0ade15c62e9c", "value": "c17dfea4df74ebd707e1b99d84c28a47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "748888c5-f884-4dff-a0bb-a494ee425446", "value": "8fcbdf544549d9e2c8783ea3fe717b98de16114f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "2c9615de-a4ee-4400-8330-20fc13c655a7", "value": "cd42c483e127c30442eebd5a7143d25276d06340fc24a4324ce6fa39da7120b5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055482", "uuid": "3ad4d357-5277-4598-9d15-a362ab9519b3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "5aafd139-98aa-4d7a-9ad8-4e7679564dcc", "value": "2019-11-29T13:11:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "e9dc842f-66f1-400d-8275-2f26383ac8f7", "value": "https://www.virustotal.com/file/cd42c483e127c30442eebd5a7143d25276d06340fc24a4324ce6fa39da7120b5/analysis/1575033084/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "eac2ce63-cc9f-479b-be64-8357484601bf", "value": "54/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055482", "uuid": "8eef2549-360b-4985-889d-209f5ca535d3", "ObjectReference": [ { "comment": "", "object_uuid": "8eef2549-360b-4985-889d-209f5ca535d3", "referenced_uuid": "30ee7c44-f887-4b02-991c-a000534e6030", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-9dc8-456c-970d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "c814f974-af22-4e08-ac09-dcc4b6b15269", "value": "87b69ad5b2cd89b704ed74c50ab3887b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "103c45bc-1cea-4978-a607-4ac4f92398df", "value": "30ff66044c4f9ba287b3fe2d6ee4a90bcebe7198" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "e1391aad-d6eb-4030-8998-dafa62a9ddcd", "value": "0a3a8e203c017695546bcb0fa764721f61d7a5a2c2c0d2ff7c2edc18f7fcb2bb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055483", "uuid": "30ee7c44-f887-4b02-991c-a000534e6030", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "f40215f5-1f76-400f-b834-276d8c52f8c6", "value": "2019-11-14T09:57:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "6603d66d-a9f2-43bd-9b48-f923ebd5baf5", "value": "https://www.virustotal.com/file/0a3a8e203c017695546bcb0fa764721f61d7a5a2c2c0d2ff7c2edc18f7fcb2bb/analysis/1573725447/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "a080d0b5-de8c-46f2-a1b8-9a2d84a53441", "value": "43/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055483", "uuid": "1c4ea6dd-24d5-46bf-beef-7dd6bd35499f", "ObjectReference": [ { "comment": "", "object_uuid": "1c4ea6dd-24d5-46bf-beef-7dd6bd35499f", "referenced_uuid": "2cdf5f0d-47bd-4ae2-9c5c-da56b2e77f58", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-a530-405f-ae92-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "701921f4-7e7a-45f8-8f34-b6c99ab0f196", "value": "0c0877294bd2a9e6752b82c145ff294b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "1252e502-d4b1-42d0-8940-e29037559424", "value": "9fb7c4f4625a61ae4b4c5617ea6554a27887f851" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "8621c3dd-09a7-4914-b169-7bd458859ab4", "value": "b2df333204745a0780d5253a4e0a25f3f6fda445ac38f916b42e8b8498302058" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055483", "uuid": "2cdf5f0d-47bd-4ae2-9c5c-da56b2e77f58", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "cb6bf9b3-1af0-4dc0-8087-82f7316ffbb8", "value": "2019-11-04T16:46:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "106eb845-6f8c-4f93-9257-f4cc653ed89f", "value": "https://www.virustotal.com/file/b2df333204745a0780d5253a4e0a25f3f6fda445ac38f916b42e8b8498302058/analysis/1572886012/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "8f2adcb8-e272-4f46-aab0-98f99287f749", "value": "8/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055483", "uuid": "9ed61707-31ce-4559-a85b-f177c85d687a", "ObjectReference": [ { "comment": "", "object_uuid": "9ed61707-31ce-4559-a85b-f177c85d687a", "referenced_uuid": "c65bed31-f64f-47b3-ad8b-9a641ab6b7b1", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-bb70-452b-91ba-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "96d25b60-aecc-414f-aaf7-454afc7bd1db", "value": "82604674b20a5804bedb26bca0408563" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "6ba7f06d-0313-46bd-a415-8b76a0402f47", "value": "3e017c6c7f95a60919add249e1c865d9e2ed2cdd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "041ae37d-e29d-47a9-abf4-3f5106b2cd05", "value": "45664849ec2256bcc959b68c06d959e9e0571e4b98f29462b1ee5459a05ba03c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055483", "uuid": "c65bed31-f64f-47b3-ad8b-9a641ab6b7b1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "9bb5cbd8-628d-4963-a0a6-2b6581c9477e", "value": "2019-11-21T10:11:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "c28340e7-b87c-41ad-9334-59612e55a72e", "value": "https://www.virustotal.com/file/45664849ec2256bcc959b68c06d959e9e0571e4b98f29462b1ee5459a05ba03c/analysis/1574331088/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "e247b75c-3c9f-410e-846e-6a0759091d98", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055483", "uuid": "62f71c3d-8724-4888-b634-a7d3752695ba", "ObjectReference": [ { "comment": "", "object_uuid": "62f71c3d-8724-4888-b634-a7d3752695ba", "referenced_uuid": "a4fed9f6-2f64-4b0f-8511-3705a306a1ee", "relationship_type": "analysed-with", "timestamp": "1576055874", "uuid": "5df0b442-ba20-499a-ac22-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "70782751-0e37-4762-8d30-d30515dff929", "value": "3b0398f5c8d1461c964dce6fc8cc3bca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "d5919df3-d410-43a9-ae36-8eaec6f85326", "value": "f1714074d832321c10fa674129195ee04b1f23b5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "c97f5180-cd6e-4540-b007-62f0fce70b79", "value": "e8d6740005d7459b7119b660a95661a6889855b3f697ad063a06731cb6423036" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055484", "uuid": "a4fed9f6-2f64-4b0f-8511-3705a306a1ee", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "55ed29b8-b86c-4505-b271-8686cc1d9914", "value": "2019-11-21T10:34:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "6ef7e710-8633-46f0-857d-c0de35fd4812", "value": "https://www.virustotal.com/file/e8d6740005d7459b7119b660a95661a6889855b3f697ad063a06731cb6423036/analysis/1574332462/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "9aeb8cd5-e5bf-4fae-abeb-d270f92c7ac7", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055484", "uuid": "c4070ec2-5078-4852-9dfa-e67a2649d36b", "ObjectReference": [ { "comment": "", "object_uuid": "c4070ec2-5078-4852-9dfa-e67a2649d36b", "referenced_uuid": "821c8d27-03d7-4cd9-a184-166decec2856", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-93c8-4efe-9ea0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "6420bafb-33e9-4522-ad28-e5d9b83d0a5d", "value": "ffb7dce5694e8ba31b100ce7910df8a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "3b0cd4d1-c1db-4ccf-b2f6-0f5885fed312", "value": "1a3a36f612784bc8737ec95a8c9acb2cca4639fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "43efa99b-184d-419a-a184-693e5516cbf3", "value": "f74ea44f76af2e9c80dc50ef39c99b802f1accb0d94258d5595e6805999137bf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055490", "uuid": "821c8d27-03d7-4cd9-a184-166decec2856", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "b55d9a61-a553-4182-9fe2-56cc4f05554c", "value": "2019-11-17T08:55:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "6824d647-beb6-4ec5-b4ce-467163dfc22b", "value": "https://www.virustotal.com/file/f74ea44f76af2e9c80dc50ef39c99b802f1accb0d94258d5595e6805999137bf/analysis/1573980938/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "2e8dca6c-6d96-43eb-bbad-66647d63a4ef", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055496", "uuid": "d349a739-f27d-4dcf-bae7-d67012620f33", "ObjectReference": [ { "comment": "", "object_uuid": "d349a739-f27d-4dcf-bae7-d67012620f33", "referenced_uuid": "c1d50dcb-b695-48fe-a49a-7cff10f11589", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-abb8-4806-a981-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "758d7b49-d3f2-46ea-bd08-5dd444b13aac", "value": "89bb9987d40b77d6bd435295eb83f1d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "062b461a-3266-40d9-9d72-323377935c94", "value": "c956dcc5bbf3583f1bd4cba5525ef35f8dffc489" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5d1d02dc-0c49-4ca5-8b34-53079148ecc3", "value": "1658cf5e21efd05d7111da50b954a0bfa0818e983e12935eb78d0b1df251edb4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055497", "uuid": "c1d50dcb-b695-48fe-a49a-7cff10f11589", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "a815081a-6572-49a6-a858-ce1c4ccd530b", "value": "2019-11-11T10:00:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "b8152023-1b0c-4941-9e9a-e24e18788a93", "value": "https://www.virustotal.com/file/1658cf5e21efd05d7111da50b954a0bfa0818e983e12935eb78d0b1df251edb4/analysis/1573466447/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "6837b826-3378-4d71-9bc8-edfdbbe653d0", "value": "49/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055497", "uuid": "caee4aba-0102-48b5-ad8a-1287cb213030", "ObjectReference": [ { "comment": "", "object_uuid": "caee4aba-0102-48b5-ad8a-1287cb213030", "referenced_uuid": "abcc5d71-abb4-4dee-b1e8-ca6001c3758b", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-f448-4d00-b750-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "c4bff32d-603f-4e43-bab0-640f9915a21b", "value": "63e3ca5bf87789f5c4a6397ca9e4f6b7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "c15fb0c6-7020-4299-aef1-6645544a49c5", "value": "16ccb7d2cb039f44d156b603e554b896b1230358" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "f7943ede-58ac-4b43-b8ee-e1a865be8bfc", "value": "ff1a7c25bf00f8e001176b6b0301cc8ba7e87d06b4f01bef90235e7069a1b30d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055497", "uuid": "abcc5d71-abb4-4dee-b1e8-ca6001c3758b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "b9eef82d-2146-4556-982f-016bccda4e6f", "value": "2019-11-28T01:21:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "b1eaa5d2-59b7-4a15-90e7-a9f82078c002", "value": "https://www.virustotal.com/file/ff1a7c25bf00f8e001176b6b0301cc8ba7e87d06b4f01bef90235e7069a1b30d/analysis/1574904077/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "59a6f4e8-1d6b-4714-811b-3b749ebb65fc", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055497", "uuid": "9117ae19-7708-4000-9533-a0c6d3138ea1", "ObjectReference": [ { "comment": "", "object_uuid": "9117ae19-7708-4000-9533-a0c6d3138ea1", "referenced_uuid": "35aa4f54-4b30-4128-8575-214523fc7d11", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-65a4-4138-8a59-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "dc971c00-246b-4680-b0db-af4c809e817e", "value": "d0e7f615d58252df9077e77003866db7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "b00f25a0-4f84-4386-81f9-d9ec2c6d8f80", "value": "20573b057e492b859e360505ea3ddccf4e1f8fb4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "164d3f7d-a884-4062-8149-3cea078c8b21", "value": "f0d329b6cbf7ed9b0e744a499f0fe79f37919ffa9447783efb7ae2db1979490d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055497", "uuid": "35aa4f54-4b30-4128-8575-214523fc7d11", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "3bd0f268-9847-44c9-b2e2-2a9316fb364c", "value": "2019-11-16T08:46:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "8dbbcfd4-2b74-4ebb-85f8-2c820c1d02b9", "value": "https://www.virustotal.com/file/f0d329b6cbf7ed9b0e744a499f0fe79f37919ffa9447783efb7ae2db1979490d/analysis/1573893975/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "e89e542f-9e72-4528-8bd4-116e4d410820", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055498", "uuid": "3134b067-1d49-4a98-87b1-aa6e600338ca", "ObjectReference": [ { "comment": "", "object_uuid": "3134b067-1d49-4a98-87b1-aa6e600338ca", "referenced_uuid": "3620e830-e0ff-40b4-94e7-92e149c6e981", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-2a44-49d7-9ac0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "a15fbe43-3854-4348-ae2b-7f59085b161c", "value": "6bf1e9ebd00a81ca5a4d2bc1aeadca3b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "3397685c-68b6-4a3e-892f-92388f72f152", "value": "ebef0d6fe4c8f39925f96459306ca06a8a59eb35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "c6b882b7-50ba-435b-8f5f-d296a0f889b4", "value": "145afca358d19ee27d94bee9b6c3196311490d402386c00684219a0793336729" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055498", "uuid": "3620e830-e0ff-40b4-94e7-92e149c6e981", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "ea0190a9-0a65-4456-9532-f9b3cad925df", "value": "2019-12-03T21:24:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "4f2c684f-88bb-4eef-93bb-7488fbb99ad0", "value": "https://www.virustotal.com/file/145afca358d19ee27d94bee9b6c3196311490d402386c00684219a0793336729/analysis/1575408269/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "c1e279d0-9bb8-4a0e-94f1-0867ba1b17de", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055498", "uuid": "7d0241be-d6f3-4c08-85ed-ee43dac5847b", "ObjectReference": [ { "comment": "", "object_uuid": "7d0241be-d6f3-4c08-85ed-ee43dac5847b", "referenced_uuid": "444a0e7b-76d5-4530-91c0-0dfc79237131", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-2ae8-4264-abd6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "19f51635-c735-4a87-894e-fc7c4efd2f6b", "value": "757c994d5c7e6659b32fbbb69cb1b445" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "54ee6fa2-3d1b-4302-93cc-fb3396ed1c4b", "value": "3467131d0776f845df256651a92af1d894f6e31c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "8778b8fc-69fc-4a8c-8699-7295c4bdf19c", "value": "39ef98994ddcc60068efe32bcf1b8655feefbcd0c9725124ca0d0ad0ee19cc5a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055498", "uuid": "444a0e7b-76d5-4530-91c0-0dfc79237131", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "5449d73e-eb4f-4b4a-9bb7-00e6e682d2ab", "value": "2019-12-01T05:27:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "bcd4316f-70f4-42ad-8c18-af857bf33487", "value": "https://www.virustotal.com/file/39ef98994ddcc60068efe32bcf1b8655feefbcd0c9725124ca0d0ad0ee19cc5a/analysis/1575178050/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "5d02b922-4279-489c-bcdf-6e0f9c008ffc", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055498", "uuid": "7761bf51-5f5e-4aaa-be9d-bb35c740f714", "ObjectReference": [ { "comment": "", "object_uuid": "7761bf51-5f5e-4aaa-be9d-bb35c740f714", "referenced_uuid": "e6f2bff0-8edc-40b2-97e0-1ee80576493e", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-4510-467d-a765-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "1a43c0f5-0780-4528-bc99-3c6085072726", "value": "7c46e3dedb2c2e7a0eb3b4418f5f25b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "2ec49d5e-ed3d-45c6-8a06-04e873664e73", "value": "094946a6f9fea3358ac19c9a0af2210a56a4ba62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "40e36586-754f-4acd-89c6-e8c159065260", "value": "9914f24595ad8463f4df3a24fb549da701d39cb4d1ee027ca50e794ef24ef58a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055498", "uuid": "e6f2bff0-8edc-40b2-97e0-1ee80576493e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "e4a4593f-46ea-4142-954a-fedb1513f85d", "value": "2019-11-20T11:57:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "cffb4bba-362e-4b7b-babc-4f23ef1f2abe", "value": "https://www.virustotal.com/file/9914f24595ad8463f4df3a24fb549da701d39cb4d1ee027ca50e794ef24ef58a/analysis/1574251030/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "521053f8-f0ca-43b9-b9f3-da7fd4960be6", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055498", "uuid": "4457b0e9-bef0-48ad-aa21-f7ba7c652f75", "ObjectReference": [ { "comment": "", "object_uuid": "4457b0e9-bef0-48ad-aa21-f7ba7c652f75", "referenced_uuid": "a3d4fc30-7761-4e42-bc4f-b8e1acc63987", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-4f34-46f4-a692-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "6ecc91c3-46a8-4ab8-887f-107a9a581293", "value": "2e74e5fec4d2c298c77f9a09a931b1d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "e1664e39-8eab-491f-9220-dce53fe317ff", "value": "299512702906e778791ab10cbd0fc3f2b529f4d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "807e9ac5-941c-438c-ae17-2284338221c9", "value": "8defe8f8adf49bce8b4ca4af8a3b89d717b6499445239ff1a77b00529ca05455" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055499", "uuid": "a3d4fc30-7761-4e42-bc4f-b8e1acc63987", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "bc659c6c-444d-4635-8d6f-3d8d5b5793da", "value": "2019-11-28T22:48:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "3a586906-bc23-4dda-b32b-f876587b204a", "value": "https://www.virustotal.com/file/8defe8f8adf49bce8b4ca4af8a3b89d717b6499445239ff1a77b00529ca05455/analysis/1574981282/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "267fbac3-0da9-4325-bc6c-729bb2c235ff", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055499", "uuid": "1dd87091-752e-42f5-b428-f51736b257ee", "ObjectReference": [ { "comment": "", "object_uuid": "1dd87091-752e-42f5-b428-f51736b257ee", "referenced_uuid": "3b199135-e920-4a9d-981f-54b70738f142", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-6acc-4dfd-9518-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "509549c2-cfbb-43c6-8a8a-c13f8c2614e2", "value": "0f788319be58b57d84259c1d2cec2f64" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "cb2ad978-9b5d-49ee-9090-ce36bcf62aa2", "value": "6ba93e6764be453ebea0d731db2a44da0dbfe5a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "31768931-d700-434d-bde2-930a0e4baa78", "value": "9a984474b1600dbbd1078648f66a9d8a82f3c0b97c5b278762f24e3b6346e210" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055499", "uuid": "3b199135-e920-4a9d-981f-54b70738f142", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "e72bef4e-ff7c-4eee-8c84-44f10e8f80bb", "value": "2019-11-23T22:24:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "8af43059-ab38-420d-b9d1-8660999603c3", "value": "https://www.virustotal.com/file/9a984474b1600dbbd1078648f66a9d8a82f3c0b97c5b278762f24e3b6346e210/analysis/1574547852/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "243b53e7-0e97-4410-a00f-8ba79a372078", "value": "48/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055499", "uuid": "6b6aab10-96a0-49e2-a255-acfded4a9373", "ObjectReference": [ { "comment": "", "object_uuid": "6b6aab10-96a0-49e2-a255-acfded4a9373", "referenced_uuid": "5c3f6466-8b63-42db-a888-83e5094a5c96", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-5614-4774-861c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "7bb26fb7-c308-412a-9ec7-695e62896c16", "value": "43f8c48008d4cd8b64866d4232023570" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "8c24eb6a-f69b-4ca8-9d53-4416e4cba814", "value": "a7e660578823aa258b66962c98ac0d646f0609e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "545d52d5-9504-443b-bb82-64721f562895", "value": "e359a5f605e68745f421fd4cbe5c8c00c7ee33b3f0a99772a89ed0057503a134" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055512", "uuid": "5c3f6466-8b63-42db-a888-83e5094a5c96", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "d53c11a2-2020-4817-ba9c-fd8067054ac7", "value": "2019-11-15T01:03:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "ef4f3fe5-d89f-47ef-96d1-f9095ae8c5ff", "value": "https://www.virustotal.com/file/e359a5f605e68745f421fd4cbe5c8c00c7ee33b3f0a99772a89ed0057503a134/analysis/1573779824/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "e4445b21-277c-4cb5-8a13-880dab63070c", "value": "40/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055512", "uuid": "78b8ffef-e689-4c3b-b1d5-36ffc621736e", "ObjectReference": [ { "comment": "", "object_uuid": "78b8ffef-e689-4c3b-b1d5-36ffc621736e", "referenced_uuid": "5953cb1f-a9a3-48f6-b7cb-b3c7b2085357", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-1efc-4ece-8501-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "bb9dafe1-e5ac-4dd0-afac-5f9eb604643d", "value": "43dac150b064a899b89dac150b53ab53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "8dc82afa-8d02-403e-8115-005506a07d6b", "value": "2dc87d54ce2d14fff28040aa46262e6e8fb9303d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "1183a8c9-5282-4a9b-bf4c-1e39c9445e7e", "value": "09941d4f793f4ec9f214aa2e27be77d43e775adfd8288646f58157744cde5c5f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055512", "uuid": "5953cb1f-a9a3-48f6-b7cb-b3c7b2085357", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "f0866ca9-84b5-4a62-adfd-5ab90ff806cd", "value": "2019-11-17T02:23:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "4e09dccb-fa2c-4480-b1b9-c5eac5dedbee", "value": "https://www.virustotal.com/file/09941d4f793f4ec9f214aa2e27be77d43e775adfd8288646f58157744cde5c5f/analysis/1573957391/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "0e6611d7-5214-4fc5-b6cb-7ec2b0917916", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055512", "uuid": "4ab5c507-07a3-4754-ac60-f56a90a07a59", "ObjectReference": [ { "comment": "", "object_uuid": "4ab5c507-07a3-4754-ac60-f56a90a07a59", "referenced_uuid": "10ce3811-2d64-48d3-866e-21b2f38196fd", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-58a8-472e-a933-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "579a30b9-b717-4141-b410-8730d4003c3a", "value": "960e3a61d686e1373d13f7b0b11ae047" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "b0ba31e1-70e4-47f6-8c4a-547b4dbf2d7f", "value": "3e130a5a4c1800156a7a2ab3bbebbc7c678077b7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "f9c4d3a0-abe1-4ea1-93f7-47f032ee85eb", "value": "9191189f3c8d3ef2f451ed086ce3520b25aab1b81c5d5c965c11fc81876c9ca0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055512", "uuid": "10ce3811-2d64-48d3-866e-21b2f38196fd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "5db01dca-2803-4fea-ab32-72650e20cc14", "value": "2019-12-05T11:55:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "5c7073bb-0a80-4a26-8b10-b2330d06df10", "value": "https://www.virustotal.com/file/9191189f3c8d3ef2f451ed086ce3520b25aab1b81c5d5c965c11fc81876c9ca0/analysis/1575546900/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "e9d27537-56e3-434f-8aa1-fe7248d7ae2c", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055512", "uuid": "565e58b9-37d3-42f9-981f-94b5a196ff67", "ObjectReference": [ { "comment": "", "object_uuid": "565e58b9-37d3-42f9-981f-94b5a196ff67", "referenced_uuid": "ce46afa0-ea40-43bc-ac74-fe77697eb8b7", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-0b6c-4710-ae15-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "7d5a2f49-1482-42e5-bf6e-4f2320e22ac3", "value": "e8135f5c60d591fdccda2a2de14ab289" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "78257a96-73a0-4f15-9eee-41ba10cd65c8", "value": "067e5301d80537865580c8d7322e05efb00b3624" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "21ee9ec9-4d73-40c3-af51-03261ab2c296", "value": "0b0f8310ce0800bf70fcb4b4d365066ca4080d2028a16db72b13e0682bf8f754" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055524", "uuid": "ce46afa0-ea40-43bc-ac74-fe77697eb8b7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "1cb983bc-aad6-4114-85e7-30a7219a3566", "value": "2019-12-09T03:45:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "9b475cef-1d88-480f-bd80-561acecf5cd8", "value": "https://www.virustotal.com/file/0b0f8310ce0800bf70fcb4b4d365066ca4080d2028a16db72b13e0682bf8f754/analysis/1575863127/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "4d05879b-a3cf-4c08-99fa-96a03c79647a", "value": "41/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055525", "uuid": "53fbeb11-1c73-4a07-8ce3-4d100c4d9e06", "ObjectReference": [ { "comment": "", "object_uuid": "53fbeb11-1c73-4a07-8ce3-4d100c4d9e06", "referenced_uuid": "b3a0d1e1-4d1f-4f6e-b160-f5ef4c73d24c", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-caf4-40dd-b014-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "711da42e-a3bf-457c-8fd1-0b6454446090", "value": "98a889efa62ea334fd1c671b51bd8613" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "142c9682-7300-40c8-9fc8-194191eb6e05", "value": "d3db4f0014d07495a3b783acec24e28529a9a676" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "f920988f-788e-4f6e-b3c2-32397e0abfe9", "value": "a81e7d7911fca8d0b8a9f74edf81555483bcc111029c53383a72fb3c1a7cdb4b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055525", "uuid": "b3a0d1e1-4d1f-4f6e-b160-f5ef4c73d24c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "536af734-1b28-4f76-a7ae-f3f76c195025", "value": "2019-11-16T09:27:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "004b1d01-8c9d-4a97-8fc9-f52d23ebb193", "value": "https://www.virustotal.com/file/a81e7d7911fca8d0b8a9f74edf81555483bcc111029c53383a72fb3c1a7cdb4b/analysis/1573896479/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "8acea753-1baa-4b41-90f4-15293e92c00f", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055525", "uuid": "892f24c1-e6e8-4898-b3d8-dd58f03d9aee", "ObjectReference": [ { "comment": "", "object_uuid": "892f24c1-e6e8-4898-b3d8-dd58f03d9aee", "referenced_uuid": "50404a55-6518-4320-b02f-277a8f95d517", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-4b54-48ee-80f7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "d614058f-b01b-4685-b11f-e04b33048452", "value": "f70ee3803e681fad562baa8190d104d2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "1cb2e0a8-1076-47a8-a213-4d15913aac51", "value": "48496e7bd96f5bdb29852e2bb99eb3b86a02fae5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "94a43853-26d0-4d4c-bdca-143378e8ab9c", "value": "4a38aea6d52d72b4969f43d948ddf29a2d3576db9b3e288aeafaee4532a3293c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055525", "uuid": "50404a55-6518-4320-b02f-277a8f95d517", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "1b911040-bdd5-4749-a340-1e86dc336a5a", "value": "2019-11-19T01:54:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "dbfa7a73-ae00-46a4-922a-1efdc531d7d9", "value": "https://www.virustotal.com/file/4a38aea6d52d72b4969f43d948ddf29a2d3576db9b3e288aeafaee4532a3293c/analysis/1574128495/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "be3ee85d-4991-44a3-bca3-4a5c9ec45d85", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055526", "uuid": "d7f7a218-00fa-47cb-9d48-8f41aed63824", "ObjectReference": [ { "comment": "", "object_uuid": "d7f7a218-00fa-47cb-9d48-8f41aed63824", "referenced_uuid": "29b2b7cb-981f-44b6-a0f1-b0ac00824eaf", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-63cc-4c79-9cd5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "c17eac5d-4c85-44ae-a869-3a1f7e4f7692", "value": "2e209097c6412daeb385050ba5de84c6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "cd179bd8-6046-4ab2-a028-1b1835c65854", "value": "b06e4201cf61c995e361b8e69754902208fc494c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "195f015d-aa5d-4950-9598-364008f0eee6", "value": "4b6c68077d8cd37814b678f2a04d997fe3339008e9750b8cab619360a2ab1b96" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055526", "uuid": "29b2b7cb-981f-44b6-a0f1-b0ac00824eaf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "655f6e91-056f-4dcd-ba0e-dc43a1034f90", "value": "2019-11-28T10:26:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "eecb26b8-a2a3-4f90-8ed6-6cb3082e7624", "value": "https://www.virustotal.com/file/4b6c68077d8cd37814b678f2a04d997fe3339008e9750b8cab619360a2ab1b96/analysis/1574936813/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "267de944-1a4d-4ab7-bbfb-b87ac6e49ef4", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055526", "uuid": "d2d6b87e-b30a-4bed-a8fa-690cd8dd7b34", "ObjectReference": [ { "comment": "", "object_uuid": "d2d6b87e-b30a-4bed-a8fa-690cd8dd7b34", "referenced_uuid": "ec2ed37a-6456-43db-b5e5-4a0e947d4e91", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-ac50-4ad4-850f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "165c0cb3-ecc2-40bb-97b9-e32f309f8237", "value": "262877056b1fe5f36bc81f7ae24bde8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "1330d6ad-6557-480b-a374-64751eade0fb", "value": "ac3433ac38c2e974a926ccfe6f024fb313021fe5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "6d93b9b5-7bdd-4baa-8db0-1e52b42b79d6", "value": "636e19b738793a5338e5b90085d1ace86b9d790508de18c69b3567e1bd8ed5c7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055526", "uuid": "ec2ed37a-6456-43db-b5e5-4a0e947d4e91", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "ee21845e-a0ed-4cf0-b923-4b4f51cbad67", "value": "2019-11-16T02:57:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "c6428bce-d3c9-472e-897a-440bfe095e8b", "value": "https://www.virustotal.com/file/636e19b738793a5338e5b90085d1ace86b9d790508de18c69b3567e1bd8ed5c7/analysis/1573873049/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "bfc00b8b-4465-4f67-a9b4-5b83e44f7967", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055526", "uuid": "540eccfd-055a-4638-8fe1-996e4bd798bc", "ObjectReference": [ { "comment": "", "object_uuid": "540eccfd-055a-4638-8fe1-996e4bd798bc", "referenced_uuid": "5ed81b52-cb94-4d23-90ff-924997e5ee31", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-bd5c-4093-b96f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "a2cfa816-8234-45cc-8f50-adce78f707d3", "value": "848fb4fa4fcdf681b353d591050b754b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "b08d8a00-f077-4105-a287-c92c1883a5a6", "value": "e6e65b36535f6c387571c3c53be6978c0d83fc74" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "28f3cd57-8d08-40db-8ba1-646b35b2a8ed", "value": "dbf1565a95a2485ff3448bc994277768df704e8c37c553e64d5b59b82074cbee" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055526", "uuid": "5ed81b52-cb94-4d23-90ff-924997e5ee31", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "c5db7e10-b14d-4489-8b30-e17492fb9ff9", "value": "2019-12-04T05:58:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "99d8e8f1-e3d4-4adc-bfab-ce8809a15e5f", "value": "https://www.virustotal.com/file/dbf1565a95a2485ff3448bc994277768df704e8c37c553e64d5b59b82074cbee/analysis/1575439083/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "179105b4-9323-482a-8c31-58893876acab", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055526", "uuid": "fd9c1730-3934-4d96-9e4e-66d416fc1dee", "ObjectReference": [ { "comment": "", "object_uuid": "fd9c1730-3934-4d96-9e4e-66d416fc1dee", "referenced_uuid": "20b3340c-2536-43ea-9a11-0d04b9cf9f60", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-ab60-48b8-98b7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "0e03e4b1-f181-4aa0-b8aa-70bdf3b1a2e2", "value": "2505b64477e4d763c393105d8b3c0a12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "76795e65-cff0-4604-bf7f-0ab24181e6ae", "value": "45e8cf4a26f3f48cf4ef80cfbdb5c1f527c19b64" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "2a43165a-d7a2-4c7c-ab19-c46eb63dcff0", "value": "392bd63c5da49944fed61c27f75c421e5be112584b3bf3e44dd11e30a1447eab" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055526", "uuid": "20b3340c-2536-43ea-9a11-0d04b9cf9f60", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "a6f7792b-91d8-4948-8472-796b28178be3", "value": "2019-11-06T15:46:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "9a2371c4-2853-4e77-a64e-2e37ee7d2e52", "value": "https://www.virustotal.com/file/392bd63c5da49944fed61c27f75c421e5be112584b3bf3e44dd11e30a1447eab/analysis/1573055184/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "aac7503b-01c0-456b-aa9b-85e18b786a42", "value": "11/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055528", "uuid": "d6c1c49e-8a88-41e4-a935-b22abfac6779", "ObjectReference": [ { "comment": "", "object_uuid": "d6c1c49e-8a88-41e4-a935-b22abfac6779", "referenced_uuid": "6645ca7a-2953-4aea-99b7-979afff6c520", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-1194-4a2d-9ef8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "5cdf7fc3-0fb6-4494-9adb-10fe0807ef6b", "value": "817264db5a19e09f43a141859d33cfd4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "fc18049e-0cf8-4752-8e39-4a373ad21011", "value": "d8f0323e9c6065bda2307adce1a987141b903bac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "753e7174-14a7-41be-ae55-ca3830d904e3", "value": "f5e32a9aeac0da48daba5170e73b0993ced02dfce759c04580559c63b80104be" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055528", "uuid": "6645ca7a-2953-4aea-99b7-979afff6c520", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "92350661-3d02-48dc-82b7-0c8019a6c8e9", "value": "2019-11-16T09:42:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "2c85cfa8-9235-45ed-aa2d-051d8530ebfd", "value": "https://www.virustotal.com/file/f5e32a9aeac0da48daba5170e73b0993ced02dfce759c04580559c63b80104be/analysis/1573897350/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "f8da0402-8898-4549-8c9d-3a0ebbc1259f", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055528", "uuid": "7595266e-68ad-42d8-aea3-030fff8c2372", "ObjectReference": [ { "comment": "", "object_uuid": "7595266e-68ad-42d8-aea3-030fff8c2372", "referenced_uuid": "b6a9653a-1c3e-42a0-b663-200c20c29f72", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-1d8c-493a-b652-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "6abfa6ff-c18d-4741-8ac2-be671ebfcd0c", "value": "a20a2f6d341ec53b6ea057950dba62fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "2657168b-a16f-4c21-9baa-281d242a424e", "value": "6742c58542a9649dcdbaac93df1efe862b12a6e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "86bb152d-6288-4d7d-ba2a-09f342ed0b6b", "value": "cb61c4f9d662a99ad9a28e9e269d86eaacb35359fc8aabb870690c4551900782" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055528", "uuid": "b6a9653a-1c3e-42a0-b663-200c20c29f72", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "bb448b62-d97b-4d06-84c1-471d2b331c5f", "value": "2019-11-15T14:16:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "d6c4ad4a-abb8-46c3-af27-e06ae8c30f0a", "value": "https://www.virustotal.com/file/cb61c4f9d662a99ad9a28e9e269d86eaacb35359fc8aabb870690c4551900782/analysis/1573827414/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "40773f9f-e3dd-45bb-af85-7583fd90158f", "value": "45/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055528", "uuid": "3be262ed-cbff-4863-9845-bbe8780e4060", "ObjectReference": [ { "comment": "", "object_uuid": "3be262ed-cbff-4863-9845-bbe8780e4060", "referenced_uuid": "55b81650-a1d1-4e38-ac8c-0cc8a57ba371", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-c0b0-40cf-86ea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "873db48f-81d1-4d37-bf22-1cb97864629c", "value": "cc74b499d47e9b61f3b23f43973ecca2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "66617d37-3556-4f88-9d7e-83474c675db4", "value": "42c4766d4291df2ae2dda72996916bfe9f167d2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "e22f6e2b-a1fd-4dd2-985c-71ad1c24c729", "value": "3456947910ec14542ef059d0a3da5cbc9d0a173b894e72a210c93d8570d2faf8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055528", "uuid": "55b81650-a1d1-4e38-ac8c-0cc8a57ba371", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "cb678ba0-1c36-4e3b-9186-3ac18258b468", "value": "2019-11-18T07:37:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "3457aec6-067c-4412-a250-b6036d3afdde", "value": "https://www.virustotal.com/file/3456947910ec14542ef059d0a3da5cbc9d0a173b894e72a210c93d8570d2faf8/analysis/1574062653/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "8d88d5c0-f05c-469a-87c0-e3a8a45f467b", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055529", "uuid": "7c3fbea3-3b94-4b4b-9658-58c0bda50729", "ObjectReference": [ { "comment": "", "object_uuid": "7c3fbea3-3b94-4b4b-9658-58c0bda50729", "referenced_uuid": "daa9b3e2-e2ca-47a8-9e9f-deceb9f644fd", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-d98c-429f-8062-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "07d6bb9f-0bc6-42f7-aa31-22eaf2bf6dea", "value": "2bf8d02ae39f4f9a3600a65d1a8bb733" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "5b865f7b-0adb-4b38-bdae-f118f379d5a8", "value": "aef806bf21849f554a095598e05a9acbd335cd84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "d2a41128-0fbd-47cc-8e3f-2fa8872df278", "value": "1a5292b1f274e2bc303cb8010b7dccead0c43b25a0abfcf61aed7221b72b98e8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055529", "uuid": "daa9b3e2-e2ca-47a8-9e9f-deceb9f644fd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "6c094af8-5c9b-4e52-a7e1-b92379fa57b8", "value": "2019-11-27T04:14:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "bf8bb1e6-0403-4ee0-b9c5-e05b876d1cdf", "value": "https://www.virustotal.com/file/1a5292b1f274e2bc303cb8010b7dccead0c43b25a0abfcf61aed7221b72b98e8/analysis/1574828079/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "b898652d-0296-4d87-b161-78ab055b1d05", "value": "55/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055529", "uuid": "6fdb0082-f213-435f-b8f0-07c9505e93c1", "ObjectReference": [ { "comment": "", "object_uuid": "6fdb0082-f213-435f-b8f0-07c9505e93c1", "referenced_uuid": "e8cd3aba-3100-4a3e-a2b3-2c722681f9f3", "relationship_type": "analysed-with", "timestamp": "1576055875", "uuid": "5df0b443-d2c4-4bac-9237-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "77defcbc-fec7-4caa-9292-af08765c35d3", "value": "4eeba9ee7266abef169be1638f29e673" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "d58c5e0d-a19d-4a9d-8fef-03a450a17bcd", "value": "2d6a84cbbfb1c50b1e1ce33044834afcdedacbd2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "5ce5c7d2-3d76-4af8-af1e-ff5e8f6ee41b", "value": "08089df5cbab72ed79c09600280ffd9b54ec14f14caf87f4d67b21f683d6c2e2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055529", "uuid": "e8cd3aba-3100-4a3e-a2b3-2c722681f9f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "9766c6e2-5371-4e3f-8c26-71a3b386bee4", "value": "2019-11-08T10:03:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "878ef99d-49b5-4cae-85d5-6f21df52df6f", "value": "https://www.virustotal.com/file/08089df5cbab72ed79c09600280ffd9b54ec14f14caf87f4d67b21f683d6c2e2/analysis/1573207393/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "6ae53bf5-11c3-46d5-a1b1-3291767f13bb", "value": "43/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055529", "uuid": "f8975b3d-872f-4935-bb7f-206c5b43f28c", "ObjectReference": [ { "comment": "", "object_uuid": "f8975b3d-872f-4935-bb7f-206c5b43f28c", "referenced_uuid": "7cf62d8c-3de3-4b2d-a7b5-3032ce3438e3", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-d5e8-4975-8f1e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "aa84cf3a-db36-471c-bdbf-adcc608453d3", "value": "ec3b6215b8b5f11715f3fedd3ec50f33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "429c26a1-4493-40c2-a3de-541bfd9d18c2", "value": "64698ca2798ef4cbdb399425eea8b5054468f9c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "322c7885-7223-4f57-998b-559c0c71b01e", "value": "415d65745d95f0a468a6ec7d21e670e58d74f21717db5db645cbd40eee7bc6ab" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055529", "uuid": "7cf62d8c-3de3-4b2d-a7b5-3032ce3438e3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "e1ce6d26-877d-403a-93bc-8112d1a3da42", "value": "2019-11-22T00:57:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "413abe1d-acb4-4bac-af9b-c5e4461a7c4a", "value": "https://www.virustotal.com/file/415d65745d95f0a468a6ec7d21e670e58d74f21717db5db645cbd40eee7bc6ab/analysis/1574384252/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "7002c425-bbc0-4633-ab30-30fffcd96371", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055529", "uuid": "b79fac33-6789-4c6d-8203-86a543916337", "ObjectReference": [ { "comment": "", "object_uuid": "b79fac33-6789-4c6d-8203-86a543916337", "referenced_uuid": "c21a9315-97d1-4168-a9b7-12423024a3b6", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-d0ac-4be2-a43b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "b8f88898-429f-45e5-806f-75e3a9c7d5de", "value": "829cf2831d130acf5cadc55a94cd0aeb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "332a82fe-cc05-442d-8516-875e036a9a41", "value": "2ebc22afbab331712948d329336639b3e77a4e63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "bf029a68-a183-4303-9c52-c50fbc9cf544", "value": "e43830a8d66e07606f3b52c56d1cc6bee3733e1b9e7a435578a052834ea78bcb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055530", "uuid": "c21a9315-97d1-4168-a9b7-12423024a3b6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "7e4a1b4e-a850-45d5-a45a-60a4b014aa9f", "value": "2019-12-02T08:19:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "ffc49555-5b63-434a-8cab-3277c9d1b478", "value": "https://www.virustotal.com/file/e43830a8d66e07606f3b52c56d1cc6bee3733e1b9e7a435578a052834ea78bcb/analysis/1575274788/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "f9b62262-12da-4c08-87ef-2760bf68a9dc", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055530", "uuid": "91905962-1e77-4f65-a1f1-d7245a4325d7", "ObjectReference": [ { "comment": "", "object_uuid": "91905962-1e77-4f65-a1f1-d7245a4325d7", "referenced_uuid": "50e15cf6-cf9c-4922-93d8-e1241e97e39c", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-b068-4a62-aaae-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "2c695df2-e999-45dd-ad83-ab4b4f99d747", "value": "c83ae7fe6e4fc01c8012b92fc8a9805d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "11c3daad-21dd-4a46-931e-dc2466aa1c3d", "value": "7921a6829f74b136eac41db2a33569e65bcc27cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "929682a0-2580-4737-abdb-9f5a2f58394d", "value": "89517d5ef6fc519f230079a2c06b80e0e93362c0cdb4239cb6349a26136c8357" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055530", "uuid": "50e15cf6-cf9c-4922-93d8-e1241e97e39c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "eafcee3e-9a35-4b5e-ab04-ff23e89958ac", "value": "2019-11-24T16:20:07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "7353955e-11f3-4745-8cdb-3cf49521e144", "value": "https://www.virustotal.com/file/89517d5ef6fc519f230079a2c06b80e0e93362c0cdb4239cb6349a26136c8357/analysis/1574612407/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "817c4455-2417-4b62-9a93-892ac1f99966", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055530", "uuid": "182e3f1e-de06-492c-a4b4-81cbdb039aa6", "ObjectReference": [ { "comment": "", "object_uuid": "182e3f1e-de06-492c-a4b4-81cbdb039aa6", "referenced_uuid": "d4e3e0a9-e92c-4ad2-aa0b-690729b25b92", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-385c-42d5-a629-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054863", "to_ids": true, "type": "md5", "uuid": "baaa3073-3909-416f-95f4-b78bad3fd922", "value": "7e07f1aba65ae1b15b6a749000ea4497" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054863", "to_ids": true, "type": "sha1", "uuid": "773972bc-b64c-42ce-8f89-2e301d06bb00", "value": "a3a9ac4f71cbdd5aecb618ff070d3a003522c2f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054863", "to_ids": true, "type": "sha256", "uuid": "c8c24ff9-c52b-4db9-8072-5aacec697e3c", "value": "8c225b6bbb767f950dc729cf038c299bf543090e72e2f9ee9ef082f62a581164" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055530", "uuid": "d4e3e0a9-e92c-4ad2-aa0b-690729b25b92", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054863", "to_ids": false, "type": "datetime", "uuid": "6a6e964f-c18e-45aa-bd71-a70b3dffac72", "value": "2019-11-17T03:34:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054863", "to_ids": false, "type": "link", "uuid": "fe0180d3-9dc4-49bd-a635-f36adf47a7e2", "value": "https://www.virustotal.com/file/8c225b6bbb767f950dc729cf038c299bf543090e72e2f9ee9ef082f62a581164/analysis/1573961663/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054863", "to_ids": false, "type": "text", "uuid": "9db6f06e-2176-468f-98bb-2b70391c5f34", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055530", "uuid": "45f3d5b0-854a-4d2c-bf88-70cd8564f3af", "ObjectReference": [ { "comment": "", "object_uuid": "45f3d5b0-854a-4d2c-bf88-70cd8564f3af", "referenced_uuid": "1753520a-1660-432f-aff7-08385961ba2e", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-054c-441d-8daf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "65d4161e-9a9f-404f-a627-7eed077e5795", "value": "8882caa5fe0eb9d2d83945e6866c5b86" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "0d8efd9c-72c7-4724-8a24-d14283bd893c", "value": "1776cd59f0b56bc2c36975d6167a96428dabf65a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "5985fdd7-09d9-4559-a4d7-c1881d77f328", "value": "057ac9e82be5accb71dcbc4c98c370600b931c3a49c24351659d8e051b7ce686" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055531", "uuid": "1753520a-1660-432f-aff7-08385961ba2e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "2e067080-a103-4321-bb1e-e44b5d224c9a", "value": "2019-11-15T14:00:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "168b4661-6f84-4515-865a-5f70b2b02676", "value": "https://www.virustotal.com/file/057ac9e82be5accb71dcbc4c98c370600b931c3a49c24351659d8e051b7ce686/analysis/1573826417/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "9fde7d63-fbb3-43c6-9910-c4402459d096", "value": "43/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055531", "uuid": "241463c3-0626-4f97-b0db-f683cf972e7c", "ObjectReference": [ { "comment": "", "object_uuid": "241463c3-0626-4f97-b0db-f683cf972e7c", "referenced_uuid": "f81cf644-3724-4f5a-bede-b656e85c6c73", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-11a8-4671-af1d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "5c71618e-da67-4785-86f7-a4290c0774bc", "value": "a59f51bf41d58c9ba71715c7a8c8b932" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "98560e8c-fdab-43fd-959e-512d9a9159c4", "value": "45a62f7ecc3e392d0e3130282ba0d062d22154af" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "07964cac-798c-4ac0-ad16-3ecccd7d0fe2", "value": "e87a102922f2a09acefa82210ad67e10e269f3c14ab4ca9cd475ff66b8b48706" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055531", "uuid": "f81cf644-3724-4f5a-bede-b656e85c6c73", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "ae82e76d-a253-4bb4-b659-3da368206b91", "value": "2019-12-05T09:46:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "05bf1375-40f1-456c-8aca-256cc95ac9b0", "value": "https://www.virustotal.com/file/e87a102922f2a09acefa82210ad67e10e269f3c14ab4ca9cd475ff66b8b48706/analysis/1575539183/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "35743f86-f0a0-4a41-ab90-9afe772bd635", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055531", "uuid": "6c895566-202b-4f6c-b7cf-798509971bff", "ObjectReference": [ { "comment": "", "object_uuid": "6c895566-202b-4f6c-b7cf-798509971bff", "referenced_uuid": "2d8f6027-ce38-45c8-870c-a699fd9e9e3d", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-f560-450b-ac41-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "0206f10c-327d-4e06-8138-e0138b1eacbe", "value": "2e8446b9c955ddea5a642feff32a8b14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "98280e2a-0b4c-4059-b454-b825682e2212", "value": "ef343d7f3143d5c01a4babec5ca950ccc0085b59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "531281ca-9619-4edd-8645-de30628d0056", "value": "b0639a1314161dfe9590eef1830a7a4cc2c8dfb75e59eb5275cc91339365371e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055531", "uuid": "2d8f6027-ce38-45c8-870c-a699fd9e9e3d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "b0f047a5-3e1b-4043-878d-d262b7ae6417", "value": "2019-11-11T17:26:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "e1932647-89df-4e05-bac8-e8e2dfd5a0c6", "value": "https://www.virustotal.com/file/b0639a1314161dfe9590eef1830a7a4cc2c8dfb75e59eb5275cc91339365371e/analysis/1573493182/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "c8daeed3-ade7-4bd3-b0a2-913710262cdd", "value": "39/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055532", "uuid": "7503be52-e147-48ea-98a4-d7be3ace45c6", "ObjectReference": [ { "comment": "", "object_uuid": "7503be52-e147-48ea-98a4-d7be3ace45c6", "referenced_uuid": "eb2a85f6-01e2-4caa-8c9f-988318c26249", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-c80c-4d34-9706-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "5c3d605d-42ef-45df-af42-11271e1bbd97", "value": "7efe300310e13d1e0fbd32ae453fa449" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "49819d82-6978-497d-afed-0c5e6360ef38", "value": "698b52b1875b213b25e9938c911c9a2bc53635cb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "cdaa8d30-f860-4d6f-a7dd-b88af16279fe", "value": "989a3fefb82d37805a91a2f07f07081e819a032b4fd9484fab1f2a01303feba1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055532", "uuid": "eb2a85f6-01e2-4caa-8c9f-988318c26249", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "26824e9e-5c47-40a5-8381-a71b287531de", "value": "2019-11-10T22:39:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "cccf478c-e9ca-4404-8b9e-494e8036ba66", "value": "https://www.virustotal.com/file/989a3fefb82d37805a91a2f07f07081e819a032b4fd9484fab1f2a01303feba1/analysis/1573425577/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "ba31286e-e85e-4302-8d92-d74cd6fd417f", "value": "30/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055533", "uuid": "a462fd7a-1c1d-44a5-a57f-c42386b0ff1e", "ObjectReference": [ { "comment": "", "object_uuid": "a462fd7a-1c1d-44a5-a57f-c42386b0ff1e", "referenced_uuid": "9ab5b90d-5dcd-4745-9789-c4e1ac9000f4", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-cd80-4537-93d0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "372ebd2b-6207-4547-ba72-24f807d66b50", "value": "c0e0454bdc11b57efab77eae9cd42099" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "43ee418a-bbf6-42a7-8996-5637cd4d6ed4", "value": "725f9a35655bb37208a8f99db752185bda573b8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "999aed33-9656-441f-9a3f-86d15f475ec9", "value": "71d895e3bae4d180e9ea94e8ce1bc6052a25fca48b086d78c1c14e2186ecf09f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055533", "uuid": "9ab5b90d-5dcd-4745-9789-c4e1ac9000f4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "4c25dcae-9d09-46bd-a527-01958a3076fa", "value": "2019-11-26T12:20:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "426ca852-2a78-483a-98ee-84c002ed12be", "value": "https://www.virustotal.com/file/71d895e3bae4d180e9ea94e8ce1bc6052a25fca48b086d78c1c14e2186ecf09f/analysis/1574770855/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "cb24e7be-25bd-467d-91b9-8bcab27188f5", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055533", "uuid": "e73a6fe3-456f-401b-84c6-6e6dcaacdfc6", "ObjectReference": [ { "comment": "", "object_uuid": "e73a6fe3-456f-401b-84c6-6e6dcaacdfc6", "referenced_uuid": "2165f1bf-99b0-4e68-9d2d-1ade377d8956", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-d7a4-479b-8cce-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "efccadcc-4469-48b5-b73c-9db4c32f57f5", "value": "aecbbafa4553b4d32072969edb568819" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "579b06ae-64d5-438e-b76e-db7d177bebc9", "value": "12ee894dbcb35650c7125c104a7beac87c0320d0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "af1df29d-3086-417b-b6a6-0bf89dcf7a54", "value": "4e4fb92c6c122035e705e4f30aa14be766c7671a8043fe02e48bc7dd2d79f860" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055533", "uuid": "2165f1bf-99b0-4e68-9d2d-1ade377d8956", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "d9d97c12-b90e-471b-acef-2ae04ee5db7b", "value": "2019-11-20T11:57:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "50509182-a84f-4897-bb40-bd999153827f", "value": "https://www.virustotal.com/file/4e4fb92c6c122035e705e4f30aa14be766c7671a8043fe02e48bc7dd2d79f860/analysis/1574251022/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "6b181267-22d6-42d4-aa77-60bd1976c6b9", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055533", "uuid": "dce883cd-5087-4904-a7b9-023d423dd1d1", "ObjectReference": [ { "comment": "", "object_uuid": "dce883cd-5087-4904-a7b9-023d423dd1d1", "referenced_uuid": "737ec17e-d4f6-42d8-b4e3-390c2de98945", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-ebe4-43ba-b514-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "f0b7c5d7-f2a6-40d4-acaf-3551923c5f80", "value": "adb3db7a086544ac9418c506315ab6ed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "a080a3e0-8e06-412c-a62c-91dd1d7ab7af", "value": "940969276ec5846fb917d9965c5732687881ca20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "7c16ac86-3675-43fc-93b1-e2f48a11d2f2", "value": "0eb5a08a148269bfe5967ebc6175c248fc4ea4fa2f9f29127bfa4420cf7163e1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055533", "uuid": "737ec17e-d4f6-42d8-b4e3-390c2de98945", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "dd0a52c5-ab6a-41b8-a898-2049c0a9668b", "value": "2019-11-11T22:41:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "1b9b9112-04e1-4af0-b2e0-2ee9816218b1", "value": "https://www.virustotal.com/file/0eb5a08a148269bfe5967ebc6175c248fc4ea4fa2f9f29127bfa4420cf7163e1/analysis/1573512062/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "2b0953e8-87f7-4ecf-8544-fa2daeef2ad4", "value": "33/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055534", "uuid": "227c4286-3b20-4b4d-9856-ea87c2d3bd80", "ObjectReference": [ { "comment": "", "object_uuid": "227c4286-3b20-4b4d-9856-ea87c2d3bd80", "referenced_uuid": "f365c021-ac24-4d53-aaf0-e221b311837e", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-472c-4c65-bb22-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "4fa1e931-4a42-43d9-9fb4-753f4cf00b15", "value": "63d86702e882dd3aa613fd2a0d93cedc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "a318ce19-9770-4bbf-851d-482ec9e4afd9", "value": "dda46a2185ffb606f7c33f25e4afef0d69d30839" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "c5cee6db-02f9-4f3e-91ff-3a7599a379c6", "value": "19c9a16ba965f9ee777c8364b59cdaa21a82d69b742474023954d4bb43f78710" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055534", "uuid": "f365c021-ac24-4d53-aaf0-e221b311837e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "9eec0b2e-9802-4143-a9ce-096ffe4cd2d1", "value": "2019-11-08T18:05:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "5b7e601b-bd06-456d-9e9e-017af166b516", "value": "https://www.virustotal.com/file/19c9a16ba965f9ee777c8364b59cdaa21a82d69b742474023954d4bb43f78710/analysis/1573236325/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "3c741856-93da-410b-9fe3-0dff2929ebc8", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055534", "uuid": "4615e70b-359d-4f2f-96a4-ea418c5a6854", "ObjectReference": [ { "comment": "", "object_uuid": "4615e70b-359d-4f2f-96a4-ea418c5a6854", "referenced_uuid": "2fee9edd-029f-47fb-8cba-757099976138", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-4530-497c-bc6e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "6cacd79d-889d-4b85-87f6-345343386767", "value": "f7e434962f3091d40dfd479a7d8926c5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "9be23a1a-9016-428c-8ee4-2a272d80a901", "value": "4633873539f8ef74e41b9f380eee56a2f85f0be6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "e12d9fc3-c20c-471c-9a0c-4d50db65c380", "value": "af1e1c07f5cc6ba4314616156252bd8960c39f9106189ed754c6d673290cd399" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055534", "uuid": "2fee9edd-029f-47fb-8cba-757099976138", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "bc485a95-f376-4688-8674-35f8f3eff75e", "value": "2019-11-27T04:44:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "9d1da307-a7b1-44e3-976f-100268c4749e", "value": "https://www.virustotal.com/file/af1e1c07f5cc6ba4314616156252bd8960c39f9106189ed754c6d673290cd399/analysis/1574829898/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "3c0411e5-9b44-47e2-a931-03a8a749a099", "value": "56/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055534", "uuid": "1c3c6593-79bd-4150-b1ba-146da9c4bce8", "ObjectReference": [ { "comment": "", "object_uuid": "1c3c6593-79bd-4150-b1ba-146da9c4bce8", "referenced_uuid": "ddd88357-7732-4691-8a56-ceacf2bee532", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-9b1c-415a-8ae7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "97eb5e20-8ac3-42df-87b3-8d1570332493", "value": "58ea56c1e5e636ffe26099811d0f41cb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "f921ae55-ca72-4eed-bb37-e51e00a1a653", "value": "8d143a6a40d8ea297cbb5a9690765f4ff2182c41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "25f7442a-a5aa-4fad-a07d-436f863da384", "value": "54462075b75adf13fd54d56282dd200847ebaa2e43340f3555e45073fbc126f1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055534", "uuid": "ddd88357-7732-4691-8a56-ceacf2bee532", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "b680cc0e-b76c-4f68-9130-5b3aac18b575", "value": "2019-11-15T14:21:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "10f0f143-374a-48ee-a93e-e07b83d8862b", "value": "https://www.virustotal.com/file/54462075b75adf13fd54d56282dd200847ebaa2e43340f3555e45073fbc126f1/analysis/1573827716/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "144897d5-62d8-42d3-ab75-a9580715b44c", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055534", "uuid": "c9785371-03f8-4af6-9373-5909e49e5adb", "ObjectReference": [ { "comment": "", "object_uuid": "c9785371-03f8-4af6-9373-5909e49e5adb", "referenced_uuid": "1295c57e-bbc7-468b-bb20-8211f7c4072a", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-2e80-46e7-92d6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "13c52698-87ad-4941-8e47-92588cb8079d", "value": "f12519c2722ef22dc151642c62dd22ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "46749654-90c2-4a2e-8c4d-7220bebcd1b8", "value": "00763fded73e4c9770f37756370c9029d064e2ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "84739622-c101-43cd-9bfa-404ba3827bb7", "value": "7618269db455d174aa8854869da9a02cb85f53aafa61263e8192e0abb66e36c4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055535", "uuid": "1295c57e-bbc7-468b-bb20-8211f7c4072a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "8fad29e8-7280-4b01-a5a8-5e058428540e", "value": "2019-11-07T18:02:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "928d96a7-0ce2-40b7-9f69-b4af51ea3d6a", "value": "https://www.virustotal.com/file/7618269db455d174aa8854869da9a02cb85f53aafa61263e8192e0abb66e36c4/analysis/1573149774/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "58bcf530-1cb8-489c-8117-dbe4cfcc1900", "value": "18/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055535", "uuid": "c763fb0a-4e8c-4f68-b194-4d1b8f482e8e", "ObjectReference": [ { "comment": "", "object_uuid": "c763fb0a-4e8c-4f68-b194-4d1b8f482e8e", "referenced_uuid": "8a81d792-e18b-4e84-9be9-962c67005bd4", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-571c-496c-9882-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "07789527-52b3-4b6c-a2b1-6c25c02397b5", "value": "d35f7b0d5384f1a4aedd4aaeacf93412" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "62d9bbc5-6cf7-4976-bdcc-542343b736ae", "value": "d0f60f3dc8504307baef78620cdf266e0658054a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "5ca72877-6a44-414e-83e0-0f2669f4f11c", "value": "626c969f98464156d2964bc7d73d53aa83d68b0d3ee06224eae4b2a0a310d7b2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055535", "uuid": "8a81d792-e18b-4e84-9be9-962c67005bd4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "55f3bf3d-33fc-469f-a3f5-893aff8ed65b", "value": "2019-11-12T06:37:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "bbbaa130-c258-4dcb-8819-d6b6fa7d4636", "value": "https://www.virustotal.com/file/626c969f98464156d2964bc7d73d53aa83d68b0d3ee06224eae4b2a0a310d7b2/analysis/1573540637/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "628afebe-7417-4f78-bd2b-57623df24d78", "value": "36/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055535", "uuid": "f3e51af5-e6e1-46d9-a62e-2f8e8b6fbe09", "ObjectReference": [ { "comment": "", "object_uuid": "f3e51af5-e6e1-46d9-a62e-2f8e8b6fbe09", "referenced_uuid": "61c82fe5-d83e-431a-b959-73ef76e2b052", "relationship_type": "analysed-with", "timestamp": "1576055876", "uuid": "5df0b444-4458-4afe-9125-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "b11e5568-6814-46ad-85c0-7e3a5f4c26a6", "value": "2d90551179bf9d2da25dc53d09e94172" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "ff3a5fb8-7532-469c-ba98-79d8870e9f8a", "value": "77acff38dd5fd06dcebfa039eea8b78331a6e1f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "21f495b1-ea0a-4d51-8247-6af36548760e", "value": "388abec861fc7230337a22b32f349639560154d68c82e195509d30a1e8a7479c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055535", "uuid": "61c82fe5-d83e-431a-b959-73ef76e2b052", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "07bf31f8-38f2-4cb2-8d15-98c5115f3e47", "value": "2019-11-23T21:46:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "9e6b44f1-5170-4bd0-ae02-f77aca4c8617", "value": "https://www.virustotal.com/file/388abec861fc7230337a22b32f349639560154d68c82e195509d30a1e8a7479c/analysis/1574545591/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "90ca319a-1110-4961-889a-a9449c64c457", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055535", "uuid": "91864f2e-a0af-4d1c-8196-7a5a3e13f097", "ObjectReference": [ { "comment": "", "object_uuid": "91864f2e-a0af-4d1c-8196-7a5a3e13f097", "referenced_uuid": "1b3fea86-801e-4f54-abd1-4adc96fdc7c1", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-722c-4e12-a7ac-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "23b69933-f26e-4cda-807a-fb9e523dcad8", "value": "b46231965bd6d4a7bc68bd6a328a35e5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "1a2c5762-4fe9-45d7-b7d8-dacfc96d131c", "value": "cf5ac34afaa41b8c6129508f3594a18e97786305" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "a90e7056-d362-4881-81ee-7a5d9de45449", "value": "6013c5cdd7fe8b15004ba4646b453faa61fd313ad9a00bf7d82ddbda658058d6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055536", "uuid": "1b3fea86-801e-4f54-abd1-4adc96fdc7c1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "ab934886-fc47-4bc6-9926-c0b39d625d7f", "value": "2019-11-06T15:48:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "78d0dd74-9c64-456d-aeed-ded0292dd832", "value": "https://www.virustotal.com/file/6013c5cdd7fe8b15004ba4646b453faa61fd313ad9a00bf7d82ddbda658058d6/analysis/1573055316/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "ca88b7a3-e5ce-4c7b-a38c-50d255d3f3c4", "value": "10/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055536", "uuid": "f0fb588b-6cf2-4e37-b528-94ae24244747", "ObjectReference": [ { "comment": "", "object_uuid": "f0fb588b-6cf2-4e37-b528-94ae24244747", "referenced_uuid": "e30f84c4-cf2f-43e7-a1c7-f4fd20ecb6a7", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-4368-410f-9eb1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "27dec6ff-8421-405a-bb3d-7df9bc093373", "value": "6f4e12b65ab36d5f4b7792c3d83175c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "eeb783d9-3217-4db6-9851-aae74bba6d06", "value": "2d5ad8832a36d1338a389fe9b115e6da85bb096e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "0bca871b-a548-4e44-b512-443db54d9459", "value": "537497e066b92b1852ccc874f865e6cc09d0d6032cefcf44d6069d22c9610015" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055536", "uuid": "e30f84c4-cf2f-43e7-a1c7-f4fd20ecb6a7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "3044e86e-8207-4629-bcbb-b70268c7201f", "value": "2019-11-11T04:50:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "fc66de92-63dc-45a1-9e7c-b5a2fa9a479e", "value": "https://www.virustotal.com/file/537497e066b92b1852ccc874f865e6cc09d0d6032cefcf44d6069d22c9610015/analysis/1573447819/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "d7681a95-02fc-49d5-a506-d70fc34398bc", "value": "33/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055536", "uuid": "0397a39e-c3a1-4b20-9b06-8da452770996", "ObjectReference": [ { "comment": "", "object_uuid": "0397a39e-c3a1-4b20-9b06-8da452770996", "referenced_uuid": "b242c8fd-73a4-4479-85c5-6cc76cdc4e15", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-89f8-4bfc-8407-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "d397edf6-637a-40f1-8023-79af4a53309d", "value": "2613bf9ca5caa6cf56aeb4511a8cfb18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "d601d876-5b97-4ca0-9d0d-e6670d519993", "value": "31856f9fecf44db0f602f7858e6f71dcc02409ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "b87fd745-8184-4889-ac22-2b991c5829fc", "value": "a520390ad47a1e45c99aa8022584c650d67c7b094e144142cc87a6f3d3faf2e6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055536", "uuid": "b242c8fd-73a4-4479-85c5-6cc76cdc4e15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "4c47b730-154e-4156-88ab-89c947ea1318", "value": "2019-11-15T17:11:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "f58558f8-55b9-49ac-9c43-5c9d5987d81e", "value": "https://www.virustotal.com/file/a520390ad47a1e45c99aa8022584c650d67c7b094e144142cc87a6f3d3faf2e6/analysis/1573837870/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "70057047-3e85-4fb4-a908-22f87670a822", "value": "45/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055536", "uuid": "6fce01ae-2da9-4ca5-b217-3e6d8f09007b", "ObjectReference": [ { "comment": "", "object_uuid": "6fce01ae-2da9-4ca5-b217-3e6d8f09007b", "referenced_uuid": "b13126c2-6c1f-4311-ab60-d411f81690f2", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-e668-4933-a02c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "59a7bbcc-0aee-4321-8150-380211f70e0b", "value": "d77eaa74ce148b9e96b25429860aaee3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "17ca21db-0c63-4208-b92d-fff5ba9c7080", "value": "1dae573985d4992ab727e7d1c55d78ef67ab6281" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "008ea53e-55bd-45fc-b54b-4bc637730546", "value": "2293a2c7ed2ce7ebe8c161a286dc5e2b4d2b70afadcf972d524f02abad4e59e2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055537", "uuid": "b13126c2-6c1f-4311-ab60-d411f81690f2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "d527fdc2-daa4-4989-9b58-6e42c83401fd", "value": "2019-11-24T16:28:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "db37a4cd-f6c4-4f98-86bc-89413ea0fb51", "value": "https://www.virustotal.com/file/2293a2c7ed2ce7ebe8c161a286dc5e2b4d2b70afadcf972d524f02abad4e59e2/analysis/1574612937/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "b7315551-0eda-4c5d-b9fd-929845a0af76", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055539", "uuid": "8cab29e2-5471-4e6f-8cba-03c645f0ad5a", "ObjectReference": [ { "comment": "", "object_uuid": "8cab29e2-5471-4e6f-8cba-03c645f0ad5a", "referenced_uuid": "41d9ccab-aa02-48aa-ab67-c8896f3361f9", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-c2b8-489c-9de1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "624f4c95-bdf8-4eaf-bf1a-28c3ec68e7a9", "value": "2eb8d7d40142610cd7847a699a6dc02b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "061f1853-cb37-4fc6-bd62-8e13f5fc7e19", "value": "db32b29580d0b2217bea26ad39b26c48557af7d4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7430e493-70ab-49da-9bd6-46f98c5b8158", "value": "2443279e31ab6247ce24de7144d024d6d7ffd792541a813972e9db803716f533" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055539", "uuid": "41d9ccab-aa02-48aa-ab67-c8896f3361f9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "b9ccbe0f-b73b-4b77-915d-6838d203612d", "value": "2019-11-28T10:26:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "7edfd00e-7d5c-4846-8858-7788c484b627", "value": "https://www.virustotal.com/file/2443279e31ab6247ce24de7144d024d6d7ffd792541a813972e9db803716f533/analysis/1574936815/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "c234e121-4b82-4652-a4b1-332e12c25b6e", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055539", "uuid": "e7018491-83b6-48a1-aa51-93df57b590f3", "ObjectReference": [ { "comment": "", "object_uuid": "e7018491-83b6-48a1-aa51-93df57b590f3", "referenced_uuid": "5cb084df-c303-4674-8237-aa97afecf9a4", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-0560-4dd6-a0b1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "486a6953-a38c-401c-8edf-dc1586c1a618", "value": "f9de51404660c6ed6605fae026cea924" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "8fec3358-144b-4334-ab44-12b945561414", "value": "9cee7bb1ce915a476f70331a7a5c21a65821cc66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "fb2a5d41-5397-4a31-ade2-d7f62a22d042", "value": "5cc8d0a2996968160ea9607cd9d2f3ff49227be3de15b096150e08198658c24a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055539", "uuid": "5cb084df-c303-4674-8237-aa97afecf9a4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "c70a6b7d-d351-49d0-960a-460ee2d5a860", "value": "2019-11-15T18:57:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "d189f38e-c3ba-4d88-9a68-b3246b8a07e7", "value": "https://www.virustotal.com/file/5cc8d0a2996968160ea9607cd9d2f3ff49227be3de15b096150e08198658c24a/analysis/1573844221/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "86746a9a-3aec-44d8-8a9b-75b742badc0f", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055540", "uuid": "68b9968f-45de-443b-8299-dc750d617381", "ObjectReference": [ { "comment": "", "object_uuid": "68b9968f-45de-443b-8299-dc750d617381", "referenced_uuid": "b72f4f4b-d1a3-48f2-a061-670fde18a5f7", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-486c-4708-ae18-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "928813d9-d95a-4fb7-b00c-003a3149f7ef", "value": "40b28f20e7f78bf4147717ca25b650f1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "3575eafc-6d98-4568-9763-e8522dbd3867", "value": "89c8011ca9124b34e000eea145dfc79f64b7c6d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "1a304023-baed-4b81-a5f2-f749dc891aa7", "value": "e8c42093d0f6424ed018d43b6e416a645700dc291ea90ca5ce9bee7090a533b6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055540", "uuid": "b72f4f4b-d1a3-48f2-a061-670fde18a5f7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "aaeb5e94-4ca2-437b-aa4c-1f7f90b3711e", "value": "2019-11-14T13:25:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "24873b60-3a47-4a3d-8735-7ec2f84b30dd", "value": "https://www.virustotal.com/file/e8c42093d0f6424ed018d43b6e416a645700dc291ea90ca5ce9bee7090a533b6/analysis/1573737930/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "c127e40e-f159-408c-a484-c109fb26724c", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055540", "uuid": "9b4cbbf2-4357-4e8f-ae26-33269481bf84", "ObjectReference": [ { "comment": "", "object_uuid": "9b4cbbf2-4357-4e8f-ae26-33269481bf84", "referenced_uuid": "45db8aea-a407-4e78-b0b9-ab2c702c6065", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-7598-4c66-824c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "59409c8f-29cc-4784-b512-bf699bf81df1", "value": "ec6854fc500e39d5a4cd071ce4c811d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "ecfdb379-a123-4d2b-b3a5-bdf137662408", "value": "67b50458bf954434119696b09d3c83046d868f57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "ff38bdb1-f13d-4aa3-ad87-d426584aab45", "value": "d864793695bea272f2c43877db5140cfa18e348e6788f2b5d3fcb189db868fb6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055540", "uuid": "45db8aea-a407-4e78-b0b9-ab2c702c6065", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "6da42fde-0b4e-4021-b0b6-bd97a4d3ad8a", "value": "2019-11-26T12:27:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "5d6bb7be-6ca0-451c-8c2a-2b91538cbd10", "value": "https://www.virustotal.com/file/d864793695bea272f2c43877db5140cfa18e348e6788f2b5d3fcb189db868fb6/analysis/1574771230/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "edcb414e-3598-4264-903f-ae364df563ad", "value": "54/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055540", "uuid": "d6b22457-eed6-4d5e-b732-90f99716391d", "ObjectReference": [ { "comment": "", "object_uuid": "d6b22457-eed6-4d5e-b732-90f99716391d", "referenced_uuid": "968e5b16-fffb-4839-8985-44ec199de187", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-53b8-4605-b22a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "af5b8bda-6098-4921-9691-ad22344e2889", "value": "b12605c95ec09bf0e1926529511a767e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "3d8569db-eab6-4df4-9bed-f8bae9a41327", "value": "91fe53705f823a93cfaa985032ab7ab1ede391a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "92f8fb2e-5595-4513-9377-6fc6137c5246", "value": "08f45213adedd2a8d89b2b5ec74288087cef2c7a90b214f00ddfa0d7329f098c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055541", "uuid": "968e5b16-fffb-4839-8985-44ec199de187", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "adc6a112-a56f-4c60-ba4c-3ad68ffadb3e", "value": "2019-11-10T21:30:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "4f4b4896-e64d-49d4-8025-1ea9567d7eaf", "value": "https://www.virustotal.com/file/08f45213adedd2a8d89b2b5ec74288087cef2c7a90b214f00ddfa0d7329f098c/analysis/1573421442/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "bf30809a-011c-4086-8e39-5daebe7b0956", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055541", "uuid": "6a5e8842-f40b-4d5c-93fa-27aab8c66247", "ObjectReference": [ { "comment": "", "object_uuid": "6a5e8842-f40b-4d5c-93fa-27aab8c66247", "referenced_uuid": "4252292f-16f1-418e-bc6f-4136e41d34c4", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-0ee4-4e71-8833-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "fc89f320-eb4a-4b11-a348-d5edba3e0023", "value": "b403657cfd44ec6e49f5a5fdbb47a194" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "619ddfc3-92fc-437c-999b-2ea3773a132f", "value": "2f953b990ea3b745882279a87f506ab6d8a7e0f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "8f0d5428-7f3a-4b1d-afb0-40be3dd29fe1", "value": "301435e44ce79e819700be21046eaa6bc26fe28f7b94d85419f55c32c18b68ae" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055541", "uuid": "4252292f-16f1-418e-bc6f-4136e41d34c4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "4976d865-6717-48b8-8eda-355d9f67160e", "value": "2019-11-21T10:38:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "acdf80ab-1e75-4da7-8835-f40c0192d0c9", "value": "https://www.virustotal.com/file/301435e44ce79e819700be21046eaa6bc26fe28f7b94d85419f55c32c18b68ae/analysis/1574332725/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "0b0f7b51-432b-4764-b735-ae9b7523f28d", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055541", "uuid": "fe7b840b-0746-4f15-b5e2-c2724a31afb0", "ObjectReference": [ { "comment": "", "object_uuid": "fe7b840b-0746-4f15-b5e2-c2724a31afb0", "referenced_uuid": "c77341c1-5bdd-427f-bc06-695839e43ffe", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-d148-4d51-94de-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "c0069381-8375-4b99-9062-89a680c28169", "value": "b51576591bf3af02aa6f94ca6b084b1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "6ea98cdd-822c-4064-9168-6dfa1fae1ae4", "value": "14c6c056d9c5ae05145d5206baf43f0b2b6942f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "c4a3bb09-d22f-4cae-a80e-0e8f6e899c05", "value": "cc0e31c60f0ed3caa59feb0d1d1304f96cf23c6312270fd8567e4ed87cb7c71d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055541", "uuid": "c77341c1-5bdd-427f-bc06-695839e43ffe", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "6ac6a0f3-ddee-43a9-9f96-3b787cd76d0a", "value": "2019-11-24T16:22:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "4f83fd08-162f-4290-a613-1c4c48395376", "value": "https://www.virustotal.com/file/cc0e31c60f0ed3caa59feb0d1d1304f96cf23c6312270fd8567e4ed87cb7c71d/analysis/1574612522/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "30474ddb-babe-4013-a52f-dc92e90b1463", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055541", "uuid": "792ae878-47da-478e-910e-83ab193363f9", "ObjectReference": [ { "comment": "", "object_uuid": "792ae878-47da-478e-910e-83ab193363f9", "referenced_uuid": "ea550ad0-34cf-487a-af08-c26076576a4b", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-1b7c-4f35-a87c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "bfd2128c-dea9-4bb8-aaca-e7f3cc84c674", "value": "034b964770dc6e6e2a66d5edcbe63cb7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "37aa6785-a2cc-41b2-97f3-bcf176bf422e", "value": "05b42c2225fe2cf223d8efa0144bb7b9b2dc36bd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "af13a1cc-dd88-4787-822a-6d8ca8d5781f", "value": "5950774f554812943b76eb930e90f82aef3e0d1483dda07546db29898dc6c336" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055542", "uuid": "ea550ad0-34cf-487a-af08-c26076576a4b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "9fe1d598-82e4-4b4f-9e41-fa948752ff57", "value": "2019-11-24T16:28:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "6b5b0512-8ee6-4253-81ba-5b9464560d14", "value": "https://www.virustotal.com/file/5950774f554812943b76eb930e90f82aef3e0d1483dda07546db29898dc6c336/analysis/1574612932/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "3badee1d-a6ee-4fb6-b9d6-c46955ad11cb", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055542", "uuid": "79c73e7e-d39e-4082-a90f-e28f84cf3aae", "ObjectReference": [ { "comment": "", "object_uuid": "79c73e7e-d39e-4082-a90f-e28f84cf3aae", "referenced_uuid": "cc868828-7f2e-42b7-bd44-bf6720650d94", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-3158-4548-8fc8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "a8c9ca17-9533-4304-b658-dd8b5d0593a9", "value": "6fb1b41f6f680148cf4a713c3259f8cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "a48570e3-3106-488e-92d1-5163e6b296ba", "value": "24fdbdb24858cec4779a26f31879e0058f80b99e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "eab4cff1-b4b1-43a0-a537-e806347cd3e6", "value": "6a3b484113c16cb513fd220541c556f211ec9aaf0cf2737cddb960ca8425f63c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055542", "uuid": "cc868828-7f2e-42b7-bd44-bf6720650d94", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "ed2ac8d5-3578-4201-b6fd-ec1e0acf8af8", "value": "2019-11-28T05:24:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "5cb3e7fc-d2ae-4123-a76f-466f50b44362", "value": "https://www.virustotal.com/file/6a3b484113c16cb513fd220541c556f211ec9aaf0cf2737cddb960ca8425f63c/analysis/1574918655/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "42043af8-b2c1-4108-8d1f-94b2d6af7284", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055542", "uuid": "f989944b-ad68-4918-8627-6c73f89ce3e7", "ObjectReference": [ { "comment": "", "object_uuid": "f989944b-ad68-4918-8627-6c73f89ce3e7", "referenced_uuid": "b0bfc06d-a41c-4026-8a6a-73ec7789424e", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-0e2c-48e3-9484-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "1f039ee4-1b3b-4994-abf8-9f9ea4fa8942", "value": "df709377538c9d19057607f68a63f9d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "9c36e92f-b246-44a0-ad1c-d81daa65601d", "value": "5832161eb9344939f48e0559b6ce58cbf77f893b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "c6db7b88-4b9f-4960-975d-ec2381cf9cc0", "value": "f878ab6f2fa0e5b01e61cb5deb5188bd0d31ba16f31fe8a88d2cc17859f66ef6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055542", "uuid": "b0bfc06d-a41c-4026-8a6a-73ec7789424e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "2b86666f-df1f-41b5-a1b6-0bd688c8c218", "value": "2019-11-15T17:10:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "09b3ff57-0d8d-470a-b911-a8c67e6ca748", "value": "https://www.virustotal.com/file/f878ab6f2fa0e5b01e61cb5deb5188bd0d31ba16f31fe8a88d2cc17859f66ef6/analysis/1573837855/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "3a8d6c40-a137-47b1-9f49-d923ff758e32", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055542", "uuid": "3c53c632-de7e-41cf-a444-246d60627cb5", "ObjectReference": [ { "comment": "", "object_uuid": "3c53c632-de7e-41cf-a444-246d60627cb5", "referenced_uuid": "fa188133-68e0-4fe1-b887-c29a3608077f", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-f780-4361-9df1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "bd5611f2-1668-47dc-bb7a-7f7ab1d4b9db", "value": "d2b88f123ef635c5344fee05b3f3f7fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "804eb3e6-6fbd-46d6-998d-153a9b9e6b1c", "value": "408a9e287e48ce2030da93ae236e76c6afd188e5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "f6dba327-3f14-4c0e-831c-86705d2a7852", "value": "a2188ff2dcca659807db8898153c88520d41033b8f446ecb932957abb6237abb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055542", "uuid": "fa188133-68e0-4fe1-b887-c29a3608077f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "355962fe-2f88-451f-8aea-39fd247b7524", "value": "2019-12-02T18:28:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "7fba3674-946e-47dc-9897-022316876ad4", "value": "https://www.virustotal.com/file/a2188ff2dcca659807db8898153c88520d41033b8f446ecb932957abb6237abb/analysis/1575311330/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "7642b8d0-71b6-4420-bb88-3946b03e7f1f", "value": "43/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055544", "uuid": "811f3acc-01fc-4343-b0c8-0c88fee826cb", "ObjectReference": [ { "comment": "", "object_uuid": "811f3acc-01fc-4343-b0c8-0c88fee826cb", "referenced_uuid": "d77e9949-c73c-4884-8b13-e42b494681a6", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-0f90-448a-9485-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c42926d4-1cb5-45e3-8f48-fd29bad41a09", "value": "2008ea091cc699a9a708e56e887b2e5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "03aee01e-2d0c-49e7-866b-f68eb33aee73", "value": "7c00ede7400fb8e41f2184bf48e0ae646bb23100" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "c299268b-f212-4666-acf8-2626f8449106", "value": "afe106ae1b74031acfea1585c78a8db20fe3b99ae1f099e9a1812945f8008498" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055545", "uuid": "d77e9949-c73c-4884-8b13-e42b494681a6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "18d70050-c000-4e18-b21e-671a5a453052", "value": "2019-11-07T19:06:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "b8f45775-5577-4391-871c-8a9d20b9da0b", "value": "https://www.virustotal.com/file/afe106ae1b74031acfea1585c78a8db20fe3b99ae1f099e9a1812945f8008498/analysis/1573153618/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "8906c219-23ed-4592-a836-9dc516522730", "value": "38/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055545", "uuid": "2048516b-a06e-4511-a074-769e60b4d1b9", "ObjectReference": [ { "comment": "", "object_uuid": "2048516b-a06e-4511-a074-769e60b4d1b9", "referenced_uuid": "e270fb81-2868-4e01-ae02-006bb56ab6bf", "relationship_type": "analysed-with", "timestamp": "1576055877", "uuid": "5df0b445-4ef4-48c4-bb74-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "2a4ba3ab-9c15-4887-9955-5d753d766bf3", "value": "d7e3bbbfa5568dc4968a3e157c89e3b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "d6067d3e-e5bb-4791-a7d2-f7a2c0f98dab", "value": "a6478f794b0ff8cfde6db7a42afdfeea4f08007c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "acce1510-620e-42d5-8ca8-a4ff6710bc5e", "value": "8dd6ac6c539d10c74f76cedde68adbed0393e880ab9a305a9297316884f360c4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055545", "uuid": "e270fb81-2868-4e01-ae02-006bb56ab6bf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "fcbcf606-7208-4470-b503-5043c9c468be", "value": "2019-11-28T10:26:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "f0b607e5-3b0f-44ca-9b38-30e49ea5d87a", "value": "https://www.virustotal.com/file/8dd6ac6c539d10c74f76cedde68adbed0393e880ab9a305a9297316884f360c4/analysis/1574936778/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "d70b4c1e-bc5d-4c3d-93cb-cb592e568c67", "value": "52/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055545", "uuid": "2ea063d5-3da9-4c37-b761-32429100b994", "ObjectReference": [ { "comment": "", "object_uuid": "2ea063d5-3da9-4c37-b761-32429100b994", "referenced_uuid": "76ffc2c7-5151-4fae-a2bd-64b87bf32ffb", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-54f0-4493-95b6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "fe028807-f207-41d0-82b6-a85e254a10a8", "value": "4d3e0ad8cef6d4898cecc07944a5b5ab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "caf15739-abfb-456a-85f0-a004e7b69c3e", "value": "52f639d70b4e13f96e40b524bef32de6702b1831" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "9239aa7d-bdd5-4e1d-b773-ac7fb1237ec5", "value": "e4370b0ab4dde24b3f8634e6a154e243a1d96e447c5b03d17005226ef4815cd9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055545", "uuid": "76ffc2c7-5151-4fae-a2bd-64b87bf32ffb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "65e50b2b-6958-4857-a1b9-d253b0ea79e1", "value": "2019-11-13T06:00:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "2433f15a-ce9f-405a-ad08-ee74e1a0fa7a", "value": "https://www.virustotal.com/file/e4370b0ab4dde24b3f8634e6a154e243a1d96e447c5b03d17005226ef4815cd9/analysis/1573624837/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "c47b1b79-888f-46e5-bd4a-98e278b3c2ea", "value": "41/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055546", "uuid": "a59ea309-176e-4054-86e2-2b6cf6269370", "ObjectReference": [ { "comment": "", "object_uuid": "a59ea309-176e-4054-86e2-2b6cf6269370", "referenced_uuid": "826cbe2a-4f33-411b-98aa-d29ceadddba2", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-9b04-4faf-b10d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "e386a677-9d36-4db8-9601-f3ed714554c6", "value": "306ec237b988b01e21151ce2261e796c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "ebe605b1-7f0a-4f15-b507-39bed032e179", "value": "a59769c50b88dd5f4bd91f3281ba19439c746d7b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "794324c8-f15f-4839-a3dc-8ba8d39022a0", "value": "d2ae0171b71d401548bd41dd28a7aa9a4fe5f32a92fbce9cd860bfad79d3eb21" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055546", "uuid": "826cbe2a-4f33-411b-98aa-d29ceadddba2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "d8d53d0a-8111-4670-9c0f-ea746c4ea138", "value": "2019-11-27T03:30:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "a841cbe3-5b85-44d7-9c4e-797cde8a1d4d", "value": "https://www.virustotal.com/file/d2ae0171b71d401548bd41dd28a7aa9a4fe5f32a92fbce9cd860bfad79d3eb21/analysis/1574825410/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "c1451325-2dd4-4dfe-a350-3fbaf27983f5", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055546", "uuid": "a50d9267-5c10-438e-bd54-c9227c0a2fac", "ObjectReference": [ { "comment": "", "object_uuid": "a50d9267-5c10-438e-bd54-c9227c0a2fac", "referenced_uuid": "a73f542c-92e8-4f71-88af-aa96ac8aeb3c", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-5bcc-49e5-9a9f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "7cf0367f-943f-4e06-89eb-4bffb7686077", "value": "f267b452b13987cf458a2386cae18ba1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "448a73da-45d0-40bf-87a8-996c62bbf70a", "value": "90e3af924d3f91068fce6ed4c207385f8aa7b229" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "15a1fdb4-c732-46e7-ba78-deb6e8016ace", "value": "adfc6aea1314ebaef8bfe956ead4223322da266c696a2f4d054fbb157f8d5abf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055546", "uuid": "a73f542c-92e8-4f71-88af-aa96ac8aeb3c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "27fd2ad4-9f9d-42de-a55a-d856dec5f318", "value": "2019-11-23T21:54:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "06d88747-9daa-46c9-9be8-556877fb05db", "value": "https://www.virustotal.com/file/adfc6aea1314ebaef8bfe956ead4223322da266c696a2f4d054fbb157f8d5abf/analysis/1574546051/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "eeec9770-ae32-448f-8ef5-837760243f86", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055546", "uuid": "b5ee0663-e589-4f86-a285-ae5f253a4372", "ObjectReference": [ { "comment": "", "object_uuid": "b5ee0663-e589-4f86-a285-ae5f253a4372", "referenced_uuid": "e4be0c7b-a75b-43ed-b9cb-fa765780eeaa", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-9c8c-4662-92fe-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "023b56ac-2137-4e46-84a0-3a275e6cc4bb", "value": "ab0e0424b33f5286264f2f2ef14b310a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "dd59997e-786b-47a4-a0b9-1435df7200f2", "value": "edd0717b9bf8b7093252aca2ab6aec48edaf68eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7e2515e3-faff-41a6-bfc0-06f08de2feef", "value": "6bbba3209752c404e353cd13947b9e851aa3865a6f83493b5e42be1ce586f963" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055546", "uuid": "e4be0c7b-a75b-43ed-b9cb-fa765780eeaa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "abf9d70a-7abf-4441-9f32-4caa39027cc8", "value": "2019-11-21T10:59:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "441dc1c7-7808-4f67-86d3-2c5cb7256617", "value": "https://www.virustotal.com/file/6bbba3209752c404e353cd13947b9e851aa3865a6f83493b5e42be1ce586f963/analysis/1574333990/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "629e01a6-fc02-43c5-b830-be8b6b0577a9", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055547", "uuid": "703e20b5-a285-49e3-b875-f69c6bda2b2f", "ObjectReference": [ { "comment": "", "object_uuid": "703e20b5-a285-49e3-b875-f69c6bda2b2f", "referenced_uuid": "017e3262-94cb-4836-9d37-b898ec560f5a", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-3d78-45bb-aeed-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "7e6893a1-493b-4463-8eaa-7749d0bbab08", "value": "a11bef65a0b7360f98c1fcfe90934a0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "2df66bdc-2a12-425e-ad96-b069bcda4d50", "value": "23f5562426ddfd26c298a44f66c0652bf9f8b838" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "acc5a8d7-6d3e-4de9-92f5-cd19242e809c", "value": "490cc1a82b65b83687a798282fffc65893ba472fc55d106204cb54434f04d582" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055547", "uuid": "017e3262-94cb-4836-9d37-b898ec560f5a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "d90638eb-43ef-410f-b2b3-6938de723399", "value": "2019-11-21T10:22:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "e7ba7bb4-001b-4b5c-af45-f9e7f5ace24c", "value": "https://www.virustotal.com/file/490cc1a82b65b83687a798282fffc65893ba472fc55d106204cb54434f04d582/analysis/1574331736/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "9832e518-a251-4af6-8dd2-f0c22b5880dc", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055547", "uuid": "95607ff3-30bf-4d79-ab38-35bffcaae0e0", "ObjectReference": [ { "comment": "", "object_uuid": "95607ff3-30bf-4d79-ab38-35bffcaae0e0", "referenced_uuid": "2befcedf-2a62-4201-996d-456460ef219d", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-d6c8-4e80-89a8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "4857e654-25aa-4763-b639-8e52f052af85", "value": "36983d085c9c02570e947ecadb16775c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "3118ca26-4c3c-4b5a-9016-e6193acff567", "value": "a6ad7ecd92f4e426ce86de2a649f20ac957abdf2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "d5531c75-a9de-4c32-9d81-10e3694f4a54", "value": "66dcbe7ca3b5ca2636ed3d8de7a57b2955091a0cae30731005d82efc9cae0c79" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055547", "uuid": "2befcedf-2a62-4201-996d-456460ef219d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "2afb122d-acab-4ff2-be70-5c8adc75093e", "value": "2019-11-21T12:14:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "48a74232-bd1a-487a-9d00-4b9df2df3df4", "value": "https://www.virustotal.com/file/66dcbe7ca3b5ca2636ed3d8de7a57b2955091a0cae30731005d82efc9cae0c79/analysis/1574338496/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "5139768d-2904-4ac7-b535-3581a0c89c9a", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055547", "uuid": "e5f853df-553d-40db-84e5-5d44443c0ac9", "ObjectReference": [ { "comment": "", "object_uuid": "e5f853df-553d-40db-84e5-5d44443c0ac9", "referenced_uuid": "55ce3116-9eb7-42bf-b0b5-08a50c2f3e84", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-1864-46f4-aa3a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "3e01f851-732e-4313-a649-081017c90740", "value": "b1fbe9238cfa3422e517483691dc35c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "c6abfc19-29f2-4d52-875c-435575087984", "value": "33827b621bbcc30813aeb627ec0f9b97ed436bb2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "05a21c8a-29cc-4c92-bdb0-94fddc33864b", "value": "4974552078e1f43540ee29a04b40618df797bef3299cf60cc46e5d68a4bf77a7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055547", "uuid": "55ce3116-9eb7-42bf-b0b5-08a50c2f3e84", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "2df9067b-9546-41c8-8d6f-6d4a3b048388", "value": "2019-11-18T13:20:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "bf8bd49e-0b2b-40c8-9f6b-c4c5db550c66", "value": "https://www.virustotal.com/file/4974552078e1f43540ee29a04b40618df797bef3299cf60cc46e5d68a4bf77a7/analysis/1574083251/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "b80d494f-d3db-4b1e-90c1-ce5b9a610eda", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055548", "uuid": "c9e63164-4df3-4e70-b9df-d525f1c39b3e", "ObjectReference": [ { "comment": "", "object_uuid": "c9e63164-4df3-4e70-b9df-d525f1c39b3e", "referenced_uuid": "f4053517-9fdc-43de-ad33-48cf4532a0ce", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-2030-4f12-821d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "dc888a36-00a3-4f66-a8c2-666dc31d2d38", "value": "615168470c5af34cdb04c08506e5a17a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "099dc34f-81a5-46e7-824f-c36b59666ea4", "value": "611b905657d3dcdb114b3a6a94362f47c2aa32e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "c8d8cd90-7a39-4d9b-8513-1c1e9e438a6c", "value": "7ce5efcdc40d2b8e157c16f4281c84478eec5d8a6604351b005723b80135a5c0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055548", "uuid": "f4053517-9fdc-43de-ad33-48cf4532a0ce", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "c9a18347-f9dc-452e-8d4e-dd58da2fd923", "value": "2019-11-29T22:43:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "8443993f-9fbf-4b70-af40-253261a24037", "value": "https://www.virustotal.com/file/7ce5efcdc40d2b8e157c16f4281c84478eec5d8a6604351b005723b80135a5c0/analysis/1575067403/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "e809dba8-b6dc-46f0-a36f-c9104b83ea0f", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055548", "uuid": "11a82cb6-d88a-4b25-b8c3-ea78a7d2f0b3", "ObjectReference": [ { "comment": "", "object_uuid": "11a82cb6-d88a-4b25-b8c3-ea78a7d2f0b3", "referenced_uuid": "031c14e0-1d94-429d-a43d-418379e2e106", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-509c-4afa-8232-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "7ab55512-a391-4908-83f2-289d1674317b", "value": "ad196fc53be64b6a7b82f6ec26504561" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "37f078d8-3db1-4030-bd80-1479d948eb31", "value": "e65c0cffd5ba375663677e4c98ebbb2d7f0f43d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "c13d5c77-4e74-4929-839a-7b08f836ca5b", "value": "91eaf9d913402a7c3378f4b7a2b068e5b73ade4abbc929d65407106602f0f463" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055548", "uuid": "031c14e0-1d94-429d-a43d-418379e2e106", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "f66d92d8-b55f-4f9c-8a71-7847784bce09", "value": "2019-11-21T11:18:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "d29d25b8-37d2-45ef-ab26-0b936dde2730", "value": "https://www.virustotal.com/file/91eaf9d913402a7c3378f4b7a2b068e5b73ade4abbc929d65407106602f0f463/analysis/1574335128/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "160f1d6e-9529-472c-8fdf-7213f2289d58", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055548", "uuid": "912985d7-e6d6-440f-81d4-8d6dda944e60", "ObjectReference": [ { "comment": "", "object_uuid": "912985d7-e6d6-440f-81d4-8d6dda944e60", "referenced_uuid": "ec51409c-24be-4755-aecc-23767b6fb830", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-29e8-4e5d-a2c3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "88ba1154-fe92-4bfb-ac13-c398c1c14533", "value": "e5ad3a8443e283f9760232e6f8462503" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "c7e14e3f-1990-4eb1-85be-35497a9253cc", "value": "7ade070b70806d8b51ca7cdcf8567405ad9e9817" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "4ee3fb1f-0041-4c74-8c6f-2492ebc28cb1", "value": "2acba73e75dc9f2fec4a30a81387a50b86079e0facbe3c3edbe436a6bf28b825" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055548", "uuid": "ec51409c-24be-4755-aecc-23767b6fb830", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "71648426-39d7-4489-ba42-40c044627cd4", "value": "2019-11-16T03:08:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "b046c104-a34d-47f5-aba8-83baf9d71481", "value": "https://www.virustotal.com/file/2acba73e75dc9f2fec4a30a81387a50b86079e0facbe3c3edbe436a6bf28b825/analysis/1573873707/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "06f21e7f-384a-4875-a23e-32a6cde029b5", "value": "43/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055548", "uuid": "92e64b60-b791-4af6-ae65-a768d7dd4b86", "ObjectReference": [ { "comment": "", "object_uuid": "92e64b60-b791-4af6-ae65-a768d7dd4b86", "referenced_uuid": "fee6a89b-8825-4d28-9495-546fb2d908b1", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-c6fc-4351-9796-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "aa143285-c1cf-4d23-a5ed-43ef331f5a60", "value": "1db3ef23a5335c99564139439cf3b1f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "39032080-b19f-41ff-ae51-6f310a62353b", "value": "2fbb80ffb8f032391850571d78f797bdc7207ed7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "83ae5394-8547-44ee-9d15-2672c5f10f57", "value": "50cbc24760b13fc6069311028b7728e1d6a183c4802b38516918d95cd3999ad9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055549", "uuid": "fee6a89b-8825-4d28-9495-546fb2d908b1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "1c566a7a-9f0a-4a40-a96b-cd9b377f078b", "value": "2019-11-16T02:56:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "cc18e203-e690-432f-a9bc-0c61cc6f202e", "value": "https://www.virustotal.com/file/50cbc24760b13fc6069311028b7728e1d6a183c4802b38516918d95cd3999ad9/analysis/1573872986/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "1ec14111-5542-419c-a23e-4c096d713e49", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055549", "uuid": "1d00daf8-7db3-4c1c-8275-0adf44757068", "ObjectReference": [ { "comment": "", "object_uuid": "1d00daf8-7db3-4c1c-8275-0adf44757068", "referenced_uuid": "a05cd184-793f-4944-afba-2d4324aa7bab", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-0fa0-4411-a2ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "890558bb-0942-4703-b9d3-94758b9f8222", "value": "0bfd8e3c0351f1711ee62929639f40de" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "658a67d0-4875-4ce8-90c8-0ba07e19e341", "value": "a36faef0c97f43c4a592f9d98d397667f62369f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "18a58d7a-d86c-4810-8c09-0c33a3a75a36", "value": "29a19ca5aaf2c175255067ce165dad2510991ccd21f9be422471f4318e52cd63" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055549", "uuid": "a05cd184-793f-4944-afba-2d4324aa7bab", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "e36bec46-1b97-4d92-85c1-232693ccd9a6", "value": "2019-11-20T11:49:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "53df8895-93cb-449a-9c0f-b8850fc3d24c", "value": "https://www.virustotal.com/file/29a19ca5aaf2c175255067ce165dad2510991ccd21f9be422471f4318e52cd63/analysis/1574250577/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "1f73df45-d7b4-471c-9885-bb7144eea74e", "value": "45/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055549", "uuid": "dbe55622-c9b0-4ec8-884b-5ed210d004a9", "ObjectReference": [ { "comment": "", "object_uuid": "dbe55622-c9b0-4ec8-884b-5ed210d004a9", "referenced_uuid": "01d3c818-a783-4f52-bc32-26bc2d9e26dc", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-9a6c-45aa-920e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "70a14cba-5cf4-465c-a52b-4ee1df4617d2", "value": "009663576c3814e1390d76d7871f0b22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "45c4d64c-f6d7-43f0-96f7-43c3ca7fedf0", "value": "a784d0377b96fe6eccdf3e82be73f1b538000659" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d8a8a2f6-ad44-4592-9f96-85819059bafd", "value": "1ecd294c05fbc67ab487162c4c55992821f3c9dd00cf7d4e29750cc70e6b7552" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055549", "uuid": "01d3c818-a783-4f52-bc32-26bc2d9e26dc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "fad5eb04-007f-46a3-a482-b14d1483ec8e", "value": "2019-12-01T05:11:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "254904e5-7efc-4899-837d-6c33a10525e2", "value": "https://www.virustotal.com/file/1ecd294c05fbc67ab487162c4c55992821f3c9dd00cf7d4e29750cc70e6b7552/analysis/1575177079/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "cd74f67e-9efc-4feb-aa81-44e3dfb57678", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055549", "uuid": "04b75cca-c00d-4806-87e3-3247296ea953", "ObjectReference": [ { "comment": "", "object_uuid": "04b75cca-c00d-4806-87e3-3247296ea953", "referenced_uuid": "86eca76d-8be5-4d39-88af-7dc5d879477d", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-6868-46fa-b120-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "303abe16-4261-4c3a-ae83-2794d7f83229", "value": "feb6072d1e1f657f3f21f9e77ead98e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "cda2a032-2975-4fc8-b304-a23ae2944b2b", "value": "7c15b2dca4598e029343b4ba49ec7eb917318d14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "51485b3c-fa55-4b0a-a28d-6dd999ef9b1b", "value": "c85d5d8c7e16c27fe40e17513ffce6a84c1e44aabd583411fc37d774bf7c6a2f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055549", "uuid": "86eca76d-8be5-4d39-88af-7dc5d879477d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "f1c263f1-1b05-4c50-8695-8ff66cb92bd4", "value": "2019-11-12T19:48:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "c0b92539-26fe-447c-b289-831e5593241c", "value": "https://www.virustotal.com/file/c85d5d8c7e16c27fe40e17513ffce6a84c1e44aabd583411fc37d774bf7c6a2f/analysis/1573588136/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "530f65ca-e736-46e5-a3dd-9c70c37a55cd", "value": "29/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055549", "uuid": "cbe76aa3-6d36-4f5d-a686-c2298c1f4504", "ObjectReference": [ { "comment": "", "object_uuid": "cbe76aa3-6d36-4f5d-a686-c2298c1f4504", "referenced_uuid": "588d9160-539b-4771-bfc7-6aabe09bd0fc", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-8808-482c-b31d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "f15cced3-963b-40c2-a7d6-d4ccc7f3f52b", "value": "89e5ae3e6db29c22040d42de1c3ffefc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "f45514e6-f14e-4afa-bfd7-f55e049b4f72", "value": "cf3f911f8d9a2c2c9c80757f730c783decdd4fe8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "de6c6177-5d70-4b0a-977d-11a8be9f0c0e", "value": "7c4a3468a02545ca7dc7fef06b9bcc5b37f5a892695bb9c64bf898aae81545f6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055550", "uuid": "588d9160-539b-4771-bfc7-6aabe09bd0fc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "b7bab9d8-9ac3-47b4-9788-4f6620305e11", "value": "2019-11-13T13:52:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "96e42cbc-5c16-4dfb-9e7b-d9d332585cc2", "value": "https://www.virustotal.com/file/7c4a3468a02545ca7dc7fef06b9bcc5b37f5a892695bb9c64bf898aae81545f6/analysis/1573653130/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "40eb303e-bbc9-44dc-996e-0173648501e0", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055550", "uuid": "3a09bb37-eec3-4d1b-9e41-20762a731531", "ObjectReference": [ { "comment": "", "object_uuid": "3a09bb37-eec3-4d1b-9e41-20762a731531", "referenced_uuid": "c01c4c9a-a410-49b4-bde5-52efb20221cf", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-4600-4f16-8253-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "f7ab503b-0b04-4341-949f-8150ff1cd730", "value": "26ffba21e12cc05f98420cd02cebd3db" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "b0be2bd9-91d1-407a-952e-8134f8d1fedc", "value": "1cdebd4b70b673f4590506906f694af2fffb7909" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "8b159bcd-7481-4fb5-9b90-2710bc214158", "value": "12cf9d677b1ff4e8a97b43bccf1ee7081737ff556c65907ece0debb4a2cc590f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055550", "uuid": "c01c4c9a-a410-49b4-bde5-52efb20221cf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "7aeed31e-5b2c-4753-a740-becc2c32f473", "value": "2019-11-21T10:40:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "1647ec62-788a-43a8-a7c5-23bf4c47c8a2", "value": "https://www.virustotal.com/file/12cf9d677b1ff4e8a97b43bccf1ee7081737ff556c65907ece0debb4a2cc590f/analysis/1574332808/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "966e8fb3-e3aa-4fcf-aece-848495b06822", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055550", "uuid": "e504ff3e-46da-4aa7-a8bc-7f0464cd214f", "ObjectReference": [ { "comment": "", "object_uuid": "e504ff3e-46da-4aa7-a8bc-7f0464cd214f", "referenced_uuid": "4aea2bb2-1381-4acc-b920-c260e90ecc75", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-c514-41c2-9ed2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "05ba1d75-dc49-4622-a33b-dae401aff199", "value": "cb6c6bcfdb31e131d079fd6ec0ba2bab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "57faa740-6e4a-4174-aaf0-5bff24b1dbe8", "value": "6f6070114bc7cde1b17a5f13a07f0c30223afcd1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "b96b494b-441a-4faf-912e-836372ea5f10", "value": "dfa71ba3111d266b909ba4e3c8b0e165f0741b448f8dd4c582cd2c6a92b1ff26" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055550", "uuid": "4aea2bb2-1381-4acc-b920-c260e90ecc75", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "261d75b3-625d-4b85-bd85-5cfbfc6df231", "value": "2019-12-01T04:04:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "a697e0de-5fe3-4eee-8875-3e682ea53a53", "value": "https://www.virustotal.com/file/dfa71ba3111d266b909ba4e3c8b0e165f0741b448f8dd4c582cd2c6a92b1ff26/analysis/1575173062/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "41e6903a-0294-4392-921c-2f65341c31a2", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055550", "uuid": "fb0c4692-fa82-49a2-bc09-ecbc22668e9e", "ObjectReference": [ { "comment": "", "object_uuid": "fb0c4692-fa82-49a2-bc09-ecbc22668e9e", "referenced_uuid": "9146a4a8-cb4c-4b93-8c6a-f63fd451c46f", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-44ac-4419-92b1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "1a2e1fe2-89e0-4b8a-b999-46ad9c5c3e6d", "value": "0dcdc809b80bfeffbc020eeb1ba6daf3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "0e6bf8ff-c3dc-4652-85cf-450b83d3432a", "value": "3a4787cd1fedcbc7693c584e01f5e0f2437c20f9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "1f41175a-4b52-45d5-a226-b63a874ef386", "value": "d0a85bfe1329577c7d16bb6a52f6b051b1db4eebc4a1a18948bc8bc4b324f653" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055555", "uuid": "9146a4a8-cb4c-4b93-8c6a-f63fd451c46f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "c71413a5-b18e-472f-bc9e-11d2c15a6e4b", "value": "2019-11-16T07:11:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "03dcf548-8423-40e8-b66d-020b1bf0ded8", "value": "https://www.virustotal.com/file/d0a85bfe1329577c7d16bb6a52f6b051b1db4eebc4a1a18948bc8bc4b324f653/analysis/1573888262/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "c682fa06-ad84-46fe-ac4e-062e9c8f10c7", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055558", "uuid": "cc0a500a-b0f7-4f79-ac43-727f41467b2d", "ObjectReference": [ { "comment": "", "object_uuid": "cc0a500a-b0f7-4f79-ac43-727f41467b2d", "referenced_uuid": "793774c5-ce1d-4e06-a8d9-4d3795eb9e45", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-d2b8-4c65-b258-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "68c1e941-6de8-47d3-a7bd-b5e230f26007", "value": "fc5709340cd917ceac167045bca43823" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "0a28a426-20bd-490c-8cf7-61a27216b2de", "value": "ea0aa3f8410997f75d74218e5fe0e9cfba448619" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "ab14b045-f7c0-439e-80a4-02c367143728", "value": "58f45d651ba2fc5d8a1c4a0b338208aa0a7946afe933c7d34d35cdfa2af5c2d2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055558", "uuid": "793774c5-ce1d-4e06-a8d9-4d3795eb9e45", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "ea230a25-62f1-4202-a27a-b4c64a3688fb", "value": "2019-11-23T23:02:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "17c2072e-8973-4130-8cd7-2ee46ed75766", "value": "https://www.virustotal.com/file/58f45d651ba2fc5d8a1c4a0b338208aa0a7946afe933c7d34d35cdfa2af5c2d2/analysis/1574550173/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "04d02e5d-7dce-4e37-9a51-a029ea5db0cc", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055558", "uuid": "21de6575-e36e-4e45-aa23-54c3da749d74", "ObjectReference": [ { "comment": "", "object_uuid": "21de6575-e36e-4e45-aa23-54c3da749d74", "referenced_uuid": "0ccefa28-3e07-41a8-9c33-f6790da24de0", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-2a14-43db-8453-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "45b43816-4d15-4d04-8f72-14aa15df1dbd", "value": "30f4db76d5e1c585fa79d17562eac74f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "6792499d-1b9e-4713-a072-6bdcc5da5c74", "value": "e554596122d1c02c5da8ddf966e26caaed1b000e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b1dbb3c6-ac68-4c38-95e4-54bf2723c28f", "value": "8abe40eb8d28d1ff22b5626f888ab4b2693ed5211887bdd83679762fa2b1f046" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055559", "uuid": "0ccefa28-3e07-41a8-9c33-f6790da24de0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "4d8ac299-4142-4190-a418-c82b3594be55", "value": "2019-11-20T11:48:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "92195b3d-fe3d-4d0f-9894-185b005c080b", "value": "https://www.virustotal.com/file/8abe40eb8d28d1ff22b5626f888ab4b2693ed5211887bdd83679762fa2b1f046/analysis/1574250495/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "ba716e66-9aa5-41c1-b8cf-3f42f69eb004", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055559", "uuid": "b5a4ca5c-d36b-46e8-9f2b-9122c2403840", "ObjectReference": [ { "comment": "", "object_uuid": "b5a4ca5c-d36b-46e8-9f2b-9122c2403840", "referenced_uuid": "e49f5e2f-84c8-411a-9531-2f810fc29476", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-fd04-4a0e-8aaa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "783a0d7f-290f-41e3-a7ac-0eee0adab0e1", "value": "e38ee517fa0ab1ae34e15706c487a235" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "e99788c7-dcf6-4a43-bfc3-120de5f8ced8", "value": "27a4c6a647a31005bb15248de05e333bf3aaaf92" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "86ebf70e-8cc3-4803-9d84-c4afc9df2086", "value": "02af85494ac863e6d7d67143ed6227bfc886663ee339c9ef2f95ce28cafa2baf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055559", "uuid": "e49f5e2f-84c8-411a-9531-2f810fc29476", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "56ede62d-eb94-4e1b-9029-812e4e8d0889", "value": "2019-11-15T17:58:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "475c7d26-b9fc-4790-94bd-11dc1990fb11", "value": "https://www.virustotal.com/file/02af85494ac863e6d7d67143ed6227bfc886663ee339c9ef2f95ce28cafa2baf/analysis/1573840690/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "9c077a12-35d3-46a3-8789-be52d3da7bed", "value": "42/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055559", "uuid": "a5503207-cc23-4648-ac81-6faef28c9580", "ObjectReference": [ { "comment": "", "object_uuid": "a5503207-cc23-4648-ac81-6faef28c9580", "referenced_uuid": "cebd7ad9-b557-44d1-9ee0-92cde95295f6", "relationship_type": "analysed-with", "timestamp": "1576055878", "uuid": "5df0b446-ab7c-4fb5-a70c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "9feb7d20-5506-43d4-8d18-cb5bde1d66fc", "value": "a12ad5d1ac06ee86e91d6617e58ec9b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "f6e43c07-ac00-4242-825b-cab8b1499b32", "value": "a693f5ff731174fd67a757b50789ddcccd868347" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b592a65d-b64b-417b-9a6d-5f38113c5057", "value": "a33ebe9f8b0eafc1dc8dd220a5525ca66f328713992f43cc68d829d4fdb00f21" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055559", "uuid": "cebd7ad9-b557-44d1-9ee0-92cde95295f6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "6af70a0e-8b59-4e35-809d-ce53cb1541bb", "value": "2019-11-17T10:05:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "765990bc-c0b0-43ad-afad-6bfb925bac57", "value": "https://www.virustotal.com/file/a33ebe9f8b0eafc1dc8dd220a5525ca66f328713992f43cc68d829d4fdb00f21/analysis/1573985122/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "2cb74dec-7b22-4e43-bc59-c0c343d43356", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055560", "uuid": "9ab29f6c-8c90-420a-ab5a-54356a3489e0", "ObjectReference": [ { "comment": "", "object_uuid": "9ab29f6c-8c90-420a-ab5a-54356a3489e0", "referenced_uuid": "e5617155-752e-4667-9122-5277e51bac47", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-ca14-4335-8ae2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "663c3d7a-42ff-45b4-8cf8-d77420832aa9", "value": "04056d9b69fd3367c6c760f9e175d22c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "a7b3c484-66b7-45b3-bd6b-83c3517aa650", "value": "0638b5302a0a1db3b46673cbf14fa82df6857edb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "d9d23f86-ad9b-4711-9b55-4ed207364394", "value": "c7c3bd15e6546015a1dc1805d5dff9fdca0a103e010c9538c84a66a632a0493b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055560", "uuid": "e5617155-752e-4667-9122-5277e51bac47", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "fc26090d-215f-4697-b9ea-86ce758215f3", "value": "2019-11-23T21:44:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "97e87168-1920-4805-9ed7-4f7ad3df2512", "value": "https://www.virustotal.com/file/c7c3bd15e6546015a1dc1805d5dff9fdca0a103e010c9538c84a66a632a0493b/analysis/1574545457/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "d424b6ac-c699-4acb-a764-743279d5cbd1", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055560", "uuid": "ce3923cf-7981-4adc-a3bf-0e8fd340dbe9", "ObjectReference": [ { "comment": "", "object_uuid": "ce3923cf-7981-4adc-a3bf-0e8fd340dbe9", "referenced_uuid": "f417ecb1-4728-4ca3-84b1-e8d39801de4d", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-e354-4b56-8708-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "1cbf46cf-caeb-4ee2-87c0-510964980ff2", "value": "4d7996f4104a5215b46f60d6c4149081" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "f55bc3e6-7ca2-4636-bea7-b59cd49719b5", "value": "f0a81ff52484a1db403e221aec5690e8e7a464eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "328e8226-6d92-4701-8144-91edc24f924a", "value": "83206a7a5354107957375b1d37c0f87c5013a06a7e7b6bbf4d9a02cec2f2c199" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055565", "uuid": "f417ecb1-4728-4ca3-84b1-e8d39801de4d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "48bcd825-6c13-4a9a-ae3d-20512c741ef9", "value": "2019-11-06T17:47:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "8c442d8a-9a81-4cd5-b7e8-aa007e15a0df", "value": "https://www.virustotal.com/file/83206a7a5354107957375b1d37c0f87c5013a06a7e7b6bbf4d9a02cec2f2c199/analysis/1573062424/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "d437576a-44b0-4c14-85c3-bc9e491e6a0a", "value": "37/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055565", "uuid": "51afc6c5-9417-458d-bac7-9bc3595baac2", "ObjectReference": [ { "comment": "", "object_uuid": "51afc6c5-9417-458d-bac7-9bc3595baac2", "referenced_uuid": "b68cdb99-5f9e-46d3-9f51-2dc28f0fa4b8", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-8978-4d95-86c7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "0abc6dd6-c9e1-4756-96c5-214e7c3f157d", "value": "03b1fdc4c393f0005c41735b7d7bcece" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "07a78384-4c21-402c-8ba7-a89c6dcd8059", "value": "873d2b9e91ef273da4f16e2f61e242f3e78c4c74" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "69a5b917-3da2-41eb-9c0c-845d08a809d2", "value": "e961b4444035266889c97a282c5cd8f36a43bde005abce430362567314dba99b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055565", "uuid": "b68cdb99-5f9e-46d3-9f51-2dc28f0fa4b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "f9e9d8ab-5f70-4f9b-8d3b-041f5db11d07", "value": "2019-11-15T01:03:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "65d028d9-41b9-43ac-819e-b5320ae40585", "value": "https://www.virustotal.com/file/e961b4444035266889c97a282c5cd8f36a43bde005abce430362567314dba99b/analysis/1573779829/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "00397e5c-cab4-45db-b973-28791508f801", "value": "42/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055565", "uuid": "7cd4670f-d35b-4dcd-bd9b-3ad0f9656c67", "ObjectReference": [ { "comment": "", "object_uuid": "7cd4670f-d35b-4dcd-bd9b-3ad0f9656c67", "referenced_uuid": "2bb66712-a7a4-438c-ab0a-20a9f3add41b", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-aeb4-4a23-a192-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "c1c1c310-80b6-4b52-b86e-8a56c012e76b", "value": "b0df5586b39acc2d333971942a201c1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "9548d0f5-55f3-4959-a1c9-784202b93f17", "value": "407e839b89a1957d06e8d20c1422207b20555639" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "9467ae78-9f9a-45f5-a51d-96c035dddd04", "value": "e50a761781915101a0fec4e4b7c2c6d8c8baf89fb70060580f09a07a8e1eb846" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055565", "uuid": "2bb66712-a7a4-438c-ab0a-20a9f3add41b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "996a08e9-5ed3-4a73-945c-d5ba26f6e025", "value": "2019-11-04T16:32:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "9f9da7d4-f8c6-46b5-a3ef-4082b19e9403", "value": "https://www.virustotal.com/file/e50a761781915101a0fec4e4b7c2c6d8c8baf89fb70060580f09a07a8e1eb846/analysis/1572885171/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "aca99bba-6547-43fa-998d-816bd5b367d2", "value": "9/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055565", "uuid": "b8150ad7-0d87-46fe-a423-859cf8f3a3da", "ObjectReference": [ { "comment": "", "object_uuid": "b8150ad7-0d87-46fe-a423-859cf8f3a3da", "referenced_uuid": "e61fb1a3-6d54-44cb-ae75-960669681b7e", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-b16c-4074-93ba-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "c9a1ca4c-0037-4c9c-91ed-b52a29c6fe85", "value": "207ee3e7300b79adb794355d15b9d870" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "e109369e-cac4-4298-8448-e01c42207095", "value": "08cb97d83202c65862e6b3251cbfd49f5cfaeee0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "cb79271c-2c6c-4ea5-9c86-71af722de2d6", "value": "63476988992a922fa9c1b2ca608557701306bbbc5f2f062e3477d31947efbb62" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055565", "uuid": "e61fb1a3-6d54-44cb-ae75-960669681b7e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "e8d2fc9f-9823-41e6-924d-0297e35abdab", "value": "2019-12-02T05:41:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "32e5506e-6f82-4be7-a61f-d992159877eb", "value": "https://www.virustotal.com/file/63476988992a922fa9c1b2ca608557701306bbbc5f2f062e3477d31947efbb62/analysis/1575265316/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "c4111b9c-3fd6-4c33-af64-a5ee4c765f19", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055566", "uuid": "8658e4c3-d242-46fa-9e30-a377c972aa27", "ObjectReference": [ { "comment": "", "object_uuid": "8658e4c3-d242-46fa-9e30-a377c972aa27", "referenced_uuid": "ed6a57ce-6012-47aa-83eb-1adf17a1cd48", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-7fac-49b0-bc6d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "576514a9-e902-4e07-989e-443ff46a0e6b", "value": "cdc8ff1303dd1893c03ede2c36f50f5d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "0db9c8a2-3235-4a45-aa32-7cb50aaeb98d", "value": "1e4082c22c6f25ca47ca8e903a4e53bd551f8745" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "19d7e86d-fe3f-416d-8719-6915e2014929", "value": "b3660101d3c25aded77d1a9694b16e311d8e708e1d586e9baf0bc988552a378f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055566", "uuid": "ed6a57ce-6012-47aa-83eb-1adf17a1cd48", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "e129175d-abda-4bdb-b164-3e03c6695f39", "value": "2019-11-10T21:32:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "d667f3d2-4c44-441d-9eb0-41e768e54f05", "value": "https://www.virustotal.com/file/b3660101d3c25aded77d1a9694b16e311d8e708e1d586e9baf0bc988552a378f/analysis/1573421523/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "aae10158-1251-4caf-b581-a7d9aaacc4a1", "value": "40/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055566", "uuid": "76d4ad83-bf9e-4a34-b0f3-face750649be", "ObjectReference": [ { "comment": "", "object_uuid": "76d4ad83-bf9e-4a34-b0f3-face750649be", "referenced_uuid": "1af73b85-9b9e-48c3-87a8-a2f0ddd2d0c9", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-6ebc-47ea-96a1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "1d41c359-89ba-41be-8cb9-3a1c3cd7f762", "value": "1882f807e21d1cc62446cec0e7a57017" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "af87e6dd-abb5-49df-98fb-e867a00bc0ba", "value": "1b749b371e4ba3270f9714320cc9684972cddd3c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "812b7c67-7a82-467b-8426-c7a3835b3be6", "value": "7e43b88207db6991ca9a1e5bbdbcce511d9907667f24b7dc34514120cf469855" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055571", "uuid": "1af73b85-9b9e-48c3-87a8-a2f0ddd2d0c9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "83bfdeae-9e7f-4982-93b7-ecf9c5764996", "value": "2019-11-15T14:06:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "453399e9-c29a-4716-bed4-e231f8f328b6", "value": "https://www.virustotal.com/file/7e43b88207db6991ca9a1e5bbdbcce511d9907667f24b7dc34514120cf469855/analysis/1573826761/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "a88a95b5-efb4-4f1d-9add-9f2c83220171", "value": "49/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055583", "uuid": "5bd44dc0-9ce1-4c93-b808-9edd63a0562c", "ObjectReference": [ { "comment": "", "object_uuid": "5bd44dc0-9ce1-4c93-b808-9edd63a0562c", "referenced_uuid": "701928f2-a29f-459b-8a12-ea8780384c70", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-3440-4de6-9a56-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "7f3c6b78-0a93-4c92-b2cb-081fad85cbfd", "value": "ca14ff6363e7a67277b2d60583a4be6b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "af5ec4c2-c95a-4357-bba0-d11c4b989fca", "value": "c5a8d29e69ab9c2e72a28f69511bef0b498e875a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "9a27fb4d-1ccf-4bd9-9977-cac7dbd01c64", "value": "161a343cab2f3e862271b6d5010e8800388cb2e221f54f197330792881938e51" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055586", "uuid": "701928f2-a29f-459b-8a12-ea8780384c70", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "686c9c18-bb66-4924-94a5-5f586db1a26f", "value": "2019-11-24T16:24:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "5f9bd8e7-0e08-4aa2-bec3-b9f9f87c9650", "value": "https://www.virustotal.com/file/161a343cab2f3e862271b6d5010e8800388cb2e221f54f197330792881938e51/analysis/1574612667/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "5be09e86-1002-4fbe-b6f6-5b69480e2166", "value": "52/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055588", "uuid": "5d636a4f-2779-44fc-9e5e-b771a0becc28", "ObjectReference": [ { "comment": "", "object_uuid": "5d636a4f-2779-44fc-9e5e-b771a0becc28", "referenced_uuid": "dff4ed7c-9449-4bd5-ac33-80c689df3ce3", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-1608-4af1-ae17-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "54c5e776-641b-4d06-ac25-465f525339e1", "value": "4e20ebae2036e8b00cb276d60b697ad5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "ad212ead-7fc3-4001-a29b-0b8cb05349f2", "value": "0f473a44822b661e5570efb26daab8bd2a207a16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "fb3d47a5-3e53-4c5e-b031-e2f5f0f959f0", "value": "b0485232103de6831e588c1fe1b52ae9ec3fb554b12dd29843c7d535fcb676a4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055589", "uuid": "dff4ed7c-9449-4bd5-ac33-80c689df3ce3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "c1041484-6212-45e0-a3d3-9f0f9b5de250", "value": "2019-11-23T21:56:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "2b05e41f-31a5-4e16-9d98-623ef6e093bb", "value": "https://www.virustotal.com/file/b0485232103de6831e588c1fe1b52ae9ec3fb554b12dd29843c7d535fcb676a4/analysis/1574546192/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "5e674465-8ad6-4c76-8122-6ecd6b682214", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055592", "uuid": "6d00f453-c339-4ce6-9d89-6a99535a78eb", "ObjectReference": [ { "comment": "", "object_uuid": "6d00f453-c339-4ce6-9d89-6a99535a78eb", "referenced_uuid": "118d0b85-97df-48d0-8dea-b2dc5350e6ad", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-05e0-4d42-a110-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "0f36764f-a137-43a6-a37b-9d5b33158d0a", "value": "2a1d8dbe27c0f96cf623fc2383938c54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "61c8608f-5843-4424-820f-2ee3abc28aa1", "value": "effd0d29a48151a2bea2d540fdc17a15655f8f33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "ae5b02f4-cb2c-451d-9d8a-d4aa3c00e2c4", "value": "8e90c30ea85486b8fbcf0bfc45bed76cb8981c83d84c066ed196067b87266f05" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055593", "uuid": "118d0b85-97df-48d0-8dea-b2dc5350e6ad", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "be0b0f40-2888-4bd5-aa3f-6e57c16be672", "value": "2019-11-16T09:38:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "19cef179-0140-41ce-853e-72b208320950", "value": "https://www.virustotal.com/file/8e90c30ea85486b8fbcf0bfc45bed76cb8981c83d84c066ed196067b87266f05/analysis/1573897125/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "b15def85-817c-4cac-b92c-ac36936e0b7f", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055593", "uuid": "771a406c-48bf-42d3-8b02-aee08d35f04d", "ObjectReference": [ { "comment": "", "object_uuid": "771a406c-48bf-42d3-8b02-aee08d35f04d", "referenced_uuid": "6e01b19f-072b-48f3-95ed-ee6ae14fcef2", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-94d0-4326-a736-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "2c82be95-2874-41c0-afd9-4d95df0c6a08", "value": "ac800d24fffaab17a4ff7c9d9ca55ed9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "1504284b-6000-434a-a607-c7e143a55aa0", "value": "598fe1baf11c56a8b1b943f0868c2bb5d2727f63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "d3c59839-d5a6-48de-90fc-104105e3c9f6", "value": "6ef46a0abeae802a3517a22ba0d5e2cfee6edfce2c1ee135747d8d4f2983d100" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055593", "uuid": "6e01b19f-072b-48f3-95ed-ee6ae14fcef2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "945baab7-7a01-48e8-818e-a2d8f40bb420", "value": "2019-11-07T18:35:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "045b97ad-fb50-4312-9ea9-c28d404a288f", "value": "https://www.virustotal.com/file/6ef46a0abeae802a3517a22ba0d5e2cfee6edfce2c1ee135747d8d4f2983d100/analysis/1573151723/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "d72a79ca-9d34-4515-9a32-b8f4910534e5", "value": "30/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055593", "uuid": "9588712e-97cf-429b-8ee5-0de0ec6cf2ac", "ObjectReference": [ { "comment": "", "object_uuid": "9588712e-97cf-429b-8ee5-0de0ec6cf2ac", "referenced_uuid": "d5d92559-46fc-4f99-9520-5bcf358132c1", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-0dc4-4c92-a1af-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "1a6012be-3050-4264-903c-34847aae259d", "value": "529d779363ddcb5311f92d40da0beb7a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "45497482-0b97-472e-bec7-256f65d894e0", "value": "ce0874cdf6e70d1e68b6afb2adfb519e3d875ddc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "86e21b3b-1734-4395-9d42-94b2b849eea5", "value": "ff35cf673a2eceec026cba6050750170456568b307bbfb2ba984a7b0d6d5f2ed" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055593", "uuid": "d5d92559-46fc-4f99-9520-5bcf358132c1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "2bd1f59e-bd78-43b6-a006-073ca9817174", "value": "2019-11-29T01:24:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d06384f2-4d04-4acf-aec5-3344d1ce6859", "value": "https://www.virustotal.com/file/ff35cf673a2eceec026cba6050750170456568b307bbfb2ba984a7b0d6d5f2ed/analysis/1574990644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "80f7ceb8-c29a-4094-9648-f78bb5595909", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055593", "uuid": "d56b00b8-8795-480c-87cc-4e229ebac191", "ObjectReference": [ { "comment": "", "object_uuid": "d56b00b8-8795-480c-87cc-4e229ebac191", "referenced_uuid": "67cdee52-5fbb-4ff5-a4f7-58aa082e62ce", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-8d80-4cb7-85d9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "018f9040-042d-4510-90bd-ffb64fbe4042", "value": "a131dc8bc5b75ef4e7f6be0d174c6807" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "644e37c5-7985-4b00-bd39-09ec31eda675", "value": "cf4048d3b17405e0625415209d9e3f50b5b1d5f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "39ea6fab-2f81-49e0-8012-010a154b18b2", "value": "7090aa4a651779e03dd59527dc2ba2f73a727828d0f5886f9fae62db71526709" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055593", "uuid": "67cdee52-5fbb-4ff5-a4f7-58aa082e62ce", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "f597345e-c457-4b72-a9ec-f65797c4b13b", "value": "2019-11-16T08:43:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "22cd0af1-75b9-4ce5-be74-2c3e3986d72b", "value": "https://www.virustotal.com/file/7090aa4a651779e03dd59527dc2ba2f73a727828d0f5886f9fae62db71526709/analysis/1573893829/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "2ec8693d-b312-4587-8615-978b369d8d73", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055594", "uuid": "e9d72436-9ebf-41ed-ae1e-9029ecc2c48f", "ObjectReference": [ { "comment": "", "object_uuid": "e9d72436-9ebf-41ed-ae1e-9029ecc2c48f", "referenced_uuid": "24b6e7d5-9323-4686-8c86-98456f98f499", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-a8b4-4e13-884e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "cc477138-060b-4c7f-a1ac-3c220158587f", "value": "f59f0bb564f0117c21b55c1371ab40e3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "3c7088a2-e3d0-4a4d-896e-b7e175dd8215", "value": "083efbdc8638d79103dd3766f6861b715854b1ae" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "34687795-e1c3-48b6-b4aa-b85c4377c161", "value": "a679240bf4af8ef69fabc147e123bacb020ee58a055abe272c0e1e20b36be5ca" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055594", "uuid": "24b6e7d5-9323-4686-8c86-98456f98f499", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "9bb7d42f-7ec7-4f68-9f52-d15e21e0aea3", "value": "2019-11-24T16:24:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "710e8b17-bf02-49bb-9a83-d2e25a4bba5c", "value": "https://www.virustotal.com/file/a679240bf4af8ef69fabc147e123bacb020ee58a055abe272c0e1e20b36be5ca/analysis/1574612641/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "e6d3ef35-3b17-4be8-81e5-27e08472ef0d", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055594", "uuid": "e1c0949f-3fdd-457c-a678-9a40c7ff23a1", "ObjectReference": [ { "comment": "", "object_uuid": "e1c0949f-3fdd-457c-a678-9a40c7ff23a1", "referenced_uuid": "40fe5ecd-bbf8-44ed-aa75-f300463ff28b", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-f3f4-421d-8d77-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "50e070c0-90c8-498e-9ab0-1f5c83e450ab", "value": "ab13db3296ec29389ca59f30b8e6ffe9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "9c32f029-5c0a-4317-bbb4-a51a84bf5e37", "value": "7c7f76b32cfece86b692dacbbf4b0e8681ec0048" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "927bd4fd-4abb-45e2-ad88-7043fd7e16c5", "value": "ab7cefe8c033c0d37cb5afa1a15697ce47d2c74d46384e4ca572c4c012230b19" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055594", "uuid": "40fe5ecd-bbf8-44ed-aa75-f300463ff28b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "db6a5148-edd9-4ffe-b600-c35864d4af16", "value": "2019-11-15T13:27:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "fc72a446-8c40-44a5-8c8f-e6a276eb31be", "value": "https://www.virustotal.com/file/ab7cefe8c033c0d37cb5afa1a15697ce47d2c74d46384e4ca572c4c012230b19/analysis/1573824448/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "96ce809e-6c11-43ca-8393-b1196f2d0a8c", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055594", "uuid": "92564276-0cea-45f2-aa41-b9e181a9eab0", "ObjectReference": [ { "comment": "", "object_uuid": "92564276-0cea-45f2-aa41-b9e181a9eab0", "referenced_uuid": "835be3b9-e8ed-479c-8020-5eec9a3d77ef", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-bc98-4d21-a939-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "9fa82ad6-9ac2-4e40-b28a-cfb008c6481d", "value": "ae46efeeb270ae08a8c98f057018abc1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "57828922-bbe9-41d8-848f-5206c3493c08", "value": "cac69aa50df348acd8cd4eb07236f87f4589113d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "06b800b9-2004-4f52-b2f5-11dfb9ad3583", "value": "1c9ee620d0aaba03b3aadbd044e1e266e25085edf5315f573e6e4844ad9aae27" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055594", "uuid": "835be3b9-e8ed-479c-8020-5eec9a3d77ef", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "30a7d422-44d6-473f-88c1-b82c28cbf7ba", "value": "2019-11-17T10:15:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "f5fa2eb4-82ef-4227-8ea9-2a29c1fe7b1f", "value": "https://www.virustotal.com/file/1c9ee620d0aaba03b3aadbd044e1e266e25085edf5315f573e6e4844ad9aae27/analysis/1573985731/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "97cfdc9d-cfbd-470b-97a5-f6dd273ca3bd", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055594", "uuid": "a71a4ca8-5de1-4c88-86a0-682e56066cea", "ObjectReference": [ { "comment": "", "object_uuid": "a71a4ca8-5de1-4c88-86a0-682e56066cea", "referenced_uuid": "803358ce-285c-408b-9e90-c914b7760d9b", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-6364-48dc-b5f6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "410fabb1-ddae-4814-8c93-3fe4959f8e3a", "value": "a2df53a73a1e6f916f1177f93d370341" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "9942691c-6a98-46d3-82ca-ced663b41549", "value": "2a8d87fbb8212109b4a8d2d14c681ab7904c532f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "10abb9e5-a115-4530-bfd7-91940d0c261f", "value": "7588964a824a72edfeb379ad77aa2a4f719878c8749910630d5563ba59ef2478" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055595", "uuid": "803358ce-285c-408b-9e90-c914b7760d9b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "4ee2841e-ae7b-4d9e-b2cb-a4acea46abc9", "value": "2019-11-16T03:16:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "45605548-6580-4345-b4d3-0a1d3fe72e91", "value": "https://www.virustotal.com/file/7588964a824a72edfeb379ad77aa2a4f719878c8749910630d5563ba59ef2478/analysis/1573874163/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "c84dadb2-98bb-40c0-a663-ebcbe5f9ec05", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055595", "uuid": "cdfadc4f-a9d8-431e-9fc7-9e5b4b98df81", "ObjectReference": [ { "comment": "", "object_uuid": "cdfadc4f-a9d8-431e-9fc7-9e5b4b98df81", "referenced_uuid": "83c5c1d0-4e7f-43a6-9c06-d0ed11674427", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-b204-48a2-a57f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "656c193a-b16c-4142-b5c3-06cd3d2f165b", "value": "920643f6386a18590a7792854e42c32b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "082f2e2c-64fc-4a96-b9ec-8ecb1201c1f9", "value": "5e6585ca170b16e0d43b8f7a880af9e041b36ebb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "7b691b00-1e37-4613-ae1d-9a747d1f6d00", "value": "d54a2943b17d93852b875925a279199374e1e9eb78a34d8f1c5eede1b27bd179" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055595", "uuid": "83c5c1d0-4e7f-43a6-9c06-d0ed11674427", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "25fd46a1-05f0-4266-afe8-9c3d159189e3", "value": "2019-11-17T02:22:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "7679dbfc-0940-4278-91a2-ff40a7a650b7", "value": "https://www.virustotal.com/file/d54a2943b17d93852b875925a279199374e1e9eb78a34d8f1c5eede1b27bd179/analysis/1573957369/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "1ef9b639-0e90-445f-b979-3b3b1da6c37c", "value": "44/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055595", "uuid": "66790000-1165-43e7-ae30-76adb333f2b4", "ObjectReference": [ { "comment": "", "object_uuid": "66790000-1165-43e7-ae30-76adb333f2b4", "referenced_uuid": "4c6d8003-f746-4b01-af91-6279d3a9e511", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-266c-4555-82bf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "833dfa2a-357d-4f2c-a820-5ecae8a55b3f", "value": "d2f8c74609f9d548939e3b4bb5e9927e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "61882dc6-8ce4-4aa2-9b45-ed7fc41d4b85", "value": "a50b98cba1231231a8c4ec5ffb2076f49cb5a175" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e73d8f79-c018-417e-9229-6a1486c03dbf", "value": "6b98f3a7e0c7ed16b5cedbc2017f43d05da15776e7a51b0fcd8a3f01eb785d80" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055595", "uuid": "4c6d8003-f746-4b01-af91-6279d3a9e511", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "039d22fd-0ecb-4e06-a560-6d7a967939e9", "value": "2019-11-09T23:17:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "76a2b33b-331b-4e1d-8c2b-dd229691ea12", "value": "https://www.virustotal.com/file/6b98f3a7e0c7ed16b5cedbc2017f43d05da15776e7a51b0fcd8a3f01eb785d80/analysis/1573341449/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "5ecc586a-d94a-49d4-a3ad-572cb3c01edd", "value": "38/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055596", "uuid": "e124f8eb-d4d0-47cd-9734-d7b6c627f041", "ObjectReference": [ { "comment": "", "object_uuid": "e124f8eb-d4d0-47cd-9734-d7b6c627f041", "referenced_uuid": "e1815cd8-7eac-44a5-b4e7-f10eadf09968", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-5140-40ef-a4c4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "9f6b85c4-7a14-43af-8640-87e34fe8eb99", "value": "21f0541e3a01b62d291d720df94deaac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "f50655f9-7a25-483c-9976-5f6e66d57ade", "value": "9aa365b2c9e9a80b34ae2bff9d7248a8d283e742" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "38725a8c-91f7-441b-a010-8587cd48459d", "value": "efff02b0d3d86d0e27d7854f382cb7e4ec25fcbdc50276bb3d181b02750fe2f8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055597", "uuid": "e1815cd8-7eac-44a5-b4e7-f10eadf09968", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "cea05ad5-7400-403e-a1a7-ebaed48e4072", "value": "2019-11-11T10:47:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "42a55e4e-b7c5-4233-a9d8-a585080ef603", "value": "https://www.virustotal.com/file/efff02b0d3d86d0e27d7854f382cb7e4ec25fcbdc50276bb3d181b02750fe2f8/analysis/1573469221/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "930a4954-1bab-4b12-a781-b05d482ba47c", "value": "33/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055597", "uuid": "6df16b19-c9ad-479f-bb73-98e47933b4b1", "ObjectReference": [ { "comment": "", "object_uuid": "6df16b19-c9ad-479f-bb73-98e47933b4b1", "referenced_uuid": "65ed45ea-d8a0-497e-be76-7b65ad16e7ae", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-05f8-43f9-b283-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "c86317dd-35b3-4368-a737-d7b3b2c4004f", "value": "724b1e8ce277e389d41b9540cc5bb434" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "6f154a83-b75f-4248-bb7b-eb21ede1b638", "value": "d9c874ab68b93e19cbf9698f3a762eaf6be55665" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "d1afae75-47f7-4a60-86f2-322053d3a8ce", "value": "c4cf061f764535f06af80e3a1e8b9bf87617a509cb879dc26278ad9577310c6c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055597", "uuid": "65ed45ea-d8a0-497e-be76-7b65ad16e7ae", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "746dccb9-5bda-45cd-bd8a-ea9fa8738148", "value": "2019-11-28T10:26:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "cecb6836-bd58-4e84-a395-4feb615a09bd", "value": "https://www.virustotal.com/file/c4cf061f764535f06af80e3a1e8b9bf87617a509cb879dc26278ad9577310c6c/analysis/1574936813/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "c3540de8-20c2-4b72-a74a-68174142cede", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055597", "uuid": "aae2070a-93bb-44d1-b5ca-d7cc8f8c15e1", "ObjectReference": [ { "comment": "", "object_uuid": "aae2070a-93bb-44d1-b5ca-d7cc8f8c15e1", "referenced_uuid": "5abeb690-e725-4e26-8208-787592f0f1b4", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-eba8-4a51-aeac-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "07ac6cde-85ed-477e-a9ed-a3edd4fd6ca9", "value": "702780f57a667792efed85a007fa1038" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "70c5ff9c-8e89-4c3c-8a43-31f4eb68f497", "value": "aadd24a29a946189fa1a966012c232a757bdb459" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "9005b373-44b4-4cb3-8789-5da155af0dc4", "value": "b888ddfa1dc6067ff6b46d81c13a46c66c3a55eeb635ccdc29b386bc21d0f66b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055597", "uuid": "5abeb690-e725-4e26-8208-787592f0f1b4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "c7a9b468-0663-48d8-8b53-da376f60352a", "value": "2019-11-14T09:10:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "31d5a1fe-89d4-4457-ba01-4bd3f9347565", "value": "https://www.virustotal.com/file/b888ddfa1dc6067ff6b46d81c13a46c66c3a55eeb635ccdc29b386bc21d0f66b/analysis/1573722654/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "e9c52702-03d4-40ac-9980-9d0bcc6f1967", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055597", "uuid": "49eeb9be-1ac5-4343-a6a1-981e07e76921", "ObjectReference": [ { "comment": "", "object_uuid": "49eeb9be-1ac5-4343-a6a1-981e07e76921", "referenced_uuid": "b24a4e92-c146-44ad-93c0-56ddc0bcd972", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-9734-4a3b-b284-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "741cef3d-4776-4dab-aff8-608657cebaa8", "value": "9e551e874d0976195892334b20f8338b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "c0d9372f-075f-4981-8381-0ed198603572", "value": "83bee3fc63b7a9327422aaa19d1369253368735a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "626fd712-a0e1-420a-b3d6-d937a7625f31", "value": "97e16593378bf75c26944f5a84af8d6364a062bfdf5bd055f2e5d76a0f2b94cb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055597", "uuid": "b24a4e92-c146-44ad-93c0-56ddc0bcd972", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "39e452e2-fc19-4b20-a74f-3107f8721256", "value": "2019-11-21T10:46:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "30c5b28b-50c0-4f58-a2f8-b45be0d9ac4d", "value": "https://www.virustotal.com/file/97e16593378bf75c26944f5a84af8d6364a062bfdf5bd055f2e5d76a0f2b94cb/analysis/1574333196/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "4435e508-8ccd-42c6-94b8-6b2c6cf35249", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055598", "uuid": "a4d2e885-37a4-4cdb-b556-03fb55ffc38a", "ObjectReference": [ { "comment": "", "object_uuid": "a4d2e885-37a4-4cdb-b556-03fb55ffc38a", "referenced_uuid": "7f67077f-37ac-4bcb-b5d0-e39f3200aa4c", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-6768-48c7-b57f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "78b3f43e-891c-441d-8e5b-d366bd4f4964", "value": "7d8821ea25f8794e42e578aebf43b285" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "31d9f5c1-dd2e-4e5f-9144-582d6e5c807e", "value": "014520d36874b7f063fdc7e756b08123f62843fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "1fcc872c-d560-46ca-b263-b477a74ccb01", "value": "568c38c9adb0c2c1ff87043cad3004ab4a537b1c2deccd2766da616867dc634b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055598", "uuid": "7f67077f-37ac-4bcb-b5d0-e39f3200aa4c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "a72b0495-22d2-40ba-b5f7-277e640f029c", "value": "2019-11-23T22:20:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "b0ef35c8-ea8c-4705-a77b-d02381958e85", "value": "https://www.virustotal.com/file/568c38c9adb0c2c1ff87043cad3004ab4a537b1c2deccd2766da616867dc634b/analysis/1574547620/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "77157c7e-fae6-4aa7-8dbb-8cfd7b722399", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055598", "uuid": "cf5814e9-d3a7-4a6e-81ac-a4bc952b9598", "ObjectReference": [ { "comment": "", "object_uuid": "cf5814e9-d3a7-4a6e-81ac-a4bc952b9598", "referenced_uuid": "30e6c4a2-b11f-4ebf-8f73-7c4b88e31fde", "relationship_type": "analysed-with", "timestamp": "1576055879", "uuid": "5df0b447-73a0-45df-aca9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "ecb420a7-81cb-4e10-af23-63e607383c85", "value": "948c3f56226b515b13e58ec8d4e37df7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "551c57ee-1d48-48c7-be1c-e6862b6213fb", "value": "cea27349a06b75fb53f994d83709e28b8c1e13d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "97fa8dcf-b9df-4cdc-a995-09d98befa563", "value": "f19871a464a805925b8df6749bacf04657f788bfe3fd9f09a9b0f26082b216f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055598", "uuid": "30e6c4a2-b11f-4ebf-8f73-7c4b88e31fde", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "e078c6d7-d65e-4401-b699-16a6f8dcebe1", "value": "2019-12-09T02:20:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "18736a26-5b49-4119-9944-b0820f82b510", "value": "https://www.virustotal.com/file/f19871a464a805925b8df6749bacf04657f788bfe3fd9f09a9b0f26082b216f4/analysis/1575858054/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "2d95227b-787d-4310-ad4c-a1c070233e00", "value": "59/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055599", "uuid": "60718162-7fb8-4b61-8e86-d67989c5a68f", "ObjectReference": [ { "comment": "", "object_uuid": "60718162-7fb8-4b61-8e86-d67989c5a68f", "referenced_uuid": "d4eb6be7-83c4-423b-a48f-b4441352f138", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-fbb0-468b-afc8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "af2e0640-56eb-4420-8ec3-d871449d4271", "value": "2447a1f147d67815b2755d651bb7306e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "805e733f-f735-418a-8950-e2042ee9d0b2", "value": "b1c1042fefe364772419412379dbb8b348408f9f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "61597127-8e3a-45eb-b870-c765e378a672", "value": "3a546325ce2a949223db646115b4fea6a9c596e3b81c529ec3c3b6dd96b17b0f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055599", "uuid": "d4eb6be7-83c4-423b-a48f-b4441352f138", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "e0a3cb79-f734-4944-9a95-947fa15d5b78", "value": "2019-11-20T12:04:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "52bcec93-8d48-43eb-964f-cdd2192c463a", "value": "https://www.virustotal.com/file/3a546325ce2a949223db646115b4fea6a9c596e3b81c529ec3c3b6dd96b17b0f/analysis/1574251465/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "afc7f6fa-3f32-43db-ab18-33feb9f94fcb", "value": "45/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055599", "uuid": "4e358fe3-3b73-456c-8de6-16ea58413da9", "ObjectReference": [ { "comment": "", "object_uuid": "4e358fe3-3b73-456c-8de6-16ea58413da9", "referenced_uuid": "05703f1e-495f-468b-a6fc-270cf1f16f76", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-9a04-4f72-9d60-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "d2cc63b3-6d07-4dfb-b861-f3347328a4c9", "value": "773c92ed379f757df8dec961b5842f71" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "4d10769d-0f7f-413a-8ead-98218b1ffc42", "value": "e3b2832579acf76532aa21d6dc9a6dcfeaeae954" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "1df1baee-39ed-4f96-a3d0-c63c68cdb8cf", "value": "e805efb48554e98574bfb9cf2de17610d46b6be0f68d5c0a267e5b3e2ed3264b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055599", "uuid": "05703f1e-495f-468b-a6fc-270cf1f16f76", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "9b1afa34-cf58-42dd-bd6a-7dea7e05903e", "value": "2019-11-17T09:12:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "bf44f747-1908-4249-b336-723b1dc5b51f", "value": "https://www.virustotal.com/file/e805efb48554e98574bfb9cf2de17610d46b6be0f68d5c0a267e5b3e2ed3264b/analysis/1573981940/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "16e45b4d-afb7-441d-944d-caa829f700ac", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055600", "uuid": "b8e369fb-f4ee-4a34-bb02-3517f677f58b", "ObjectReference": [ { "comment": "", "object_uuid": "b8e369fb-f4ee-4a34-bb02-3517f677f58b", "referenced_uuid": "40abe2ca-14db-47c3-be79-1cc5cadec350", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-4ab4-48ed-92f1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "5eee7ede-ee1e-4238-978e-13a78639d93a", "value": "ed31c8d81f39248acd37071a10e7227c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "33b5ebfe-6071-4b26-8a51-f42deecd9b73", "value": "a69e75739bb82cb5592270ae0487a1e20b81d32b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "8c5ad5da-dcd5-4307-acdf-c2344ee262ee", "value": "051e3737e6b617a96ae1c2f74881c1a32296073a6a351230942f1d07c1f8ba4a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055600", "uuid": "40abe2ca-14db-47c3-be79-1cc5cadec350", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "555d3114-bd14-4247-9cfd-71761d82934a", "value": "2019-11-12T00:24:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "8a5a3d22-f0ed-42b3-97ee-b9fa30a2022a", "value": "https://www.virustotal.com/file/051e3737e6b617a96ae1c2f74881c1a32296073a6a351230942f1d07c1f8ba4a/analysis/1573518250/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "0ce86b78-bba7-4a58-9ea0-dd68ed7f3e71", "value": "47/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055600", "uuid": "da8863b2-b371-4638-99d5-dba8ed6b7547", "ObjectReference": [ { "comment": "", "object_uuid": "da8863b2-b371-4638-99d5-dba8ed6b7547", "referenced_uuid": "d48383bf-a7a8-49f2-a317-458f5135c42f", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-2188-44c6-af40-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "aa583d25-6401-4c9a-a425-4bab0b39fa65", "value": "3fcc73fefe3ab99c5017df079e6a3759" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "71813b98-b3db-43bb-a7ac-f5736b1cd1ce", "value": "df23a8e4e879d757e5a4e725b8dc1bdac74cafd2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "360f1116-0803-429a-b03a-8f99ed86989e", "value": "4b87e402b89a0ab65ab8bc89c95cbcfe7c08358e43d18cc1b04ebad1823c8e00" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055600", "uuid": "d48383bf-a7a8-49f2-a317-458f5135c42f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "6f24130e-deab-45f3-bf6e-2eafe70fa670", "value": "2019-11-15T14:06:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "35c989d5-afd6-474b-8c63-6e46e277a251", "value": "https://www.virustotal.com/file/4b87e402b89a0ab65ab8bc89c95cbcfe7c08358e43d18cc1b04ebad1823c8e00/analysis/1573826765/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "0372188b-a80d-4c0a-bf7f-0b9acd1aebbd", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055600", "uuid": "6f5efc3c-a86a-4c53-90d2-f40b9b6e0561", "ObjectReference": [ { "comment": "", "object_uuid": "6f5efc3c-a86a-4c53-90d2-f40b9b6e0561", "referenced_uuid": "b5497f51-98b9-4ab4-b1ba-829ff0a67a2f", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-6e20-4c4e-9fdd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "846e0efd-e855-4f8d-a173-a47f7a7b407f", "value": "7eb1e8b0fbdc3d02ca16db4c6a048e27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "bf7d93fd-0e71-4d6c-af4d-0b0d2cdae7d0", "value": "b4ee38b901114dcfa8169020c5a5e715ad531520" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "c00ded58-5381-4a3f-97f4-e6817bfa88d7", "value": "8f51e9c67c3eb7abb83b6bcfd35da0d71b256f3f00aaaf2cce8dc06a346158de" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055600", "uuid": "b5497f51-98b9-4ab4-b1ba-829ff0a67a2f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "1533cf3b-9fbf-4ad3-886a-98c9df663501", "value": "2019-11-08T09:24:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "847fd1a1-294a-40f4-b9ed-e68166400dae", "value": "https://www.virustotal.com/file/8f51e9c67c3eb7abb83b6bcfd35da0d71b256f3f00aaaf2cce8dc06a346158de/analysis/1573205055/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "db27bcb2-f2c9-40aa-91a2-721443b6c10e", "value": "33/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055600", "uuid": "d7114461-2135-4f55-a0ac-839e7873665f", "ObjectReference": [ { "comment": "", "object_uuid": "d7114461-2135-4f55-a0ac-839e7873665f", "referenced_uuid": "22699978-01ec-48a8-8388-6b6bc9793dfa", "relationship_type": "analysed-with", "timestamp": "1576055880", "uuid": "5df0b448-8ca4-4966-935f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "196dcc69-abe1-4a91-ab66-51df7cbab897", "value": "f8f49721f823ce919abba1a19f6e4e45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "d0e21730-a52c-4029-a05e-ab12a008284c", "value": "6b9c50a56a0c4149764a43e7cac061d500523392" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "35dbd34a-7b20-4d52-b6f4-0a5c84649e6b", "value": "afbf46d05691370ebdeff78aa5eb1aa362b7787fc4c68efa979ae344b9a328f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055600", "uuid": "22699978-01ec-48a8-8388-6b6bc9793dfa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "a95ab5d3-5964-4481-a7d6-1adf15a036b5", "value": "2019-11-11T01:11:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "6c2f9f48-e318-4849-8421-df0172961bf3", "value": "https://www.virustotal.com/file/afbf46d05691370ebdeff78aa5eb1aa362b7787fc4c68efa979ae344b9a328f4/analysis/1573434677/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "331c0dae-76ed-4467-a6f9-8594ec96b31e", "value": "38/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055601", "uuid": "87e201f2-9162-440e-a953-12c5daea9c25", "ObjectReference": [ { "comment": "", "object_uuid": "87e201f2-9162-440e-a953-12c5daea9c25", "referenced_uuid": "204a06dc-125a-4ade-9673-6385e113c794", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-2c20-4bab-9611-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "610d1c79-ecd7-40fe-8e78-fe366b3ac885", "value": "4c1522c58ff80b7c0f51723568e1fd4f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "eaa2e016-090f-405a-adc6-9350d1386e68", "value": "91d2fa395dbeca47033907790def8fd86919dfd8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "1e9c87b9-cc21-4be7-aef4-3a95e7249bcf", "value": "91c3e558704960cbfc8f2e0a781d3ca3d2adc4ec82a978f6c598bf842d267186" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055601", "uuid": "204a06dc-125a-4ade-9673-6385e113c794", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "571fc68e-41d0-4aa9-9cfd-ad056f0e5e49", "value": "2019-12-03T03:24:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "00246860-aa53-4882-9b95-f71cf2749e05", "value": "https://www.virustotal.com/file/91c3e558704960cbfc8f2e0a781d3ca3d2adc4ec82a978f6c598bf842d267186/analysis/1575343492/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "ac4eb2a1-e90a-4da3-b5a6-a0262e6db7cd", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055601", "uuid": "0b6a50ab-f744-41c5-a7f7-300cec021f20", "ObjectReference": [ { "comment": "", "object_uuid": "0b6a50ab-f744-41c5-a7f7-300cec021f20", "referenced_uuid": "c970f396-119c-4222-b0cf-76fd8564f7a1", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-e6f4-4933-a72e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "f0b39db9-e22e-4e2f-add9-d38f68c3eebb", "value": "2da68528d3ae8f36da95331c43f8db5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "931cf8c1-bb76-4353-a6c6-3dce345ae1c2", "value": "2a19e173f509ffde2429649baed4312a61bcef72" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "bc954693-2ebb-4376-84f8-f1b2e287653f", "value": "0323579935236a84bddce1f305ab4202cb706e89f910ad18758e118689af546e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055601", "uuid": "c970f396-119c-4222-b0cf-76fd8564f7a1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "b183731d-c1a7-44c7-83f5-88b66a4e8b47", "value": "2019-11-23T22:13:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "70ac0a93-38b6-468a-bdc3-087bcff79f3a", "value": "https://www.virustotal.com/file/0323579935236a84bddce1f305ab4202cb706e89f910ad18758e118689af546e/analysis/1574547211/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "9a50e0fd-0af6-4593-a203-00abb35a38eb", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055601", "uuid": "5d6c1bfd-c5c0-48e2-844d-3fa7b1827af6", "ObjectReference": [ { "comment": "", "object_uuid": "5d6c1bfd-c5c0-48e2-844d-3fa7b1827af6", "referenced_uuid": "f228630c-9773-4179-adff-a48f7cec0f97", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-009c-4458-90d9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "05d680f2-44ad-4d3d-9f2c-8e0b414647b2", "value": "6fc5446ba05cc912bbbb927a6b42f401" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "ef00298e-2a70-4fef-b3de-7bf4edfe54ad", "value": "a5765bef4a6eb6c44777fc9bd676a42c8245542b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "81459b64-14c3-42fc-a2a8-e73206c58440", "value": "935277a274a40581ca73699a0b61d0bf06800e21e3fb127279a994307aefa9f6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055602", "uuid": "f228630c-9773-4179-adff-a48f7cec0f97", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "4f394011-c8da-44fb-91ab-70c9a3af39c9", "value": "2019-11-13T13:56:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "0b6f762e-6c72-4ceb-9802-bac468e4546e", "value": "https://www.virustotal.com/file/935277a274a40581ca73699a0b61d0bf06800e21e3fb127279a994307aefa9f6/analysis/1573653393/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "b0e09389-126a-42df-b3ba-b20efebc5ceb", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055602", "uuid": "ec79408a-e990-4718-bd7d-75a9f4fdb706", "ObjectReference": [ { "comment": "", "object_uuid": "ec79408a-e990-4718-bd7d-75a9f4fdb706", "referenced_uuid": "b963ea7e-e6ef-40f4-81b8-22568807c1c7", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-d2c8-4ab6-986c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "fb8458b8-2ef2-4c09-89ad-6d7a60c14c41", "value": "63183caf63d239c253bc35c6270c6f5d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "4d996a3d-ac30-40e3-9c23-0b02c3b87128", "value": "6ded30783ef9a0472ca567bedbf1307038683ed5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "9dcf7d8b-d5d7-4a2e-b0d4-9a794aa2a43d", "value": "94f064392a539b996c0b823d2c25ba7e0e852907c3925864e82eed9522939269" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055602", "uuid": "b963ea7e-e6ef-40f4-81b8-22568807c1c7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "efa4767d-d8d6-410f-971f-82ae769cb8c6", "value": "2019-11-11T22:22:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "23526139-3d98-450e-ba2b-4f4b1dcc96b2", "value": "https://www.virustotal.com/file/94f064392a539b996c0b823d2c25ba7e0e852907c3925864e82eed9522939269/analysis/1573510928/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "84793ad0-665a-45a1-aa44-c028602ce383", "value": "43/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055602", "uuid": "92b2a253-ea2e-40e3-809e-92184164dc01", "ObjectReference": [ { "comment": "", "object_uuid": "92b2a253-ea2e-40e3-809e-92184164dc01", "referenced_uuid": "6c701979-b232-45ca-a78a-a23622e497e7", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-b214-44ba-914f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "6619a884-4786-42af-ae33-1aba37cf0466", "value": "322149036a4ec0c37ee540db535b4625" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "ccdfdc31-74f6-43b3-88dc-8e3c274571dc", "value": "13776c068d3af43fbbe950d3e35d09419f154d50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "64f746a2-d082-4cc8-af44-4ab01b21d91a", "value": "1707ff37285a6c1d552eec29c1a7a4439c7787500a665cf8d34703d65af52788" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055602", "uuid": "6c701979-b232-45ca-a78a-a23622e497e7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "801312b6-7f24-4034-a669-83d878e7b16d", "value": "2019-11-17T03:37:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "331a33cc-4fd7-452f-9ec3-624788a5cb75", "value": "https://www.virustotal.com/file/1707ff37285a6c1d552eec29c1a7a4439c7787500a665cf8d34703d65af52788/analysis/1573961871/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "045783f9-6cfd-4e56-ab1c-6e320d113b7b", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055602", "uuid": "853405ee-f996-4132-af00-959e61bfe8e9", "ObjectReference": [ { "comment": "", "object_uuid": "853405ee-f996-4132-af00-959e61bfe8e9", "referenced_uuid": "b91dbdae-2b3b-401c-ba36-e8a9320fbed3", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-df64-42f2-93ea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e2b7d03c-d44b-48d4-b122-6df626a2779c", "value": "9a9e27c9547085f9322727145d103cfe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "16a87ec7-7e23-4f2d-92c7-79060fba9b48", "value": "689982f7078fe97e32469ca8c49d8f1ed9aa5f82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "7550e11e-c222-4952-a68b-d32ea2926c2d", "value": "9d6d21f59f7c7160b5f784da15bed3750cb5b2a5ccd0c736aff71702a7e71e63" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055603", "uuid": "b91dbdae-2b3b-401c-ba36-e8a9320fbed3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "ae5fad2d-b867-40a9-9095-6933abd17d83", "value": "2019-11-27T04:24:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "75d957a6-e681-40c4-a5fe-66d61fb4df4a", "value": "https://www.virustotal.com/file/9d6d21f59f7c7160b5f784da15bed3750cb5b2a5ccd0c736aff71702a7e71e63/analysis/1574828662/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "1b43580d-f235-48d4-819b-4633e79cb82b", "value": "50/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055603", "uuid": "dcda9e06-88e8-4217-a09f-dc647e46e65e", "ObjectReference": [ { "comment": "", "object_uuid": "dcda9e06-88e8-4217-a09f-dc647e46e65e", "referenced_uuid": "29edf574-988c-4686-aca5-a01b9f33ba91", "relationship_type": "analysed-with", "timestamp": "1576055881", "uuid": "5df0b449-43a0-42c9-b2e7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "e27d94f3-b608-421d-b31e-d19b6fca107e", "value": "8d64e858a8f152c11bfcfd09faaeeac2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "93847697-dab5-440f-876f-f363c8d2524a", "value": "a48f19fecc4833b0ed0e5e631a1469a958e0573d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "a270d737-580b-4786-a2c3-1ffecd8df84a", "value": "82b1489f223b70fa1ce9da30d6477dd00abd48a274e99f32bcd82d92c2af808f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055603", "uuid": "29edf574-988c-4686-aca5-a01b9f33ba91", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "3cdfbe4f-2b38-4901-9c97-3dfa2356c514", "value": "2019-12-05T04:04:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "095548e3-63f9-485c-b374-b362b21716d4", "value": "https://www.virustotal.com/file/82b1489f223b70fa1ce9da30d6477dd00abd48a274e99f32bcd82d92c2af808f/analysis/1575518644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "c3445b72-1c06-4675-a22f-ad5184c15edb", "value": "56/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055603", "uuid": "dcd28e92-8066-4ff4-b055-191ca78b8486", "ObjectReference": [ { "comment": "", "object_uuid": "dcd28e92-8066-4ff4-b055-191ca78b8486", "referenced_uuid": "16df8b30-00a9-45c2-8223-6e76ed652385", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-5340-4fa4-9054-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "9168101d-c297-40f8-920f-278b0922df43", "value": "aef8d852b01be0755f5e5b2aed59f613" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "13fa4b86-9aac-4573-a69d-f61b651eadde", "value": "f4ff02606909d80ef18b95b046581cfce450e354" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "fa73defc-c54f-4623-a206-a5e9d36ae3fa", "value": "88dcac0d38c3b5deac8490ae8bf4c74f9028d90b72573b299439a0769502acbf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055603", "uuid": "16df8b30-00a9-45c2-8223-6e76ed652385", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "f31f13ef-f722-4604-87e9-252292429a3b", "value": "2019-11-18T10:29:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "fe0e70d7-fa99-4d98-bac7-f50b6c47e42c", "value": "https://www.virustotal.com/file/88dcac0d38c3b5deac8490ae8bf4c74f9028d90b72573b299439a0769502acbf/analysis/1574072946/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "eb493615-5721-4b68-b03f-b02bbb8caa95", "value": "43/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055603", "uuid": "5f12e532-3625-439b-934f-80a21041e6c9", "ObjectReference": [ { "comment": "", "object_uuid": "5f12e532-3625-439b-934f-80a21041e6c9", "referenced_uuid": "c91a948f-cbee-47f6-bb9c-628c67aa0532", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-1158-470d-9dca-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "8c7cc3dc-01ba-41ed-a69b-9af8554a23e1", "value": "6504e3d07874753bd3b03c7231cfc500" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "c344a229-b5f5-4331-b827-7cf3a724809f", "value": "4f8a039bc61b8659c8d6aec3cd6bd0e40287e9ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "ecf15f0c-7a95-4213-8da0-27a8ed6dfb61", "value": "82048f464c16ff7008e7495cc87fea4fcc5cf04d958a12fb1b3dc613fd33efa4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055603", "uuid": "c91a948f-cbee-47f6-bb9c-628c67aa0532", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "79e748bd-ab17-4b58-8b36-4e1d3d985c19", "value": "2019-12-04T05:33:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "7ee1b0cc-b57f-4427-a50d-6a4a1e497fde", "value": "https://www.virustotal.com/file/82048f464c16ff7008e7495cc87fea4fcc5cf04d958a12fb1b3dc613fd33efa4/analysis/1575437627/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "79034555-f8b6-46e6-abe4-0057e6295f88", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055603", "uuid": "4edc7773-8cef-4ba9-b89a-9a78d66ab684", "ObjectReference": [ { "comment": "", "object_uuid": "4edc7773-8cef-4ba9-b89a-9a78d66ab684", "referenced_uuid": "6829fbe4-2201-46da-a95b-da4a68e290bc", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-7534-4349-97fe-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "f044c43d-5d34-44c3-b380-4d120654f60e", "value": "5b31712a76193336a11c5da1604295cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "c04d2593-6727-4462-b96a-0b5cca655c3f", "value": "a67d183da817cb30364653f70aae878a9cfb367c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e35c716e-65ae-4002-8e83-23c54c273fb4", "value": "ee7aa5f506aea586027a892f3142b0e63a69493356a69f47fdd020ea7e681c65" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055604", "uuid": "6829fbe4-2201-46da-a95b-da4a68e290bc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "02e58b73-f10f-4f13-81e5-0141a47150c9", "value": "2019-11-12T12:24:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "783963b4-dcd5-4b0e-b351-013db1212b02", "value": "https://www.virustotal.com/file/ee7aa5f506aea586027a892f3142b0e63a69493356a69f47fdd020ea7e681c65/analysis/1573561467/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "96b26779-f4d6-4d73-9103-b1288722b74c", "value": "48/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055604", "uuid": "995a7853-9b67-4488-9db9-f8eb3240c136", "ObjectReference": [ { "comment": "", "object_uuid": "995a7853-9b67-4488-9db9-f8eb3240c136", "referenced_uuid": "500e591d-65c4-4d06-8bb9-dd335e43fd56", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-88fc-4a92-a52e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "2d2ea33e-f457-4cb5-8941-5f8294f80ac1", "value": "fe3d4da68299fd0feb27f1d2fe320a79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "364a5465-f6f8-4eea-8858-418ed3f64319", "value": "342197f5a0045e629accaec2f2890925bb0ed999" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "f0600a47-b587-437f-855d-0171494a2f52", "value": "60c66d7f9bd30008dd2f4549940d46afd9cb84df073892766c8f2c5cbb58ab1f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055604", "uuid": "500e591d-65c4-4d06-8bb9-dd335e43fd56", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "42d78c20-9edc-4d1b-8d0c-acfd75faa86e", "value": "2019-11-18T07:37:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "8274977c-0b05-4a37-aca8-acba3edb438d", "value": "https://www.virustotal.com/file/60c66d7f9bd30008dd2f4549940d46afd9cb84df073892766c8f2c5cbb58ab1f/analysis/1574062643/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "28d759de-7c16-45bc-9889-186eb857b555", "value": "54/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055604", "uuid": "87be7c75-1120-4806-a175-4343f80793c4", "ObjectReference": [ { "comment": "", "object_uuid": "87be7c75-1120-4806-a175-4343f80793c4", "referenced_uuid": "bbd29299-8016-4ec7-b5d5-b7a13ef57670", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-d560-4a5d-8bd8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "d2fc170e-3021-4de8-ba2f-6e458b0ec937", "value": "e413f125600f42d199d76a6a8fc3d888" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "bb6371e3-0d66-4e64-8bff-ea325a25d628", "value": "f9eded4dd8b53458f5029fca1e758bb51ae23afa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "59eb3c3e-0062-4902-a843-539bbff2bde9", "value": "b5bb9daca3aea592d67391824b3765985e10e17bcff43270305a72766a6348eb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055604", "uuid": "bbd29299-8016-4ec7-b5d5-b7a13ef57670", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "18ffaa81-1c78-433a-be1a-d88f74f0d939", "value": "2019-11-16T07:08:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "f3993906-9a27-4edd-9093-ad398b14e358", "value": "https://www.virustotal.com/file/b5bb9daca3aea592d67391824b3765985e10e17bcff43270305a72766a6348eb/analysis/1573888133/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "7f7b7785-5023-417d-ad8c-26c4a2121c0d", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055604", "uuid": "5b39cbaf-c11e-4c8a-8b8c-dc91948a4b2b", "ObjectReference": [ { "comment": "", "object_uuid": "5b39cbaf-c11e-4c8a-8b8c-dc91948a4b2b", "referenced_uuid": "d599f193-3395-4fa5-9806-26bf4cea5c41", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-1a64-41dc-b236-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "6792677e-a3c0-4642-8702-b81cbd557ba0", "value": "b1c6b676a0406c97d155e551757a7718" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "ebb4fb1c-38ad-471c-a39f-4809c5a73da1", "value": "7d6552f718b7a129820425f8816a74e6b62e1c40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "94b5a69a-d771-40af-a1f8-601276e265b7", "value": "a29724b0d16f55a8ec4fdfcd5aac29de9ea7165b1e915a266184b8b16e351dff" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055605", "uuid": "d599f193-3395-4fa5-9806-26bf4cea5c41", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "0fa1d09e-3469-417f-a9e7-bd74b6ba8d0c", "value": "2019-11-17T09:17:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "0ed7acdb-f3e8-47d7-ba25-b0d2a1261228", "value": "https://www.virustotal.com/file/a29724b0d16f55a8ec4fdfcd5aac29de9ea7165b1e915a266184b8b16e351dff/analysis/1573982278/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "7b97673b-6600-485a-a549-7d4088039f74", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055605", "uuid": "5bfcdfc7-5c40-445e-b378-46929764eccd", "ObjectReference": [ { "comment": "", "object_uuid": "5bfcdfc7-5c40-445e-b378-46929764eccd", "referenced_uuid": "341d4026-5090-4861-b225-d306d1177ea2", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-1d8c-4607-b2ea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "903f6a00-5818-4de5-b41e-ec7f056511df", "value": "6fa1f4615000e29286e7ae7b4d05609f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "a3a69262-9d78-42a4-a2c7-245600aaf574", "value": "a5df23d36fb303d96e4cb95ba2abbc77e10abf43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "3d31b315-fb84-41b4-b85a-a19385e3f5ab", "value": "f653d73237175f1ac319de0af0395bf4ffa82c2eeaed813f978cc68ee6e9ac2b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055605", "uuid": "341d4026-5090-4861-b225-d306d1177ea2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "eeae142d-4f3a-4969-ba23-d3975fea954d", "value": "2019-11-09T02:42:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "759c7520-ec37-4929-8792-362f258c8853", "value": "https://www.virustotal.com/file/f653d73237175f1ac319de0af0395bf4ffa82c2eeaed813f978cc68ee6e9ac2b/analysis/1573267338/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "e8cc84d4-ea01-41fd-8089-0b1bc28a0595", "value": "36/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055605", "uuid": "ca84aa69-d149-46cf-bfdd-11623cbbc9a1", "ObjectReference": [ { "comment": "", "object_uuid": "ca84aa69-d149-46cf-bfdd-11623cbbc9a1", "referenced_uuid": "5c4f6358-07e1-41f6-b1eb-28882358c0a7", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-ec70-4ba1-a77c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "48058094-2cc2-49ec-a955-724644b3eb7a", "value": "0fa79b6b4a5ac0fced88dd0593a72be8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "a9b268dd-4c43-4227-b149-37ed3cd487a8", "value": "aed4f278d2acae6c3306fcda711a654d33addea3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "70401454-2668-484b-acae-51042405dc91", "value": "e1d6dcab11869cb619a173440c998f0957162ca36e2b43f1e2757e11541fad05" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055605", "uuid": "5c4f6358-07e1-41f6-b1eb-28882358c0a7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "cbc8c181-a810-47a7-899f-765e9ae19614", "value": "2019-11-16T09:37:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "069e0c6d-1e9b-4db5-ab64-51ef0a7c4a46", "value": "https://www.virustotal.com/file/e1d6dcab11869cb619a173440c998f0957162ca36e2b43f1e2757e11541fad05/analysis/1573897020/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "fd74b39f-54ae-4f5c-b111-8ccf0402a440", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055605", "uuid": "ffc627d6-146a-4114-9309-4070796ebe8f", "ObjectReference": [ { "comment": "", "object_uuid": "ffc627d6-146a-4114-9309-4070796ebe8f", "referenced_uuid": "40f54b0d-7ae1-457b-8c11-454d858024f3", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-70b0-433e-a488-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "96511a96-609d-43dd-a47b-6045c70a6d30", "value": "6b9aec5bfc6f1053522b9999153033c1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "82f8cb9e-702a-40a6-adde-c7d21014b748", "value": "f9a3e68d4e0a4212bf713571d6d5599178602a9e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "0d1a6743-dbe6-48a4-8007-0db3ea0bf5d8", "value": "94d2a8a51f525a51f4b7d3266240e9172c94f8562c695a2f908539cc46666087" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055606", "uuid": "40f54b0d-7ae1-457b-8c11-454d858024f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "b97c8994-13ab-48e3-a76a-83094595047c", "value": "2019-11-20T17:06:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "37baf035-89ab-4d8f-a853-2cc674d16a31", "value": "https://www.virustotal.com/file/94d2a8a51f525a51f4b7d3266240e9172c94f8562c695a2f908539cc46666087/analysis/1574269599/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "8df5babe-cec7-4b74-9669-27fb6178c088", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055606", "uuid": "bc3bffeb-184a-4e00-9879-3bf00bea009f", "ObjectReference": [ { "comment": "", "object_uuid": "bc3bffeb-184a-4e00-9879-3bf00bea009f", "referenced_uuid": "64672c5f-fe7f-4193-9af6-73aaed39d01a", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-8090-4a93-afce-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "988b188c-0da2-49f2-94eb-a15b02a28627", "value": "f08dc608dd9aeb243ac2504378e25c15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "17a3e6b4-fa4e-4934-8a76-4ee4feacfe94", "value": "a07b91af9cc0f27915a51af7b35b286a3621b75d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "3ca7e496-9aef-4b55-a366-94b6ce3af492", "value": "ef2a74ce32cdf501f3b83be8f3de48c80535f160ec0830effddfb4f3d3d61ee8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055608", "uuid": "64672c5f-fe7f-4193-9af6-73aaed39d01a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "d0dbd948-fb66-466d-bf49-43591d65d1f1", "value": "2019-11-07T19:05:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "caf68726-6925-4d1d-ae29-5d3406a54428", "value": "https://www.virustotal.com/file/ef2a74ce32cdf501f3b83be8f3de48c80535f160ec0830effddfb4f3d3d61ee8/analysis/1573153522/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "ea74dabc-7547-402d-9c3c-6d105e129bbb", "value": "37/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055608", "uuid": "37e3db40-5907-47b5-839f-ec72520222e5", "ObjectReference": [ { "comment": "", "object_uuid": "37e3db40-5907-47b5-839f-ec72520222e5", "referenced_uuid": "ff50118b-23b0-42f1-bb98-b3838dcac4b8", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-f2e0-4f85-83aa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "985e0a38-cec5-4976-b75b-c874a725634f", "value": "0a9690456e1822c684a3ffc7296fdb83" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "f06090d8-a3bc-433e-95f0-227c12128741", "value": "bc289dd536d2a25d62d7ecd11476c2116c749d12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "cef22770-71e0-4369-bbf8-7dfe032f35a9", "value": "aa5825680d7438a8a58f6361cafce56c333f7857e9117c027544008895b5dd31" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055608", "uuid": "ff50118b-23b0-42f1-bb98-b3838dcac4b8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "e0057444-cb91-4132-9f02-753236dd91c6", "value": "2019-12-04T12:49:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "b6a93b32-b0a1-435f-8a42-b79cf7284f9b", "value": "https://www.virustotal.com/file/aa5825680d7438a8a58f6361cafce56c333f7857e9117c027544008895b5dd31/analysis/1575463749/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "c68a9d5b-2262-447f-97dc-ef054bcaa60d", "value": "58/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055608", "uuid": "4e1b4cbe-8bbb-4494-a91b-31e2bca2e0ec", "ObjectReference": [ { "comment": "", "object_uuid": "4e1b4cbe-8bbb-4494-a91b-31e2bca2e0ec", "referenced_uuid": "543e7e9a-349b-4cf9-bdca-8a0e4e3aeb83", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-67a8-40db-8b61-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "96c6ca0a-3001-489d-8f8f-1324aaac503c", "value": "ef42e92e59abe7c7b506bf42186f87ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "69d2ff46-5064-46e8-9b08-5a41a8a9d9ac", "value": "1b1e4df33a2b770dfffa50384c98e0669cd1139e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "eca65bd1-6288-4c84-a825-0bdabd2be39e", "value": "54ac5748d75d1963e2c5b753e31044813ba9e116532d73815a862e469879260a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055609", "uuid": "543e7e9a-349b-4cf9-bdca-8a0e4e3aeb83", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "4b891489-6907-414a-87e5-98608ab08889", "value": "2019-11-25T01:26:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "326b04e1-c1c3-4167-876a-84dd69268225", "value": "https://www.virustotal.com/file/54ac5748d75d1963e2c5b753e31044813ba9e116532d73815a862e469879260a/analysis/1574645174/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "5906bdc5-f1df-4e1e-83b6-d453d38b1ce0", "value": "48/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055609", "uuid": "f1544ebb-6bed-4e66-a981-54b89d137019", "ObjectReference": [ { "comment": "", "object_uuid": "f1544ebb-6bed-4e66-a981-54b89d137019", "referenced_uuid": "b4b1cc7a-2025-47f4-896c-4994f9415843", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-d8ec-43c6-ac77-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "2635cd95-bd57-4557-b243-9be2622acac4", "value": "8c4f85600e35e3ddfdbbf80123e85de0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "d4745fe9-779e-4516-b4e7-b45a2f89cfa3", "value": "8fd1719aae32fee90579b1d16a42380294d5db66" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "0e256985-66c7-4625-8343-c95bf69c0474", "value": "a9db489b00bc4306cfc3e85a66746229b5669e2134840c3005feda5c554f6c87" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055609", "uuid": "b4b1cc7a-2025-47f4-896c-4994f9415843", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "b369b2a7-a3a4-4d2d-8831-9a7c610aef2b", "value": "2019-11-12T01:31:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "ecbe7343-a65f-43fd-8014-46850f4dcb89", "value": "https://www.virustotal.com/file/a9db489b00bc4306cfc3e85a66746229b5669e2134840c3005feda5c554f6c87/analysis/1573522317/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "816f97d1-e326-4507-9dca-85297fb0f2ae", "value": "42/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055609", "uuid": "66d3ebff-87c0-4e11-8e47-3b1728bd0a30", "ObjectReference": [ { "comment": "", "object_uuid": "66d3ebff-87c0-4e11-8e47-3b1728bd0a30", "referenced_uuid": "8770a5ba-82b8-43bb-bc0a-90265aadfad9", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-ca10-4b12-ad8a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "11552fde-229e-4288-8b25-371d6f8ff352", "value": "de292ebe67a291ecbce7c98ea3a83186" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "ed54a68c-c91b-4697-bc7e-8d318aa1fe0a", "value": "89d1d941f92c046330d77baecdcfe6d2c74707cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "0880f562-3fb9-4dd6-88a1-213b00550807", "value": "d2e1649eb93dc513bd8285f44f2631cdb7a8282acb626dc7873b6f536f10fec8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055610", "uuid": "8770a5ba-82b8-43bb-bc0a-90265aadfad9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "bc8bd9f8-924c-41d7-bbef-d0543b6511c7", "value": "2019-11-16T14:13:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "f2f47d89-ca0e-4b7d-950c-0e5d2f392317", "value": "https://www.virustotal.com/file/d2e1649eb93dc513bd8285f44f2631cdb7a8282acb626dc7873b6f536f10fec8/analysis/1573913595/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "af4ceb22-398e-49f3-bf72-cad289a987bd", "value": "43/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055610", "uuid": "347e854e-079b-4802-897e-d55cac01354c", "ObjectReference": [ { "comment": "", "object_uuid": "347e854e-079b-4802-897e-d55cac01354c", "referenced_uuid": "ab50559b-977c-4921-85d3-be33babde326", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-91a4-4d89-80e3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "63846ff4-6ae2-400e-b12f-cee4f03be0b5", "value": "8f6f3993750929c6e478d0681f10a936" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "f316363d-a928-4cd8-bd0b-b67900147809", "value": "1a31402563caf0be736de2e36190baec14743fbf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "49a173d3-9757-46a9-b7b6-bd964472f64e", "value": "3ad66d92af7445f4dc1b339299f95c7e08372bf8b1b5055fc9f48f07481552c3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055610", "uuid": "ab50559b-977c-4921-85d3-be33babde326", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "cc561622-dd46-43bc-8d49-b81c51c0c014", "value": "2019-11-21T10:47:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "c4bae128-0462-4a4b-8ed9-d4d276e45d7a", "value": "https://www.virustotal.com/file/3ad66d92af7445f4dc1b339299f95c7e08372bf8b1b5055fc9f48f07481552c3/analysis/1574333270/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "539b03ae-6ed0-42c9-8414-1cbe0e1512e7", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055611", "uuid": "6742f631-878e-41a4-89b4-15eb2ee3ba79", "ObjectReference": [ { "comment": "", "object_uuid": "6742f631-878e-41a4-89b4-15eb2ee3ba79", "referenced_uuid": "1aec21d9-7e0d-4052-8d93-c9c7a1ca1b00", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-07a8-4d5b-8add-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "bfaaf2b9-05cc-4b92-a5f5-493d7e53adf2", "value": "22a9b2980ae055381a351964359cd1d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "5464373c-452f-430b-b09e-b592b2316552", "value": "501145f0c2665600fd640ea6f6ec7677e340b766" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "841591cf-1677-44a1-8592-eb6e264d6e29", "value": "d902651a98c1f0d139bb18d2eff730e2b06af7b5813c3d170475a284cb25b04b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055611", "uuid": "1aec21d9-7e0d-4052-8d93-c9c7a1ca1b00", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "3d8f0def-e124-4d38-bcd7-9d5bd80668cf", "value": "2019-11-26T14:30:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "3ebee241-374a-4a7d-a46e-9a527aef2438", "value": "https://www.virustotal.com/file/d902651a98c1f0d139bb18d2eff730e2b06af7b5813c3d170475a284cb25b04b/analysis/1574778610/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "682a5d33-fc56-41ac-a71c-8b44ac39a7d9", "value": "57/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055611", "uuid": "0802a423-f23f-44a7-8a82-ca2642f437fa", "ObjectReference": [ { "comment": "", "object_uuid": "0802a423-f23f-44a7-8a82-ca2642f437fa", "referenced_uuid": "fad90066-9bb1-47d6-bb1b-7a77784f2739", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-b6a4-43fd-a003-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "4398324f-9672-4772-b82b-baaf6d0633d3", "value": "47e5216a3402cc6217f8528e9d3ae42b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "cf51c1f1-78a6-42ad-8fcf-7b419a93c0ef", "value": "d153f4748d53273ba2187281404b5b6d29e87c68" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "5d1d33ee-a070-4ed4-be05-398151dacb59", "value": "2b27cf8d46e3dc99cfa4b0381f7e2489b203b4c079bdce5c107629c7957456a4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055611", "uuid": "fad90066-9bb1-47d6-bb1b-7a77784f2739", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "2ce89fb6-2035-4e39-9700-50290105afd9", "value": "2019-11-23T21:52:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "395c48c3-5fc8-4252-85d1-229452d05b65", "value": "https://www.virustotal.com/file/2b27cf8d46e3dc99cfa4b0381f7e2489b203b4c079bdce5c107629c7957456a4/analysis/1574545947/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "80a11012-e75f-4688-834b-64c12d924118", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055611", "uuid": "c0f22fd8-caa5-44c6-aaf1-fa5814db7c29", "ObjectReference": [ { "comment": "", "object_uuid": "c0f22fd8-caa5-44c6-aaf1-fa5814db7c29", "referenced_uuid": "fced3284-f0bc-4407-8b21-e26732cbae88", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-68c0-4d8c-9372-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "392b593f-53a9-4e51-ac6a-c2fafc50db05", "value": "eb5836a6388cb6960feed5bd5307b84d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "d753c493-9eea-4dfc-b9a4-5d33edc64145", "value": "081b900768b78dcb06401db55164ff470b1906ba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "add72f95-e297-4a75-813f-abda86ffa342", "value": "a3eaf8b097433b8b607bbcb8f7bb4e435431c6ff825dca3e6541c2dbb88514cf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055612", "uuid": "fced3284-f0bc-4407-8b21-e26732cbae88", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "3ded1bc7-2a3c-4fab-bc46-b5a0c2a4d5cb", "value": "2019-11-29T02:36:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "e7ca06ee-b563-4a27-b430-aa5187d4e919", "value": "https://www.virustotal.com/file/a3eaf8b097433b8b607bbcb8f7bb4e435431c6ff825dca3e6541c2dbb88514cf/analysis/1574995000/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "771db83d-8177-4554-9ec0-e4d339dcc63c", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055612", "uuid": "f750cbf2-ce34-454f-98f4-f6fdde8fbec3", "ObjectReference": [ { "comment": "", "object_uuid": "f750cbf2-ce34-454f-98f4-f6fdde8fbec3", "referenced_uuid": "06cc4d37-a03c-4523-bfca-3b62b5ac3618", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-74d8-4154-8411-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "5b4521d2-3d5d-49a5-acab-2b8c68335e37", "value": "f2570a9bb7f0cc312ff52252e71f782f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "708f1dae-36b2-410b-a6d1-cdb634a7576e", "value": "350b29baaac2fbe5d82880d52fbf4419809023a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b16cabf5-c709-413b-808f-2c5cf4a322be", "value": "c2758f27013aa2fd4cd57d3fa6aae6c61c43cac869f7622de24c0910165c6805" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055612", "uuid": "06cc4d37-a03c-4523-bfca-3b62b5ac3618", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "0fc49caa-e122-42e0-b62c-61e9be19878b", "value": "2019-11-27T04:56:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "fd34b66b-506e-4c7f-a79e-cdb41ec42b7f", "value": "https://www.virustotal.com/file/c2758f27013aa2fd4cd57d3fa6aae6c61c43cac869f7622de24c0910165c6805/analysis/1574830611/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "51c7b16a-3204-4c80-afda-5f24bd06d955", "value": "54/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055612", "uuid": "f27ffa02-ca85-4ffc-9d0a-d8f10ee9f08f", "ObjectReference": [ { "comment": "", "object_uuid": "f27ffa02-ca85-4ffc-9d0a-d8f10ee9f08f", "referenced_uuid": "4b509471-e9a1-4881-95a4-aef78539177b", "relationship_type": "analysed-with", "timestamp": "1576055882", "uuid": "5df0b44a-4cd8-4f79-a8bd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "3c89efa5-8fe6-4532-a9e1-28b44410e788", "value": "b6525cede0225a68e659ce3673b6e38f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "18150c9b-b4d3-4af2-b38a-188a48e7b7da", "value": "5bed98c1de776d76fcc7a3806e6ebcf1cebbb339" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a2ddbf62-046a-4b0d-ac12-f2ac8617f57c", "value": "c1258f15e48eb097453ca8bfb959e887d98d128759070034665d95314bef1cc4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055612", "uuid": "4b509471-e9a1-4881-95a4-aef78539177b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "c29b3f8c-1afc-48de-a2e4-9f64a0ecc29d", "value": "2019-11-21T10:56:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "a0b41ec6-61cb-4025-816c-a62a492276fc", "value": "https://www.virustotal.com/file/c1258f15e48eb097453ca8bfb959e887d98d128759070034665d95314bef1cc4/analysis/1574333786/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "aa466db5-3757-4b30-bf92-de0f44c68614", "value": "47/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055613", "uuid": "e7397a20-e912-4960-a191-ecfec70aff18", "ObjectReference": [ { "comment": "", "object_uuid": "e7397a20-e912-4960-a191-ecfec70aff18", "referenced_uuid": "556043f5-281e-4848-91a2-9aa85e3a8c1d", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-fbf8-41d5-abfd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "306e0276-7a05-42cb-a438-5a762535891b", "value": "ec36c119d3d35998e4f6102234a665b5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "261561a6-96e6-445c-bcb5-2b9db839e3da", "value": "a93538a9f01f9b68775e77cd64e7f97cb39a435d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "c787e5a3-f553-4c9a-9f59-d14805c2148d", "value": "387d4ee7df6dd6fe6321789aaaaf2c9752b2d07b001d13b446c559b73902b633" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055613", "uuid": "556043f5-281e-4848-91a2-9aa85e3a8c1d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "32cd02e5-2391-487a-9c14-55537bed60bf", "value": "2019-11-29T08:25:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "6724a980-a534-424e-b1b7-7233dd8afd18", "value": "https://www.virustotal.com/file/387d4ee7df6dd6fe6321789aaaaf2c9752b2d07b001d13b446c559b73902b633/analysis/1575015958/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "93223a70-c188-4b4d-85cb-da674e5c0cc9", "value": "55/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055613", "uuid": "fc4dd3f6-2b8d-4b7a-b668-05be37166b6f", "ObjectReference": [ { "comment": "", "object_uuid": "fc4dd3f6-2b8d-4b7a-b668-05be37166b6f", "referenced_uuid": "91742e2d-4b6c-4a6a-8572-1a33f5b66383", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-dcd4-48ea-8c46-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "cff06af4-4747-4d91-a07a-19df2bb209f2", "value": "30be1fd8c68b962f1852297df098f90b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "cca25870-cafc-4329-987e-f520490b7d48", "value": "8f92b7d26a06cb351abf56cf9db56f084f188578" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "e912894c-2c6a-4ac7-b319-bf7636a378c6", "value": "4d758688de62b69c69b98dcaebae6e98dce463b4eb0f62591cd2df371ad54535" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055613", "uuid": "91742e2d-4b6c-4a6a-8572-1a33f5b66383", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "454e592d-2de0-4699-b8b5-9604deb82f7d", "value": "2019-11-24T16:23:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "db2ccd5d-4c46-4b66-911d-1fe82acbbdd1", "value": "https://www.virustotal.com/file/4d758688de62b69c69b98dcaebae6e98dce463b4eb0f62591cd2df371ad54535/analysis/1574612621/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "f1cb739f-8ab6-4019-9c4f-96e8d0a029df", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055613", "uuid": "0d635259-0a09-4cb9-9288-79215da8904c", "ObjectReference": [ { "comment": "", "object_uuid": "0d635259-0a09-4cb9-9288-79215da8904c", "referenced_uuid": "c9e45bc9-c121-4773-8fa2-98776492baa5", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-4c44-4262-ad56-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "b9b963a2-4830-4edd-a031-fb786a646628", "value": "bf361b5fd29ba4cb755698a7ba012c58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "c20fbf66-f238-4f85-9475-9a59bec6a414", "value": "706851038b977e714b85824464d64d8045128330" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "e983c8b7-be3e-4bd0-a464-61ef5eef31d1", "value": "20826d7e9b4bd1e27ce9d055aec859720dfc89dfc3ea640c680dea6c9cd5588e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055614", "uuid": "c9e45bc9-c121-4773-8fa2-98776492baa5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "4519e084-0b93-4416-bf5d-9edcd7833921", "value": "2019-11-13T14:00:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "77a97096-67c4-45a5-9f29-42f13fe916d3", "value": "https://www.virustotal.com/file/20826d7e9b4bd1e27ce9d055aec859720dfc89dfc3ea640c680dea6c9cd5588e/analysis/1573653657/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "76fdcf62-295d-41d5-b4af-de0f80675ff0", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055614", "uuid": "fbba8bfe-e2b5-4c49-9566-d663036dbfe5", "ObjectReference": [ { "comment": "", "object_uuid": "fbba8bfe-e2b5-4c49-9566-d663036dbfe5", "referenced_uuid": "511b7be9-e361-4374-b0ea-3f7e8fbd80c6", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-5494-4ad4-8030-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "a26c8486-0d92-4119-9307-ca706d7b2ea4", "value": "92cc62616b249141da6c7e7482747a0a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "55035d4d-bea7-42c3-94d7-5b8566cd900f", "value": "14d27b2cea611b3b613d3ccdf176b9d21f7733c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "f9b85911-a877-4fa5-87d3-7380d61726ff", "value": "885ee30a74554d4d5009337cabf839fe5c4ea16d5a4e4a799e1041ebd709f243" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055614", "uuid": "511b7be9-e361-4374-b0ea-3f7e8fbd80c6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "774be4c0-a84b-4243-86d1-40e8d0fcfe8c", "value": "2019-12-01T05:26:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "3bca40a9-f42d-4b61-9580-a156ba2a51ce", "value": "https://www.virustotal.com/file/885ee30a74554d4d5009337cabf839fe5c4ea16d5a4e4a799e1041ebd709f243/analysis/1575177975/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "d6287e33-9d79-4bc8-b9cf-6a1ce72781af", "value": "58/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055614", "uuid": "390023c7-060e-4856-bee5-0e1e817eaeb3", "ObjectReference": [ { "comment": "", "object_uuid": "390023c7-060e-4856-bee5-0e1e817eaeb3", "referenced_uuid": "dcf3ddf3-be51-4573-9d8f-22ff6e475120", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-0be4-4075-af8b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "a941a141-f971-4b92-bd77-107e80590afa", "value": "7df2077f3a8ded0dbd2c1980aeb50f8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "488b9534-0d74-47cb-ac5a-1641a28fd043", "value": "924e4760c05b2a7b22cde41f6a3ba353be201144" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "c3304bcf-f9aa-400e-9660-cc475169f111", "value": "2bf45addcc29bc985a90492f5364af1ff8386de6d0de1dc10d432fa6fd7a2829" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055614", "uuid": "dcf3ddf3-be51-4573-9d8f-22ff6e475120", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "8f85330e-4a58-44b6-b885-afeb0fbc7f7f", "value": "2019-11-26T13:47:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "7490323c-b0b6-4bdb-a93d-d0688aa013e5", "value": "https://www.virustotal.com/file/2bf45addcc29bc985a90492f5364af1ff8386de6d0de1dc10d432fa6fd7a2829/analysis/1574776039/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "905f15a2-222c-4795-b98a-76d5b718725a", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055614", "uuid": "cf030cc3-9f11-41be-a3d5-5bb43972f2d7", "ObjectReference": [ { "comment": "", "object_uuid": "cf030cc3-9f11-41be-a3d5-5bb43972f2d7", "referenced_uuid": "28f8ef49-f459-47d8-844a-3ca98d72d604", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-d938-4f76-ad3e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "2f86640b-0023-4d10-9a59-22527fb14dca", "value": "1fab15db11ee352bed487c6390c6036c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "0eb4f4dc-81a0-4de7-9ec3-4f4bb7947ff6", "value": "e70e3ae3fbf94b88f5e16f12784ecb8956035188" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "249e7522-9337-4cca-9c7b-4377a38e4208", "value": "1765ebda60085d53187e136384a6badff0a6041b6ee4761ced2f11e20b060802" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055614", "uuid": "28f8ef49-f459-47d8-844a-3ca98d72d604", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "8db1dc68-7c15-439d-b53b-d12c25ffea55", "value": "2019-11-14T09:10:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "c4e30125-f637-48ba-81fb-763c7d55a1b2", "value": "https://www.virustotal.com/file/1765ebda60085d53187e136384a6badff0a6041b6ee4761ced2f11e20b060802/analysis/1573722650/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "4843a4b2-28ab-4dae-ad87-50b0037a2ae9", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055614", "uuid": "49ea3782-8d97-443b-b549-362ff8d11df8", "ObjectReference": [ { "comment": "", "object_uuid": "49ea3782-8d97-443b-b549-362ff8d11df8", "referenced_uuid": "29f28d31-ab8e-4eb8-bc0a-0bbcf7e9e078", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-c4e4-454c-96e7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "436b5fb2-4ba3-4f09-92a9-cd5a2a8d399f", "value": "d1ac6bfe49ffd27a0f1ad1196152672b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "30a7b445-8d76-4d88-b72d-60202ea86b58", "value": "33a10c48420da9ce7537f37a72d6a2a7bbb14c17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "ab3d1ed0-434c-4cdc-8d9c-9479f4f86d22", "value": "1a52d43768e4c1b16d7aebfcbbe52b23ea082ed91cf7afc01219b9a739e82df2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055615", "uuid": "29f28d31-ab8e-4eb8-bc0a-0bbcf7e9e078", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "364915c1-55a9-440c-b580-1dd214d93aed", "value": "2019-11-16T08:55:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "01a07caa-611b-4d43-a81f-ea9646cd1fb3", "value": "https://www.virustotal.com/file/1a52d43768e4c1b16d7aebfcbbe52b23ea082ed91cf7afc01219b9a739e82df2/analysis/1573894535/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "ed00684a-e6b9-4fdd-a4b6-2c0282f454b3", "value": "43/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055615", "uuid": "fd08e4b1-817b-46f6-b5b6-cef63cbd0916", "ObjectReference": [ { "comment": "", "object_uuid": "fd08e4b1-817b-46f6-b5b6-cef63cbd0916", "referenced_uuid": "44ff5482-47d1-49fe-8d7a-756fffe06448", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-7508-4f3d-8843-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "906ca3d6-157c-48bf-8bb3-cb016cd609e1", "value": "c148db8d5cb3b6353d7b7855682ff4a8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "feeaae41-3b63-440e-b0ef-e9b6b9d8175b", "value": "58d05c668aeaf5c74423cf6adb75f13afbfa3f9e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "8bce58c4-ea68-416c-9605-745a2b050ef1", "value": "d3e28102b217faa33b3c16ed5d3ef631eb423955492b61067df4862515df8b7d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055615", "uuid": "44ff5482-47d1-49fe-8d7a-756fffe06448", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "5df2c6fc-8421-4d16-935a-7256a749d005", "value": "2019-11-17T10:06:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "e285c1ad-2071-4663-b9b9-c40c06d89d0c", "value": "https://www.virustotal.com/file/d3e28102b217faa33b3c16ed5d3ef631eb423955492b61067df4862515df8b7d/analysis/1573985214/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "3802c28f-f409-473e-84ea-4835d6349fef", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055615", "uuid": "f59c0559-e449-49d5-b744-2ca87005ed03", "ObjectReference": [ { "comment": "", "object_uuid": "f59c0559-e449-49d5-b744-2ca87005ed03", "referenced_uuid": "8abbde30-d6a7-4f02-b021-3f759b76aaa3", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-dd90-43d4-897c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "5bf3334c-915d-4fe5-9542-d73d211b57d2", "value": "374a7fa7c7b1d66afb28d4ae6803172e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "706af4e9-fd84-47ce-ba76-4cb64a03f6d3", "value": "2a2462d7dfc7abf3b366f1452bf9c2613be7c247" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "17a059b5-d1a1-457c-adad-58f1160baf79", "value": "173e1f595031f1a862d18cb31e4fa49ad74ea93eeaec8a0dd830d5e59fa13a66" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055615", "uuid": "8abbde30-d6a7-4f02-b021-3f759b76aaa3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "08291871-f531-4f0b-8483-8526e68eb75c", "value": "2019-11-20T11:54:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "065b8470-5573-4d57-823b-12bb7ae22140", "value": "https://www.virustotal.com/file/173e1f595031f1a862d18cb31e4fa49ad74ea93eeaec8a0dd830d5e59fa13a66/analysis/1574250855/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "3df4f6fe-187f-4713-bb65-69e9cd41fe38", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055615", "uuid": "433edd6f-8b51-4930-a303-ef7182bdd062", "ObjectReference": [ { "comment": "", "object_uuid": "433edd6f-8b51-4930-a303-ef7182bdd062", "referenced_uuid": "a1af993d-3e48-4c1f-b0e2-a7662fbc2561", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-0b7c-4f88-aaac-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "50b75eb7-9a2c-41a9-b133-2c0f01aa0a3c", "value": "c94ba260c69b54812abfbeca9eb9559b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "21d52992-e67d-4b47-8dc4-065c1cd170b8", "value": "6a4c543c3a062bdec346c557797403ac2b09021a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "5ca981ae-64d7-4272-829a-f06d69480322", "value": "67d6299bf2670476be5dddff75af12aa5151f94f7544334dba5ce5bbe8598f35" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055616", "uuid": "a1af993d-3e48-4c1f-b0e2-a7662fbc2561", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "3c9257fd-12dd-497d-91fb-c5d8ca99a507", "value": "2019-11-05T13:49:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "ca384a68-f40f-4bb4-84f0-8567460d7af0", "value": "https://www.virustotal.com/file/67d6299bf2670476be5dddff75af12aa5151f94f7544334dba5ce5bbe8598f35/analysis/1572961763/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "3b36a126-855e-40bf-817a-6d407ff5966d", "value": "12/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055616", "uuid": "e4358cca-2e7d-4887-b45a-95aafe27e443", "ObjectReference": [ { "comment": "", "object_uuid": "e4358cca-2e7d-4887-b45a-95aafe27e443", "referenced_uuid": "9c81e46c-d140-4e77-9114-25e385fd3439", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-fbf0-4e27-8205-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "99959260-8d29-4c6b-a113-23a63684a459", "value": "b6a49405897515f965eb8e597db9f1cf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "b4ecb578-2cc1-4006-8c50-fa7b20b35226", "value": "4c94b19a780d51f1574e70cce5135b25ae30de6e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "3c7659c9-f6c0-4c4c-8b3c-6fdfd6669be0", "value": "e64c25696f03af4f410cd66ba85fd2ddb951d224bd98cd5a1e29f171cd3c3730" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055616", "uuid": "9c81e46c-d140-4e77-9114-25e385fd3439", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "892fef66-0bdb-4fcb-95ba-b17e0f4d01b2", "value": "2019-11-14T09:10:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "cd40ac13-20b3-4a0c-a4d8-c74f97b15cf8", "value": "https://www.virustotal.com/file/e64c25696f03af4f410cd66ba85fd2ddb951d224bd98cd5a1e29f171cd3c3730/analysis/1573722646/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "454d9db6-0f9f-4988-acfb-377dc72a0f38", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055616", "uuid": "e51053e7-eac0-4122-b4a1-4fb362590a52", "ObjectReference": [ { "comment": "", "object_uuid": "e51053e7-eac0-4122-b4a1-4fb362590a52", "referenced_uuid": "253c787f-cccb-4b0b-8a9e-ac9986485b34", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-e990-4a7b-8a1e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "b4b9d5c8-099a-4f5e-991c-5f4e7c2f2ab1", "value": "13464b6e71f1530afa0488127a332159" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "d745ab63-23e5-49af-ab77-3d5b78450b75", "value": "84c17c95e27ddec6a258fd65b2842706aba499f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "27aa4747-b84d-4197-ae5d-c3d4ebfcd98c", "value": "e375336fb2bb058946e20c09411545ce280ef5dc6b390df3a480145789c4b119" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055616", "uuid": "253c787f-cccb-4b0b-8a9e-ac9986485b34", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "bdb6f8de-bf6f-4bb7-94e7-fd34fdb082ed", "value": "2019-11-22T12:17:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "b0832eff-3c68-4e07-ae46-777eb78fc482", "value": "https://www.virustotal.com/file/e375336fb2bb058946e20c09411545ce280ef5dc6b390df3a480145789c4b119/analysis/1574425022/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "be0297a7-a68d-4109-8038-999c67a8d6e8", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055617", "uuid": "b9b31733-b0b6-487a-9c37-e4ee40bae3a0", "ObjectReference": [ { "comment": "", "object_uuid": "b9b31733-b0b6-487a-9c37-e4ee40bae3a0", "referenced_uuid": "c965737b-60b6-4b4f-aee7-83508d341199", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-84c4-4962-aa6a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "1ceeee90-7cff-447e-a5d1-35a1e5fb93b4", "value": "4b76fe9ba8b84a36dfd3a3706ff6ef82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "77f5942b-7120-4eee-b24f-63fa1e13a6cb", "value": "49ffd828306b2f0c22ddf04cf86e2bfccd85fa78" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "3ac5eeb4-63a6-4557-b98d-b51158dc0f08", "value": "bdf0e2f23087864019f07a05a071efc3d0d5a6d8932adfcd7102ec9646d9f433" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055618", "uuid": "c965737b-60b6-4b4f-aee7-83508d341199", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "c812c4aa-81a9-477e-9951-fd6b3ad26cbc", "value": "2019-11-04T16:01:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "9f704b34-5202-4d29-a30c-6006033243d8", "value": "https://www.virustotal.com/file/bdf0e2f23087864019f07a05a071efc3d0d5a6d8932adfcd7102ec9646d9f433/analysis/1572883288/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "27bf97d6-914e-4c98-b229-279153f4ae0d", "value": "9/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055619", "uuid": "73413171-74ab-4bc5-809a-b48278e48791", "ObjectReference": [ { "comment": "", "object_uuid": "73413171-74ab-4bc5-809a-b48278e48791", "referenced_uuid": "89d6b195-c0bc-44eb-b981-fa928e93c985", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-f8d4-4c26-857e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "4ab7ce7f-9873-4c40-b39b-a5f67b5abf56", "value": "b5df1d3346b3f7d0d69b11bf3bf74200" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "385bc904-3a1a-4d56-837c-bdeb7286a505", "value": "b2dd1833e94c38c5eef5b64c2ef98ed41bd0154c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "667a3c66-9270-49ad-b7bf-0d9a17a4edbc", "value": "a9207aed06e769610fc9ea357bae1e1462c180d10c1cb05e49db1f499d48592c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055619", "uuid": "89d6b195-c0bc-44eb-b981-fa928e93c985", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "b69adbad-afd4-4d5e-84bf-e58241aa17b8", "value": "2019-12-07T11:07:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "dd4743be-51bf-4c6c-9d35-824c80960cb1", "value": "https://www.virustotal.com/file/a9207aed06e769610fc9ea357bae1e1462c180d10c1cb05e49db1f499d48592c/analysis/1575716878/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "c4f4a3ff-812d-4c8b-9ecb-b4c84788cc0a", "value": "57/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055619", "uuid": "833cf2de-3176-4bef-bfc5-e1957f91f345", "ObjectReference": [ { "comment": "", "object_uuid": "833cf2de-3176-4bef-bfc5-e1957f91f345", "referenced_uuid": "bffca5a3-f581-4bfb-b887-0fa4ab93529d", "relationship_type": "analysed-with", "timestamp": "1576055883", "uuid": "5df0b44b-4414-447e-a1e6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "37bd9e84-1c66-40c1-8a09-7f827da52d0c", "value": "8ff4a7a498a4676022cc382841f7d542" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "4a827ac0-3631-4c21-a9cd-4cfac709502c", "value": "90cedafe7d393218bbb2faa05c407bddec895af3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "f8fb04f4-facd-4503-bd7b-47e0a09bd8b0", "value": "a841bdaf836ef681193d2affef3c586ed5f98589e470da5f3b4ffb2e98a292b9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055619", "uuid": "bffca5a3-f581-4bfb-b887-0fa4ab93529d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "ce642dc6-de9d-4afa-9087-a181061c3c77", "value": "2019-11-26T13:29:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "31e6b744-47da-4c4f-a156-b551c588c4ad", "value": "https://www.virustotal.com/file/a841bdaf836ef681193d2affef3c586ed5f98589e470da5f3b4ffb2e98a292b9/analysis/1574774964/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "1ee589b2-b0bf-4da7-bf90-dbcc24e5211f", "value": "58/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055619", "uuid": "9ff168f6-cabc-4940-ac70-b6721693196d", "ObjectReference": [ { "comment": "", "object_uuid": "9ff168f6-cabc-4940-ac70-b6721693196d", "referenced_uuid": "dd6819bb-f333-4dc4-8444-46017b82edeb", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-2b34-4528-be0b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "22a08eb7-bac0-41cb-a32f-17cdcbf1eda6", "value": "bdda2829c77c7929726e8f6f91a70409" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "e9cd12ab-8b9d-473f-ac33-158102d7f29f", "value": "ef3cce2a61b74df5a03d1848cc09e3c9c0744e99" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "994ba1b7-1ef8-4226-b145-248379e982a2", "value": "5ab0950fef12f8ffc21e6484750821405dc522e9b8c48ae49d9372904cd0be80" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055620", "uuid": "dd6819bb-f333-4dc4-8444-46017b82edeb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "0e8dfdb6-3355-46f9-a7ee-e51f2028a529", "value": "2019-11-12T05:37:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "880ee2aa-8988-4ece-8ca3-2be2efaa1c36", "value": "https://www.virustotal.com/file/5ab0950fef12f8ffc21e6484750821405dc522e9b8c48ae49d9372904cd0be80/analysis/1573537059/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "190d7c62-58ba-4ae4-afa5-5ead43f02984", "value": "36/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055632", "uuid": "b58ce546-ad9b-4543-9cac-c40fed7ad12c", "ObjectReference": [ { "comment": "", "object_uuid": "b58ce546-ad9b-4543-9cac-c40fed7ad12c", "referenced_uuid": "6b6be089-fb35-4a02-add1-6879c84503b3", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-cc00-4eb4-b7b6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "593e8814-4741-4c6f-966d-e7a7bf8cb4ac", "value": "a40eb2b9549f63259d7a331c8959d45a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "61fbad0f-a09e-4e85-879b-a3486271dbb1", "value": "9c001f6f9aaa41d3f6ecd6dc8888bbb6d1800710" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "f0437de1-d0c3-46bd-8a2e-0c1a9d508a1f", "value": "adf0001edca850a68fc0a04e1635cc3d4849cb9662197b2ed689a11b1a0843bb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055632", "uuid": "6b6be089-fb35-4a02-add1-6879c84503b3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "e2684f51-e622-428f-ba19-4803509a421e", "value": "2019-11-20T11:50:34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "d2e9866f-8b41-4a3d-97cc-fe6c172793ea", "value": "https://www.virustotal.com/file/adf0001edca850a68fc0a04e1635cc3d4849cb9662197b2ed689a11b1a0843bb/analysis/1574250634/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "71c9171f-97f2-4659-8846-8f82fd352cee", "value": "47/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055632", "uuid": "68ab1dc1-97d7-4324-a850-c61b41914184", "ObjectReference": [ { "comment": "", "object_uuid": "68ab1dc1-97d7-4324-a850-c61b41914184", "referenced_uuid": "0d7f48a7-9d64-4d2c-93f9-7783f3c712c2", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-57d8-443a-b0df-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "558e1d53-0e55-4d3e-a136-14c97ae046c0", "value": "4e7f0bb9073f7ae76d01a0559324300b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "6eaae604-a4d3-4efd-b621-a1fa7818e129", "value": "1910b13aa1543d95a0b34c7fc105d3ef38bc916d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "a7947576-2447-42b1-aa79-a006786bb8aa", "value": "2c579f40cb18b3b9a207ca0598b5cb88aadbcf6c892bae840fb6c8098b011075" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055632", "uuid": "0d7f48a7-9d64-4d2c-93f9-7783f3c712c2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "6e1dbee9-aad2-4525-8537-83074facff1c", "value": "2019-11-17T10:15:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "2d4e610f-8dcf-4830-a86b-c7228ab34803", "value": "https://www.virustotal.com/file/2c579f40cb18b3b9a207ca0598b5cb88aadbcf6c892bae840fb6c8098b011075/analysis/1573985745/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "88e453ec-ed64-4474-8de6-336a67e31e8f", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055633", "uuid": "02f546b6-230b-46bd-9dd1-1f0796744045", "ObjectReference": [ { "comment": "", "object_uuid": "02f546b6-230b-46bd-9dd1-1f0796744045", "referenced_uuid": "c32e1e82-252e-420f-94d0-c018ff0ffaa2", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-f6b0-4ba8-960d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "8c716dd6-b033-4126-94d1-5c4d3d62adbb", "value": "d28ef803a83f4bb6d5154ca41d9f282c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "4ebd37eb-7610-4a14-9aff-99b974b95ae2", "value": "3fe2b693e9dc9a837e8f5d8cf7b8a8c7582c0baf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "d2cdd1d2-4752-4b62-85bc-f0be8e1503b6", "value": "dd970118732e36438b0af85413668925c73f2fe7983bc085b0cdeab3582f271e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055633", "uuid": "c32e1e82-252e-420f-94d0-c018ff0ffaa2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "cb3d81c3-22ea-4e65-9b06-5968ecce9b60", "value": "2019-11-29T18:55:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "5c5f1fef-0adb-48f3-b810-cc7edc4b4034", "value": "https://www.virustotal.com/file/dd970118732e36438b0af85413668925c73f2fe7983bc085b0cdeab3582f271e/analysis/1575053722/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "43c1c4ca-62f9-47d8-b146-e36bd93d6995", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055633", "uuid": "865a96d7-07a2-4448-b542-395de055c747", "ObjectReference": [ { "comment": "", "object_uuid": "865a96d7-07a2-4448-b542-395de055c747", "referenced_uuid": "3b97f4eb-85ff-4981-b88a-62c62ca0e62b", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-7a30-4f16-84db-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "a090e724-f658-4f8a-a18e-f1c179a0aa29", "value": "8b5600b80508d1a9851a0e2a6260338f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "20dbde05-8c19-4897-85f1-00439fbceb98", "value": "600f180fb7b76bc192f8140b529243f7deeaef83" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "fd00441a-a912-4440-9d5a-6244e0e41e18", "value": "758360f2c03ae4e1a19238c748a2e0e72cd7466a9caf387e5f1839ab3daf3d57" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055634", "uuid": "3b97f4eb-85ff-4981-b88a-62c62ca0e62b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "6d6d811f-fc96-4346-ad69-4b65e6454f6e", "value": "2019-11-16T08:44:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "2838465a-625d-42de-a90e-313d53433bf2", "value": "https://www.virustotal.com/file/758360f2c03ae4e1a19238c748a2e0e72cd7466a9caf387e5f1839ab3daf3d57/analysis/1573893848/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "e8cf3d89-88e0-4ccf-8974-5086295df6b9", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055634", "uuid": "02eeba7f-705a-4125-88fa-8e4923d5a61f", "ObjectReference": [ { "comment": "", "object_uuid": "02eeba7f-705a-4125-88fa-8e4923d5a61f", "referenced_uuid": "18c7fd1f-7ed4-4efc-b3cd-70fdb06189d8", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-b698-4628-b0c7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "2f83c973-0031-429d-b060-76526a8b0dc5", "value": "b6dc15121a1c3643136c950da719d7c4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "260c3dd3-d88b-41f8-8fc5-db21604d6870", "value": "48bd9ee710ed022d3f240228ad54679986742324" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "3c4e797e-7876-46a8-8561-e6f7a5d8a76c", "value": "e0c1209a7ea3ca2f78b0c9e33b25a074491ca7cd4208b84d8e1908db76da8d77" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055634", "uuid": "18c7fd1f-7ed4-4efc-b3cd-70fdb06189d8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "83c0dd49-af6b-401a-b754-5416258a6e52", "value": "2019-11-21T10:45:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "7355ab72-b99c-4160-98af-5e12144862b2", "value": "https://www.virustotal.com/file/e0c1209a7ea3ca2f78b0c9e33b25a074491ca7cd4208b84d8e1908db76da8d77/analysis/1574333126/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "45f3e1f8-eefa-436d-9ce1-73c11eb8da65", "value": "48/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055634", "uuid": "e2c30a2a-c656-4741-9d56-e361a22c15da", "ObjectReference": [ { "comment": "", "object_uuid": "e2c30a2a-c656-4741-9d56-e361a22c15da", "referenced_uuid": "179036f5-708c-48d8-8712-c87f2f35ce2d", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-e99c-4ebb-9485-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "cb0e6a66-9816-45a3-9baa-ed10507fc31f", "value": "68e66f62f2e4b0956a030fc7741b2316" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "364da35d-54ae-45d7-852b-846a7bde8937", "value": "db87f203cb20bde46390d8027a47de81e260c25c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "617c430c-b1f6-4e4e-a212-d457e1995107", "value": "8fe9321b5a511874984558d77aef49e79bd297d6a6b8c40186260bcbbdc8ee30" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055634", "uuid": "179036f5-708c-48d8-8712-c87f2f35ce2d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "b12f5349-a112-41c5-bb0e-d161f78801ec", "value": "2019-11-18T13:27:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "2ebc62f9-7ef0-4172-9924-98053c40d072", "value": "https://www.virustotal.com/file/8fe9321b5a511874984558d77aef49e79bd297d6a6b8c40186260bcbbdc8ee30/analysis/1574083669/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "afdf4cf4-80ba-4faf-a735-dfbd27cff5ef", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055634", "uuid": "0e5bcca4-e030-410e-9c95-ef622e38167c", "ObjectReference": [ { "comment": "", "object_uuid": "0e5bcca4-e030-410e-9c95-ef622e38167c", "referenced_uuid": "57fe645b-611b-4634-aaf5-9736d2f7512f", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-7a00-4ccd-bc5b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "0408ac84-5b77-4523-9ecd-e0360f32a37e", "value": "a0f431bd78e3fc2fade8f98dc72ffe02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "1fef562c-31d9-43a3-9712-f8864a98c0bb", "value": "aa6cc7082f3930672fc8c9e35ba644081a329b25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "91435141-dfc1-4b56-90b0-c21bcdf57ab1", "value": "16931d251d5a0eec6f7d5f9440836ed897092905d9b4fcf92188773cb292a586" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055634", "uuid": "57fe645b-611b-4634-aaf5-9736d2f7512f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "d1ad1179-f19a-42ce-8fd6-bc85350ff689", "value": "2019-11-13T09:28:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "eb1fb359-f1ec-4706-bd92-343f5ab95da1", "value": "https://www.virustotal.com/file/16931d251d5a0eec6f7d5f9440836ed897092905d9b4fcf92188773cb292a586/analysis/1573637283/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "7e064a7a-faf7-4438-aac0-89b8ed029afd", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055635", "uuid": "ef9ea3c0-0b45-4e2c-88d3-b0c4afa71389", "ObjectReference": [ { "comment": "", "object_uuid": "ef9ea3c0-0b45-4e2c-88d3-b0c4afa71389", "referenced_uuid": "285921ca-386a-4821-bcdf-1ca48d14ab28", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-8dc8-4cf6-b12e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "6055ddf5-a5b9-4649-bd2f-7c2c81b7d198", "value": "b63a7751886fdf655459a79fddfa20ba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "76b67418-5dfc-4c38-9dc5-2f61a66c9b6b", "value": "180e39d5253ab1a141fd1b0eb5d15ea829c1ca78" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "4b8d5d35-cb3e-4c22-93ae-18ec457e7a5b", "value": "c904c857a88d375b1d7647230fad0cbb4cc8e173ff5f874faa6e4daf3ebaca01" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055635", "uuid": "285921ca-386a-4821-bcdf-1ca48d14ab28", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "3ec20278-6f2e-4d13-817d-7e0a2ac16bee", "value": "2019-11-23T22:00:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "56da829c-55a2-49c6-9396-ff087a40eae4", "value": "https://www.virustotal.com/file/c904c857a88d375b1d7647230fad0cbb4cc8e173ff5f874faa6e4daf3ebaca01/analysis/1574546408/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "e67ef725-2e09-43c5-bd79-94a127a83891", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055635", "uuid": "f632ffbb-fe0f-4b7d-a6bd-9aba0218708d", "ObjectReference": [ { "comment": "", "object_uuid": "f632ffbb-fe0f-4b7d-a6bd-9aba0218708d", "referenced_uuid": "7359d420-7e56-4c90-bd7a-97f8c96c3fc7", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-9a20-4529-84e6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "6eb14b30-c98c-437f-8cee-257eb1768b48", "value": "1351709ace33253531bd0283ddb5f076" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "93aa7e11-fff9-4c33-8968-99f1c97e3840", "value": "0e72d098c6d62b831ea4f1762c793269a2f59c49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "13388a9d-1c42-42de-b8ed-f5cdf78a2e73", "value": "2e91ec0a6c189ad8def886d10a30c668fb8e0817f804875b5b30fba17fafbbff" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055635", "uuid": "7359d420-7e56-4c90-bd7a-97f8c96c3fc7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "9c2408af-4fd1-4987-a4e7-58cd3353425a", "value": "2019-11-13T17:36:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "cfcd50ad-dee4-4890-b6ac-4a95977ee834", "value": "https://www.virustotal.com/file/2e91ec0a6c189ad8def886d10a30c668fb8e0817f804875b5b30fba17fafbbff/analysis/1573666584/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "dac63bfe-5b31-4ed9-9486-88ccf952f2e4", "value": "42/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055635", "uuid": "52e1b715-63da-4894-9e90-a1ababb25d07", "ObjectReference": [ { "comment": "", "object_uuid": "52e1b715-63da-4894-9e90-a1ababb25d07", "referenced_uuid": "8910927f-2b82-4e20-9142-364070f878da", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-2a84-4889-a44b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "a5681af4-5f1c-4bbe-b06b-d52fe3096871", "value": "aa8445a39e49106408c83c87f14d9136" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "9570bb00-bc82-457e-a8eb-8ab291d20f66", "value": "ba8ac38d67eeda153059f9430de8952841fae55f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "4ec063ba-7e13-4600-917b-b4196629ad2d", "value": "792afe6ffd358114c28e78aa2a93ef26b1e482cdcc7452cd9dc717282d867a7c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055635", "uuid": "8910927f-2b82-4e20-9142-364070f878da", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "2bcb8659-04eb-40d2-b74b-b779d5a36155", "value": "2019-12-11T01:39:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "423aabcf-97a4-43af-b0de-432e5d4fbb50", "value": "https://www.virustotal.com/file/792afe6ffd358114c28e78aa2a93ef26b1e482cdcc7452cd9dc717282d867a7c/analysis/1576028384/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "d7d38224-a80a-4566-bb45-61c394fc70f5", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055636", "uuid": "fe89bbd5-e34f-49b3-8b68-ce51d82a0552", "ObjectReference": [ { "comment": "", "object_uuid": "fe89bbd5-e34f-49b3-8b68-ce51d82a0552", "referenced_uuid": "f9b41a2c-03bb-4fb6-b971-36b49f7dee14", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-97bc-46af-ba88-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "b46a0585-5328-48fb-a7f6-bae39474a1ec", "value": "d0f38f75f867b0e8ca1dd11c5bd99315" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "975aad62-aa05-42b7-bf04-7d9e011c13d6", "value": "248b65ac7e736daabfea6d2a8790dc305902c6c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "94f798c8-c414-455a-8dd9-4e6a1b541c81", "value": "8cbe01bb083603ccd65892664cc93caa09ba65515337f1ec69ef28c818c6afbf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055636", "uuid": "f9b41a2c-03bb-4fb6-b971-36b49f7dee14", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "06a5c9be-55ef-4519-9b30-712804b3055a", "value": "2019-12-01T03:43:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "b3e2f453-7a62-42b2-b772-813b378b2a36", "value": "https://www.virustotal.com/file/8cbe01bb083603ccd65892664cc93caa09ba65515337f1ec69ef28c818c6afbf/analysis/1575171831/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "2bd17de2-1be3-44a4-827f-aac345fe2ad2", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055636", "uuid": "058bacec-120c-47b3-a012-988377948f34", "ObjectReference": [ { "comment": "", "object_uuid": "058bacec-120c-47b3-a012-988377948f34", "referenced_uuid": "36fac7a7-808b-46f8-95d6-b637bbe18361", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-50c0-4b29-89d6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "e3a4332e-507e-47c8-9c6b-d15215cf2705", "value": "07275d608db87f8f9abf23f87c40d398" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "9db91adb-c947-46c8-8bfe-cee982530b57", "value": "d747ff202788775037eb4d789fcf86f9b8e24aef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "6c491b17-66cf-4a1b-b441-b474d59805f5", "value": "b7ccab9717b1469e44bdd4682dfbb66706a067deee8f841cecf77e598a69062f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055636", "uuid": "36fac7a7-808b-46f8-95d6-b637bbe18361", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "67a48a87-50bd-4b2a-9aa2-90acf0fbcb9f", "value": "2019-11-21T11:25:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "c254867b-84bb-4cda-b37c-59a054f11af7", "value": "https://www.virustotal.com/file/b7ccab9717b1469e44bdd4682dfbb66706a067deee8f841cecf77e598a69062f/analysis/1574335526/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "b2efd310-34ea-47b5-9838-88866e8e9f60", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055636", "uuid": "34c7f1cf-9c69-4a94-8048-eac6dbfa2fdf", "ObjectReference": [ { "comment": "", "object_uuid": "34c7f1cf-9c69-4a94-8048-eac6dbfa2fdf", "referenced_uuid": "a0c68808-b067-426b-8c86-bb17f86624d2", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-9494-4921-8f83-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "9ec4483f-1f04-43dc-a3a2-e1b31aac30b1", "value": "c006471785008d9616a3518a25128ab9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "d476be7a-2245-49ba-806c-77d12c793846", "value": "529449de5616c55e1421e5cd2aaf5b3e2c5c8b87" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e6f2b8e6-cea6-41cf-8366-982cabef38ea", "value": "a34cf6ad6f2360d699f96d8b825f6d99469f3a922586e7492f2f5fca982cd9f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055637", "uuid": "a0c68808-b067-426b-8c86-bb17f86624d2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "a3e452cb-d89f-4de5-8a69-5097bd73d30e", "value": "2019-11-04T16:47:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "5488397b-ac65-4856-bc82-6022d83044aa", "value": "https://www.virustotal.com/file/a34cf6ad6f2360d699f96d8b825f6d99469f3a922586e7492f2f5fca982cd9f4/analysis/1572886063/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "28a59974-4c91-48ec-aca9-ba54c6c9ffc5", "value": "9/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055637", "uuid": "20d8f135-5262-42fc-96e5-45d58f28e490", "ObjectReference": [ { "comment": "", "object_uuid": "20d8f135-5262-42fc-96e5-45d58f28e490", "referenced_uuid": "faed525e-6cae-465f-94b1-78ed5816b3eb", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-69fc-469d-8f97-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "e214c026-92f7-4279-a1ac-c0894d6191c4", "value": "3b99828eff188e8ab57fa4c5ccac00d8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "93c36aef-16bf-4c1f-a3e0-fc684201c650", "value": "87dd9b6e1ce6b1dad366a47a531bcbb817c57032" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "a906f573-0e6b-4a33-a03c-1a478b1284fa", "value": "f8aaf313cc213258c6976cd55c8c0d048f61b0f3b196d768fbf51779786b6ac6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055637", "uuid": "faed525e-6cae-465f-94b1-78ed5816b3eb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "03798ce9-9fa9-4c17-b5d9-9864ed2a4234", "value": "2019-12-10T21:05:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "20e0cd43-ecd2-4594-8939-3359fe2c5af3", "value": "https://www.virustotal.com/file/f8aaf313cc213258c6976cd55c8c0d048f61b0f3b196d768fbf51779786b6ac6/analysis/1576011950/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "57a91f04-59c1-4266-8688-90266d306600", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055637", "uuid": "d03f098b-2e04-4fa1-81dd-56b75b20b877", "ObjectReference": [ { "comment": "", "object_uuid": "d03f098b-2e04-4fa1-81dd-56b75b20b877", "referenced_uuid": "ba74af6a-6f09-4d21-8a4a-18b6704151aa", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-4880-4a70-bccf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "8c4d00a4-be86-4e85-a21b-734764e52253", "value": "27c650717b8d785c2253b3930dc9978c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "3d4127f8-f0c0-4e36-8f6e-eceee46593b4", "value": "12d002826d53ae85a34fc37f46c28a5076140302" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "da2d73d8-f1c9-4eeb-baab-69cedad2f47b", "value": "84fc44d957d32757e27bb509c32d7cba01768a7510b2fbac950e602aec9bceaa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055637", "uuid": "ba74af6a-6f09-4d21-8a4a-18b6704151aa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "d97bd9f5-d91f-4a66-acc3-5e571bc5bc3d", "value": "2019-11-16T03:26:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "1fa8cbb1-971e-42a4-a8f8-94347c5e6ec9", "value": "https://www.virustotal.com/file/84fc44d957d32757e27bb509c32d7cba01768a7510b2fbac950e602aec9bceaa/analysis/1573874786/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "e16e6c5d-2f39-47ba-bc20-63c70eeeacb5", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055638", "uuid": "30ffb310-60df-42df-b35e-80ddfc891d0d", "ObjectReference": [ { "comment": "", "object_uuid": "30ffb310-60df-42df-b35e-80ddfc891d0d", "referenced_uuid": "33d540a4-2645-49b7-bdb2-ff74d2a68a12", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-44b8-418a-afea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "de1ed4db-76cf-483a-8a48-81dec4437d9c", "value": "0b9293db1894df0824e3b1021ff7f39b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "86ee424d-bf00-4ef9-b458-7a086d37049d", "value": "f4367ee96d99185d6d17cd9eac4238a3e1799fab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "6a79bf16-06e3-420b-9f25-e7cb80174e0a", "value": "bf33725115b8b645f205947c3d252589b4fbe732dc64f5ebb9c10cc9b92877d9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055639", "uuid": "33d540a4-2645-49b7-bdb2-ff74d2a68a12", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "2dbe45c9-8858-416b-b98c-5a3188016259", "value": "2019-11-18T07:37:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "d6c1540d-94e5-41e2-92b2-3b2b1e1e30cc", "value": "https://www.virustotal.com/file/bf33725115b8b645f205947c3d252589b4fbe732dc64f5ebb9c10cc9b92877d9/analysis/1574062648/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "7879128c-360a-43a7-a92a-c2ef9af6bd3a", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055639", "uuid": "69ad7ddc-87fd-4aff-9f37-6590316bd742", "ObjectReference": [ { "comment": "", "object_uuid": "69ad7ddc-87fd-4aff-9f37-6590316bd742", "referenced_uuid": "ea1baf81-4893-4970-9437-75572e348717", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-762c-40ea-8d6b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "ee598389-acb6-4c57-819c-8a34492bde60", "value": "ef3f79b9eb02cc5f1d02b1ff622ed2d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "b3c02d8b-5fcd-4672-8eb5-a9c624701a7b", "value": "2e67043e4a92f129256983b2b1616438807a2f39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "3f8b5e4f-8ad4-420e-86c5-bff72620e8fc", "value": "7a368fd689c7f3e7c95d7d67f963d4438fd8fc417623931bd17b03f0a9da6ff3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055639", "uuid": "ea1baf81-4893-4970-9437-75572e348717", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "d0157ca0-8e86-46ec-b1dc-1ca870240b73", "value": "2019-11-28T06:08:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "69914ed4-5ef3-42ba-918e-ecb5eb3c26cd", "value": "https://www.virustotal.com/file/7a368fd689c7f3e7c95d7d67f963d4438fd8fc417623931bd17b03f0a9da6ff3/analysis/1574921293/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "4e5e9720-ad8b-46cc-bbc6-a7519e3243b5", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055639", "uuid": "f8eb9b50-76ed-4eb8-9826-12f72a7c5260", "ObjectReference": [ { "comment": "", "object_uuid": "f8eb9b50-76ed-4eb8-9826-12f72a7c5260", "referenced_uuid": "c4fdf570-3629-4b1e-944a-155f5c54f20b", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-dd64-4a78-b70d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "572adc86-8415-404c-8583-a6c6a8df5b85", "value": "00c5b8eda11a70bf6cba4267a3ac1968" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "786869ab-c2aa-40b9-8444-01d6437101ed", "value": "ff6b627454430d395cb5ce92579fde13aef47cfd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "9d395401-06fc-4fad-8aa5-bc6532065c9b", "value": "73d2fdb420a1f0e4ae42b362f54c6cfe39f197f8f9b8c8c2c7581da53de7e144" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055639", "uuid": "c4fdf570-3629-4b1e-944a-155f5c54f20b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "c3689a89-ab04-489a-8aaa-2dc66f795800", "value": "2019-11-23T22:28:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "6855a59f-48fb-432e-902e-552c41c9676d", "value": "https://www.virustotal.com/file/73d2fdb420a1f0e4ae42b362f54c6cfe39f197f8f9b8c8c2c7581da53de7e144/analysis/1574548106/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "27e40fb7-64f0-421c-9b66-f36a801a8a29", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055640", "uuid": "59ef410d-f214-4619-84e5-a441cf642aad", "ObjectReference": [ { "comment": "", "object_uuid": "59ef410d-f214-4619-84e5-a441cf642aad", "referenced_uuid": "efce9314-bc8d-4a28-9926-69401d823d6f", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-6ef8-4c24-b21a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "c1eea025-d6a7-4b98-a69e-b3d51d01d0a1", "value": "de8887943e0927f6792656d2ccc6db40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "c7d65213-2edf-4518-8d4b-172844bc0805", "value": "3ef761b201b25d361a4367eeb5ef2595b6f8f08b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "68755c69-571e-4482-8bd7-d3933e8efac9", "value": "5870f5bd63135a66a45a7f2d87741e211be129c74fcab5f43f2106af2eeae894" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055640", "uuid": "efce9314-bc8d-4a28-9926-69401d823d6f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "a5134967-f7fe-496c-8e39-67c90b968042", "value": "2019-12-01T11:41:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "0bed9dd3-5afa-47d4-9528-01cbe81aa243", "value": "https://www.virustotal.com/file/5870f5bd63135a66a45a7f2d87741e211be129c74fcab5f43f2106af2eeae894/analysis/1575200504/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "72ee8891-c41c-43da-80f3-afffd6cc81f0", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055640", "uuid": "7b18c4fa-c251-44c3-bbb0-16203a07ba72", "ObjectReference": [ { "comment": "", "object_uuid": "7b18c4fa-c251-44c3-bbb0-16203a07ba72", "referenced_uuid": "dbfc2cb1-1ae2-476f-a72c-d7beb9e77ec6", "relationship_type": "analysed-with", "timestamp": "1576055884", "uuid": "5df0b44c-32cc-4940-8bd8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "dee9cb44-d8f8-44a0-8c8b-8401635fa8aa", "value": "d5fdc444afc0a079809a0c93269dba30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "357c8e2a-1212-4712-872c-6b89fe69868e", "value": "7ebbdc696101f96840bf432a004b8359ded07aca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "92027bc6-4f3d-4bc0-8e9f-9ce7adb36e72", "value": "f3bc9d6bbf6c7609fba43c3ace9bb9e6a134b92c048b1c3712d31d906b489725" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055640", "uuid": "dbfc2cb1-1ae2-476f-a72c-d7beb9e77ec6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "3bec2127-b9a2-4132-8d14-3f5ab4a70e25", "value": "2019-11-14T09:10:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "27382d38-45f6-4ff1-bf94-7303e2b0735e", "value": "https://www.virustotal.com/file/f3bc9d6bbf6c7609fba43c3ace9bb9e6a134b92c048b1c3712d31d906b489725/analysis/1573722644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "082c173f-1372-4b21-a5e5-8a0b4bd45383", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055640", "uuid": "b582897d-0656-4ff5-bdda-eeed85d5818a", "ObjectReference": [ { "comment": "", "object_uuid": "b582897d-0656-4ff5-bdda-eeed85d5818a", "referenced_uuid": "4b6862a9-0ab2-4c83-9386-aacd572ee6f3", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-6380-4395-99a2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "30464803-b4a3-417e-8dab-d042e5b4c6d0", "value": "c9430ce8ce51de908ae8925bb3282895" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "cfb54a73-979f-42ae-b442-10d353a74369", "value": "1fbf7d464c65c1b8885b068dc088efca7850c7f3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "5133c7bc-bffa-4f8e-956d-dc714b41988d", "value": "a1c52643e738eeff690993a22fb679a98c8ef2057eda04a3c5edbd2632b3c2c8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055640", "uuid": "4b6862a9-0ab2-4c83-9386-aacd572ee6f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "15a389bf-fc07-448b-8fc9-de8de1885880", "value": "2019-11-21T10:20:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "5ab14623-c3d0-4261-a6a1-cc4167279860", "value": "https://www.virustotal.com/file/a1c52643e738eeff690993a22fb679a98c8ef2057eda04a3c5edbd2632b3c2c8/analysis/1574331645/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "c86b07d4-fb0e-456c-9be1-608cd5d67d5d", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055640", "uuid": "db1ed8f2-c742-4725-b847-d099864c4db0", "ObjectReference": [ { "comment": "", "object_uuid": "db1ed8f2-c742-4725-b847-d099864c4db0", "referenced_uuid": "b2177994-2d20-47f8-b480-8aded52942e1", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-c244-4f84-8e13-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "797489ce-088c-4707-8c6d-a60ca3027a11", "value": "04c52b7adcb186e6da853bc3787a0198" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "8fbc9aa7-137f-40b1-b249-7ab12d6fe163", "value": "15a8db84780be73e4434baf41dff4c7eab8f428c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "7728905d-1024-49d9-96c1-277ab47bdcc0", "value": "66b07500943b483ace74a8d7a2da84d8b80ed3bd176af7ade8fde076b3095604" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055641", "uuid": "b2177994-2d20-47f8-b480-8aded52942e1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "e4b71b80-ce80-406a-80bd-8e5bf8708c59", "value": "2019-11-08T06:31:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "96f195de-7224-470a-831e-31ebcc9894bc", "value": "https://www.virustotal.com/file/66b07500943b483ace74a8d7a2da84d8b80ed3bd176af7ade8fde076b3095604/analysis/1573194661/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "c60444c2-ceb1-47ce-86f8-349344a0a424", "value": "37/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055641", "uuid": "97847982-368c-4a03-a8c1-441ad84613c0", "ObjectReference": [ { "comment": "", "object_uuid": "97847982-368c-4a03-a8c1-441ad84613c0", "referenced_uuid": "b0f3da7d-4277-44ee-9202-ffae44b71da5", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-f698-40a2-a2bc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "75a0b0dc-a0db-47b6-a8e6-801fd005e3fe", "value": "58c67e27e8173790d5797b53e94010ec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "334cfede-850f-4a8b-8f73-4f86d8900cbe", "value": "c09f017eea374ce3caac0462c5184d40a5a23b5d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "9e87da18-9816-41dd-8e55-2a5a1db6b51d", "value": "e8e600692047c465576edff769cf9e5f82fa277de9ebc0f962a64317984573af" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055641", "uuid": "b0f3da7d-4277-44ee-9202-ffae44b71da5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "a0987241-490a-4d47-8fb2-92e80e4cd6df", "value": "2019-11-10T21:26:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "9dde2626-9582-4c9c-b1b5-f5853623edec", "value": "https://www.virustotal.com/file/e8e600692047c465576edff769cf9e5f82fa277de9ebc0f962a64317984573af/analysis/1573421219/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "9db033ad-2601-4ad7-8c46-c5a1acaa813b", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055641", "uuid": "1f1622e3-4b08-4970-bf9b-8ab7a3e432c7", "ObjectReference": [ { "comment": "", "object_uuid": "1f1622e3-4b08-4970-bf9b-8ab7a3e432c7", "referenced_uuid": "41c7d3c8-ded2-4c65-b002-60136f8eae1c", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-fbcc-4817-925c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "f76b4188-e9ee-45aa-8507-c1a80c489133", "value": "144d21f779c9ac87c76facc4773476f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "7c5617e4-9502-43d8-9d04-7268e7cda67c", "value": "7715cc15317a38607cf7c9653a84fd807efe8e8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "bda3ee13-24d8-4857-9818-98aa803daa25", "value": "6152b2318b2b975ccf7239afb2222156bde9f1dd338023b5ef6801bcd6e4ccc2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055641", "uuid": "41c7d3c8-ded2-4c65-b002-60136f8eae1c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "89a9a24a-29f2-4a2d-8145-05055d8805e6", "value": "2019-11-23T20:43:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6332c5dd-953b-4488-9857-4f9705ac7d33", "value": "https://www.virustotal.com/file/6152b2318b2b975ccf7239afb2222156bde9f1dd338023b5ef6801bcd6e4ccc2/analysis/1574541782/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "27ffc851-4db1-4815-abea-fee44d3e0bb1", "value": "54/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055641", "uuid": "f5a90394-db82-4471-8e8d-4db079f7e7b1", "ObjectReference": [ { "comment": "", "object_uuid": "f5a90394-db82-4471-8e8d-4db079f7e7b1", "referenced_uuid": "cae7ba7a-da53-4120-b59f-b7e8c4e47cd5", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-5134-44ab-9a2a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "2a2c712e-f112-4b9d-97a1-8649b2825a74", "value": "50d1fb48a486d0fd9fca2d0f8a76f409" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "f7809e76-6fe1-480c-b3c1-58e9a1561b57", "value": "49559ff4894ee5f057a74eaa3f0b65308d8b0a76" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "9accf23d-75c2-4b82-b6d2-399a681b124f", "value": "ccd47c869d3573eadacdf04e8ae5294ae8e193a68bb05aef6d0e4eb563f54bcd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055642", "uuid": "cae7ba7a-da53-4120-b59f-b7e8c4e47cd5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "3e07e014-a004-4896-a0ac-523e240a78dc", "value": "2019-11-23T22:49:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "b862123c-088f-4d87-93f4-ebf6a090b851", "value": "https://www.virustotal.com/file/ccd47c869d3573eadacdf04e8ae5294ae8e193a68bb05aef6d0e4eb563f54bcd/analysis/1574549386/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "7c2f89c0-e271-452e-a864-4ffb1265710f", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055643", "uuid": "53a1fb49-2212-4701-a6e6-3ca822352ab9", "ObjectReference": [ { "comment": "", "object_uuid": "53a1fb49-2212-4701-a6e6-3ca822352ab9", "referenced_uuid": "ee991046-2a8b-402f-a917-1f704f429029", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-2c14-4149-81bb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "716542e1-9f0d-4a3f-aea6-4f9df5eba5af", "value": "da00946f38a280f68df2e811d5ff603b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "52483a09-29d7-4f84-98ed-1370d3dd8580", "value": "61b38a1e8bda7f22be88a9970e35585f5aabbfe0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "a54a463e-7958-4c57-b1a8-9e5298e3810d", "value": "38d39eec91474ab3b6fb64bfc0880539e47351b9ac2a907bb8722e94c516088d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055643", "uuid": "ee991046-2a8b-402f-a917-1f704f429029", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "f93e793b-f3ce-4b6d-9798-74c0e102e2cd", "value": "2019-11-20T12:15:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "a650ac7e-bf33-4e42-be1d-8364e0025148", "value": "https://www.virustotal.com/file/38d39eec91474ab3b6fb64bfc0880539e47351b9ac2a907bb8722e94c516088d/analysis/1574252118/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "b8e0545d-07b1-45cf-95b9-e5dd644ef99a", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055643", "uuid": "5512cc85-e982-4144-ace3-81b2e289fbc5", "ObjectReference": [ { "comment": "", "object_uuid": "5512cc85-e982-4144-ace3-81b2e289fbc5", "referenced_uuid": "c461ecd4-af71-4fe6-b511-38f1f5e4e326", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-953c-4b46-9d3f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "85769197-c7eb-40ec-841c-ef92d94d1e54", "value": "00101a80ec75bb63b4f8c8d7d04bbb92" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "4913fd4a-1e0d-4051-ae6e-7233ed26fbeb", "value": "af57099f96e9a478dde6db82a67f217f375ad769" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "4bd726dc-5d5b-4049-bd98-b90707e66d76", "value": "ed2c195cdd3386c450856322d3bfc69369f3a787e4476249fa74e1440895f708" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055643", "uuid": "c461ecd4-af71-4fe6-b511-38f1f5e4e326", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "a7bcbb6c-1b3f-43f9-80f5-62164de28dd6", "value": "2019-11-15T01:21:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "ab7e1219-d883-4e07-bec4-4825ca385177", "value": "https://www.virustotal.com/file/ed2c195cdd3386c450856322d3bfc69369f3a787e4476249fa74e1440895f708/analysis/1573780905/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "b51a5dd4-7d9c-473c-981a-a4b9c7d25377", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055644", "uuid": "b5733791-0a50-4f85-b0f9-c1c5e8e45ca6", "ObjectReference": [ { "comment": "", "object_uuid": "b5733791-0a50-4f85-b0f9-c1c5e8e45ca6", "referenced_uuid": "fb6e6769-e229-4b35-b8dc-151e22070f2f", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-dbac-44a9-b85d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "aafe6d89-9f17-4441-8eb7-a9e67e0c706d", "value": "9e4c83aa2595134161c7ff09ef20fb42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "4814e003-c96b-43b7-aeb8-98c3dbd544ce", "value": "0acfd3d2a2173cfdbf6f9edf386b64c22d3cd06b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "1eeb60d4-ff01-4a73-afee-d5b7b37f859a", "value": "fa6a3b7f70c5c1aa4d083523146abb2f0b5af84b74c8c019c6c4feb3e01f751a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055644", "uuid": "fb6e6769-e229-4b35-b8dc-151e22070f2f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "1be272ff-26fc-4ff7-8cfe-73f07d009ac3", "value": "2019-11-14T13:20:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "ab3619f7-cf1c-4bd1-bdb2-6d2f7ff7741a", "value": "https://www.virustotal.com/file/fa6a3b7f70c5c1aa4d083523146abb2f0b5af84b74c8c019c6c4feb3e01f751a/analysis/1573737622/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "7d4033e1-f1ea-4f65-9879-0120008e8224", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055644", "uuid": "843fee68-0293-4764-a937-af5de8e097f8", "ObjectReference": [ { "comment": "", "object_uuid": "843fee68-0293-4764-a937-af5de8e097f8", "referenced_uuid": "a0fd2f59-19d7-4303-b65c-8ab271666a8b", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-9744-48fe-9ef6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "23508c3a-02c3-4324-b6e2-41bccf2cc9ea", "value": "1650b22b155f272bd521f66fedf0e052" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "1f573420-7c40-44f1-ac5b-72ddbca4d604", "value": "a090bc98a375efce335e99df23cdd914a9ee3b49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "08b9dc93-a80d-4e69-ba0a-091ab58e49fa", "value": "d7a483de1fb445fbdf5408875f2bd1694e8a746a3b0e9dbb3b01a63714ce5729" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055644", "uuid": "a0fd2f59-19d7-4303-b65c-8ab271666a8b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "91614b69-97be-407d-85c3-d6278d108177", "value": "2019-11-04T17:39:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "83c91d82-5312-48d6-b0b3-3d94440a3e62", "value": "https://www.virustotal.com/file/d7a483de1fb445fbdf5408875f2bd1694e8a746a3b0e9dbb3b01a63714ce5729/analysis/1572889168/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "26720b88-1d42-498e-9245-3c5ea1827ba8", "value": "10/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055644", "uuid": "ad9a1f53-356a-49f7-bdc2-a6fefab36e80", "ObjectReference": [ { "comment": "", "object_uuid": "ad9a1f53-356a-49f7-bdc2-a6fefab36e80", "referenced_uuid": "1a96e2ef-ba18-4a69-badf-760a9efd9a94", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-a728-48b1-962d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "84495e26-5d11-409f-9c4e-d9276638b71a", "value": "b63814068905d56516ee8bee1ed6c77e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "09ce9f43-b9fb-4c4f-ac7b-db6121fa5d23", "value": "a39740c312813f470ebc84b0de3da7812c4d72cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "c47543ff-3f6f-4a05-8398-69c323108a30", "value": "8df4b1705188fae1a6472b1456db8af87269efd2a2caff5863ac165adacb88c8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055645", "uuid": "1a96e2ef-ba18-4a69-badf-760a9efd9a94", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "a087dbf7-cda8-4fc2-8c96-e7b2b2b1d3a2", "value": "2019-11-28T20:32:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "33dc4462-a6d4-4a6c-84cb-a91ac111eafd", "value": "https://www.virustotal.com/file/8df4b1705188fae1a6472b1456db8af87269efd2a2caff5863ac165adacb88c8/analysis/1574973175/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "a7af6fd2-7456-45e5-9700-87cca3070240", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055645", "uuid": "77f1a4c9-2809-4734-a95c-d1da6258502d", "ObjectReference": [ { "comment": "", "object_uuid": "77f1a4c9-2809-4734-a95c-d1da6258502d", "referenced_uuid": "ebfdd4d7-ce07-4499-a795-358cb4c8304f", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-7cd4-4315-9f4a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c06c05f7-55ae-4dbb-810b-b2d1e669ea87", "value": "3936b6a7a95629a0c9727c09cb55d3bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "68c33305-d6af-4a20-b39e-e419dc2ae3fd", "value": "983b66e5981e3f1e526b67fdcc2d60c7cb84b13f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "08d812fe-3943-4ae9-88fd-ce989257c72c", "value": "c04d8b1efe722ffcc7d6e5e8e0757be9fa8f529bbd74c2dc25790e1c9e078b2d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055645", "uuid": "ebfdd4d7-ce07-4499-a795-358cb4c8304f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "1a5543a6-0ca2-4980-88ee-cfe7b6cd5830", "value": "2019-11-04T17:31:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "d5c3ab15-0913-4dbb-9410-8ff86c250948", "value": "https://www.virustotal.com/file/c04d8b1efe722ffcc7d6e5e8e0757be9fa8f529bbd74c2dc25790e1c9e078b2d/analysis/1572888712/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "474e175c-b6ec-476f-93b9-dad10abcec67", "value": "10/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055645", "uuid": "58242813-9dcb-4652-8f0c-89a3f8f0fa5a", "ObjectReference": [ { "comment": "", "object_uuid": "58242813-9dcb-4652-8f0c-89a3f8f0fa5a", "referenced_uuid": "0f9fb0de-2c25-4ae2-90f6-9860a8755eed", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-76cc-4f63-8214-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "7403abca-c321-47c5-80b1-02ec770d8160", "value": "69ef0e244bfd0ce2ee76cf357a5e0a8e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "91edb8c6-1d48-4d36-ac1a-0dd6a0feaa16", "value": "1c1517c6ac77e248321a56f859b8cdcd121dffde" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "da8bb480-44f0-4a68-a330-3b15e47fa3f6", "value": "7f2be3d7de95745bafdd1a69d077dc92d66b40f0005433c47d8323c1c0fdc61f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055645", "uuid": "0f9fb0de-2c25-4ae2-90f6-9860a8755eed", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "2833b38f-f448-4f96-879b-2957a1b39d91", "value": "2019-11-11T10:39:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "44729eba-6f1f-4426-9a5d-62176b8eb784", "value": "https://www.virustotal.com/file/7f2be3d7de95745bafdd1a69d077dc92d66b40f0005433c47d8323c1c0fdc61f/analysis/1573468781/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "38f2af50-5a0b-40e0-9cc1-739a12f5db88", "value": "34/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055646", "uuid": "5eb4789a-68b2-4326-9701-beea94a87318", "ObjectReference": [ { "comment": "", "object_uuid": "5eb4789a-68b2-4326-9701-beea94a87318", "referenced_uuid": "d08edf4c-4105-4c8b-9ff2-2a86ca3e55b7", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-7948-4915-91c5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "1f173b96-2b7f-4eea-ac8e-ab10b60bdcdd", "value": "4602350d11a38502bd47fde873846710" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "cebc826f-0417-4146-9054-5bf16480047a", "value": "34da7f6959a5841c22d7029bb40611736852a03d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "bfa5b5f7-3a80-45b4-bf84-112ff4f2d69c", "value": "f9b97e51603687908067e0a7da3e3b7b7ec893cc01f28a66244e0180d8c47abc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055646", "uuid": "d08edf4c-4105-4c8b-9ff2-2a86ca3e55b7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "8aaf35b3-5834-44f4-9c1a-6c2e88e95ebb", "value": "2019-11-21T10:52:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "6c8e2f8d-b2c5-401b-90c8-318796d6397e", "value": "https://www.virustotal.com/file/f9b97e51603687908067e0a7da3e3b7b7ec893cc01f28a66244e0180d8c47abc/analysis/1574333522/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "87c161e6-a02a-4fe0-9fb9-52ce4aec943c", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055646", "uuid": "81313716-2908-40cc-afc1-69a373c5f08b", "ObjectReference": [ { "comment": "", "object_uuid": "81313716-2908-40cc-afc1-69a373c5f08b", "referenced_uuid": "8212d8ac-4cca-4eac-b678-6346fbb79895", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-30dc-4100-af16-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "336bcb22-f093-4870-923c-24930cf2bc1c", "value": "974d39d03e9cd38b1bf76cf18b99605f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "e79a0194-6fed-4694-b94f-aac756e3d02b", "value": "21c418bb1cb727fb9e6bd314622e532e4875c748" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "d2d1da64-023b-45b9-be7a-0c8e189cbed7", "value": "75b9d0e27a84949cab71ffe158f026f88afc72abeb7c1fa25d8e78bd7a13c6ce" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055646", "uuid": "8212d8ac-4cca-4eac-b678-6346fbb79895", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "689a05da-4ef4-4ecd-bd42-645a07491420", "value": "2019-12-06T10:27:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "7febde30-479d-421a-a835-1f01d9a2af9f", "value": "https://www.virustotal.com/file/75b9d0e27a84949cab71ffe158f026f88afc72abeb7c1fa25d8e78bd7a13c6ce/analysis/1575628047/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "dd785040-b8ca-489f-b757-1ddc57bb0337", "value": "55/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055646", "uuid": "52f91f3a-83ab-4a57-bb43-4dce436633eb", "ObjectReference": [ { "comment": "", "object_uuid": "52f91f3a-83ab-4a57-bb43-4dce436633eb", "referenced_uuid": "d1d5d919-bf56-4eeb-947a-904985b078f5", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-5464-4946-aa0d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "053e94fa-9819-4461-a7ee-528d26ece1a2", "value": "5a736efd0f8b11c220d9e7103d8c4974" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "c1ebdd42-01c0-4f9d-868a-e9e79c534bfe", "value": "7d5001f513f70a4a39d28f839e9f4f68482d98b8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "1ccd63f3-6dda-4357-a6b0-82408388fa17", "value": "504a762eec4cf52c11196700afedf0416a8edd206e1ce24cf792ec269fd8dbce" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055646", "uuid": "d1d5d919-bf56-4eeb-947a-904985b078f5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "041cb8be-699f-4ac4-b3f2-38ea61ecb1cf", "value": "2019-11-24T16:29:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "2246d665-4498-4ce5-b62e-06c84ee293ce", "value": "https://www.virustotal.com/file/504a762eec4cf52c11196700afedf0416a8edd206e1ce24cf792ec269fd8dbce/analysis/1574612982/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "284eb05f-7524-4796-9fc0-a88fbe1a7146", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055647", "uuid": "453546c0-85f6-4be9-8dcc-d1bce32a66fd", "ObjectReference": [ { "comment": "", "object_uuid": "453546c0-85f6-4be9-8dcc-d1bce32a66fd", "referenced_uuid": "d73824bf-8527-42ba-85e2-0cecef9a56f7", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-b32c-403d-ad47-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "3b21c094-5c1f-42aa-a123-81752c2a6054", "value": "fc3e616f87df230bc11cad3b6a38cc07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "9048fe2a-39e0-4eaf-b137-3af099370bc6", "value": "1b20a50d819a5cba0b4e10b7ee5eda12bfc025e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "e36dc4ef-ff29-41c3-af24-64b4aabd20ef", "value": "1473aa4c297929bcab0b67f502ef90b5214113b442ed01910442fda077692f4f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055647", "uuid": "d73824bf-8527-42ba-85e2-0cecef9a56f7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "fdcf42eb-554b-417d-92d0-bff314a04cf4", "value": "2019-11-21T10:24:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "9d43cbc2-47a6-4b78-9318-3539e72fc666", "value": "https://www.virustotal.com/file/1473aa4c297929bcab0b67f502ef90b5214113b442ed01910442fda077692f4f/analysis/1574331883/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "7975a5dd-dff6-4bb9-a78e-97601927ea83", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055647", "uuid": "ec35b74e-09b2-4023-a42c-cd4c03ce65f1", "ObjectReference": [ { "comment": "", "object_uuid": "ec35b74e-09b2-4023-a42c-cd4c03ce65f1", "referenced_uuid": "7657c0bf-49ee-419b-8f48-91a7baca55e4", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-b924-49ef-a0b6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "ff24e03c-461e-41b6-9a68-5872242f82e8", "value": "adf7aa309e3477e42a47513ab6406eb0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "0a5e76f3-8c55-4d55-9a18-79ab1940c746", "value": "899ebd3dfc9693e1ae278ecf22d4c94ca7cf8db4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "a163f67c-ba51-4ece-a1db-5a13bee4c8e0", "value": "af0dc865455bb67362237f2bc15828385b122578d5ec53d9eaa6fdd0e1f08445" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055647", "uuid": "7657c0bf-49ee-419b-8f48-91a7baca55e4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "368ac720-f56c-4090-b542-9d8edc48a8cf", "value": "2019-11-15T14:47:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6df36723-7eba-4d9a-bf8e-f64ea8e63773", "value": "https://www.virustotal.com/file/af0dc865455bb67362237f2bc15828385b122578d5ec53d9eaa6fdd0e1f08445/analysis/1573829261/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "a4b1a203-85bc-49a4-86dc-5e92afa6ee74", "value": "51/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055647", "uuid": "6bef3e87-fc5f-4cd9-8e13-630858d8c597", "ObjectReference": [ { "comment": "", "object_uuid": "6bef3e87-fc5f-4cd9-8e13-630858d8c597", "referenced_uuid": "9582f930-237f-4d6a-95cd-f02170e86da9", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-5714-40ba-8a07-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "96a0af4d-ab96-41b1-ae2b-4a738f21e793", "value": "7e6f6520775cbe0c63ac340ecc080b0f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "93391d63-1eda-4d11-b4aa-79215bbd8a16", "value": "76676099e937f62b53a502ebef54ae0ea522a321" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "8db58fae-ec7d-4062-9a26-21759b67dfbe", "value": "9edc0ce20c2ae14ea9c587e0a6d6f7663d501542168fd6382d829ef85073a594" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055647", "uuid": "9582f930-237f-4d6a-95cd-f02170e86da9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "785ebb80-78af-4bed-a24f-7804bb2d5323", "value": "2019-11-24T16:23:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "ef9aaea1-e19c-4a86-b5ff-fa2b8918053b", "value": "https://www.virustotal.com/file/9edc0ce20c2ae14ea9c587e0a6d6f7663d501542168fd6382d829ef85073a594/analysis/1574612598/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "6a42831d-c3c0-4d59-ac78-b7b20f44519a", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055648", "uuid": "9b1f60bf-71c6-437b-8d6d-1a6b8d1a12ea", "ObjectReference": [ { "comment": "", "object_uuid": "9b1f60bf-71c6-437b-8d6d-1a6b8d1a12ea", "referenced_uuid": "407be71e-132a-4b52-b977-c571e1dc13d6", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-e414-481d-99b6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "d6d82486-b3b0-4151-9629-e4a1b4f86ba5", "value": "b41c22b8a7f3ccd8832ef98eab16c414" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "d9be3b05-441a-4fec-ba87-a0068b37196d", "value": "537f122e7db93cb32be87b4fd26b0b7c9a675183" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "f1b246f8-e6bd-4ea1-ae81-006b53e495c6", "value": "a68b9516432bb43b24b47c9767f852cacd160c3069c7864d075be33f0070dd0c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055649", "uuid": "407be71e-132a-4b52-b977-c571e1dc13d6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "8470fa81-65ca-4d1f-abef-3bbdc9df1e90", "value": "2019-11-15T14:05:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "9ce8b658-2d31-4baf-b89e-7ec46059492e", "value": "https://www.virustotal.com/file/a68b9516432bb43b24b47c9767f852cacd160c3069c7864d075be33f0070dd0c/analysis/1573826730/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "645bcb26-ad60-4b33-bc81-3bf7b4ce98bf", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055650", "uuid": "dcb1f7ef-4e2b-4be7-8211-1547ed9305cc", "ObjectReference": [ { "comment": "", "object_uuid": "dcb1f7ef-4e2b-4be7-8211-1547ed9305cc", "referenced_uuid": "bf704e96-c15e-4eea-9d24-8085c659cc6f", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-48fc-492b-a196-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "dc221168-29cd-46ef-bd21-3c08f32a70fd", "value": "e38fe3b45bf477f1f217dd04e736f355" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "0d6810f3-c32d-46e6-841b-6beb8d85bd79", "value": "69ace162a595d95227411f5052a361f70aa8267d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "6c1f028c-52c5-4018-a806-2ca039aa8aed", "value": "8a18be5d3739b3ebe39b075757c60354cee2e680b8e08de49b32085cfe69ea53" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055650", "uuid": "bf704e96-c15e-4eea-9d24-8085c659cc6f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "eaa7aa96-44d9-4935-afb3-90b4b815bda1", "value": "2019-11-21T10:36:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "f68bffca-6d1d-4535-ba95-84366340bbab", "value": "https://www.virustotal.com/file/8a18be5d3739b3ebe39b075757c60354cee2e680b8e08de49b32085cfe69ea53/analysis/1574332573/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "e9602d34-fa9d-4518-bbe9-89a930ceb90a", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055650", "uuid": "86c58388-e9f8-492d-97c0-18c8b31b9793", "ObjectReference": [ { "comment": "", "object_uuid": "86c58388-e9f8-492d-97c0-18c8b31b9793", "referenced_uuid": "c11a9cfa-5986-4160-8fd2-de980114fcad", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-2fd4-4b0d-b6b2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c3041323-a60d-4714-a9d9-3d657c456343", "value": "3f4051293c8c1a84409ad95624ada1d3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "7d402292-5b30-4a87-a528-26ba8cab9025", "value": "aafd7f91744446d9fbae81fe6fbfbabc7f70e315" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "af363e6d-45d5-4863-b9ac-73216511ddd2", "value": "9ec4804cc76160ed4915684a2d4328fc3e87e01f84d0be78cb4c6179cea97c0b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055650", "uuid": "c11a9cfa-5986-4160-8fd2-de980114fcad", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "4249e473-ec30-4af6-ba6b-96b65216650c", "value": "2019-11-04T17:12:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "8c485c76-ba5d-4b17-bacd-41713b3e9f03", "value": "https://www.virustotal.com/file/9ec4804cc76160ed4915684a2d4328fc3e87e01f84d0be78cb4c6179cea97c0b/analysis/1572887542/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "7ba70b6b-63b0-490c-9f25-6590e6ea484f", "value": "9/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055650", "uuid": "c998b408-f43c-41cb-95c0-2a783c244a17", "ObjectReference": [ { "comment": "", "object_uuid": "c998b408-f43c-41cb-95c0-2a783c244a17", "referenced_uuid": "906613a8-9ba7-4e57-bcfe-dbd2e48705d7", "relationship_type": "analysed-with", "timestamp": "1576055885", "uuid": "5df0b44d-05e0-4095-ba8a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "4b4798cd-832f-4320-94ad-7d31ef059f57", "value": "83d6a08bfcd59a85c8abd1d00430767f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "a28a2e56-4b89-44e8-86c6-42621e0d33be", "value": "0002d327a6164e4e9b21705ddbe170c0a1def764" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "0e236b73-4977-4f5e-995f-f47cdf4cf041", "value": "c0c02334dc523867f02a593cbc860e1520158da1b3ff9c1370bcbaeef70d4009" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055651", "uuid": "906613a8-9ba7-4e57-bcfe-dbd2e48705d7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "755bd41f-aac4-4cb4-b21f-8abc6c665df9", "value": "2019-11-23T22:53:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "87c68c57-7f58-4731-ae76-db59b046bdba", "value": "https://www.virustotal.com/file/c0c02334dc523867f02a593cbc860e1520158da1b3ff9c1370bcbaeef70d4009/analysis/1574549586/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "3e7905b6-d929-4984-82ff-662c3ffd6725", "value": "49/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055651", "uuid": "e62278a5-9c99-4067-9c30-d19dea8912a5", "ObjectReference": [ { "comment": "", "object_uuid": "e62278a5-9c99-4067-9c30-d19dea8912a5", "referenced_uuid": "7f4685e6-11ff-44da-83ee-18d216c61e85", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-0b54-40dd-bc27-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "029f63a2-59a9-4a18-aa56-2c016abeeeb6", "value": "067701e8564f41f0b8b7f95a7fac6486" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "a219ee32-aca5-4a6f-a10b-63b00c538630", "value": "372db02974044b42042227c8a91cc644c826bc6a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "f192bde6-e568-4a36-a69d-8751b304a382", "value": "3a1261fb978ac7806c43c420a2d92e5dcda896b1846fbba341909e33f5256bd7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055651", "uuid": "7f4685e6-11ff-44da-83ee-18d216c61e85", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "9679ba4f-20eb-4507-9a24-0e062fbff685", "value": "2019-11-10T14:20:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "5dc0914d-ec76-42ea-89aa-d26cd9bb1304", "value": "https://www.virustotal.com/file/3a1261fb978ac7806c43c420a2d92e5dcda896b1846fbba341909e33f5256bd7/analysis/1573395625/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "37519e2c-561d-4337-aee8-db28013aa859", "value": "40/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055651", "uuid": "ae7a8ab0-c3c2-4429-8b07-f035b3b56f0f", "ObjectReference": [ { "comment": "", "object_uuid": "ae7a8ab0-c3c2-4429-8b07-f035b3b56f0f", "referenced_uuid": "04cae305-5c94-4f59-a0c6-8ed1a49accbb", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-15dc-4b4d-930f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "93325e3e-e1b6-4418-a717-9d3b20dd7710", "value": "479155fed3e93774861f045904ff32b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "83fcd3cf-24ea-46bc-abec-de12223a39bd", "value": "cefb6f61b3f63851cbd9088ba17f11efb8bcfae7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "369a8666-97b5-4f1d-979f-3bbea91bedff", "value": "edb030d018d707cf2130b990e1ba80b4b2fd5415aa67c004fb129494ecb235d2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055651", "uuid": "04cae305-5c94-4f59-a0c6-8ed1a49accbb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "db9baedc-cb5d-418b-b127-94b1668d786e", "value": "2019-11-16T07:07:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "03297c7d-79e9-4ad4-a8e7-39e04b3fc7d9", "value": "https://www.virustotal.com/file/edb030d018d707cf2130b990e1ba80b4b2fd5415aa67c004fb129494ecb235d2/analysis/1573888035/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "f45e0bdf-e123-4004-ad0e-4e66d58ca930", "value": "44/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055651", "uuid": "d807e00a-0236-4b9a-b492-46fe9ac63458", "ObjectReference": [ { "comment": "", "object_uuid": "d807e00a-0236-4b9a-b492-46fe9ac63458", "referenced_uuid": "261076b1-5676-4375-acad-1842a29b5769", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-d478-48ff-b720-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "8540e140-5ba9-4030-84bc-9bef07e703e6", "value": "f624bc39013fac58b895ebf8572bcca6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "3b070050-4ce4-42fc-9139-40a1b5255c3e", "value": "0c811198db4a28dc5fa7877484fbf0c8f6e74080" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "9349b7d6-45fa-4367-afb5-894bd1cf34f7", "value": "237ef9a6a2b26b732e37978d07b9e4866eabc0f18a2eeebb7290db2ab348482a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055652", "uuid": "261076b1-5676-4375-acad-1842a29b5769", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "c6f39f7f-a601-45ad-9ff5-1bd833a78da8", "value": "2019-11-15T13:20:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "f5b643de-30c3-4955-8ce9-8c67fabdf489", "value": "https://www.virustotal.com/file/237ef9a6a2b26b732e37978d07b9e4866eabc0f18a2eeebb7290db2ab348482a/analysis/1573824005/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "9c9145f7-1d56-46d1-87b8-ae582fc267d4", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055652", "uuid": "43cb2dd3-323a-4782-819d-1eaf7c480862", "ObjectReference": [ { "comment": "", "object_uuid": "43cb2dd3-323a-4782-819d-1eaf7c480862", "referenced_uuid": "3c4821d7-a588-4682-a5d7-5e36c8f0f783", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-d08c-4bd3-9c88-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "0cd15294-f8c6-4e49-964d-b185804bbb76", "value": "b2bdaac7ffd6f1908afbc8c709199b7e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "dfa3309e-4fac-48f8-a64f-c9548eb78402", "value": "ed3982d00a3631735960da1a4164aac436c5384f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "ec53c181-64fb-4db4-93ad-549ecb00a0d5", "value": "737ff4b548bdc34e02aa05235d906b33fa44a38622e0551844c8bb0fb02e55e4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055652", "uuid": "3c4821d7-a588-4682-a5d7-5e36c8f0f783", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "aafa41cc-86c5-458e-b948-67646f5e8021", "value": "2019-11-20T11:56:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "1615bea1-7005-4117-8c07-169e079733fd", "value": "https://www.virustotal.com/file/737ff4b548bdc34e02aa05235d906b33fa44a38622e0551844c8bb0fb02e55e4/analysis/1574250991/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2dcc8aef-dc42-4006-b48d-725cdc71352e", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055652", "uuid": "ff194367-6c13-4a6c-a833-2db3884542ca", "ObjectReference": [ { "comment": "", "object_uuid": "ff194367-6c13-4a6c-a833-2db3884542ca", "referenced_uuid": "f4909c2b-72e3-4ccf-88c9-a681b1d7bd5d", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-a2b0-43f0-948f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "3a870c22-913a-46d5-b46f-3a26e7b7656f", "value": "b1da0cb611fa21abcac359b5cea2c231" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "d2fe3601-4eb7-40e3-94df-110565ba88a5", "value": "cfe0c925eb35994eb031767d584e109f9231172d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "ee0503e6-648f-4d33-83ac-341d61075608", "value": "7860674666bc7c299809637998310b9aacf6a4965da0d852b61c67742edd8b62" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055652", "uuid": "f4909c2b-72e3-4ccf-88c9-a681b1d7bd5d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "99f120ae-5e2f-46d4-aa1a-98bea1e25c65", "value": "2019-11-22T00:55:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "aa4038f3-cdce-417c-91af-d7cd47af5b36", "value": "https://www.virustotal.com/file/7860674666bc7c299809637998310b9aacf6a4965da0d852b61c67742edd8b62/analysis/1574384149/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "0d2a60c8-5d6f-4d7e-a7ef-0bf5253bf776", "value": "48/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055665", "uuid": "8a0e84d4-35bf-4663-a96c-b7a0b8d738f5", "ObjectReference": [ { "comment": "", "object_uuid": "8a0e84d4-35bf-4663-a96c-b7a0b8d738f5", "referenced_uuid": "1a713b5f-e818-45a3-a0bb-38b0051e7cb8", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-a7c0-4e0c-ad6d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054871", "to_ids": true, "type": "md5", "uuid": "14380dab-7d47-4937-a1fa-78c95814df2b", "value": "b1e47da3a19610fa3934e37a29ebc3ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054871", "to_ids": true, "type": "sha1", "uuid": "ed7a7965-521f-4a23-9edd-751bafa915d7", "value": "600219a0293d4177fb5d5602ddb6707f65cf8a97" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054871", "to_ids": true, "type": "sha256", "uuid": "1ec3a723-c4ea-4ec2-8f16-cbb935de2ad8", "value": "673dd35ef657718612f06f89ce98781f0861f261e5a4a3906e80acd27c249bbf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055665", "uuid": "1a713b5f-e818-45a3-a0bb-38b0051e7cb8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054871", "to_ids": false, "type": "datetime", "uuid": "ab36c756-b9d8-4bae-bfe8-77735ef538da", "value": "2019-11-17T03:34:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054871", "to_ids": false, "type": "link", "uuid": "27a2e164-3a11-427e-bc9c-c366244904ea", "value": "https://www.virustotal.com/file/673dd35ef657718612f06f89ce98781f0861f261e5a4a3906e80acd27c249bbf/analysis/1573961654/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054871", "to_ids": false, "type": "text", "uuid": "c64d8c20-0f74-4727-8b2d-2327011d90c6", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055665", "uuid": "b048e551-b041-42c5-89ba-6b693421ed49", "ObjectReference": [ { "comment": "", "object_uuid": "b048e551-b041-42c5-89ba-6b693421ed49", "referenced_uuid": "0a043ed1-ce60-4bae-bb7a-231dd60e2888", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-0e14-4c8a-af7f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "38ff85db-9ee8-4a23-9455-162228a99ff9", "value": "87a608d5786bde3cc3515dd58f81c955" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "0ded3c7c-c31b-46b7-9212-c5ec262aa248", "value": "e9a367ae6019e12d14cd01f0e8b3bc2d6323a5a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "b4847981-1eab-4479-aef8-5655b2beb94e", "value": "8affd6ae38dc7e715fb703a1341f835840c98fad83fba7466b9d5bf3b881771d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055665", "uuid": "0a043ed1-ce60-4bae-bb7a-231dd60e2888", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "f5098efd-39ba-4b12-9fd5-25f69dddda96", "value": "2019-11-18T07:37:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "067d06bc-b5a7-468e-b188-dc4f248aa92c", "value": "https://www.virustotal.com/file/8affd6ae38dc7e715fb703a1341f835840c98fad83fba7466b9d5bf3b881771d/analysis/1574062638/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "fcf5a9e8-c9a9-4996-b0fb-a6be560a980c", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055665", "uuid": "932f5a4f-3614-4a5f-b91a-bbee7c97a5d6", "ObjectReference": [ { "comment": "", "object_uuid": "932f5a4f-3614-4a5f-b91a-bbee7c97a5d6", "referenced_uuid": "c3077bf7-1383-46e6-92a1-e41279097a1c", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-03c4-49eb-9feb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "7fa32ddd-5c72-4827-a913-02652bb3cb38", "value": "fee8a2c0a4166b3add28fb91a7b07ed0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "9aec3d28-d6d1-41ed-ad2a-109ae21afa53", "value": "07dec2e0c04e223f53845275964021ad31df411d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a3b92648-371d-4f0a-9c4d-3564fc4fd95a", "value": "328152999c4b148033dc91e85e068419cff0d51614a0ffb81a851b9b61032940" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055665", "uuid": "c3077bf7-1383-46e6-92a1-e41279097a1c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "121f1a9b-99d0-4083-9a47-a654d76a9560", "value": "2019-11-29T01:24:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "2b550889-3478-48ed-a901-09e5a5f1c25b", "value": "https://www.virustotal.com/file/328152999c4b148033dc91e85e068419cff0d51614a0ffb81a851b9b61032940/analysis/1574990643/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "4a18a45c-5757-4e62-bfce-efd8b087da19", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055666", "uuid": "a1941e2e-0bf4-450f-94c5-75a6f82f374d", "ObjectReference": [ { "comment": "", "object_uuid": "a1941e2e-0bf4-450f-94c5-75a6f82f374d", "referenced_uuid": "8cc36cd5-a417-45d1-a01d-964e17af8489", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-b3ec-457b-b25a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "1fc52b34-2cf6-4e56-83ce-840724d2c4e7", "value": "fb5021874fcdb7be961d1a0df3dca997" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "5f4477a0-2b02-4698-b4b4-5a427bed3d97", "value": "21602ac0cd9a55d506d8cd7058d8a9ee5181cab8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "3390938b-bba2-42f1-b6a3-0ad2a13d2e47", "value": "e3a17ad287aa54ed67f4f802957d87810e5173c06b85d60dd742a05184fbce25" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055666", "uuid": "8cc36cd5-a417-45d1-a01d-964e17af8489", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "efae6c36-0f58-4dfc-bf89-17764437eb86", "value": "2019-11-15T13:20:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "a4d6b614-5e47-489c-9e5b-fbacaf313674", "value": "https://www.virustotal.com/file/e3a17ad287aa54ed67f4f802957d87810e5173c06b85d60dd742a05184fbce25/analysis/1573824035/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "1b302adf-bc0e-4dc9-bc94-29fc443cf375", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055666", "uuid": "00ba63be-8575-4111-986d-c44f0481c130", "ObjectReference": [ { "comment": "", "object_uuid": "00ba63be-8575-4111-986d-c44f0481c130", "referenced_uuid": "cfc64d8b-9351-44f9-9a0a-fd4961e5beee", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-f010-4724-9984-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "c05a7fc1-aade-42c7-974b-9e228c86b6c2", "value": "db118c0958aa6493cf5005ae0fc9bdc5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "1e725362-acc8-4469-8097-17d58daf7831", "value": "b0b5b5ee5835b9ed474508c1ec68d7eaa9f1859c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "0b24a3be-67f4-4cdf-8af5-1325bd27ce5d", "value": "1a60fe01d7c1d34d24a3d00590d53573980fe420a4afd747003324acdd7023f0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055666", "uuid": "cfc64d8b-9351-44f9-9a0a-fd4961e5beee", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "3b636fd5-6c35-4272-9a02-b7220002d257", "value": "2019-11-13T03:55:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "87c8499e-9300-4269-ad4f-4fe4880be65f", "value": "https://www.virustotal.com/file/1a60fe01d7c1d34d24a3d00590d53573980fe420a4afd747003324acdd7023f0/analysis/1573617316/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "903512aa-0753-4618-89ec-a52d9202505c", "value": "43/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055666", "uuid": "831fedf3-d85b-4369-a431-f06b3e36836e", "ObjectReference": [ { "comment": "", "object_uuid": "831fedf3-d85b-4369-a431-f06b3e36836e", "referenced_uuid": "faed2832-7661-4f42-856a-d42dc47c0fbf", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-3b2c-4b43-9a4b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054873", "to_ids": true, "type": "md5", "uuid": "e5870c9c-681c-4810-9153-8b5b2f0a570f", "value": "fd9aaee680f1b37bc23172eef3677b3e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054873", "to_ids": true, "type": "sha1", "uuid": "3c96f795-3aa4-44d5-aa7a-65be3915dd56", "value": "76560276162cc698465667b8b07ca2a743fd6155" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054873", "to_ids": true, "type": "sha256", "uuid": "eabb4585-d4e8-46de-a65d-ead616623d97", "value": "31fee0d5fce984bbf2050744b0bc13c245eb70806ce260f0611e84bab2d8ce54" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055666", "uuid": "faed2832-7661-4f42-856a-d42dc47c0fbf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054873", "to_ids": false, "type": "datetime", "uuid": "fbdd6c59-321f-43a3-b94f-edc0caefaacd", "value": "2019-11-17T03:37:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054873", "to_ids": false, "type": "link", "uuid": "c445f2d0-71cb-42f5-917b-719058ae3fe7", "value": "https://www.virustotal.com/file/31fee0d5fce984bbf2050744b0bc13c245eb70806ce260f0611e84bab2d8ce54/analysis/1573961836/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054873", "to_ids": false, "type": "text", "uuid": "29bc51c4-c3d6-43a1-a2c5-1f2a50209819", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055666", "uuid": "b65c3e8f-b07e-4fa3-b209-3185df28dd88", "ObjectReference": [ { "comment": "", "object_uuid": "b65c3e8f-b07e-4fa3-b209-3185df28dd88", "referenced_uuid": "d5ed534d-2134-4104-9308-430c61cd2074", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-52b8-4609-9b9b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "bfa40734-3ba3-4b15-9f68-4da167d9f0d2", "value": "3733644b76cf17b158931799d659cc64" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "93553764-0ccb-4a88-9a86-b077d0801d1a", "value": "e4c3be7d04d3fbf690840d8d000bcc4aecb296e7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "c9aa4e3d-8ea5-421f-835f-3d4966cb16f3", "value": "5f80a818809cdaac0959a7bb4cee64ab1044a0444a34db5a154d6a7e060353df" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055667", "uuid": "d5ed534d-2134-4104-9308-430c61cd2074", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "03cc1cc9-ce19-487e-930e-8f85788eb2db", "value": "2019-11-23T21:53:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "eaa17735-086f-438e-ae03-18f8c8518c2b", "value": "https://www.virustotal.com/file/5f80a818809cdaac0959a7bb4cee64ab1044a0444a34db5a154d6a7e060353df/analysis/1574545992/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "8ffdead4-df00-4d69-8bdd-963f85bf32f0", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055667", "uuid": "7a706a8e-eb20-4d6a-8613-87f5824e2c6f", "ObjectReference": [ { "comment": "", "object_uuid": "7a706a8e-eb20-4d6a-8613-87f5824e2c6f", "referenced_uuid": "c73ef637-3ed5-4a0d-8614-0b16c828b411", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-f010-41f5-8c4d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "473ffe31-0084-42d3-b791-a035a0c05eee", "value": "9053731f06f35aa4b19963ddcbdfc0c8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "b1df20c9-a831-47ff-9abb-d4f77e0b8d62", "value": "e1f8adfa925a150425516beb815f9c2456f63df9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "48949dfe-03c1-4bd6-b76b-494705504967", "value": "fa0d550b5eae5ab246a42be129e71e37f8b98857b533a69c410097b34670e94c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055667", "uuid": "c73ef637-3ed5-4a0d-8614-0b16c828b411", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "710bd247-ae28-4624-85cb-5564703835d4", "value": "2019-11-28T00:34:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "82d93f2d-82af-4458-8d89-55e853d1439a", "value": "https://www.virustotal.com/file/fa0d550b5eae5ab246a42be129e71e37f8b98857b533a69c410097b34670e94c/analysis/1574901288/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "6431f58d-ad4b-43d0-9956-966f98abf118", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055667", "uuid": "77f1a696-029f-45b8-b1b3-1c0ce9e75559", "ObjectReference": [ { "comment": "", "object_uuid": "77f1a696-029f-45b8-b1b3-1c0ce9e75559", "referenced_uuid": "1e0e74b7-0b03-40ee-b237-7c6652d65438", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-12ac-49fd-b4dc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "5e621eb8-e2df-43eb-a0cb-31eb8a7e9944", "value": "0d7be34110e2c1d34f3f28fdd0b9773d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "bba07638-fedf-458e-9a06-4c8de7830307", "value": "c04dacb17a992da1d643aa39b11f3e08a3334b79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "1fb6eaa7-facb-4865-a5b2-53f282ab4ce2", "value": "35bb15b3e22620842ea33c5e89614edc5fe641529374c780c06c7f573c508782" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055667", "uuid": "1e0e74b7-0b03-40ee-b237-7c6652d65438", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "6d7ace36-a9ee-4adc-b393-cc8429fcfa23", "value": "2019-11-10T21:36:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "ee50ccbb-4c07-432f-a1d3-ac3e998e45b3", "value": "https://www.virustotal.com/file/35bb15b3e22620842ea33c5e89614edc5fe641529374c780c06c7f573c508782/analysis/1573421766/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "028a361a-341a-4539-8b5c-6dc383ae1af3", "value": "40/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055667", "uuid": "008b727f-237a-4e1a-a0ab-ed4b02d30df9", "ObjectReference": [ { "comment": "", "object_uuid": "008b727f-237a-4e1a-a0ab-ed4b02d30df9", "referenced_uuid": "c6a480b1-ff07-4d8d-9ee0-e3df961ca4e8", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-0b34-4ee3-9400-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "8bb64383-7e74-4b45-8671-6c865850d600", "value": "bd5df20afb30ea7f852fff5f53a1c0b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "f783e723-08eb-415c-930b-c0c63a00c6bc", "value": "5e6738e999266a29fa729688959ee685c9a76ae0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "7d438154-a912-4ab1-a913-fe79ab8fecb6", "value": "9ec099ce8747e0c8ad027da62e5388cc3ae5f84a2b4d78af452c8f79823e56dc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055668", "uuid": "c6a480b1-ff07-4d8d-9ee0-e3df961ca4e8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "6ce8b9d2-2c3a-4c6e-bc70-7984ba076366", "value": "2019-11-17T02:13:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "5750a6b9-dcf9-4755-9b0c-3e22db89aa54", "value": "https://www.virustotal.com/file/9ec099ce8747e0c8ad027da62e5388cc3ae5f84a2b4d78af452c8f79823e56dc/analysis/1573956801/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "05f20d11-4220-4523-813e-5e4508b7dca8", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055668", "uuid": "36adc039-a5ab-49c3-b37b-eab8cdb4fb20", "ObjectReference": [ { "comment": "", "object_uuid": "36adc039-a5ab-49c3-b37b-eab8cdb4fb20", "referenced_uuid": "d1602636-27b9-4ccf-8005-c67b24c76d5c", "relationship_type": "analysed-with", "timestamp": "1576055886", "uuid": "5df0b44e-f358-4508-9a54-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "75e7e73a-387e-46ff-886a-71ab82e484e3", "value": "015dcdb350ada978e125130451f11f42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "00fbcebf-ca6b-4adb-bac1-10fa6d41b9ec", "value": "703ce160a264b601b9f94b132f2e8545d7a4a8db" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "a439315b-46a5-460c-b45f-8bc548417659", "value": "1e1f68b0b5a623c08acf5c37fe2c72505caa9783587a7ef925a25de26d950f2d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055668", "uuid": "d1602636-27b9-4ccf-8005-c67b24c76d5c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "1e5efe97-950a-4feb-9487-67e8ac1a95fd", "value": "2019-11-23T22:09:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "719c2a46-df54-49cf-8750-f15b56138090", "value": "https://www.virustotal.com/file/1e1f68b0b5a623c08acf5c37fe2c72505caa9783587a7ef925a25de26d950f2d/analysis/1574546980/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "0f63159e-7f45-46f1-ac83-a884f831e3d8", "value": "49/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055668", "uuid": "5168c613-2cc9-4859-bc2f-d5d1377e98e5", "ObjectReference": [ { "comment": "", "object_uuid": "5168c613-2cc9-4859-bc2f-d5d1377e98e5", "referenced_uuid": "3504dd66-01cb-4f36-a5ee-ff65bfee9302", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-45e8-44d5-8185-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "a1dc1991-bd28-4de1-aae9-a3d6550dab05", "value": "6e91a538e2fdec48c16b570b9d35cfd7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "40713fb4-8cf4-43f5-9c26-525d6fea3c2f", "value": "80909b6c5ba45d0c7cb04a91ea6d8eb8452adb5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "b564a36b-a764-425b-88dc-cdd19843a52e", "value": "050df8f1889c7a3c31a91ff07e9b4cc51ec203f6d9d25fb87a1ee0399a37f1c9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055668", "uuid": "3504dd66-01cb-4f36-a5ee-ff65bfee9302", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "faeaf889-0b4e-405b-b44c-5155765aca1f", "value": "2019-11-14T09:10:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "df7385cd-a992-4efc-86f2-268f217170c8", "value": "https://www.virustotal.com/file/050df8f1889c7a3c31a91ff07e9b4cc51ec203f6d9d25fb87a1ee0399a37f1c9/analysis/1573722650/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "0ebf2b40-4f5d-4b84-aacf-7abfda7b56a1", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055668", "uuid": "f56a8d7a-95cc-4718-849e-8b33a6b96dbc", "ObjectReference": [ { "comment": "", "object_uuid": "f56a8d7a-95cc-4718-849e-8b33a6b96dbc", "referenced_uuid": "d0b9f398-6696-4921-a66e-b12a8f295db1", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-c8c0-4f92-8e47-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "d277dc68-9891-4082-b537-b6b223792a66", "value": "f1402800a0979cd5da2b5f5c885a6817" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "f7e72997-5ba3-4cba-a308-00741441dfa7", "value": "4b1178c74b0742e9bf70410084a88f0cd573610a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "969c4c56-a149-4315-852e-dc61ae47af90", "value": "960279a5458f1204c009a108bc6aab5a9f6e5c9a0f257b211dcfca39796905f2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055668", "uuid": "d0b9f398-6696-4921-a66e-b12a8f295db1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "8d40401f-ec41-4e90-8f03-550a0a020fb9", "value": "2019-11-16T08:53:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "e72320a2-0512-4150-924b-f8b494bce9ea", "value": "https://www.virustotal.com/file/960279a5458f1204c009a108bc6aab5a9f6e5c9a0f257b211dcfca39796905f2/analysis/1573894432/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "6320bb27-b2e8-476a-b495-490183653506", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055669", "uuid": "d6c96963-fe0b-4238-b04c-5d4d044a9ab6", "ObjectReference": [ { "comment": "", "object_uuid": "d6c96963-fe0b-4238-b04c-5d4d044a9ab6", "referenced_uuid": "a16c85bb-640b-4908-bb5e-12b09c2049f3", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-81a4-482f-9cc7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "ed34fee4-65e5-488e-9cae-c6f37a86d9b2", "value": "3f803c4e863f4bd04729d4776555a1e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "b2aab149-df9c-448e-9793-22ecfeb92743", "value": "289ae7a48aa85a18a4149a403e19034a15b48d9b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "bf003be4-ba7f-4bdb-9324-9d8164a3f29c", "value": "4ca8e95a0a59b48ca7b24ac6ef01fef657fe47d3ba98a4abc870e2110c174986" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055669", "uuid": "a16c85bb-640b-4908-bb5e-12b09c2049f3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "bab72c8c-9faa-45bd-8ed7-53f221d0461b", "value": "2019-11-23T21:57:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "a4fc107c-8c7c-45a4-a1a4-2784190c8538", "value": "https://www.virustotal.com/file/4ca8e95a0a59b48ca7b24ac6ef01fef657fe47d3ba98a4abc870e2110c174986/analysis/1574546262/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "9ce9f5fa-d242-40c7-9907-05cc3612ee2c", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055670", "uuid": "c642837b-e171-4b1e-84b1-e1bfe9234bfb", "ObjectReference": [ { "comment": "", "object_uuid": "c642837b-e171-4b1e-84b1-e1bfe9234bfb", "referenced_uuid": "ed70f2af-596b-4afa-b2c7-93e22671eaf5", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-fc24-432c-89e0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "dfbebe6b-84af-4801-a839-59c64a3676c7", "value": "b03f83d2c1a6146fe4af0d0ffcb0fb94" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "38bb0a65-0903-4b41-ba41-d9ac6c79c33c", "value": "387232c3af0e5f94e15fc332b396e37471604b53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "80bfb694-0199-4123-9683-fee324ae2af6", "value": "d36a49ecd072c2df8db9f25ca792f545227219d2310efcd5cbf9c08c7cb62db7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055670", "uuid": "ed70f2af-596b-4afa-b2c7-93e22671eaf5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "0c8097d7-9be6-4d01-83a3-cae7013c945f", "value": "2019-11-09T09:50:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "95678b26-dbe2-4bdc-bb4e-11a0532519c5", "value": "https://www.virustotal.com/file/d36a49ecd072c2df8db9f25ca792f545227219d2310efcd5cbf9c08c7cb62db7/analysis/1573293023/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "0435206c-0d3a-4f68-ba7e-bd6fadb5abeb", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055671", "uuid": "b6e3ab22-b8a4-42fe-ad55-6c4f84bab692", "ObjectReference": [ { "comment": "", "object_uuid": "b6e3ab22-b8a4-42fe-ad55-6c4f84bab692", "referenced_uuid": "00f54809-a40c-472e-957c-ad15462306ad", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-26b4-4a28-8bb3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "0cae34af-aef8-4a39-8741-31cecdc4af96", "value": "b8e171857abc174f8ac86aed7294858a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "90a6edf1-ae59-457f-8ac4-5722564dfd0d", "value": "01baf6b42575bca254880c5eeea5dc4cf82fd40d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "53ac2883-8ba9-48ea-94b1-6dc9fb4a277e", "value": "6027dd52f89684cbf428d9420f84fdfee93ee73ee35af34f469a13c76279ab71" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055671", "uuid": "00f54809-a40c-472e-957c-ad15462306ad", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "416b96de-38df-4ebd-805e-664049280007", "value": "2019-11-13T13:55:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "c9901f2c-238b-471b-a7fb-8a919ea963b6", "value": "https://www.virustotal.com/file/6027dd52f89684cbf428d9420f84fdfee93ee73ee35af34f469a13c76279ab71/analysis/1573653356/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "aa1cd908-d016-4165-aa4d-b75c0d9c7af7", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055671", "uuid": "dc085cfa-a323-4109-9723-2856e2449668", "ObjectReference": [ { "comment": "", "object_uuid": "dc085cfa-a323-4109-9723-2856e2449668", "referenced_uuid": "f9c8f4ad-22b2-450c-8d06-7c4894196c2e", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-2f04-4d2a-a8f6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "33a8db60-807f-4df5-9ed2-43257c79d0db", "value": "956842d0acea85477b28af4e611346b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "eafb4ce9-236f-477d-8c2a-c55f56c605b1", "value": "2a5f2411c465a8683bbfee68e5b93c7f49e65390" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "56236884-a668-4425-a6d5-c6833cfe9a85", "value": "1338c13050d672e0728a0b2db6d947a6c64387832e8ea6b4b575bce0a3833582" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055671", "uuid": "f9c8f4ad-22b2-450c-8d06-7c4894196c2e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "ebd916aa-fe35-4104-b809-b3dbb63ae99f", "value": "2019-11-13T07:32:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "ad979237-52a4-4a66-9b23-a88e7fa36d66", "value": "https://www.virustotal.com/file/1338c13050d672e0728a0b2db6d947a6c64387832e8ea6b4b575bce0a3833582/analysis/1573630375/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "bdd0769b-b9c1-49e0-b86a-51407b2ebad2", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055671", "uuid": "6b2a9860-0ea0-4e21-b39e-5b1329c1e165", "ObjectReference": [ { "comment": "", "object_uuid": "6b2a9860-0ea0-4e21-b39e-5b1329c1e165", "referenced_uuid": "b260df0f-3c44-446a-8498-c28ac402bc01", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-3fcc-4b4c-af7e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "bd6df0db-feff-4821-9d93-519a776896b2", "value": "205aa9346d03d08100f30eb13816cab7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "7729544b-2827-4730-94d8-aeb919a9d352", "value": "344ce1b7603ca5b902346e1c725e380da623809b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "98219ba0-60b6-47d6-80bd-82b1a7c9d52f", "value": "7f1d3f304633e81b604ec757cb319d92d5a11f2f5de8e89d90dafcf872fcbeef" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055672", "uuid": "b260df0f-3c44-446a-8498-c28ac402bc01", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "b41d28ca-236f-4426-8b08-6e09bdb88298", "value": "2019-11-21T11:06:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "de8c61a5-be0b-4167-a11f-fcc2b30be116", "value": "https://www.virustotal.com/file/7f1d3f304633e81b604ec757cb319d92d5a11f2f5de8e89d90dafcf872fcbeef/analysis/1574334362/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "067f1762-9140-41d2-91d7-097d26eb5bcc", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055672", "uuid": "c0873cbd-8da2-4175-9b01-88eed9046eb2", "ObjectReference": [ { "comment": "", "object_uuid": "c0873cbd-8da2-4175-9b01-88eed9046eb2", "referenced_uuid": "6989c742-4270-4198-aa06-694b87a09813", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-0514-47b0-ba30-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "792ce7e4-0992-4c48-8e81-44a3ffae0b5d", "value": "d1d973d265a900fba6c3b5e878763a14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "ffe5d442-8909-49d2-ab74-a6bfa7571c4e", "value": "39a5f42a0594624df5ff0bfd4605459677649439" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "8b3fd994-3ad9-4c99-8cbd-1507bac32f36", "value": "9a5f8b42ee9f40a59d99c1b33ebac6ac9290f907dae8188bbc9ac1f875c2a99a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055672", "uuid": "6989c742-4270-4198-aa06-694b87a09813", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "54ee7119-5d51-4a2a-af03-16004aef2763", "value": "2019-11-21T10:52:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "1ddf0dd9-7b2b-425b-bade-dc9521e036f7", "value": "https://www.virustotal.com/file/9a5f8b42ee9f40a59d99c1b33ebac6ac9290f907dae8188bbc9ac1f875c2a99a/analysis/1574333549/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "b596edfe-9acb-45f4-beae-cac6af5134a6", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055672", "uuid": "70235016-7a6d-437e-8007-cd94349b2bc8", "ObjectReference": [ { "comment": "", "object_uuid": "70235016-7a6d-437e-8007-cd94349b2bc8", "referenced_uuid": "e1eec834-f129-46e4-a494-49343a144561", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-318c-4722-8ff1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "28c4e644-809b-4d83-bb5e-b6c10887fe04", "value": "3f8031512d223f4f07028f20d364aa10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "fc7503e2-35df-4d0e-a0a3-71505762419e", "value": "02959b3945a09bc189e49c97942eebe6a30f17d9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "ceeb2254-1726-4cc9-9347-6b8b460db6e1", "value": "5171299ff98c0d226b12a2a25bebd1c00099ce90ec8545cfe461f250c9876b93" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055672", "uuid": "e1eec834-f129-46e4-a494-49343a144561", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "a9b7913d-1436-4795-9d73-1b8ad8c43a8f", "value": "2019-11-09T12:38:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "9499e239-51ae-47a0-b039-1250141f626f", "value": "https://www.virustotal.com/file/5171299ff98c0d226b12a2a25bebd1c00099ce90ec8545cfe461f250c9876b93/analysis/1573303085/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "74934213-236e-48ad-bccf-9f60cbd49c1f", "value": "13/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055672", "uuid": "ba57e38f-7f2f-4163-ad57-a9a005307876", "ObjectReference": [ { "comment": "", "object_uuid": "ba57e38f-7f2f-4163-ad57-a9a005307876", "referenced_uuid": "205e85cc-875c-4b50-a5b4-0bf576867dbd", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-219c-4153-b1a9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "04627b0a-0ab5-4beb-b467-7e1f5c0b3291", "value": "fbbd706de42d79e84810d7e4bde79978" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "d0afdaf8-d645-4a0e-8010-42f6bd429408", "value": "41c3e32b9c85abfd47efb99c99f182977da51193" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "84c97573-1be0-47a4-9284-dde7265bed9f", "value": "9401771a55e0df0af4c8f2e73f30f622cbf2632cadf476aadb16fcdd2c7b5d46" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055673", "uuid": "205e85cc-875c-4b50-a5b4-0bf576867dbd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "df141af7-b1fb-4755-8a03-b7632eb6af13", "value": "2019-11-23T22:26:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "522416a4-1497-44e3-980b-ed803b8cef9e", "value": "https://www.virustotal.com/file/9401771a55e0df0af4c8f2e73f30f622cbf2632cadf476aadb16fcdd2c7b5d46/analysis/1574547999/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "1d9d920b-22b6-4aa0-a714-e31df281807a", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055673", "uuid": "bca2087d-843c-461d-bdf8-43a463b026ec", "ObjectReference": [ { "comment": "", "object_uuid": "bca2087d-843c-461d-bdf8-43a463b026ec", "referenced_uuid": "1cdfef9d-352d-411d-9ba2-053c1034a71d", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-9760-4def-9690-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "23fd7baf-287f-410c-8c64-b99d196fa549", "value": "a2731930479cf70c0e314024a6b144f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "44bd6bd3-ef2f-43ea-b8ca-6da2016d82a3", "value": "128b7c7a0068f0121f71234cb9c11dc0d236a288" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "6e4f9ccc-9e81-418f-bade-f514c5ceec2a", "value": "e3eec80ccd47c6935f0fddce1d3627f5be717e90a30e2f736c3ef268bb7676f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055673", "uuid": "1cdfef9d-352d-411d-9ba2-053c1034a71d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "828314b9-3a78-4364-b0c4-eb44efd94f70", "value": "2019-11-21T19:00:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "7b12c546-8fbd-407f-bb97-9d38bba2e119", "value": "https://www.virustotal.com/file/e3eec80ccd47c6935f0fddce1d3627f5be717e90a30e2f736c3ef268bb7676f4/analysis/1574362853/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "da1d1720-2cb1-4776-8c24-cc974fa5b75c", "value": "46/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055673", "uuid": "1c1f7716-5cc5-43bf-8e10-fdc7ab9176c7", "ObjectReference": [ { "comment": "", "object_uuid": "1c1f7716-5cc5-43bf-8e10-fdc7ab9176c7", "referenced_uuid": "f6d96fde-762e-49b1-b35d-41ab311856ab", "relationship_type": "analysed-with", "timestamp": "1576055887", "uuid": "5df0b44f-12cc-4f07-9aa4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "73d0bcce-45d4-4513-87cc-1e242537da5f", "value": "4e699994ad42c1a0672d6d3bd42c2b26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "3e9a4494-8f69-452f-8edd-37e528d942f7", "value": "42bdf618ba920b7d01892f47abab4b1e9af1ecac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "7fd190d7-0e90-4d73-b7de-4c460bbbd8e0", "value": "09701e1be1c1d055eaa2e910e8f0086f911ff2d83f8e52c0c56c801bb65c436e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055673", "uuid": "f6d96fde-762e-49b1-b35d-41ab311856ab", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "07dbd8ac-24b2-4799-9d7b-86fb1e01b266", "value": "2019-11-06T08:46:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "724b85a6-fee6-4783-8422-6b8dfb712ef2", "value": "https://www.virustotal.com/file/09701e1be1c1d055eaa2e910e8f0086f911ff2d83f8e52c0c56c801bb65c436e/analysis/1573029963/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "78861a6b-6d06-4f37-b62d-e2bfea076289", "value": "14/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055673", "uuid": "654af31c-3b70-492e-9fd4-3c392cd1b3a2", "ObjectReference": [ { "comment": "", "object_uuid": "654af31c-3b70-492e-9fd4-3c392cd1b3a2", "referenced_uuid": "696418c6-786d-4db4-a076-f8afa5b4e9fe", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-f320-4beb-90e3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "51773432-7c9d-4096-ab26-214564793197", "value": "650c3d9057e12138298802cb01475f9e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "92394dd4-7874-4f38-99ae-54e9b19dbb34", "value": "6b8b7e1dff7783490289ad16f13bca38f11dc0dc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "ce93559d-cb00-49b2-bd75-87a5dd24ac79", "value": "46057abf095625ca75f36b5df302f5060a21288be15a819458265da59d8f3547" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055674", "uuid": "696418c6-786d-4db4-a076-f8afa5b4e9fe", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "649d5883-04bd-4394-81ae-a1b12abbefe8", "value": "2019-11-15T14:21:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "825ee59e-ec17-4e5c-9702-7d8429b52b39", "value": "https://www.virustotal.com/file/46057abf095625ca75f36b5df302f5060a21288be15a819458265da59d8f3547/analysis/1573827688/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "720f410d-c046-4241-928b-3cf23fd3b97c", "value": "51/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055674", "uuid": "3ca33392-186c-402b-9a1c-24980c78cbae", "ObjectReference": [ { "comment": "", "object_uuid": "3ca33392-186c-402b-9a1c-24980c78cbae", "referenced_uuid": "1fd1d2cd-4aae-4483-b0b9-4d398e35e257", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-8dd0-4919-96fc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "2920fd96-b2a9-44fb-a8ef-61477f9e5632", "value": "37a105079de2e9a1225e7194ef90a8f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "1775d78c-865c-4995-9303-5d86a4249976", "value": "0907b278e466a67c2085ced04ee4567056ff0175" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "cd587108-96b2-4697-b162-2277a4ddb58b", "value": "aaaf7c645d38e22cef3b34153c449bb7fac3af8e0f6bf29e961018d27e6bf941" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055674", "uuid": "1fd1d2cd-4aae-4483-b0b9-4d398e35e257", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "c8aef888-3dc6-4c57-8ec0-05f7cfd1a7b7", "value": "2019-11-29T05:25:07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "c68f72ce-a55f-4ab5-8ae8-a62291878da9", "value": "https://www.virustotal.com/file/aaaf7c645d38e22cef3b34153c449bb7fac3af8e0f6bf29e961018d27e6bf941/analysis/1575005107/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "45fa6cc1-88c4-413e-b100-d3da2c454be1", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055675", "uuid": "7f335ec2-b6e3-4001-ad79-be53421c0dd9", "ObjectReference": [ { "comment": "", "object_uuid": "7f335ec2-b6e3-4001-ad79-be53421c0dd9", "referenced_uuid": "e3bc4c3e-33e9-463b-858b-d26d2f608ed5", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-7d1c-4940-8335-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "51342df6-e9de-4caa-855d-b707e1f87ee1", "value": "8c98272e5144c73304ce05ab2450497c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "29a5263b-0722-496d-adbb-e950dd5561ca", "value": "7bb941b28164d1011c45c60992c1c2798ad72b5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "8f6dfd1e-d880-438b-bf81-04cda55607c6", "value": "ebbc69e2b6ae5e838c17deefac4a00e0e52d69fa8ca50d133fcb849667a3b3be" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055675", "uuid": "e3bc4c3e-33e9-463b-858b-d26d2f608ed5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "e16dc44a-26ca-47be-85ae-2c73911ae06e", "value": "2019-11-28T10:26:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "5d7a332d-2841-4587-a863-ff08b2103c0d", "value": "https://www.virustotal.com/file/ebbc69e2b6ae5e838c17deefac4a00e0e52d69fa8ca50d133fcb849667a3b3be/analysis/1574936773/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "2baa1158-0b71-4cbf-80f2-f49c4409b33f", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055675", "uuid": "c1bcc19c-685d-4c4d-98a8-66df5a4e5458", "ObjectReference": [ { "comment": "", "object_uuid": "c1bcc19c-685d-4c4d-98a8-66df5a4e5458", "referenced_uuid": "a35d6b3c-56bf-4d96-976e-a9923a94b8e2", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-34d8-4d0e-93ea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "4ebcaf70-ae9c-4896-96ab-c7e85aad5995", "value": "acff2ac90f8675fc42c2502024a9597f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "3576f4d1-6605-40e5-8b7f-478437e79235", "value": "4419949c24e8d42629a52b3811c41d0bbb529789" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "208e88e7-eac5-40dd-b24c-c3f6a23e70b2", "value": "cd48897f0bf376271dedecd481a6c9117a6e8303d5a3e583c034c3d33ce23c4a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055676", "uuid": "a35d6b3c-56bf-4d96-976e-a9923a94b8e2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "299dbde1-e4e8-482e-8908-fb277b8ee7f5", "value": "2019-11-28T05:30:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "14c54242-ef48-4875-8434-6216c5b60dec", "value": "https://www.virustotal.com/file/cd48897f0bf376271dedecd481a6c9117a6e8303d5a3e583c034c3d33ce23c4a/analysis/1574919053/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "82d68107-564c-4e70-84e0-3f21a9cc736d", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055676", "uuid": "71247c37-a80a-43c9-91c3-11f4eeca4487", "ObjectReference": [ { "comment": "", "object_uuid": "71247c37-a80a-43c9-91c3-11f4eeca4487", "referenced_uuid": "112dff7a-2e72-4795-b911-2f4686040178", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-1f74-46eb-9efe-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "3ceb3600-43de-488d-be75-a57f344fe544", "value": "d233feb2cda0e4940fa0a3569e71914e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "4d4569af-b6a4-40a8-8ac4-ec36e87bbe1e", "value": "667819dff62a7dc798b4e3f8314fc2c41897fe14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "590d1c71-6413-4788-aa8a-2e3003ee4c84", "value": "bc210c0d9757ec34e1ec76264c63b71fee3367b7d020f81f56b3d89b75531da7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055676", "uuid": "112dff7a-2e72-4795-b911-2f4686040178", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "ff4d9f8d-4533-47ee-b592-585b2fd90ceb", "value": "2019-11-15T15:32:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "ffcbc14b-b671-4674-acd3-90bed5a9e2e1", "value": "https://www.virustotal.com/file/bc210c0d9757ec34e1ec76264c63b71fee3367b7d020f81f56b3d89b75531da7/analysis/1573831925/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "b0b5bed1-bfe8-4c22-8773-7025f0f552d6", "value": "45/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055676", "uuid": "856835b4-8600-4040-a650-befc7b4a0bd0", "ObjectReference": [ { "comment": "", "object_uuid": "856835b4-8600-4040-a650-befc7b4a0bd0", "referenced_uuid": "d105ccb8-9e5c-494e-aafd-c43f57ceff82", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-2d1c-4499-80ea-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "5911690c-1cc7-461e-aca7-82083e7a8a9e", "value": "ac9e7cb743afc9d3a514ae59a18e8797" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "c59e7359-b37d-4de3-861f-a1290fa0b5fe", "value": "01ae7083b569daabdc100f1e539c8b97fce13d00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "5e573c6a-ff42-4bb3-af7a-c0a4765ed310", "value": "1918956aafe716e3d2ef05932b268bd1a876e96eb79dbf9a0f03cbdda00ce6e6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055676", "uuid": "d105ccb8-9e5c-494e-aafd-c43f57ceff82", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "8029e76d-aa3f-4405-93e5-ea15bed7f3e1", "value": "2019-11-15T00:23:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "d5861413-00b6-4e55-80ca-b76238cad72c", "value": "https://www.virustotal.com/file/1918956aafe716e3d2ef05932b268bd1a876e96eb79dbf9a0f03cbdda00ce6e6/analysis/1573777418/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "47abb2c6-4a70-4e0e-89e4-b6662875ae3b", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055676", "uuid": "57bc967e-3d44-4753-a154-4023da3698aa", "ObjectReference": [ { "comment": "", "object_uuid": "57bc967e-3d44-4753-a154-4023da3698aa", "referenced_uuid": "affae7c8-303d-4636-97be-295bf6d84136", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-59a0-4123-93ef-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "79dbc86e-5eb6-483f-87e3-153832c86358", "value": "5adfab914e960dc2025569e8dd140aab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "27baa334-c6ba-4661-8711-8422a8683dee", "value": "9456aeb71d444de40ebca9530ac974aae468b354" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "423b499d-bd7b-416b-95c1-90930ac352d0", "value": "f83c4792728be3bee73911473f563b776353e79811febaf30e0736ceee68298a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055677", "uuid": "affae7c8-303d-4636-97be-295bf6d84136", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "7231db76-dd54-40b5-ad39-a95c60d80164", "value": "2019-11-15T02:01:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "4255e368-436c-4864-8a2c-291977076c9c", "value": "https://www.virustotal.com/file/f83c4792728be3bee73911473f563b776353e79811febaf30e0736ceee68298a/analysis/1573783295/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "2de716c9-1ab7-4c93-9456-3edf38c46441", "value": "46/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055677", "uuid": "1041116d-b2f5-4a15-9af5-70780985d5bf", "ObjectReference": [ { "comment": "", "object_uuid": "1041116d-b2f5-4a15-9af5-70780985d5bf", "referenced_uuid": "0063f070-f011-44b3-9b1c-5090f08fbbd0", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-1d44-453e-8f68-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "d79964da-160a-45bd-8517-9bcf2529ce9f", "value": "d467c6ed3db71db858eda989e0548f0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "d9f6dfec-e963-4924-886b-7e1c6586f564", "value": "4c1864922e00a5b797b9550582fa320152afda22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "b18637cf-5fd5-4065-920b-be2e36a047de", "value": "97a4658497adfb1b8c46c615e676d7e51308490aa1715cd78abf03662a80e145" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055677", "uuid": "0063f070-f011-44b3-9b1c-5090f08fbbd0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "3994dd43-57ec-4ed9-aa2c-2aceefc022dc", "value": "2019-11-29T02:09:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "10d63cc3-49be-4e77-9f11-7c09e51ac333", "value": "https://www.virustotal.com/file/97a4658497adfb1b8c46c615e676d7e51308490aa1715cd78abf03662a80e145/analysis/1574993379/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "99d30440-55a1-4d61-804e-a16c9fee1d49", "value": "55/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055677", "uuid": "61d882b8-8aaf-4725-8a98-000b110bd374", "ObjectReference": [ { "comment": "", "object_uuid": "61d882b8-8aaf-4725-8a98-000b110bd374", "referenced_uuid": "7fecf5c4-77ba-4c00-8600-54d5cc570987", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-10ac-4b2b-a596-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "c77fd7bf-ae89-4ef7-b232-714d84ef86d1", "value": "d030db7e0eac0b235b8657b1c1943d2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "44074b92-4f3f-4f80-aad5-7091982c678f", "value": "1e5ab3c32d36219cbe5e9218290b6d15f2134a67" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "4ccb1206-2be3-4206-8116-8ba5355a73ed", "value": "959a7940a5d8811036a35ce12b36fb9e2675fc4ead51f8eb9d67a870194ed9e4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055677", "uuid": "7fecf5c4-77ba-4c00-8600-54d5cc570987", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "4435b731-a568-49c1-8921-504bbf9e5fca", "value": "2019-11-29T11:41:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "00186b60-b99a-4814-a771-c491a2c7c0b7", "value": "https://www.virustotal.com/file/959a7940a5d8811036a35ce12b36fb9e2675fc4ead51f8eb9d67a870194ed9e4/analysis/1575027708/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "d5507695-164e-4fbb-b65a-af6503182768", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055677", "uuid": "74b7eac6-edc1-4719-aae0-30242c74d51b", "ObjectReference": [ { "comment": "", "object_uuid": "74b7eac6-edc1-4719-aae0-30242c74d51b", "referenced_uuid": "febdffe9-4e17-425d-a8d6-4c51cf33224e", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-2f08-4651-af70-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "211e3f40-fa83-4460-9e64-abcf5cffaf25", "value": "a7edcde30dbd1b55f5d7f029b360daff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "f805c807-d0bb-4bfc-9fef-51a0bc126ff4", "value": "50bbbc0bad591915d0b798a3078298adcf2f206a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "f19ab3d9-2d6d-4bee-ba8e-462d8bddee33", "value": "bb09c8b7ba552b5200c6da5b55f9b29e5170c01b10aaa3140b0bccb85f991588" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055677", "uuid": "febdffe9-4e17-425d-a8d6-4c51cf33224e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "7fb009f3-3a2d-4849-a21f-599ac0670832", "value": "2019-11-13T03:54:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "4f06be37-e570-4c14-9a38-047287401551", "value": "https://www.virustotal.com/file/bb09c8b7ba552b5200c6da5b55f9b29e5170c01b10aaa3140b0bccb85f991588/analysis/1573617246/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "598406da-1265-4148-b36b-2a4b9231198b", "value": "44/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055678", "uuid": "026b2ae0-605a-41db-9cd6-dacc072e20d9", "ObjectReference": [ { "comment": "", "object_uuid": "026b2ae0-605a-41db-9cd6-dacc072e20d9", "referenced_uuid": "cd56979c-e304-44fe-a86c-d0f0a77458f0", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-a12c-469e-a196-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "54ab180a-a697-47e8-969b-8e13c04d3867", "value": "9b37b5b0049aa6ca0a7e38fd0f766953" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "6b52dcbd-35b3-4eb9-ade5-cf49577a23a7", "value": "4bc91885bf924959923b9c6f743d9c097eaba7c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "1d4ff18a-632f-44e7-a689-e914f8042460", "value": "28dd5bb9bd2a828533fb5e95793643fa5bf96a7d0f5b1799d7978d84fdea62ef" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055678", "uuid": "cd56979c-e304-44fe-a86c-d0f0a77458f0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "d4c8f842-c610-4674-a226-4167581fc156", "value": "2019-11-20T11:52:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "02ba8b2d-163e-46e7-97eb-09e738516af3", "value": "https://www.virustotal.com/file/28dd5bb9bd2a828533fb5e95793643fa5bf96a7d0f5b1799d7978d84fdea62ef/analysis/1574250729/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "261b7250-f149-463d-bf72-f4c5617ded55", "value": "40/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055685", "uuid": "8dfc28af-b55c-4152-a857-ab4522899cc2", "ObjectReference": [ { "comment": "", "object_uuid": "8dfc28af-b55c-4152-a857-ab4522899cc2", "referenced_uuid": "4bb02d38-1f1e-48d8-8898-c7f2da8af6e9", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-6390-4067-9f59-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "3cbdcc58-33c8-4d31-8159-654df82b914d", "value": "6dc03dd4ec7bdc74dd5dc97d5a076ccc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "8be67579-cdda-409c-8e6f-988c160ab4e5", "value": "c7b03413eeae980999c8512278d9ee9f46a5784e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5bf08fc4-e8c3-4344-a88f-eb1b9715e3ab", "value": "4889ebb5f02c520e57a9f417df2d53cf415c9fc67d2ae3abab8b604e275df23c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055686", "uuid": "4bb02d38-1f1e-48d8-8898-c7f2da8af6e9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "1798bb29-f23f-4362-bf2a-ac25285b947a", "value": "2019-12-01T04:29:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "a3fd4046-da65-480d-a1ef-9d4ffcfe0bcd", "value": "https://www.virustotal.com/file/4889ebb5f02c520e57a9f417df2d53cf415c9fc67d2ae3abab8b604e275df23c/analysis/1575174570/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "647ab075-a93a-427f-9095-e243d31d7b89", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055686", "uuid": "3f2e12db-da2d-443b-b757-4e9e6c122ea4", "ObjectReference": [ { "comment": "", "object_uuid": "3f2e12db-da2d-443b-b757-4e9e6c122ea4", "referenced_uuid": "82cce140-33ee-4095-921e-fa0543e21649", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-f500-40a1-b850-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "8f6028e9-0d29-4516-9068-2edae93952b0", "value": "feacbcc320d6bc2bb3008fd113f273a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "c32baba3-7932-4758-b784-9928593bc230", "value": "dfd49587e8dc1d5f846b525449f08b1a914c654d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "d11e4406-8694-44fd-acc2-93b2137e82f6", "value": "2437a58d064633e57b32149b711ff16b3b55902915b7711d6cf9e855ac08ec41" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055686", "uuid": "82cce140-33ee-4095-921e-fa0543e21649", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "7ec4e549-85a1-409f-b536-7f0d789ffde6", "value": "2019-11-10T21:30:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "16177993-431d-498a-9713-8366fe841f48", "value": "https://www.virustotal.com/file/2437a58d064633e57b32149b711ff16b3b55902915b7711d6cf9e855ac08ec41/analysis/1573421437/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "1468e4d8-3619-4619-a071-463b69cb04ee", "value": "40/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055686", "uuid": "088e3039-07ee-459d-bd4f-bf7bad58d503", "ObjectReference": [ { "comment": "", "object_uuid": "088e3039-07ee-459d-bd4f-bf7bad58d503", "referenced_uuid": "9f601c7c-affa-4785-afc2-07685120de1d", "relationship_type": "analysed-with", "timestamp": "1576055888", "uuid": "5df0b450-f08c-4417-b1ec-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "4970f0f8-5185-4234-8970-fef77e7d25d8", "value": "3191853f42c806f48dce877412d79e24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "a7e33cdf-7541-404a-9d71-7e93a6c61d8c", "value": "cdd0a2502e2e006526dc903810fe9b8bfc5c8ebd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "a5c927a8-e410-41bd-a360-07a76209b463", "value": "ce110da29dec4756efa27fc5d4ad17eca6e6194375f8391226f60972bcd17a91" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055686", "uuid": "9f601c7c-affa-4785-afc2-07685120de1d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "cea8432c-9ada-4280-be66-5b483adc1a02", "value": "2019-11-23T22:15:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "d43a8ba8-7a40-49de-a4a1-40f74b1bf471", "value": "https://www.virustotal.com/file/ce110da29dec4756efa27fc5d4ad17eca6e6194375f8391226f60972bcd17a91/analysis/1574547322/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "5cd616dc-7462-4e96-bc3b-ba1f319c5fb8", "value": "51/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055686", "uuid": "83763372-bfd9-44aa-aef3-8d6a920e5a19", "ObjectReference": [ { "comment": "", "object_uuid": "83763372-bfd9-44aa-aef3-8d6a920e5a19", "referenced_uuid": "f5219ac5-1d9f-44f0-8bf8-99d584556215", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-cbf4-4ec0-b458-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "ac86f8fc-981e-41d1-b9b9-cbeaba465539", "value": "c6410b764b572befd6e6b8a09f98213b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "bd3a9726-24ac-449e-b9a4-938836cded7c", "value": "7632428b8a721dca3903c74b5e46e2c8f9ca354e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "97a0a114-3b87-46f1-9a41-760aa858fb18", "value": "4d05c434412dc66eac7a44c20421ac7ab4567aa378330b9fbdb4196a5d0b1198" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055686", "uuid": "f5219ac5-1d9f-44f0-8bf8-99d584556215", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "2644bcb3-3af6-463f-b8f2-47db0c0f0019", "value": "2019-12-03T22:06:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "b81ca2e1-e0e7-4b2f-a919-bdd77f320e20", "value": "https://www.virustotal.com/file/4d05c434412dc66eac7a44c20421ac7ab4567aa378330b9fbdb4196a5d0b1198/analysis/1575410776/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "7708ffc3-7211-400b-80b6-e3ca4056b510", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055687", "uuid": "ae3f4f6d-16c6-4318-b5f7-3a6c402a4a2c", "ObjectReference": [ { "comment": "", "object_uuid": "ae3f4f6d-16c6-4318-b5f7-3a6c402a4a2c", "referenced_uuid": "ed048d52-bf53-4d0a-9478-efca6df1480c", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-3f50-489c-ab7c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "75c673f7-5141-42bc-83bd-67a12a82c6ce", "value": "0828563e7cf6ca3573bf757472aa719f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "06de9fc3-44e9-47a4-9a41-4c44aa4d79f5", "value": "a5470c5e6f7a06d32bda07c9e71803fc538f4297" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "ae6382e1-7ce8-4687-bf82-c2de77490f23", "value": "6af21af6dab46946596b012550939e5fe42b78a9403b2814995796bc3b15e976" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055687", "uuid": "ed048d52-bf53-4d0a-9478-efca6df1480c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "d831df5f-3d14-4083-889c-a407a744e3f6", "value": "2019-11-23T22:34:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "918d3119-9c52-4bb7-bfd0-3044bf653e64", "value": "https://www.virustotal.com/file/6af21af6dab46946596b012550939e5fe42b78a9403b2814995796bc3b15e976/analysis/1574548449/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "921a9f4b-4bfa-49c1-870b-951d1f87e773", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055687", "uuid": "041cac35-8f8a-4d5d-8c22-26d97e5cd563", "ObjectReference": [ { "comment": "", "object_uuid": "041cac35-8f8a-4d5d-8c22-26d97e5cd563", "referenced_uuid": "ce1ec435-a136-4044-b63d-e54d61f51cc0", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-cf50-490c-9634-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "a77b6adc-1f5a-4eb2-840f-79fa84bdb1ba", "value": "7d6e0ee1f994ab61fd57b2a55ab00130" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "fe946717-fb14-4b27-bfc3-5fe6dcdcd012", "value": "35c11c01e549f6968f94400377f735f4261ce6d1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "277f4b40-e11d-429a-80de-cfc0655f966b", "value": "21db063f58ba1e3e9f7d9ceb5288e89bc9fbe023ab7b3d1296c83f9a271e0ade" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055687", "uuid": "ce1ec435-a136-4044-b63d-e54d61f51cc0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "c1ce526b-6669-4c4b-8134-d5d9656793f7", "value": "2019-11-14T13:28:07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "40c53182-c9d7-465b-be28-646a9359792a", "value": "https://www.virustotal.com/file/21db063f58ba1e3e9f7d9ceb5288e89bc9fbe023ab7b3d1296c83f9a271e0ade/analysis/1573738087/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "a0790991-73ed-4233-a5b8-872859b36534", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055687", "uuid": "b6f8a3fd-f37a-4e40-8387-00794b62d42a", "ObjectReference": [ { "comment": "", "object_uuid": "b6f8a3fd-f37a-4e40-8387-00794b62d42a", "referenced_uuid": "da743998-d540-4881-84fc-a6a575f5db2e", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-62d4-4b9e-be01-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "b54001cd-8aa8-4dbc-a404-bf2b62677b37", "value": "542b352c90494e1f58558854d82ff5c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "60b0b52c-d78a-409e-80a6-395e99356d1a", "value": "877ba2f500c52969f03eecb3566ddc5fd3c9302b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "ae94f026-e352-4aff-891f-4abf902b118a", "value": "7eb19d5b71f0994ce6a57b946172483c9951fdd66a5198e1289a4aae3a4a13e1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055688", "uuid": "da743998-d540-4881-84fc-a6a575f5db2e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "fb26eb68-8d4c-42eb-8f74-1bd2bd76212a", "value": "2019-11-11T10:42:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "d02ce921-61c6-48fc-985e-8d11c7d25c45", "value": "https://www.virustotal.com/file/7eb19d5b71f0994ce6a57b946172483c9951fdd66a5198e1289a4aae3a4a13e1/analysis/1573468939/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "a5bd8d25-4397-4cf4-bff7-7f621dec8445", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055688", "uuid": "da8034b7-1e05-4bde-b6f3-50cb76cc4265", "ObjectReference": [ { "comment": "", "object_uuid": "da8034b7-1e05-4bde-b6f3-50cb76cc4265", "referenced_uuid": "4449d6fd-d5c4-4293-8428-63cb879251a7", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-31fc-4bd8-a8d4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "00e6a07f-1f7d-48f5-bd26-62d48ada8afa", "value": "59c653000e6676d3ea2321a8549fed81" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "8d734411-384c-4cf3-aa0a-ebe076824f29", "value": "2762c7ae2dc77430bf9029cc44ef356bb79b0e7e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "ab200f06-24e1-46b8-86f8-e7e24f8b6025", "value": "624a84231a82d8bffef81bedbd711d6adbc176861874691f13743e90b804698e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055688", "uuid": "4449d6fd-d5c4-4293-8428-63cb879251a7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "afa39583-b16b-4b09-8647-79772bd978bc", "value": "2019-11-13T06:48:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "1e81bfaf-f105-4a29-9f98-c9f55894c9e5", "value": "https://www.virustotal.com/file/624a84231a82d8bffef81bedbd711d6adbc176861874691f13743e90b804698e/analysis/1573627729/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "3ecf17d6-fa47-4afc-843d-cb6a060b1fed", "value": "41/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055688", "uuid": "fe376ddc-500e-4ea3-8c7e-167ec34ee510", "ObjectReference": [ { "comment": "", "object_uuid": "fe376ddc-500e-4ea3-8c7e-167ec34ee510", "referenced_uuid": "4d31d75b-99ce-4d4b-a809-d8d388cd62ba", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-d390-4019-89f1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "cf59e940-a698-49e4-a720-b25c0410fbac", "value": "48dac082f7e60848761151666cb68648" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "1eaf4eae-ec54-4be3-bba9-49629d8f9dbb", "value": "83d4f7ccc3102eb2c3b17cf0789be1fdf38f9ff4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "bcf5df31-a98b-4b3d-8ddd-85d88a9f0ed7", "value": "c6d1dc32460d80466b2a56eee1018ff5ed04c9b5cbf0691f8c8d69a3e44f627a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055688", "uuid": "4d31d75b-99ce-4d4b-a809-d8d388cd62ba", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "cf2adaaa-ce6d-48a2-8b02-3bf5ba015649", "value": "2019-11-16T09:41:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b1efdbfb-fdce-49e7-8ea3-481119f86957", "value": "https://www.virustotal.com/file/c6d1dc32460d80466b2a56eee1018ff5ed04c9b5cbf0691f8c8d69a3e44f627a/analysis/1573897287/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "cd1f4479-9d34-47fc-96ac-1679a0fc3971", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055689", "uuid": "aee0911f-f964-403c-a401-916850604e44", "ObjectReference": [ { "comment": "", "object_uuid": "aee0911f-f964-403c-a401-916850604e44", "referenced_uuid": "2fe8ce5e-b959-4d89-a2be-c0b3fcba2c8b", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-8138-4b8d-b1de-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "44c1a21a-6354-445a-9766-97e1fd3d5047", "value": "7d5442570eed87b6701c722604fcfe32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "97634c11-3192-43fc-944e-d69badc230b7", "value": "501083e29cd86b5e89c4593a4a20f3bd6f6eade4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "1a67268b-7c63-4010-8c6a-819aafe543e6", "value": "7588f5502a3583caf38ce1a497fe61d3b3f45f05bb92f5637b2510e2bcee9a6e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055689", "uuid": "2fe8ce5e-b959-4d89-a2be-c0b3fcba2c8b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "5d67a725-be47-40ef-bfbe-6e8159ea2178", "value": "2019-11-12T10:39:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "c85e4b32-52a8-448a-9eeb-34aa32aaf3d2", "value": "https://www.virustotal.com/file/7588f5502a3583caf38ce1a497fe61d3b3f45f05bb92f5637b2510e2bcee9a6e/analysis/1573555182/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "091e3b28-bf73-4e8a-a9a2-bdd414a7c2c9", "value": "36/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055689", "uuid": "d36921ed-1ed3-4be6-a86c-cecd0f8c20ce", "ObjectReference": [ { "comment": "", "object_uuid": "d36921ed-1ed3-4be6-a86c-cecd0f8c20ce", "referenced_uuid": "4503ece2-4b78-46d2-9eea-01163efdb49a", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-e4d8-4b6a-a461-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "63a4bd73-7f21-470e-b460-9424f083f8af", "value": "896f54083bf805af1e7b85fe175e2ded" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "c5b2546d-54d0-42cd-afd0-2e777a7e6511", "value": "1a37ab15117068749ea63b7bde8f908bcb8c7c57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "464b22e3-4e40-48a9-a7c5-492300498b73", "value": "5eab9b8af26b1508575d42c95661f41ec0aaffd794f307fefaaa6306ed50fb2b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055689", "uuid": "4503ece2-4b78-46d2-9eea-01163efdb49a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "06c6cc3f-3c7b-4f3d-af13-68a4f22093d7", "value": "2019-11-17T03:35:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "e601fc46-aa92-4655-8a29-a4caa2f1eac7", "value": "https://www.virustotal.com/file/5eab9b8af26b1508575d42c95661f41ec0aaffd794f307fefaaa6306ed50fb2b/analysis/1573961732/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "b299289d-3f43-4e88-9386-e874f4a0ed3b", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055689", "uuid": "2309d986-99cb-47bf-b20d-d68ecef7b21a", "ObjectReference": [ { "comment": "", "object_uuid": "2309d986-99cb-47bf-b20d-d68ecef7b21a", "referenced_uuid": "162a8c04-99b5-4545-9711-75dee6b7a5fa", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-31a8-457e-94f5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e9a8aa67-3c6e-4572-af4f-48f301eb1271", "value": "6616791fb064ddfc50d73eca7b0f5274" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "d295b0c4-5a36-4c13-978d-5d11789edd72", "value": "50309c20c483b7fc5d4f725012616828b49452bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "7b50b473-01c0-4e77-a687-94c19bc0cf97", "value": "6eba1d9bef86ec551a936bcf43a148dfdf0d8d10dfcea1967c5195cc443b9689" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055689", "uuid": "162a8c04-99b5-4545-9711-75dee6b7a5fa", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "cad1beac-8f66-4643-b886-b830f28cae4e", "value": "2019-11-16T02:59:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "45acb2ec-b287-4b7c-a142-996fbd671072", "value": "https://www.virustotal.com/file/6eba1d9bef86ec551a936bcf43a148dfdf0d8d10dfcea1967c5195cc443b9689/analysis/1573873181/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "e1a4e241-dc32-4f1c-acc7-774677548836", "value": "43/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055689", "uuid": "f48ba5ba-6b66-4b53-bb02-44c685a0e83d", "ObjectReference": [ { "comment": "", "object_uuid": "f48ba5ba-6b66-4b53-bb02-44c685a0e83d", "referenced_uuid": "397bc61c-fafc-4997-b517-4c6c32db23fb", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-7bbc-460e-99d7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "dfad8a1c-3adc-4673-9a15-dc8716282d5a", "value": "d8eb15282433d4b820d5d0d5d3c66cd3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "706b8e73-0c02-468d-8c79-a0ababec7837", "value": "8c198cd9c0cd993e64701f4741bc57d8bf38600a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "acfb0bdf-f6ad-45eb-b1a7-70d5ab4deb83", "value": "6b960d2ff0fe601cc1223a275110f3195cc82f789db9c3225a06d27e24bc4349" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055690", "uuid": "397bc61c-fafc-4997-b517-4c6c32db23fb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "9ca255f8-b62d-41de-8365-06d3c05fd221", "value": "2019-11-04T16:23:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "4848f560-daa8-4c08-98f2-f296b6f4ab77", "value": "https://www.virustotal.com/file/6b960d2ff0fe601cc1223a275110f3195cc82f789db9c3225a06d27e24bc4349/analysis/1572884600/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "417e1683-1923-4754-8b17-2602d33bdbdc", "value": "8/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055691", "uuid": "d36b9aa9-8f5e-4981-a5d4-a8f05b1ecc84", "ObjectReference": [ { "comment": "", "object_uuid": "d36b9aa9-8f5e-4981-a5d4-a8f05b1ecc84", "referenced_uuid": "3d521726-abcb-4392-a9b8-11d0e3884bb3", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-1f04-47ed-9305-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "0b154cec-3dfc-441f-b72c-a5ddf7db7470", "value": "3862119edf0a22675d3cd480db9a89e3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "2d258038-62ed-4dee-bab3-5a45405c116f", "value": "b042d2cafb9300d4419444f79d0bc23c8ecfcf8c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "316a1b51-be9b-43b5-a4a4-437874452f06", "value": "687f47552ce1cb3df741abfaa1a16113e516751bf41be3d10f49c93d26e49c45" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055691", "uuid": "3d521726-abcb-4392-a9b8-11d0e3884bb3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "2be3809c-ae4f-4a6a-9c1e-41e646c8ff01", "value": "2019-11-11T04:52:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "e656d4ae-2a6b-4ce8-bfb3-3836cb585f36", "value": "https://www.virustotal.com/file/687f47552ce1cb3df741abfaa1a16113e516751bf41be3d10f49c93d26e49c45/analysis/1573447943/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "e52cb312-5bab-416f-aac4-e5dbca352431", "value": "31/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055691", "uuid": "22e4556d-5608-4560-bf28-36060ff2edc0", "ObjectReference": [ { "comment": "", "object_uuid": "22e4556d-5608-4560-bf28-36060ff2edc0", "referenced_uuid": "5a15eeb3-361a-413e-b051-91b58cb68103", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-36b4-4080-9e34-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "b8be3aef-e0ab-4385-ab37-6b67fbe9fbf1", "value": "2c3b132e36fe24112baf70875b2f16b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "e449e9e0-ea6a-4b0f-acca-d12db393ff10", "value": "46c8eac93eca937866ea780e663ac77aae016e55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "c06c6f93-3190-4f9d-bc2a-812c497e4cc4", "value": "208408123b09439e6f8fc63cb0c58902a3f1e0fc730547e501ccbbe6ab880bae" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055692", "uuid": "5a15eeb3-361a-413e-b051-91b58cb68103", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "db8e4921-a8e9-4758-9ce3-bb8e8de419e9", "value": "2019-12-05T11:21:45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "623f71af-2730-4a93-b357-0ce45073c6ec", "value": "https://www.virustotal.com/file/208408123b09439e6f8fc63cb0c58902a3f1e0fc730547e501ccbbe6ab880bae/analysis/1575544905/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "639d4d1c-0650-41ae-b620-ff394dc42eae", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055692", "uuid": "f11e6631-7709-404e-b900-572959618c82", "ObjectReference": [ { "comment": "", "object_uuid": "f11e6631-7709-404e-b900-572959618c82", "referenced_uuid": "8f1a827e-b18b-4d8e-9134-6058145c404a", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-091c-49ba-a7f4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "6565cea6-449d-45be-8381-211dea66b566", "value": "48f7a0e8e6ea97758ba3015c993a9fba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "71ec5d20-38b4-4c81-98a8-de17a57176ff", "value": "736c90738d7804c1bfb5556625ba9a75d4d3306e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "cc614e51-7703-469f-87bd-bdfe49568899", "value": "e18e786e4ca230ade1bc145f485435d81d039dc0ab92fff6c88c8accdd1ba95f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055692", "uuid": "8f1a827e-b18b-4d8e-9134-6058145c404a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "e8993bdd-ec70-415c-86cc-cab1b2824c55", "value": "2019-12-02T10:22:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "4ecb70b8-3cfc-4554-939e-38c355c358c9", "value": "https://www.virustotal.com/file/e18e786e4ca230ade1bc145f485435d81d039dc0ab92fff6c88c8accdd1ba95f/analysis/1575282146/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "e71a1d3d-a177-4ba6-8a0a-f27cbd121631", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055692", "uuid": "94b3ec54-66ff-4928-8aa3-8d71e60d7294", "ObjectReference": [ { "comment": "", "object_uuid": "94b3ec54-66ff-4928-8aa3-8d71e60d7294", "referenced_uuid": "3a5352db-c166-4258-b701-3e74d5b2efac", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-4584-43f2-a32a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "598a36f8-d641-4b0b-b8dc-aefb5e1a12be", "value": "5b24137199baf3642afb5c16390f3a73" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "88dcdc7a-2d20-4009-b773-de650b36f912", "value": "48fdff9fdb103f18ff52dccdecdfb21778416ddf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "0f319f81-6034-41e2-96ce-4e4fd0d0d616", "value": "ed59f8ffd000d1d80e56d402de6fc6d4cd18eb259586172f90a7ba056f5a85dd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055692", "uuid": "3a5352db-c166-4258-b701-3e74d5b2efac", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "7be63520-ad2b-450a-a3bc-acfa6d05a495", "value": "2019-11-10T21:30:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "c1a313c2-2ef0-4913-a551-231e114625cb", "value": "https://www.virustotal.com/file/ed59f8ffd000d1d80e56d402de6fc6d4cd18eb259586172f90a7ba056f5a85dd/analysis/1573421456/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "dd74c743-cd6f-4226-8d0e-5885b6515412", "value": "42/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055693", "uuid": "00320e5d-b65b-4de3-8ee1-d79494067bc3", "ObjectReference": [ { "comment": "", "object_uuid": "00320e5d-b65b-4de3-8ee1-d79494067bc3", "referenced_uuid": "af04a185-715a-430b-9c62-200310c56a29", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-abdc-40b6-9efd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "ffd87390-88c4-42c6-afa2-ab94f615f174", "value": "25b50d6f9d27e39a12d74df5d72ca954" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "4b5d3dbb-c4bc-4873-8f80-efc62aea2d3d", "value": "eacfe9474aad598351b8940c8f02299b322162ba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "898d6463-a2a9-42b1-bd89-ec652cfe2088", "value": "c87a3d98f4b64cf15eaf00fc0cc7cef39a3a02540161241c288b2f0e0deec5a5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055693", "uuid": "af04a185-715a-430b-9c62-200310c56a29", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "a79393cb-9ccc-4233-84b5-1ed5e0935955", "value": "2019-11-14T05:31:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "f285d5ca-8783-4b23-9ad5-4bda8820bc6a", "value": "https://www.virustotal.com/file/c87a3d98f4b64cf15eaf00fc0cc7cef39a3a02540161241c288b2f0e0deec5a5/analysis/1573709465/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "f25adedc-e36d-487a-b8b3-bf82b142208f", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055693", "uuid": "497d2ef0-1192-4ab6-a18b-7b7e385ced1a", "ObjectReference": [ { "comment": "", "object_uuid": "497d2ef0-1192-4ab6-a18b-7b7e385ced1a", "referenced_uuid": "8b8ad180-8552-4e8d-812b-da9f253ee1b9", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-23a4-43c9-8079-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "1e67861a-2aab-4104-9af2-a792adf39b31", "value": "30052116a5e3a3137664c99f52a23159" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "f05ca74f-f06b-4c8f-b708-3046a3779787", "value": "ccc2bd63a0b2fe3cedd6b64603cbaf0c06673f34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "a9816341-18fe-4208-b42c-d3386eee4caf", "value": "0d9d499882a9188a73f1af194fc03e5803181adec3fdb9658e4a7c1991196ba2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055693", "uuid": "8b8ad180-8552-4e8d-812b-da9f253ee1b9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "76f705f1-9a18-4cfe-b615-9d2044753079", "value": "2019-11-24T16:20:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "6adb4e93-922d-416f-91cd-52cb9039ea52", "value": "https://www.virustotal.com/file/0d9d499882a9188a73f1af194fc03e5803181adec3fdb9658e4a7c1991196ba2/analysis/1574612413/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "6fc180bb-91ab-4c89-8e97-120363ec03f8", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055693", "uuid": "b8ba81c9-1297-4551-ae6c-2b6d946febb7", "ObjectReference": [ { "comment": "", "object_uuid": "b8ba81c9-1297-4551-ae6c-2b6d946febb7", "referenced_uuid": "11995272-e3a2-4760-a818-37805cc4f8e3", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-7dbc-40e3-9c2c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "6dc5ceb2-ac5b-4ec6-9a81-c5a70c03e83c", "value": "7c39dc73472136c31326389fce8be63b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "bc8d250e-de50-4768-a8b2-637b81a393f6", "value": "ceb6102b533a5b73509c0970de1cfad7aecaab15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "8f34d4e3-1d80-4d51-a0ec-c3d7f3ea955c", "value": "224de48dcea5a83a1315db1409372f3e9d72d9639ae3883068dfc55d60c75ce3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055705", "uuid": "11995272-e3a2-4760-a818-37805cc4f8e3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "28d54c8a-fb75-4561-95cc-c117be237c2e", "value": "2019-11-20T12:23:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "2b066b89-150f-4295-abb1-8b13fedcfec1", "value": "https://www.virustotal.com/file/224de48dcea5a83a1315db1409372f3e9d72d9639ae3883068dfc55d60c75ce3/analysis/1574252598/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "dc287a7d-7c74-4f97-81d9-7da5816ab283", "value": "50/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055717", "uuid": "d8183a96-7140-4e57-9c94-d6201404b3c9", "ObjectReference": [ { "comment": "", "object_uuid": "d8183a96-7140-4e57-9c94-d6201404b3c9", "referenced_uuid": "a7abb420-7ad9-4c65-96fc-68532346ec83", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-4ad0-4e93-83a7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "bb6faabc-ab6d-402f-8209-7d8804a2a8a0", "value": "4f86ef4bbe69fd83e5cd3b6589c7cb3c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "99aaf7a6-436f-4464-9c00-4fee4e31c29a", "value": "fd4b16d972ba805251a8d4f32151cb4e4ea3675c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "3d822e26-8821-41da-a6ff-0c08c282bec4", "value": "e61a1ba9c85ab774dcb35ca580282cf980bff6928695b8beb06843d73189dbdf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055717", "uuid": "a7abb420-7ad9-4c65-96fc-68532346ec83", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "81224fc3-8c58-47c4-aa5f-971224f36c68", "value": "2019-12-05T03:38:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "9089d054-e3b7-4821-ade2-fe2a503ae26b", "value": "https://www.virustotal.com/file/e61a1ba9c85ab774dcb35ca580282cf980bff6928695b8beb06843d73189dbdf/analysis/1575517135/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "a82787b0-b591-4b01-b728-661fd6a51cb2", "value": "56/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055717", "uuid": "c3538fa1-ab37-41a0-a386-067259736edb", "ObjectReference": [ { "comment": "", "object_uuid": "c3538fa1-ab37-41a0-a386-067259736edb", "referenced_uuid": "5a32cea7-20aa-4eb0-bca9-2940c5942b16", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-0ec4-4b7e-b11d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "5f9b0afc-6dd4-4185-9b6e-8fd5642a81a2", "value": "765a1ad5d398f68c33244b731a8b7aa0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "b55088fc-e9dc-4be9-89b5-1106f9638ad3", "value": "65203d721373347d82c78f8bf4cce090211e65d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "4ceb9589-f741-4912-9350-a9e728dca40b", "value": "123954a33e65c8ac28dba816e408fba324e4f5984a08dfa94f7640d5dc429c1e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055717", "uuid": "5a32cea7-20aa-4eb0-bca9-2940c5942b16", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "e79a806a-d62d-41a0-97f7-983322bd54e0", "value": "2019-11-26T18:04:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "d68bd3bc-b8eb-44d9-ab3c-784b4064b040", "value": "https://www.virustotal.com/file/123954a33e65c8ac28dba816e408fba324e4f5984a08dfa94f7640d5dc429c1e/analysis/1574791452/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "241a86b8-f39f-4e6a-a75c-66e0e1babe0b", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055718", "uuid": "2dd98880-5edb-4b1a-9bfa-b4266acdfe73", "ObjectReference": [ { "comment": "", "object_uuid": "2dd98880-5edb-4b1a-9bfa-b4266acdfe73", "referenced_uuid": "c9c438ef-21b3-4629-b4a9-001374c76844", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-da68-458d-b928-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "f29a7b23-f023-4071-9d55-70db106acd02", "value": "8cc8bea5aa7741254150060032e25e51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "50e44681-7f6c-4cf4-8bc7-7757bde45c9c", "value": "edf44a3246ec8820bd73835c69551f35d54b3129" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "4c81eb23-ea36-4312-a703-a9e8a1b4a0cd", "value": "7de248257c505d28976224974b20e590bcf0a5f1c6da7326147930acb8541118" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055718", "uuid": "c9c438ef-21b3-4629-b4a9-001374c76844", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "a2926b73-1932-45a3-abe5-f709d6f1548b", "value": "2019-11-11T10:38:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "02a689b0-f008-4228-8c03-e2bf2c21ff43", "value": "https://www.virustotal.com/file/7de248257c505d28976224974b20e590bcf0a5f1c6da7326147930acb8541118/analysis/1573468697/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "833eeee3-b906-4234-b51f-e8adf2d4d66a", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055718", "uuid": "0717db5b-0c11-43a4-89d2-850a05d2dc1f", "ObjectReference": [ { "comment": "", "object_uuid": "0717db5b-0c11-43a4-89d2-850a05d2dc1f", "referenced_uuid": "8b7c3477-583e-48b1-98eb-1759a8c1f43e", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-4a1c-49c6-9b8b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "0caea3b7-32bb-4265-9245-3c45f6a8dc94", "value": "30b24cbd9e8b37c1a6ad1bed4e143c5a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "e8afccba-4ec3-4c36-a891-6b5d8a347899", "value": "d5909a4d3c836fcde4f7c487333f9a208c39255d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "52681bbf-346c-47cc-9854-6bbd9251cce9", "value": "b6fddc15d6a0857ad34f4bcbaee7daa007aa2a0f042eaad8be7c5bc422daa8d3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055718", "uuid": "8b7c3477-583e-48b1-98eb-1759a8c1f43e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "cc323b56-9e88-4f77-abf6-bb8edc58ed30", "value": "2019-11-20T16:54:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "e5f48c43-45ce-492b-89b2-0212f383f93c", "value": "https://www.virustotal.com/file/b6fddc15d6a0857ad34f4bcbaee7daa007aa2a0f042eaad8be7c5bc422daa8d3/analysis/1574268869/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "09597355-1043-4a70-8882-3f9c9cb7ab83", "value": "48/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055718", "uuid": "4d524d85-ab4a-4b09-aa3c-ee0950ca9b0c", "ObjectReference": [ { "comment": "", "object_uuid": "4d524d85-ab4a-4b09-aa3c-ee0950ca9b0c", "referenced_uuid": "d64ce314-3e09-4ed3-9469-50de2887db7a", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-38e8-47d4-909b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "0d065baf-7eca-449a-a857-e43cd4e6be1c", "value": "5c39b454497e357d45b8e30265db42a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "287b029b-1813-48c0-9043-589f8fcc2265", "value": "a91711065f14ea8626ac96f7f41ee6a99a5a9d3a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "db011361-cac6-4607-b3b3-b07720c12093", "value": "c84a1c504d3e0c5b2f9f5ce17c7874efa1704d458db3e6845ae2b12112027fe1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055718", "uuid": "d64ce314-3e09-4ed3-9469-50de2887db7a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "2851a639-1fd4-4ab9-b7ad-58134e19e2a4", "value": "2019-11-16T07:08:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "f0b788e3-f905-4f8d-b2de-d5ae943a64d5", "value": "https://www.virustotal.com/file/c84a1c504d3e0c5b2f9f5ce17c7874efa1704d458db3e6845ae2b12112027fe1/analysis/1573888105/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "ac76b11e-6339-4ca6-87a4-2ee340cead77", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055718", "uuid": "23dc2bb0-649a-4e7e-916f-ca57f3d41232", "ObjectReference": [ { "comment": "", "object_uuid": "23dc2bb0-649a-4e7e-916f-ca57f3d41232", "referenced_uuid": "fffa31cc-b7da-4435-8da4-4217eae9da3a", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-62e8-4896-85e8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "e91334cf-6955-4c33-baaa-815cdff6f39b", "value": "82151cc56f7d1e0851e32c5324d25929" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "bd4794eb-39e4-49f2-8375-f3e0be1e44a1", "value": "881ec44a8cf88d6dac48c46e8615a46d23bc77e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "66987414-2b0c-4048-ae8e-a61672486fec", "value": "5b3fd34ea531bec8d64fa5ccf6bfe216a06984fd02d7384ba3914814d744d6d0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055718", "uuid": "fffa31cc-b7da-4435-8da4-4217eae9da3a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "56f61a6a-f561-4444-bf02-51da8624cb27", "value": "2019-11-21T10:28:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "9ea17beb-e9c1-41fc-8b31-ed6473a8180c", "value": "https://www.virustotal.com/file/5b3fd34ea531bec8d64fa5ccf6bfe216a06984fd02d7384ba3914814d744d6d0/analysis/1574332129/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "815de56e-dd74-44d2-a7be-a86b372646af", "value": "44/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055719", "uuid": "eee91a25-6f52-41dd-9fb9-9cfd82b106be", "ObjectReference": [ { "comment": "", "object_uuid": "eee91a25-6f52-41dd-9fb9-9cfd82b106be", "referenced_uuid": "8f64c7ff-e13b-4ff7-86ec-140e2e9c10d3", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-c8f8-4d62-a708-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "8efe1d48-fdbb-4850-b34d-a938765d08ff", "value": "4023bb5c864a972e44b5c0ae9af06ef0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "4e8f5b28-3d1c-4394-8c26-8302a4fbc78a", "value": "1c1755c9a7aa0692d1a1d8625092290f3b9b160a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "070fb6d8-277c-46a7-a9ce-24d752c8de59", "value": "0e6f9a877d5b73a03b475db5f2ec9a4052c330a186942cb61febbd2d7dab2a91" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055719", "uuid": "8f64c7ff-e13b-4ff7-86ec-140e2e9c10d3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "c27f5905-23a0-423f-9d65-ccf4b518a57b", "value": "2019-11-13T14:05:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "48f07e14-0bb7-4ce9-ba15-7b9e578c1088", "value": "https://www.virustotal.com/file/0e6f9a877d5b73a03b475db5f2ec9a4052c330a186942cb61febbd2d7dab2a91/analysis/1573653919/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "9d046ea8-b5d3-4810-aa51-a7e0c3e3c659", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055719", "uuid": "ca547016-95aa-46e4-8bf5-1230c0ec95ac", "ObjectReference": [ { "comment": "", "object_uuid": "ca547016-95aa-46e4-8bf5-1230c0ec95ac", "referenced_uuid": "6165d746-908d-4b45-970a-cff224beb318", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-97bc-4c74-bc52-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "ca1fd9be-997c-4abe-9c49-a56eddf41893", "value": "da6ac34a859f5089c75b17f57618397d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "eb5fe605-fcd4-44dc-ad00-a05f01d01139", "value": "26473b5c17b8806c622181fd01c3fcdf704ad97d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "551cda9d-3773-4750-ae40-6706a6d77b28", "value": "9514a036805d3a7973980175968b5f43d7ee14af461d8a966f9dea02ee2ebb4d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055719", "uuid": "6165d746-908d-4b45-970a-cff224beb318", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "78092ce2-7706-4fcd-a75e-32868ee3f13c", "value": "2019-11-14T09:10:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "11382269-bf18-4685-884a-ff6c7843bb11", "value": "https://www.virustotal.com/file/9514a036805d3a7973980175968b5f43d7ee14af461d8a966f9dea02ee2ebb4d/analysis/1573722647/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "c506e7b3-2a3a-45cc-87b0-0171603b2e42", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055719", "uuid": "e4a70633-da70-44d0-966b-fba6df61eaf4", "ObjectReference": [ { "comment": "", "object_uuid": "e4a70633-da70-44d0-966b-fba6df61eaf4", "referenced_uuid": "822b9cb0-6e5d-44fe-8b7f-f19c63897c15", "relationship_type": "analysed-with", "timestamp": "1576055889", "uuid": "5df0b451-8984-4e43-bc36-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "5a3f46c7-b635-416d-9f1e-1c2ab542eee8", "value": "79ae0b30e5491b3688bdde130d747510" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "f3026d1b-1bf5-444d-80a9-a02d05d9eacd", "value": "21d74db328de2657b186e43a94c39aaf53516cc3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "83afc5c0-4d66-405c-9ab8-55f6df6ee15c", "value": "5ac92f676d9698faa5b6f5b63b7b8605e62994cc766d5516635d7ed40f70cd35" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055720", "uuid": "822b9cb0-6e5d-44fe-8b7f-f19c63897c15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "e2f809e1-d169-4671-a922-8e9f5d764426", "value": "2019-12-01T14:56:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "44ad2986-820c-487b-a373-b771db9ef5b7", "value": "https://www.virustotal.com/file/5ac92f676d9698faa5b6f5b63b7b8605e62994cc766d5516635d7ed40f70cd35/analysis/1575212209/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "dc4b358e-d8ee-445e-8670-c0cf1d393cce", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055720", "uuid": "107eec73-a024-4922-b0c4-afedf04ceaed", "ObjectReference": [ { "comment": "", "object_uuid": "107eec73-a024-4922-b0c4-afedf04ceaed", "referenced_uuid": "62b3af6d-e571-474e-b4ea-8902b569ce7e", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-7cc0-4bcd-9d8c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "3eee9174-5f1b-4bd0-850e-9710d64a3913", "value": "60d64d8bd27e8ed098dfb6de59cce112" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "610de405-247f-4a65-9797-5b8ab7755cdf", "value": "5915cdc62d7f762aa7192be42116e51ee3b20848" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "0f366a94-a94c-4f47-8c65-ce54392f3aa3", "value": "203cbe5480d28edc12930a107b24f625cf0efd10cdcdb954dbc122f9e2c74eb6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055721", "uuid": "62b3af6d-e571-474e-b4ea-8902b569ce7e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "e025aa32-85d8-4a49-97ee-e1bfbcbcf816", "value": "2019-11-23T23:00:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "2c79031c-219f-46cf-9c6d-11b9f92a4eef", "value": "https://www.virustotal.com/file/203cbe5480d28edc12930a107b24f625cf0efd10cdcdb954dbc122f9e2c74eb6/analysis/1574550001/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "23e8b5ec-a6af-42ea-a1b6-23b9b91be32e", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055721", "uuid": "c53ddfa1-a388-46de-980f-2046696f05b1", "ObjectReference": [ { "comment": "", "object_uuid": "c53ddfa1-a388-46de-980f-2046696f05b1", "referenced_uuid": "6d3ef398-bd13-4015-9058-e2eac116d851", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-13a4-41a1-ae9a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "0be0b01e-8beb-495a-885c-037aa1efd627", "value": "b654f9894ca5c16598030e2f4ec0eea7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "35f55e21-ead6-41d5-bb8c-d635ddbe7af5", "value": "dce0e52488ab1b04e7832714c026b4b845c2e83e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "831d411c-e48e-41a9-b65a-a02303f97369", "value": "ff9133669c7f22c1b09d8ba869c490ac9d91da045762401eb975b600e051a643" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055721", "uuid": "6d3ef398-bd13-4015-9058-e2eac116d851", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "d430f374-351d-4f39-b09f-8b66a0d44d22", "value": "2019-11-29T12:53:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "2ec96f6d-5a22-468a-ba6d-d72e1ebcb81b", "value": "https://www.virustotal.com/file/ff9133669c7f22c1b09d8ba869c490ac9d91da045762401eb975b600e051a643/analysis/1575032028/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "8b191683-57d0-4464-9915-f696c263f775", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055721", "uuid": "e5ac22fb-0656-49c4-a9b9-50958ef4f078", "ObjectReference": [ { "comment": "", "object_uuid": "e5ac22fb-0656-49c4-a9b9-50958ef4f078", "referenced_uuid": "cfdac520-216e-4097-b168-f42f780b2386", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-bf1c-467f-bea7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "ac93382a-c521-439a-a76f-4cd60a850cb5", "value": "7ba340663633e281b72c204b12154264" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "5fa60fe2-ad5e-4f73-bda6-27fef9016980", "value": "4f94b69525787d822d8ac6b7605d98bc6bb16d8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "f3e5a29d-f39f-4c2e-8f8a-668bed4c101e", "value": "68443a2fb7c7e5aca2209a3955cf39c716c5f5a915173746e4b27a9c4d70cb1f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055721", "uuid": "cfdac520-216e-4097-b168-f42f780b2386", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "dd26c939-55c2-4338-94c3-c982000d7f9b", "value": "2019-11-18T07:37:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "607d03b2-6233-4a11-ab72-28e9a6db106c", "value": "https://www.virustotal.com/file/68443a2fb7c7e5aca2209a3955cf39c716c5f5a915173746e4b27a9c4d70cb1f/analysis/1574062642/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "e5d66ec6-586c-4826-927f-ddeb2ab1d646", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055721", "uuid": "8c714bd9-dc11-4c58-aa9a-ce8e7b35c10e", "ObjectReference": [ { "comment": "", "object_uuid": "8c714bd9-dc11-4c58-aa9a-ce8e7b35c10e", "referenced_uuid": "ef16804a-b4f8-4abe-92ee-8ccc6e30030a", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-e68c-4b6f-b04d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "11370c50-2e83-434a-acd9-cfc4424f876b", "value": "97c441feba7e992f06c20ba02e1b732d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "e0b72774-3623-4b0d-8cb8-7e274cdf6e78", "value": "e88df053f71dcc2d1f424963fe4c5832ff8e7e22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "c1467d3f-2c77-4a24-aea4-4d2b88e12b98", "value": "5d241730dafd29e909c9c4f4c172561fedb783c786dc865854d3e7bea0c9120d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055723", "uuid": "ef16804a-b4f8-4abe-92ee-8ccc6e30030a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "4fce52d5-79ae-4a42-b5c3-c57eb1e562a2", "value": "2019-11-15T01:35:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "cc8c704e-6683-4c01-b3f4-c4709c8272ae", "value": "https://www.virustotal.com/file/5d241730dafd29e909c9c4f4c172561fedb783c786dc865854d3e7bea0c9120d/analysis/1573781746/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "6fade1da-0ed8-4c8b-8646-199a9c7405c7", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055723", "uuid": "d9b51778-96b9-4bd7-bed6-a45935fa6e0c", "ObjectReference": [ { "comment": "", "object_uuid": "d9b51778-96b9-4bd7-bed6-a45935fa6e0c", "referenced_uuid": "944ef95e-0873-4427-8ba7-a07d8f180213", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-dbfc-47a8-9262-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "4039287b-be3e-4b10-aadd-66e8a78c8862", "value": "5ae6fee9511abd024b956eae12e83eed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "0307c085-43c3-4592-b078-f2620c991587", "value": "71a0e7703f9582fa02b30986c7439b7192bfc3e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7493487e-5608-457d-9db8-02608c6c2c56", "value": "6cde3711c42fda4fc47d075bc1885657a8f1f5000bfb3c40f99a62dc2d33359a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055723", "uuid": "944ef95e-0873-4427-8ba7-a07d8f180213", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "8d150694-7279-4b58-92a2-7c2f277a3922", "value": "2019-11-28T10:26:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "eb120d28-8e2c-4625-8521-7b28300e8f7d", "value": "https://www.virustotal.com/file/6cde3711c42fda4fc47d075bc1885657a8f1f5000bfb3c40f99a62dc2d33359a/analysis/1574936788/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "34b3f2a0-1285-48bd-bfd8-e3041c39c398", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055723", "uuid": "d90d7510-b18d-425a-b1cf-d801ea2c3728", "ObjectReference": [ { "comment": "", "object_uuid": "d90d7510-b18d-425a-b1cf-d801ea2c3728", "referenced_uuid": "c2d36373-d8f8-47f8-9a7a-96d0b308858c", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-da44-457b-b62c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "56849978-85ea-42b2-bcbe-09a8837f07b7", "value": "5eb1a8496461968d471994aacd6fa8f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "71b84c46-80e9-4795-84e0-5cddf033ad09", "value": "2588efdac2d9f17f77a27c9ee730e96d4c182076" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "200feab7-d9de-4bce-a847-cdc72904f171", "value": "060d74a4f7818bf7fc147aa5e2ee4533a7add3605d4014cd4a6c58916c6172d8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055724", "uuid": "c2d36373-d8f8-47f8-9a7a-96d0b308858c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "0427eb65-3b66-4489-8486-befd8d6affe0", "value": "2019-11-25T01:24:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "47590fc6-0fda-467a-bc59-9a395b2d3d07", "value": "https://www.virustotal.com/file/060d74a4f7818bf7fc147aa5e2ee4533a7add3605d4014cd4a6c58916c6172d8/analysis/1574645064/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "868ad75b-3bb7-438e-a6f6-4f6d23f1d5ad", "value": "47/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055724", "uuid": "6e373fa3-f338-4be8-9b0c-d217612f616c", "ObjectReference": [ { "comment": "", "object_uuid": "6e373fa3-f338-4be8-9b0c-d217612f616c", "referenced_uuid": "830692b4-bd66-4352-ab65-39e17bf659a9", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-15a0-4e25-8a0b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "bd2cb6e7-d24f-4fc7-8d0e-93560e5d7b62", "value": "5dc7b892f6238c6bd9f62a450f4a0c62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "d2542729-06eb-4937-b01d-0b82c2a56fca", "value": "5ed50ec94b13069c872ad8db8f836f214dc45681" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "6f2e71e3-929b-485e-ba99-af480a565ffe", "value": "1fef6dba7c44624e4d7c3066cca2cf4fd4dd8ba6ba7f3399373e243c96e5a1be" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055724", "uuid": "830692b4-bd66-4352-ab65-39e17bf659a9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "877be630-c256-4437-9761-81521d572367", "value": "2019-12-10T05:40:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "53686b50-7498-4232-add9-d850b5c9b5ba", "value": "https://www.virustotal.com/file/1fef6dba7c44624e4d7c3066cca2cf4fd4dd8ba6ba7f3399373e243c96e5a1be/analysis/1575956424/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "623b6062-852e-403d-b569-ff160e2b85af", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055724", "uuid": "fab8ae84-bdd5-4190-ab4e-56d8d18efd3a", "ObjectReference": [ { "comment": "", "object_uuid": "fab8ae84-bdd5-4190-ab4e-56d8d18efd3a", "referenced_uuid": "564b429c-6277-495d-bb51-8360233835d8", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-57a0-4543-b9a7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "5a688e9e-cc14-4dd3-8da7-29907dacaedb", "value": "1264e1194ff8484b335ffb92d7c2fb77" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "82f62e81-dba9-48d6-a0f4-64b6ec34e9ea", "value": "618d5dc876a384364cd6d17d494beed6b6af1e9b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "650010b1-22da-4c15-89f1-80f84c65ed8c", "value": "2f250c57106a44356f14a671e1f9d71c73444de0405da37eaa747128139958ad" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055724", "uuid": "564b429c-6277-495d-bb51-8360233835d8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "69045977-7dc8-4c69-a605-586682443d14", "value": "2019-11-10T22:39:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "22797458-a231-4ad0-9bd8-19c19faf797f", "value": "https://www.virustotal.com/file/2f250c57106a44356f14a671e1f9d71c73444de0405da37eaa747128139958ad/analysis/1573425580/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "46fb88eb-dcb9-4780-902d-e50cfed23d6a", "value": "14/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055724", "uuid": "5234ca77-d73b-4679-9fb8-1cf66a877229", "ObjectReference": [ { "comment": "", "object_uuid": "5234ca77-d73b-4679-9fb8-1cf66a877229", "referenced_uuid": "74c0b91c-8211-47db-b595-dd05b2dcf8af", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-56d4-4817-9191-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "49af74b0-4757-4fa2-9958-16a80047f969", "value": "7d59fdffda06445f71470c588c8574f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "075b956d-ec52-4614-888b-3f0680cd0ba2", "value": "ceb478ab05e08c6c020cdfda4258cd68fd5ff763" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "fa43517c-b2a3-4eda-82ef-b35c42668cb4", "value": "3286ff9f319d913c1d05725c17eee4548df331c36da0ea2e49d945e655f54ca4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055724", "uuid": "74c0b91c-8211-47db-b595-dd05b2dcf8af", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "ef055d1f-7a1a-477c-915f-ac23c87c736d", "value": "2019-11-26T14:36:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "9498af92-4409-4164-820e-f6334ff82c70", "value": "https://www.virustotal.com/file/3286ff9f319d913c1d05725c17eee4548df331c36da0ea2e49d945e655f54ca4/analysis/1574778985/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "21d652b9-9910-4af1-baa0-6cc44768e07c", "value": "58/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055724", "uuid": "e84612a5-d35b-408c-ae9f-896ac729316d", "ObjectReference": [ { "comment": "", "object_uuid": "e84612a5-d35b-408c-ae9f-896ac729316d", "referenced_uuid": "9846dd5e-b532-4be1-a46b-388972733ae6", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-ca0c-4f29-b1b7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "4275bc8e-d7de-4ff7-8cf9-6b2f83008096", "value": "7defdd5c4ba721f11f3e52a5d2e2dcfb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "2a437555-1200-4516-9169-fc3997e312d7", "value": "d46a1877ebb0c8d89b765318ea12380438360f6a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "84ee89de-aad8-4090-bac4-868ff4f80c08", "value": "7934ca1ca0a9ec30065d12a2f5d4dbdc7df71eef8e8af8d92bf5feae7850e43b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055725", "uuid": "9846dd5e-b532-4be1-a46b-388972733ae6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "3de06f67-6013-4305-a2a5-cc329da39a67", "value": "2019-11-21T10:43:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "79be03f8-56e1-4224-82ce-732a5d0e55ee", "value": "https://www.virustotal.com/file/7934ca1ca0a9ec30065d12a2f5d4dbdc7df71eef8e8af8d92bf5feae7850e43b/analysis/1574332989/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "14a3e3e4-c0e1-47be-9f40-37e4c263859a", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055725", "uuid": "3f22fe4d-0718-4842-973b-fb3836213ed1", "ObjectReference": [ { "comment": "", "object_uuid": "3f22fe4d-0718-4842-973b-fb3836213ed1", "referenced_uuid": "a0f19881-bd26-4557-bb1a-434cb9beb1d9", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-53cc-47c3-ba55-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "62000eb4-ce76-4bf1-997c-4fdd6b5096bd", "value": "8e454933453fd6f99a0b113c18c72c37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "e2e64644-e556-44ef-ab1a-d0410f42c8f5", "value": "42d71865d01e962a7a1de4b60303811eead9c35e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "ddc112e7-d0c8-42c8-b823-ede5d5dff393", "value": "eec5855647c376dd2e363d18cdc499d5cb525ee2ca1f62335336d5c13711443c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055725", "uuid": "a0f19881-bd26-4557-bb1a-434cb9beb1d9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "513ef635-9a5e-4d10-8190-963e7168df2e", "value": "2019-11-14T09:10:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "0f03622b-f453-4f43-9a45-94fafa2033b9", "value": "https://www.virustotal.com/file/eec5855647c376dd2e363d18cdc499d5cb525ee2ca1f62335336d5c13711443c/analysis/1573722651/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "2b3458cf-c61a-4dcf-a49c-5161cac62ffb", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055725", "uuid": "970f7ff4-676b-461f-bb28-9c2a7729d453", "ObjectReference": [ { "comment": "", "object_uuid": "970f7ff4-676b-461f-bb28-9c2a7729d453", "referenced_uuid": "b69436ac-21a2-413c-83b8-77e1314c6269", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-1d78-4fe4-94cf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "dcf284bf-d758-4ac5-b5a0-df01357290b1", "value": "33b06c429c6f72e77bb14f17d0cb6ec7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "dca102c8-54a4-4f16-b58b-4f5d901b0951", "value": "45a579d74d4b9c60e2a64d63114ab968bae42375" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "c0e93fd8-560f-4a4b-b484-30a3e64d8ca2", "value": "e849704aeebdba473d11c4f0dc330b369b0b2183034387d550ebca1d8225c901" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055725", "uuid": "b69436ac-21a2-413c-83b8-77e1314c6269", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "4031830d-86df-4472-9d01-76651952dbec", "value": "2019-11-05T13:37:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "b654b7a1-aa4f-4936-996c-440c6f4fc912", "value": "https://www.virustotal.com/file/e849704aeebdba473d11c4f0dc330b369b0b2183034387d550ebca1d8225c901/analysis/1572961034/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "a68ae092-e4fe-49d0-93cd-06408ec20585", "value": "13/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055725", "uuid": "79091794-26ae-499c-aebe-2494a65a9c04", "ObjectReference": [ { "comment": "", "object_uuid": "79091794-26ae-499c-aebe-2494a65a9c04", "referenced_uuid": "1ca35cdf-ad36-487b-9eb7-baadf951f44c", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-5c38-4a87-96da-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "fee8a3bc-a043-4e60-8b7a-6106b1f82785", "value": "2d92ce7746a6783437fe7447c354d927" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "0519b725-8698-4de8-b1dd-e4febbdda073", "value": "55c9bffab19b01b3c550c6d24d5ed09755bac741" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "236ec7ff-6e46-44b2-9453-a484d19446c4", "value": "16265e842f45a44cdabceddd2af7cb0910130d819dff4b82af7aa5972294f5c3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055726", "uuid": "1ca35cdf-ad36-487b-9eb7-baadf951f44c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "231b7fa8-d736-48de-becf-0cd9206dd745", "value": "2019-11-17T03:37:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "aaf8f1ce-bbbc-4c8d-9398-4e15e167659a", "value": "https://www.virustotal.com/file/16265e842f45a44cdabceddd2af7cb0910130d819dff4b82af7aa5972294f5c3/analysis/1573961856/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "df14b13b-ff40-470e-a723-01348bae44d1", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055726", "uuid": "bad3e71f-dff3-413e-b388-694833e99291", "ObjectReference": [ { "comment": "", "object_uuid": "bad3e71f-dff3-413e-b388-694833e99291", "referenced_uuid": "29395e5f-bfbf-4bf0-a0d2-0282023748c9", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-b244-4de9-8382-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "938643f7-934f-4dbc-8446-be9d4eeb2180", "value": "9ede2dff7c1c85ec89d3a2ce27a15b6d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "546dc79a-b54d-47da-b46e-c4426fb493e2", "value": "ef552ba1c653895a14ffda40100e0a392f96c361" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "4126f36d-8c17-4b82-b964-1f810c7345ec", "value": "53af038821cde1f915bf0168cf1e459b7e32219d7a8798175f521dae6ca6fb49" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055726", "uuid": "29395e5f-bfbf-4bf0-a0d2-0282023748c9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "b82e4816-a5aa-43a3-be99-434ad04441a3", "value": "2019-11-14T09:10:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "68cb5114-84fa-4161-8ed2-6e103de9f9f3", "value": "https://www.virustotal.com/file/53af038821cde1f915bf0168cf1e459b7e32219d7a8798175f521dae6ca6fb49/analysis/1573722648/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "ebc71a2d-250c-4bc2-a981-3041284ca4fb", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055726", "uuid": "b54c01e1-4d36-4567-998c-d4fc934e3ba3", "ObjectReference": [ { "comment": "", "object_uuid": "b54c01e1-4d36-4567-998c-d4fc934e3ba3", "referenced_uuid": "1f653f28-d3cb-4254-91b3-e62ecaa7a324", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-af60-4a6f-b1e3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "74e61999-742f-468e-a918-c6051b3fe91e", "value": "01580f87ce531650aa7f22991d8bce67" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "34636873-cc49-4f00-84f9-a89d3bc65ef2", "value": "89eafdb9a16d4bc5d541ea98d339be7c9ad7fd60" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "b15e3f77-43f4-4656-86a5-7fe6c91d1399", "value": "2f34ccf1ab15958cf6eae626712718a6de864378732fbcdad429967c58633b5d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055726", "uuid": "1f653f28-d3cb-4254-91b3-e62ecaa7a324", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "5d3cee02-8c15-4ff2-a212-bea20824d123", "value": "2019-11-20T11:54:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "1faadb6d-213f-42aa-aff7-eb778eb373b9", "value": "https://www.virustotal.com/file/2f34ccf1ab15958cf6eae626712718a6de864378732fbcdad429967c58633b5d/analysis/1574250840/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "e1a4974c-58e2-4001-abbf-1a1724a23d54", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055726", "uuid": "bd742976-f97e-457d-88c0-51c6a8ff95dc", "ObjectReference": [ { "comment": "", "object_uuid": "bd742976-f97e-457d-88c0-51c6a8ff95dc", "referenced_uuid": "76841c9b-9b53-47cb-bb88-0ccebed9f734", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-b6a8-44c4-8915-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "a6d1a1aa-7f15-488d-919c-9c1b47613a21", "value": "91e62c7e308c8dd2344dcc98f2abfd7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "ec7ba287-3ef9-4f9d-8ea8-cd7106c3674a", "value": "4ee4c88a8786bcce41bd66648d4990a4e050f594" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "9606b24b-5ac7-4060-9573-c7f7804eb699", "value": "2e780ffa83a09b488f02216b24c69b89b3bf8b7401cbd7551f10e3e082f1711d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055727", "uuid": "76841c9b-9b53-47cb-bb88-0ccebed9f734", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "ac5f22a4-667c-47ff-a637-da72a8983cf1", "value": "2019-11-14T09:10:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "4453e221-4ae3-4f67-97aa-d1451c7c7026", "value": "https://www.virustotal.com/file/2e780ffa83a09b488f02216b24c69b89b3bf8b7401cbd7551f10e3e082f1711d/analysis/1573722644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "8f379760-c93d-4cc2-8056-4d9dc8797fb0", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055727", "uuid": "bfb789b0-2ceb-4a1d-9539-1e412e2024d2", "ObjectReference": [ { "comment": "", "object_uuid": "bfb789b0-2ceb-4a1d-9539-1e412e2024d2", "referenced_uuid": "7fbf0609-157b-4d8a-b7e9-1c14ec63a169", "relationship_type": "analysed-with", "timestamp": "1576055890", "uuid": "5df0b452-8460-4bd1-a8d3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "8a49748f-0fe5-4061-bcdc-b42bd01a046a", "value": "76393b6fa986ba91b90c5ba0bc64e46a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "c15e8a8c-924e-4ca7-a689-02b4c3a3c8f0", "value": "c3bf0ea295672f080fc4f850329344571b0749bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "0ac6f07a-0a9e-40e5-8acc-e92878d92b52", "value": "6451fa2d64dcc6b31c5d06e59d3b2c900ae420a5ad9d9fee87e8a39ad3a64c3f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055728", "uuid": "7fbf0609-157b-4d8a-b7e9-1c14ec63a169", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "223329a9-d990-4b74-954e-8090b7a8c568", "value": "2019-11-16T08:50:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "0aaff2ef-9e2c-469f-905b-3cd8b5028605", "value": "https://www.virustotal.com/file/6451fa2d64dcc6b31c5d06e59d3b2c900ae420a5ad9d9fee87e8a39ad3a64c3f/analysis/1573894231/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "26d9d8d1-6b82-4f4d-b537-338dd6735cf5", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055728", "uuid": "d9b8737c-a356-4ed8-8275-7cd7afae9b2b", "ObjectReference": [ { "comment": "", "object_uuid": "d9b8737c-a356-4ed8-8275-7cd7afae9b2b", "referenced_uuid": "4a1fb428-1395-4bcb-9d60-9698ae754c95", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-98f0-49c2-8405-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "6e9325c3-fe8d-47f6-96b4-4cb65f58b88f", "value": "6f0f832453d64d630b1aba05003de65e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "f8e4ae65-9a2f-493d-ae7b-3af98ee0d504", "value": "4006b5d36b7d9ab1ea65e71c2999618d1862ac3d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7e82ec51-f521-42c8-9774-a337011f51fc", "value": "84c830d00205e5eec89eb6d87555785f200ba5cb94f5a7b3ddea4b67c41fdeb7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055729", "uuid": "4a1fb428-1395-4bcb-9d60-9698ae754c95", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "646b39b2-c156-48e7-ad59-7738abce55a3", "value": "2019-11-29T16:02:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "07707470-a680-405d-a0ed-e05160a1b944", "value": "https://www.virustotal.com/file/84c830d00205e5eec89eb6d87555785f200ba5cb94f5a7b3ddea4b67c41fdeb7/analysis/1575043343/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "3b0d6922-ca9f-4c42-a601-095bd7d8d9e8", "value": "54/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055729", "uuid": "2956e51c-200d-426f-8eb0-afde5b6d8200", "ObjectReference": [ { "comment": "", "object_uuid": "2956e51c-200d-426f-8eb0-afde5b6d8200", "referenced_uuid": "1a3316e4-b260-45b1-bdf6-5db657f71d9e", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-738c-4964-bef9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "750efde0-29a1-4808-b3f8-d4666e0dded8", "value": "574b113bd010a1a7d89e2c0b6697a903" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "a6d4e5a3-5db6-4f3d-b556-68ea4ec03cf6", "value": "6f8c3131194b7f4db8f2cbf8e7997db14380aeab" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "6b63d889-833e-4532-8833-2cec5114cd6b", "value": "7d61fcb28088fc3713bdb09a3b8b3372a494b449bcdc0bc1631c541d2ad25504" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055729", "uuid": "1a3316e4-b260-45b1-bdf6-5db657f71d9e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "867abde0-1559-4902-83b8-539c0987b127", "value": "2019-11-17T03:37:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "f00f138c-b948-4781-9ab7-927d1584f037", "value": "https://www.virustotal.com/file/7d61fcb28088fc3713bdb09a3b8b3372a494b449bcdc0bc1631c541d2ad25504/analysis/1573961860/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "d6d58aff-7ddc-4e72-a8cb-34616bd3852a", "value": "44/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055730", "uuid": "858b9465-0a70-45c0-85fb-83633f3913a9", "ObjectReference": [ { "comment": "", "object_uuid": "858b9465-0a70-45c0-85fb-83633f3913a9", "referenced_uuid": "158928a5-e941-409a-9300-7fc5b2b59fb2", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-a32c-4f5d-8bd4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "18e90309-64f8-40dc-92b3-b0e3dd18c62f", "value": "1911897f8b749e757896f56471dd9899" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "83900e36-3522-4537-90b1-787e78b2396e", "value": "cef23a74493af71381589277ade2c01f4258ee36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "879209e8-a662-4448-9bbf-84fbaa7b77b5", "value": "e063f4f4e14c56753a6672861bb5a44bfade383a94aaa84766eeb870205ef53e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055730", "uuid": "158928a5-e941-409a-9300-7fc5b2b59fb2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "0fa8782c-689c-479d-85b2-9712225d503a", "value": "2019-11-26T12:27:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "a8780a41-f9f2-4400-8675-f93940a4fb9e", "value": "https://www.virustotal.com/file/e063f4f4e14c56753a6672861bb5a44bfade383a94aaa84766eeb870205ef53e/analysis/1574771248/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "b78436ef-d14c-46a8-a8bd-53a2cbee3038", "value": "56/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055730", "uuid": "7433c594-7224-453e-8be3-480918097012", "ObjectReference": [ { "comment": "", "object_uuid": "7433c594-7224-453e-8be3-480918097012", "referenced_uuid": "977810dc-56c7-47dc-aebe-e65b0c1bcdab", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-f9e4-49a0-af87-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "7626ad78-a69e-4d83-a6e0-910ed5cf6d29", "value": "5e95135bbced46d92c9091b822331d2a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "04a0ff8f-c067-425e-93d9-143c06c6c5da", "value": "20d9db124882f5f0624348b7fb4c22261d3d495e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "2e83f022-79d1-47c7-a968-845e152c4d3e", "value": "5f1de6fb357ee5821e86dfb0c373ea29a600769e8a83b70e77e4ecb284768302" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055730", "uuid": "977810dc-56c7-47dc-aebe-e65b0c1bcdab", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "3572b3cd-5f78-4574-9b34-0d229aa40abd", "value": "2019-11-21T10:44:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "6abbe2e1-3e8f-44fc-a315-ee6f3bee104e", "value": "https://www.virustotal.com/file/5f1de6fb357ee5821e86dfb0c373ea29a600769e8a83b70e77e4ecb284768302/analysis/1574333046/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "0d2ca73c-33b5-4d17-9166-7d7f24203207", "value": "44/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055730", "uuid": "556e15c5-218b-452f-9df4-7ed5143cd879", "ObjectReference": [ { "comment": "", "object_uuid": "556e15c5-218b-452f-9df4-7ed5143cd879", "referenced_uuid": "d12ab561-6b0e-4aed-a73d-c9cabb8f54cc", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-50dc-44f1-b6c1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "8a931002-d4bd-4135-8d82-75ae2d9fd268", "value": "74aadd783d4bd9eae7284c86966e9fbc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "bae6012e-eff8-4d3f-9866-372e0cab58c8", "value": "83dc76deef3d130bf651f0cfaef6adf7bd8d9434" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "0260159b-5c31-4114-86a1-449c5d97c1a3", "value": "b130c34d608b40a3770f6833a79aaf3dd8c21cb9ee2eb9cbd6b80128cfb8d200" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055730", "uuid": "d12ab561-6b0e-4aed-a73d-c9cabb8f54cc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "9e6779b5-9b05-4c46-b918-d8da2435f4af", "value": "2019-11-13T10:15:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "689c540e-cde0-4145-b10b-76ee2c464b77", "value": "https://www.virustotal.com/file/b130c34d608b40a3770f6833a79aaf3dd8c21cb9ee2eb9cbd6b80128cfb8d200/analysis/1573640104/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "7c644e79-dcc9-44e7-bb93-89bf7d227877", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055730", "uuid": "6942c9ea-f904-406c-9a9f-2fe4e43a5c65", "ObjectReference": [ { "comment": "", "object_uuid": "6942c9ea-f904-406c-9a9f-2fe4e43a5c65", "referenced_uuid": "5fbfff3b-8a04-475d-8c33-7242bcfa7e1e", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-4b80-411a-8ce0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "883d2fbb-855c-4aeb-aa61-6acc2c6f1f8e", "value": "4b98d4e2c52ee4438c2f9a0e31262e56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "bc2331a8-8eee-4421-ba42-c444e67dfa89", "value": "93298a033c8cd236fb965d72c910a4d93f6c843e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "ad36fc63-456d-4805-8574-cb7298b8c06f", "value": "80a07c5c111eb78c26ae8b707f9c02ca75584a0038994bb4523cec0ed018ad5f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055731", "uuid": "5fbfff3b-8a04-475d-8c33-7242bcfa7e1e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "b4a77df3-7882-40bc-893a-da80da05b471", "value": "2019-11-21T10:20:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "cef6c025-fc42-4be4-94ad-0f99334407bb", "value": "https://www.virustotal.com/file/80a07c5c111eb78c26ae8b707f9c02ca75584a0038994bb4523cec0ed018ad5f/analysis/1574331644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "52a6df68-8171-46db-aed6-3e9938cb36ac", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055732", "uuid": "5225ceb8-f692-46d2-a37f-f4b1bff422fc", "ObjectReference": [ { "comment": "", "object_uuid": "5225ceb8-f692-46d2-a37f-f4b1bff422fc", "referenced_uuid": "a4dd923d-e33a-4766-b505-14320eef16ca", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-7a3c-491e-9a0c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "440f972e-ccaa-4748-b401-c4041e5801af", "value": "c5b522afef188ce2c6d53c3f2ce50ecc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "0700a777-0122-4997-a736-2674be127acc", "value": "633695c6f34cd38588b2b399a49e38991cfc5701" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "5aeb50ef-fadb-475e-9537-23e97ee9d58a", "value": "41e02e68c13e610488e285a5df79977a807974e9b7cecccc1bf8036aac2eafa4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055732", "uuid": "a4dd923d-e33a-4766-b505-14320eef16ca", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "01975c92-c936-4a21-be3d-6997235ce2b4", "value": "2019-11-27T03:34:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "26c8ba85-d614-4323-b5e6-b354f11267e8", "value": "https://www.virustotal.com/file/41e02e68c13e610488e285a5df79977a807974e9b7cecccc1bf8036aac2eafa4/analysis/1574825691/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "3affc1d3-14a0-49ad-a5bc-388b89429610", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055732", "uuid": "1f22cdc6-7815-428f-8db3-2f12ed08f365", "ObjectReference": [ { "comment": "", "object_uuid": "1f22cdc6-7815-428f-8db3-2f12ed08f365", "referenced_uuid": "da7ab84e-ac1f-4045-abd0-7e8a7a7c81bd", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-9fd8-46eb-be7e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "6a58ec23-a968-4bb8-b56c-bd5ed3b2f2be", "value": "06a6c10d1305d3a36ee1cf0d0eba5cf9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "2a76f432-cb99-40ac-9c84-ce7d92692739", "value": "80e290eff5bd1a633d2331ec913d461688c406a1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "c20ed559-692e-45a1-b3f0-6bc1834cb4a9", "value": "86856ae49b89dc11ce60764c5cc099cacb3d86cca312ecf1b4a911f74e81f75c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055733", "uuid": "da7ab84e-ac1f-4045-abd0-7e8a7a7c81bd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "489bc8f5-d584-4da7-b473-b74c32bf8da6", "value": "2019-11-13T06:31:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "632c253f-1b43-4360-9294-1852faa79f3a", "value": "https://www.virustotal.com/file/86856ae49b89dc11ce60764c5cc099cacb3d86cca312ecf1b4a911f74e81f75c/analysis/1573626709/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "99df9ec8-99a4-4cf1-859e-6abd5435bb5e", "value": "43/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055733", "uuid": "9648d79c-e673-465c-acc0-5305dea0752a", "ObjectReference": [ { "comment": "", "object_uuid": "9648d79c-e673-465c-acc0-5305dea0752a", "referenced_uuid": "e1dfae7d-d10d-4f84-9232-2a257263fd54", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-5480-413e-9eeb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "64778dcd-51e8-45ed-affc-f12b393001c4", "value": "7af415c4ea6d1f8b4aafc44b75acb345" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "6f36c761-f1d8-46e9-b215-4cca46bbdb86", "value": "159337b9dcf360ab29642fa77817c76255a2f8e9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "09c00994-b4c3-4e8b-b53a-1b0dd906f4fa", "value": "8dad0d94b2a5f0e442dfc8b600c9f1b0011706728903a6dd72ed035cf8d62e8c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055733", "uuid": "e1dfae7d-d10d-4f84-9232-2a257263fd54", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "cf0f1eb0-58a0-47d4-928f-fe878e21d02d", "value": "2019-11-23T22:48:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "99811629-fb0e-441c-afab-faffa53a3079", "value": "https://www.virustotal.com/file/8dad0d94b2a5f0e442dfc8b600c9f1b0011706728903a6dd72ed035cf8d62e8c/analysis/1574549313/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "88365433-0a1f-4ac0-8afe-da65ae5f94dc", "value": "50/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055733", "uuid": "2b0e1b4f-e4f0-4c50-a085-72f73fb42e33", "ObjectReference": [ { "comment": "", "object_uuid": "2b0e1b4f-e4f0-4c50-a085-72f73fb42e33", "referenced_uuid": "a7841efc-7297-46b2-a0d7-de38e9dadc77", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-cf04-47ec-a100-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "4fbf61db-2fcc-417e-ace1-50c3f8131d70", "value": "d1e0dec5720c4ae98cc28f66032098d5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "b962586e-dfa2-4a24-9c85-e61af24bd4ed", "value": "7c74919489b0911c7c35412eb7a379fd1d23e4fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "09b486ad-a4af-4d9b-a983-2a7e603bd52b", "value": "a6255ce706db85a4ff427ec9d34dad32c59baddec430f32f99fa957a145fde9b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055733", "uuid": "a7841efc-7297-46b2-a0d7-de38e9dadc77", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "4fc64ec1-289f-4ff9-9643-8bdde253fffa", "value": "2019-11-10T14:06:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "93777e4a-4faa-4211-a5c5-b98ac79d4d58", "value": "https://www.virustotal.com/file/a6255ce706db85a4ff427ec9d34dad32c59baddec430f32f99fa957a145fde9b/analysis/1573394768/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "19cb7501-d9ce-4a66-98ce-b4f3382ba691", "value": "38/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055733", "uuid": "97740513-6b6a-4d71-b58b-10247b79b46a", "ObjectReference": [ { "comment": "", "object_uuid": "97740513-6b6a-4d71-b58b-10247b79b46a", "referenced_uuid": "f374d92e-ae65-47b4-8c7b-80394675594d", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-c750-4947-a25a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "b704730a-8456-48fd-afc5-39aa8c82fe2a", "value": "3d3c42d3a1c3d239a04aba24dfaf346a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "94ab5774-e573-4dac-be0a-143d2d82a852", "value": "b29e8fe9b73ff3a147c34f7529d0e3bfdb1dcb21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "82daab81-dccc-460e-bb25-7fc675b2bdbd", "value": "c680fc7b51a0cee302bc5fb4c39921c22c1253d2bd339a09c1507ccddfffce3d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055734", "uuid": "f374d92e-ae65-47b4-8c7b-80394675594d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "8d82f8f7-c85b-4bf4-b629-4fe7bdc573cf", "value": "2019-11-23T22:23:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "f169ecce-1d0a-48a2-964e-e738f895211a", "value": "https://www.virustotal.com/file/c680fc7b51a0cee302bc5fb4c39921c22c1253d2bd339a09c1507ccddfffce3d/analysis/1574547821/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "3767652f-ca3e-4d37-8efd-68b0b5341d0c", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055746", "uuid": "9641df2c-64d9-4949-a376-93999f2c1ed6", "ObjectReference": [ { "comment": "", "object_uuid": "9641df2c-64d9-4949-a376-93999f2c1ed6", "referenced_uuid": "cb668e55-75bf-4b47-bfde-31713c7aa475", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-5c00-4499-a232-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "d6eef544-5e54-47b2-848d-f4a4d022db56", "value": "b483eefbcc517035bdafa4d0164c99b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "1188418a-19d2-4e45-a962-da0cfc338e66", "value": "75a157315fb627f75b038afe8b4482a217ca85fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "943beb28-8800-4117-b50c-cc1e6721d5ab", "value": "1ecedf01f1142c1616882e79f2d554e0e6c51e55e59392948c505d7dc12aa430" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055746", "uuid": "cb668e55-75bf-4b47-bfde-31713c7aa475", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "613d5275-8c29-4e58-9c21-1ff0f1102e4a", "value": "2019-11-18T07:37:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "cec0fa12-914e-4f64-9672-ec47fb1c5bb0", "value": "https://www.virustotal.com/file/1ecedf01f1142c1616882e79f2d554e0e6c51e55e59392948c505d7dc12aa430/analysis/1574062655/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "b335c5ef-ecd1-42db-9a62-95b2c52bcdf3", "value": "52/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055747", "uuid": "0647a406-ae28-4819-9bda-5305edb9da80", "ObjectReference": [ { "comment": "", "object_uuid": "0647a406-ae28-4819-9bda-5305edb9da80", "referenced_uuid": "43e87703-8b04-49b7-bec8-700f4da208a6", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-a26c-412d-81fa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "0fcc0c82-b7e4-4f4c-ad32-de8b3268553e", "value": "c86bc66105b87bf66a3409d23c99729d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "1e801e71-d1f7-4af0-b616-709a0f3493f2", "value": "ccd7c669c16f94d95d81bdf59a52fa2e137c1e2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "ee784a50-048c-411c-9906-4b111b7f0aff", "value": "f27e019ac525aa96c91de1861c4fc33d79648b0f7f04a8b881f52565ca4de20a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055747", "uuid": "43e87703-8b04-49b7-bec8-700f4da208a6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "027dec73-b213-45a8-81cf-d4656929d955", "value": "2019-11-12T14:32:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "752489c7-8f08-45cf-b68d-2c776105e586", "value": "https://www.virustotal.com/file/f27e019ac525aa96c91de1861c4fc33d79648b0f7f04a8b881f52565ca4de20a/analysis/1573569141/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "e1aec408-b940-4756-acd5-ffca7eff021f", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055747", "uuid": "89931ac3-de3d-4e51-b5e5-038fd15da894", "ObjectReference": [ { "comment": "", "object_uuid": "89931ac3-de3d-4e51-b5e5-038fd15da894", "referenced_uuid": "1bd57d79-f05b-4dea-bbfa-b9a121fee8f4", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-12c8-4211-8d7e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "cb34bc97-623a-4c1e-b2ed-6d8697772be5", "value": "dd617f72c9fda0eaa4db3f6bf055649c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "2d1dd5fb-0eee-4ca8-b2da-fcd3f358f625", "value": "caebdc0e395f7a282eb44c20d2e29bb2011db441" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "065b6b3a-35a5-4f54-a291-62be5944b5eb", "value": "855164a11c1c387e06ee37f28ec8795b0cb169a75ebbe1a62143c5a34f0ff1d5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055747", "uuid": "1bd57d79-f05b-4dea-bbfa-b9a121fee8f4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "3d8e479b-c70f-4beb-8a90-c5b2bebf1069", "value": "2019-12-01T03:42:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "bf212385-7105-4108-9d4c-e415d1151ade", "value": "https://www.virustotal.com/file/855164a11c1c387e06ee37f28ec8795b0cb169a75ebbe1a62143c5a34f0ff1d5/analysis/1575171720/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "1933bde2-c4a7-4003-9445-39517d84b160", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055747", "uuid": "44c7c2d3-f768-4143-84d0-4994eba100d2", "ObjectReference": [ { "comment": "", "object_uuid": "44c7c2d3-f768-4143-84d0-4994eba100d2", "referenced_uuid": "fed8de15-950a-446c-b45a-be7ded28131f", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-ef74-4c0a-bc1b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "d9f9aca5-74eb-41ce-961c-5188010483b0", "value": "156d9f603a99521c9b9f99368f3d3779" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "1e436b3f-cef1-4a5e-b2b5-20bdcd02c291", "value": "73ff78ec01f22d3648367d0fc2e460e1e0c28251" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "98e58216-e13b-4ff0-be4b-dd4f53bf827f", "value": "ceadfea8ea204382f4ce75d7f15a73f412ea54c28e49828b1f5358ee4d0b831d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055747", "uuid": "fed8de15-950a-446c-b45a-be7ded28131f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "db9b4eef-1d10-443a-8af4-3b97568e9d2a", "value": "2019-11-16T08:54:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "967ef41e-6b06-4a61-bf5c-fa1e571f2cc0", "value": "https://www.virustotal.com/file/ceadfea8ea204382f4ce75d7f15a73f412ea54c28e49828b1f5358ee4d0b831d/analysis/1573894444/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "5d53a5d2-8302-4d25-a526-5faddc681670", "value": "48/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055747", "uuid": "424730a3-d4b8-4008-ab0f-86a7d157d85c", "ObjectReference": [ { "comment": "", "object_uuid": "424730a3-d4b8-4008-ab0f-86a7d157d85c", "referenced_uuid": "a226096d-61fb-428e-a5c1-e90cb67593c8", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-2ad4-45b3-b3aa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "1bd54da6-b238-4882-935e-e3b2edb912f8", "value": "6a3613beb08a841280d3cf9bed14e876" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "9369a38e-bf88-4c57-814f-a8dbe4bb009b", "value": "53053a4927928fbab24577b03f86f5c45a09d7be" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "60e969f8-605f-4684-a26c-b261013e16db", "value": "b755f549334e2612c52a2632752eb60d124b69e632f6c7fbe964fbce42aee440" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055748", "uuid": "a226096d-61fb-428e-a5c1-e90cb67593c8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "694be36b-6b3d-47cc-8ccb-c3f92d16a42a", "value": "2019-11-28T02:40:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "7c6d8c44-e939-46d8-9de3-317faa8f5b65", "value": "https://www.virustotal.com/file/b755f549334e2612c52a2632752eb60d124b69e632f6c7fbe964fbce42aee440/analysis/1574908856/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "5b88eeeb-590e-4383-9eba-b8c9a4517000", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055748", "uuid": "1f1a6d16-b82e-44a7-a80b-c4ecc8de3f68", "ObjectReference": [ { "comment": "", "object_uuid": "1f1a6d16-b82e-44a7-a80b-c4ecc8de3f68", "referenced_uuid": "271b2ddb-776a-4903-9371-201a5fc9d40a", "relationship_type": "analysed-with", "timestamp": "1576055891", "uuid": "5df0b453-6888-4dc4-ad4a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "20317494-f054-47c8-9210-bd33e9c0ceec", "value": "ca7a74f3f3e3425a125f2d84c9e245c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "9300c235-060d-439b-9d3d-fb1cf2f94410", "value": "6413e7a0727d727659e94bfb713b200fc04e545f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "9baa6302-521b-447a-8ae4-b0c92ab5f8a9", "value": "567ed308ecd24dfd17bf249ded1d13cef9dcc5f28426970615f5dfae4e2faccc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055748", "uuid": "271b2ddb-776a-4903-9371-201a5fc9d40a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "b4321262-4d72-4237-a171-794ed63c6df3", "value": "2019-11-05T13:41:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "7b64f168-026b-49dd-abb4-7c83d8d851c8", "value": "https://www.virustotal.com/file/567ed308ecd24dfd17bf249ded1d13cef9dcc5f28426970615f5dfae4e2faccc/analysis/1572961286/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "81bd7f0c-679a-44c6-984c-e48c7f04eeb6", "value": "13/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055748", "uuid": "901e56b2-8f8e-4f3c-b98e-812da51a8e8c", "ObjectReference": [ { "comment": "", "object_uuid": "901e56b2-8f8e-4f3c-b98e-812da51a8e8c", "referenced_uuid": "4978e001-da37-49e7-9401-22eadc89f2a3", "relationship_type": "analysed-with", "timestamp": "1576055892", "uuid": "5df0b454-4bd0-4231-9c55-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "1df0f11d-a6b8-4668-a368-38ce91c2c7e6", "value": "e767347f7a5af9580e847c91947b4b8d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "5800b1ac-bae5-4d1c-9d81-2de4c0f09fbc", "value": "4a45ce9162ad5c65b63ed8d4f9bb67767449f274" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "5aa59724-7363-4171-86ef-4607ea1c4728", "value": "e3b3f7195bd380f9fdc3192b24d0958db1e99937646a795e97f1db1a86b67756" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055748", "uuid": "4978e001-da37-49e7-9401-22eadc89f2a3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "88c265da-ab73-487e-a47e-117ea75ec272", "value": "2019-11-21T10:53:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "213177b6-f9d9-436e-b0da-a824748f881e", "value": "https://www.virustotal.com/file/e3b3f7195bd380f9fdc3192b24d0958db1e99937646a795e97f1db1a86b67756/analysis/1574333621/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "32beb842-37c6-4bf1-8ae6-8ba2d28cf40d", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055748", "uuid": "b941fbca-a22c-4ff4-929b-fd1cadfb7fbc", "ObjectReference": [ { "comment": "", "object_uuid": "b941fbca-a22c-4ff4-929b-fd1cadfb7fbc", "referenced_uuid": "6730f7da-0e56-4dbc-a917-812a43136628", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-253c-4b55-817c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "3f4c04e6-d427-42c6-bdee-7d9c8f12a6f6", "value": "7c86fcbe07d2ba4eb5e6d3707b28c609" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "63aa7462-6033-4308-bba4-fc75d4a60eb8", "value": "ad64cfa882ebd84fa370a7da8e417d38ffdef3e3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "f484a398-5540-452e-9ef3-53ee7ad9922f", "value": "d6720180c4bcf1e2d01fef9ad426edc52917286a5807a518468eba3e4aed7b53" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055749", "uuid": "6730f7da-0e56-4dbc-a917-812a43136628", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "74cab9db-cdaf-4b7b-8b57-5906c46cfc45", "value": "2019-11-28T20:01:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "02673551-8093-4001-9a27-1fb9ba07c5bf", "value": "https://www.virustotal.com/file/d6720180c4bcf1e2d01fef9ad426edc52917286a5807a518468eba3e4aed7b53/analysis/1574971297/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "f32cb45b-9ffd-4dda-8e65-cccd046fe75f", "value": "55/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055749", "uuid": "dd07c58c-55cb-4f10-83a1-1a06dc64a1f1", "ObjectReference": [ { "comment": "", "object_uuid": "dd07c58c-55cb-4f10-83a1-1a06dc64a1f1", "referenced_uuid": "dc4db6ff-2801-43dd-9fb1-aafc185e8c78", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-8f68-4931-b44f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "8411a1e3-7d10-4207-a7dd-f590d282bdb3", "value": "4ad35d4f2bcebb3b983878fb56771d02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "3d111ddd-fa2c-4ade-a71a-90902e1fcba2", "value": "64f3060a2d77801ca9184f2d9a81874c60aac6c4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "bc06ec68-cca1-4671-b83a-ae179890147e", "value": "8ccc4fccbb17b53e702f18f86dc88bd362c1bbbd7affaa26aa96bf4f655f3bbb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055749", "uuid": "dc4db6ff-2801-43dd-9fb1-aafc185e8c78", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "2634f959-358f-48f7-8e78-5516614d4575", "value": "2019-11-14T13:25:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "0dec6d0d-1385-43cb-b429-66ac3dafa808", "value": "https://www.virustotal.com/file/8ccc4fccbb17b53e702f18f86dc88bd362c1bbbd7affaa26aa96bf4f655f3bbb/analysis/1573737956/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2799786d-a5ec-4396-a1c2-f93c269217e0", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055749", "uuid": "b16200d2-460e-4519-8dc3-e2b344f6cf18", "ObjectReference": [ { "comment": "", "object_uuid": "b16200d2-460e-4519-8dc3-e2b344f6cf18", "referenced_uuid": "baccedae-b49b-44ef-9a96-77c1f0d1c78b", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-2f44-4ab1-958a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "6b0a3e84-aa42-432c-8fd7-3916b72c5d4f", "value": "c5d0ff1a5c2f370dc99628dbd2c2e04c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "a8bb4c3f-864d-46e9-8d55-60761ee0b635", "value": "6b91bcb2c9841a8e150ddc098771f219cf931a1a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "18387d5f-a347-4596-a488-45d7e097c312", "value": "1a59ce8bc8290a2a21af2f6914566a2301e3f2c1dca2f42749d16f037b2c805a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055749", "uuid": "baccedae-b49b-44ef-9a96-77c1f0d1c78b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "48fa72ac-d69a-4b8e-9801-c2c6788928df", "value": "2019-11-21T10:08:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "324b2bee-a6d3-4627-8226-ad0e7cb4f559", "value": "https://www.virustotal.com/file/1a59ce8bc8290a2a21af2f6914566a2301e3f2c1dca2f42749d16f037b2c805a/analysis/1574330905/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "ec4323af-8967-45b8-ac2b-6276477d202d", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055749", "uuid": "f067504e-ada5-43cd-85f3-77c40814646e", "ObjectReference": [ { "comment": "", "object_uuid": "f067504e-ada5-43cd-85f3-77c40814646e", "referenced_uuid": "9da7c678-13b4-42a3-b1d7-224235a95a58", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-cf60-4243-ae8a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "d40c14e7-38a5-43e0-ab57-5f6f07b78346", "value": "f780516cec64a05a1e779582f166d5a6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "57ffaadc-d480-4b8d-b178-848dbf97148f", "value": "8d0ded8ca8a1a294820057788d1710022dea57c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "1754d6f5-9679-43b8-9a85-82d667d2c0b4", "value": "c746410a64aace77d16a6dcd054f9a54b011539764d35286840148eaf8c75869" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055750", "uuid": "9da7c678-13b4-42a3-b1d7-224235a95a58", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "347c76c9-8be2-4857-ae5e-e29495d4deaa", "value": "2019-11-07T14:04:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "1a316265-98e3-41e3-bb2d-60ab06083777", "value": "https://www.virustotal.com/file/c746410a64aace77d16a6dcd054f9a54b011539764d35286840148eaf8c75869/analysis/1573135445/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "be5da45f-aca7-4270-b9b1-9b2bc8a06a49", "value": "41/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055750", "uuid": "bf6795fd-f4ef-45cc-b33d-80a5e4d2b640", "ObjectReference": [ { "comment": "", "object_uuid": "bf6795fd-f4ef-45cc-b33d-80a5e4d2b640", "referenced_uuid": "c918c925-f940-4b22-baf5-6a2dfb4ba597", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-c218-41d7-845f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "80c8bde1-03d7-40bc-a04f-60661bff4b76", "value": "18f4a008a515c7981bbbf91b85c12045" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "d11e21c0-3d56-4c5b-a01f-aeae725f14df", "value": "1b5d496f0d5f24d3f37bbe30552b103db43f29a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "feeb0171-9958-424a-bd11-ac719ed20225", "value": "0f64b020f47a73628af0bf2e62e0108e90f7d1fde5b830513bed1e7b0ee0f73b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055750", "uuid": "c918c925-f940-4b22-baf5-6a2dfb4ba597", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "54f99c66-2b73-491e-be89-ec3859bdc991", "value": "2019-11-17T10:16:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "614edaaa-16e4-4fde-89f0-632c01d94d18", "value": "https://www.virustotal.com/file/0f64b020f47a73628af0bf2e62e0108e90f7d1fde5b830513bed1e7b0ee0f73b/analysis/1573985769/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "6236004d-0bbf-4cbb-a262-79a7fa1be4cb", "value": "47/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055750", "uuid": "91ed5442-d4bf-4d87-a164-ab3d02136d0a", "ObjectReference": [ { "comment": "", "object_uuid": "91ed5442-d4bf-4d87-a164-ab3d02136d0a", "referenced_uuid": "70d64ea2-0462-42af-9697-bea528a2cdf6", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-a358-43c8-8879-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "b2d89ef4-e133-495b-b1a7-a94a5cff8ed1", "value": "a93f14143911520f141ebf72facc1300" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "3ff6ba7e-1dd7-40ad-b478-acbc93ee0cf1", "value": "3188052b3e05882cca36dde701cd1137cefb8827" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "c4711ce5-9471-4f2a-957b-e552faf6d7cc", "value": "a3c8cf44b0a0d6bac1841c641b2b9113eaeb70c35f2c2668076bea15099e1eff" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055750", "uuid": "70d64ea2-0462-42af-9697-bea528a2cdf6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "5cae6b47-97f1-4f22-a846-e890179ac3b9", "value": "2019-12-07T03:24:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "5571faa2-e146-4ea5-be8c-821fa5d942f2", "value": "https://www.virustotal.com/file/a3c8cf44b0a0d6bac1841c641b2b9113eaeb70c35f2c2668076bea15099e1eff/analysis/1575689079/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "c4e4d2af-19dd-46d3-8df9-e120b36103be", "value": "59/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055750", "uuid": "a11b9dd0-c1f3-4364-9eb8-6b05e0a2667f", "ObjectReference": [ { "comment": "", "object_uuid": "a11b9dd0-c1f3-4364-9eb8-6b05e0a2667f", "referenced_uuid": "0f57c64c-7bbe-4f6f-ac55-7afcd42c3f35", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-0150-42b4-98e9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "553cc451-3682-4a53-8ba6-f806d2d02ffc", "value": "8d3fd8449a351e10e327dade69d8776e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "28da531a-c5d5-445a-9f26-d3afde18a4c8", "value": "30ab26ef2b94259ec6e5700741f6e110ee7d8370" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "b9f4f30a-8ad3-4a03-833f-215af2559f94", "value": "8019eb1473eb3015d1b1f4b4f606f29976a50b24d73bb5a7276af48bb2df6b12" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055750", "uuid": "0f57c64c-7bbe-4f6f-ac55-7afcd42c3f35", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "ca95473e-0720-4c1b-9ac5-a079c7cc6641", "value": "2019-11-29T08:39:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "b9787ad0-ec6b-416a-adb9-2b78ba6bbc0d", "value": "https://www.virustotal.com/file/8019eb1473eb3015d1b1f4b4f606f29976a50b24d73bb5a7276af48bb2df6b12/analysis/1575016784/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "f6549caf-5767-46aa-9d16-21394bf25e02", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055750", "uuid": "2233994f-677c-444c-b9fa-e7ec29fccf78", "ObjectReference": [ { "comment": "", "object_uuid": "2233994f-677c-444c-b9fa-e7ec29fccf78", "referenced_uuid": "46fc2e97-93c3-41bb-9f7d-c0471e92a5a2", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-ad94-439d-a8f2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "c958acc1-55a2-45c1-a3dc-fb31214de640", "value": "6b22d9640fb06efe66fdf38de9bd2947" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "99b093b0-d9f7-4cfe-851f-e199294e0e21", "value": "f0d57b3de178fa6486e4bf640b151a2139b8713e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "c6860a49-4c9b-4471-bf67-c99dc3ce9058", "value": "ab7ed7cb1a0f80f7d9cb639a9c18273f7ba349512a5f759b72c892593cb65ef1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055751", "uuid": "46fc2e97-93c3-41bb-9f7d-c0471e92a5a2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "05a0c2ec-da2b-4c3c-9f32-90555c95e577", "value": "2019-11-06T16:36:07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "e659213c-9a52-4370-9f93-7849d901852d", "value": "https://www.virustotal.com/file/ab7ed7cb1a0f80f7d9cb639a9c18273f7ba349512a5f759b72c892593cb65ef1/analysis/1573058167/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "8eb9dd48-d55d-4772-805c-9e08deaf8d7b", "value": "40/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055751", "uuid": "7594f724-065f-4791-9013-fbfc82dfe828", "ObjectReference": [ { "comment": "", "object_uuid": "7594f724-065f-4791-9013-fbfc82dfe828", "referenced_uuid": "990d2868-e933-4aa0-ad3e-d7265cf10e15", "relationship_type": "analysed-with", "timestamp": "1576055893", "uuid": "5df0b455-c434-4bf1-b47d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "66bc926e-c63e-45ab-8247-310d15c2d6b0", "value": "904a3098133c5addeab6e147def15177" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "1c3941e9-ebcc-4c54-854b-b29287331a11", "value": "1b58caebb2065e3130e456d52043934639721735" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5196e670-445b-4aaf-9bad-573f68bf0b4c", "value": "e5b4d4e579b38b110e44004c3b35eb8392b71224755b6a2fc45cc56359bda2b3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055751", "uuid": "990d2868-e933-4aa0-ad3e-d7265cf10e15", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "11bad437-1fc3-4d2e-b02a-35196cb11880", "value": "2019-11-10T01:43:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "84f2259b-0d83-482b-8f2f-9ea8fa0ba410", "value": "https://www.virustotal.com/file/e5b4d4e579b38b110e44004c3b35eb8392b71224755b6a2fc45cc56359bda2b3/analysis/1573350230/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "1ddeb404-a7e7-4600-8755-0e88d8757804", "value": "35/60" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055751", "uuid": "7f0f2aa4-dcea-4938-8c5d-6364da9925c7", "ObjectReference": [ { "comment": "", "object_uuid": "7f0f2aa4-dcea-4938-8c5d-6364da9925c7", "referenced_uuid": "8e2ea5f2-dd27-4c61-8a30-47ac5289d93e", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-51dc-43af-97e6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "3c5f14f0-d085-4210-baf5-55a2b30798d3", "value": "cb7754fe17096158fb7486c7a9f9a254" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "f622a676-d71f-4fea-94f0-05d11e97f0ce", "value": "3b82d1aba11f0dd0b2350782abcffe7e8b3d91a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "152bb459-64d6-4c17-b6ad-7602bd73c6db", "value": "1c209ac0b2139297bc88bbf37a5262ed039bcb454abd8f75abfd21120b9df883" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055751", "uuid": "8e2ea5f2-dd27-4c61-8a30-47ac5289d93e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "ccb58320-f28c-4b03-abd9-c6cc341d98cc", "value": "2019-11-23T22:30:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "8aacb335-3e89-44f1-8d2f-06896c18196f", "value": "https://www.virustotal.com/file/1c209ac0b2139297bc88bbf37a5262ed039bcb454abd8f75abfd21120b9df883/analysis/1574548216/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "3c9e766c-d97d-4251-9cb4-6be1e7c97aae", "value": "50/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055751", "uuid": "eb0466e5-b50d-43c0-aa69-2f1c6c79d905", "ObjectReference": [ { "comment": "", "object_uuid": "eb0466e5-b50d-43c0-aa69-2f1c6c79d905", "referenced_uuid": "ca373d32-0ba6-466e-98a6-15f24d0c8115", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-4c88-4406-8a07-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "aafa0ff7-c129-4473-a3d6-504cf446db22", "value": "d3acd27a4b8b48fba599fbbebb3689c5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "9823052d-2b24-47a9-85e5-df65b88c4302", "value": "5369fe4affde8d5ec3001c93b333418a6ef7b866" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "d33a2956-119e-4415-b48b-3e19a2d2f538", "value": "fca0b85fb10a75d04a9bbe9065fcd97a83676585181be6c8c4e6a2e35751f08b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055751", "uuid": "ca373d32-0ba6-466e-98a6-15f24d0c8115", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "d5f08452-d387-4055-a0a9-05afb3ebdbc0", "value": "2019-11-20T11:48:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "d2b7ae6f-db2f-43bf-b158-d627a9340e9c", "value": "https://www.virustotal.com/file/fca0b85fb10a75d04a9bbe9065fcd97a83676585181be6c8c4e6a2e35751f08b/analysis/1574250483/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "c1d44484-e09c-4a51-bc30-2a560d35c577", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055751", "uuid": "a7200b0c-fef7-4eb9-85b2-d618615c0809", "ObjectReference": [ { "comment": "", "object_uuid": "a7200b0c-fef7-4eb9-85b2-d618615c0809", "referenced_uuid": "bf842af9-f8e6-44a6-b7a6-3c24478cf079", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-a084-40c6-869f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "096b548c-feae-4a9e-a2a4-659ad4bab629", "value": "b53502e161cfe51ef64eb622ab128c4f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "83b39332-7a39-4444-9ec1-5ff9ddd2831c", "value": "a4de27973124ba5bab9208314ce7a7ce4505ae0f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "b82ab02d-763d-4310-95d3-1573b8beeb28", "value": "88b1b7d25c5f4f118a404eff1800dbf2794d97271ab293c1ad8ad8ec5e545f02" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055752", "uuid": "bf842af9-f8e6-44a6-b7a6-3c24478cf079", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "b0e2b3c6-1c3a-46af-89a9-265e0296e37f", "value": "2019-11-21T10:57:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "a57f918c-5bfd-4055-a08b-d8c079e79323", "value": "https://www.virustotal.com/file/88b1b7d25c5f4f118a404eff1800dbf2794d97271ab293c1ad8ad8ec5e545f02/analysis/1574333841/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "6fb17f7e-ea69-4ffa-b27e-388506368bae", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055752", "uuid": "0f4bb689-990d-4905-907c-81a9351fb46b", "ObjectReference": [ { "comment": "", "object_uuid": "0f4bb689-990d-4905-907c-81a9351fb46b", "referenced_uuid": "dfa592e6-e771-4ee4-8eb4-1b6cfb89e77f", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-1788-4767-b87f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "35365134-67ea-481f-9174-64268d503e8a", "value": "9a638f25b0b6be3032bd8943e9530e90" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "0527685e-31ce-461c-91d2-72afe60263e7", "value": "44611e16ce011725f8142851e19fa816015039fe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "baedcb5c-ade7-4e75-9b52-6a2b34a96a00", "value": "37d3ec9d3335ba7c437681b01dc79539046aec484045c00ef764587b164d133f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055752", "uuid": "dfa592e6-e771-4ee4-8eb4-1b6cfb89e77f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "ce865deb-1431-4200-b446-21cf068d40d9", "value": "2019-11-29T08:43:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "95ce8fa8-8e39-4843-bb5d-12d72696a02b", "value": "https://www.virustotal.com/file/37d3ec9d3335ba7c437681b01dc79539046aec484045c00ef764587b164d133f/analysis/1575017027/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "03e78b33-b6d6-40e7-a642-78d386ca9c4e", "value": "54/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055752", "uuid": "a0b2b74a-c8e1-4d94-8949-55503c2e4be1", "ObjectReference": [ { "comment": "", "object_uuid": "a0b2b74a-c8e1-4d94-8949-55503c2e4be1", "referenced_uuid": "d57d34e0-267d-4d69-8932-7c53e3159081", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-920c-4816-a8bb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "48479711-49e7-4daf-8bde-31a2fecd94cc", "value": "c82a222759bad3116a37404395c8d9b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "578bd257-7726-4515-8ce4-895aa60e7ea0", "value": "168f332e94610e49c7d8d97bcb2b5a7b0fa87ea4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "e2f7e282-5bcc-4f38-ae84-3a6d2c3876a0", "value": "bec75abd1810200ca989eba1b5ed9d30ab150079408bcd9dab5506f2f7e17968" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055752", "uuid": "d57d34e0-267d-4d69-8932-7c53e3159081", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "f8a21cc0-3676-484a-b0be-92ebbc5c73e9", "value": "2019-11-18T07:37:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6ea4b66e-d03b-49d2-95bf-1ed08cbdb5fb", "value": "https://www.virustotal.com/file/bec75abd1810200ca989eba1b5ed9d30ab150079408bcd9dab5506f2f7e17968/analysis/1574062634/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "eb36f118-2d61-4585-aa4d-f8f71c7f4c87", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055752", "uuid": "4825fefb-afed-42d6-88ba-2076ad113636", "ObjectReference": [ { "comment": "", "object_uuid": "4825fefb-afed-42d6-88ba-2076ad113636", "referenced_uuid": "b55fbd24-5612-487b-a91c-e8a8550bf3df", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-af74-4f7d-b457-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "3aea306c-3906-40c3-8729-2cdaaffed38c", "value": "7c7b03ad6d6c7c2a484f3ece8e79f582" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "23f1d469-836d-4e89-84ac-d1f75930d61a", "value": "21aa4b3d1565867e984bbd31758afa093d3e9ced" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "95e0c4dd-4b91-4d56-aa01-2fd369186e6e", "value": "95dbf1fdbdf2fb01923966504c378d59c4367f5848196ebd50a91e8acc454d4f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055752", "uuid": "b55fbd24-5612-487b-a91c-e8a8550bf3df", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "bba752dc-46b9-44f9-93f1-148ae0e4cbb7", "value": "2019-11-04T16:08:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "dc5b8990-64cb-4ef0-88fb-57249480cebf", "value": "https://www.virustotal.com/file/95dbf1fdbdf2fb01923966504c378d59c4367f5848196ebd50a91e8acc454d4f/analysis/1572883733/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "a9950f39-f31a-48ff-9aa5-faf8882dd494", "value": "9/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055754", "uuid": "478f79ba-3f6d-4afe-9dab-208919ecb65b", "ObjectReference": [ { "comment": "", "object_uuid": "478f79ba-3f6d-4afe-9dab-208919ecb65b", "referenced_uuid": "fdb38221-5885-4819-8fbe-6397bad847b2", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-1d14-4e52-ba1d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "bc598714-7ff8-4e52-b554-22b92cccd6bf", "value": "c5bc212ca9d7322a14ec06c8dcd5c6c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "beb45de8-1b9a-4b41-bd15-fc65ef2a417c", "value": "1cae74f08ecf2c8b7ee54ecd700e7a92c583e9b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "15acda25-4d00-4507-a6c1-55b3ff2e81f8", "value": "4d8a2f6e05217252abe1732f61c3a8e8cc00029ab483d6ffb25060aecd0caf68" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055755", "uuid": "fdb38221-5885-4819-8fbe-6397bad847b2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "6d2d4649-efe5-4c65-98d7-9baeef13c24b", "value": "2019-11-14T13:22:34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "e1c4061b-7e91-4279-bb9f-5466a9e730e9", "value": "https://www.virustotal.com/file/4d8a2f6e05217252abe1732f61c3a8e8cc00029ab483d6ffb25060aecd0caf68/analysis/1573737754/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "95fc6bbb-d739-48cb-8fdb-29e180561604", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055756", "uuid": "7c7dee2e-2977-492d-aa98-5d4fd62eb113", "ObjectReference": [ { "comment": "", "object_uuid": "7c7dee2e-2977-492d-aa98-5d4fd62eb113", "referenced_uuid": "34a6994f-068e-46bf-8345-bbc4635d20d4", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-853c-45ed-8ea3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "76990aba-9fb5-4960-b165-71a8e2047286", "value": "a4d9d2dc15d4126883a98b50261f60b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "3046437c-0382-4a92-ba50-c8a55c9d7837", "value": "010dbbf7e7b8099649878fd88e9cd0952b8cceff" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "f2aa00e0-f3ed-4585-936d-b4da85199b7e", "value": "ecd9e7bbdbf657838d3527c43e04529fec97af74907493ea2a9ab46f72192754" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055756", "uuid": "34a6994f-068e-46bf-8345-bbc4635d20d4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "1cb6865c-64e0-413b-91b3-4732fa4bf4a8", "value": "2019-11-21T19:02:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "5687218e-7140-4419-8fa5-113b0c8636fe", "value": "https://www.virustotal.com/file/ecd9e7bbdbf657838d3527c43e04529fec97af74907493ea2a9ab46f72192754/analysis/1574362979/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "108ac5e5-4486-4f9e-bc63-ab70aa8f7571", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055756", "uuid": "6c3a81d7-2298-4643-a114-979b560178b2", "ObjectReference": [ { "comment": "", "object_uuid": "6c3a81d7-2298-4643-a114-979b560178b2", "referenced_uuid": "9122b627-febd-4ae8-a6a8-a26387e4188a", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-a19c-4059-b0ce-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "ba14d632-52d4-4a41-9550-7a85ede446b7", "value": "0fdd415b3ba81212641ef5018d36837c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "1d8c85e5-d6f6-4fd4-88ab-a980d3183614", "value": "7bef5c16401ae9c16e43f773397301056ba3aa02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "33472262-5c6e-4681-b844-fda282c698f0", "value": "2b89009a51eaea0a277359651ab9097d44370f0829545a59ec5f63358e71e913" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055756", "uuid": "9122b627-febd-4ae8-a6a8-a26387e4188a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "2fe8e667-0e08-4a35-ac72-0f95e10f50b9", "value": "2019-11-26T12:58:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "3fb9e832-ecd7-44bd-8c09-ca18857a4d86", "value": "https://www.virustotal.com/file/2b89009a51eaea0a277359651ab9097d44370f0829545a59ec5f63358e71e913/analysis/1574773081/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "1b84f922-1768-4a3d-9257-3d96d95d084c", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055756", "uuid": "6064c164-2955-46c7-9bab-3f2ba5ba4e17", "ObjectReference": [ { "comment": "", "object_uuid": "6064c164-2955-46c7-9bab-3f2ba5ba4e17", "referenced_uuid": "a7233309-72f4-40b8-853f-a91d120f4f13", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-6a64-4bb7-af90-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c85bf6d4-a46a-446a-8168-44aab1ab5de8", "value": "1686dbaa141cedc2d5fde06f6ef831e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "727eeabc-620d-4c10-bf26-c2b4018f9db6", "value": "bc777fadf5a42cee2481475392f7a302200b009e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "a27298c7-d6cd-49e3-89ba-c5e2b4a4b52a", "value": "6a968202cd64d7a276ea438f50cb2e4d7d72a6f23791a9d22a4c0024c0083fb5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055756", "uuid": "a7233309-72f4-40b8-853f-a91d120f4f13", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "22c35eea-c9fb-4d1e-aca2-ceb669b88c97", "value": "2019-11-08T13:11:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "e4755623-f3f0-4a99-a4bf-9fff3771f378", "value": "https://www.virustotal.com/file/6a968202cd64d7a276ea438f50cb2e4d7d72a6f23791a9d22a4c0024c0083fb5/analysis/1573218678/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "60f484d3-f8e9-4b73-bd78-f950ee41fafc", "value": "20/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055756", "uuid": "d608b556-1e42-4724-bf13-92d382cc0875", "ObjectReference": [ { "comment": "", "object_uuid": "d608b556-1e42-4724-bf13-92d382cc0875", "referenced_uuid": "d2be4787-cb80-4529-9bf8-fcf3efddbb63", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-6058-44ef-86b7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "004d4b52-58c4-40ed-a902-ec9183bba2cf", "value": "d5e1462f654962d462c4c19e827ed0f9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "bf461757-cdf9-453c-bfe1-3e815085016f", "value": "a8239908748c631bcd1b693a39a69568322fd80d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "16ae3501-dfe0-4102-b5e9-3cc388083b7f", "value": "63a1f51893b65e59c233fc62194c6cc9508e780763d6442cb4b8d48248d3bb93" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055756", "uuid": "d2be4787-cb80-4529-9bf8-fcf3efddbb63", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "96a4b654-cf25-47aa-a6c2-6c93a3d73540", "value": "2019-11-17T03:35:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "222b6711-4cef-42eb-b70e-e326357e41ea", "value": "https://www.virustotal.com/file/63a1f51893b65e59c233fc62194c6cc9508e780763d6442cb4b8d48248d3bb93/analysis/1573961747/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "f55387ec-6817-45f8-b56d-59c72ae8c944", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055757", "uuid": "cfad1838-ec2d-4706-9c29-1add7cd262e8", "ObjectReference": [ { "comment": "", "object_uuid": "cfad1838-ec2d-4706-9c29-1add7cd262e8", "referenced_uuid": "9db29e33-08e0-465c-94dc-14bf1d1beba4", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-3154-4f5f-8bc3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "db5ed5ad-c771-4595-ba02-d38d441ff874", "value": "841e5de2a863e2790ed1566e65c9b04d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "c9af1b60-a23e-4ea2-a38e-c54101d1b640", "value": "4c18698ef4c8d42ac52039df160dbabc3b7c6cc3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "6fe18ef5-4505-4ef6-84d9-afc3fb65304b", "value": "98a23704433cf0aea9d340f2e420faa867e9f3961de7639be17b15c1af6a1265" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055757", "uuid": "9db29e33-08e0-465c-94dc-14bf1d1beba4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "3951e1a8-0a72-4226-9dc9-cdab38a0221d", "value": "2019-11-04T17:26:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "dab258af-6817-459a-9c7e-fff25cef678f", "value": "https://www.virustotal.com/file/98a23704433cf0aea9d340f2e420faa867e9f3961de7639be17b15c1af6a1265/analysis/1572888369/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "4d214e01-9d88-42a1-9630-5051b0ba6a71", "value": "10/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055757", "uuid": "d11dabb0-13db-42a7-8e45-d46b5be2d46b", "ObjectReference": [ { "comment": "", "object_uuid": "d11dabb0-13db-42a7-8e45-d46b5be2d46b", "referenced_uuid": "39a6b77b-e8a9-4859-9f38-ad5511b67c19", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-e544-4812-9173-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "2ce7cb92-0bdb-4a99-8cf2-7bb12b5b2a68", "value": "0fea6a133814d9b2b0d8531409aec3fd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "a45765b8-b2d9-4b30-a72e-a3717150fe59", "value": "e7db0b4e195d0ef9ab0b0583909205546fac4512" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "d45c416f-23d5-4e37-ab3e-a60ca4789e58", "value": "3b64aeca320d43d6622a5e8ec421db4ae4be75a73440454b0f128403670c2622" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055757", "uuid": "39a6b77b-e8a9-4859-9f38-ad5511b67c19", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "bb8ffa97-2c17-48d1-8541-df0d1cceb459", "value": "2019-11-14T09:10:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "ab69c5dc-4655-4d4c-b13f-86f749b6cc6f", "value": "https://www.virustotal.com/file/3b64aeca320d43d6622a5e8ec421db4ae4be75a73440454b0f128403670c2622/analysis/1573722644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "e8f9300d-e494-4e2f-93f6-53183135b3da", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055757", "uuid": "5316380b-6882-4fa7-bd9b-7feb1585ed6e", "ObjectReference": [ { "comment": "", "object_uuid": "5316380b-6882-4fa7-bd9b-7feb1585ed6e", "referenced_uuid": "855976ee-8343-475c-89f5-09fcd75d0354", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-9250-438a-ae31-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "a2f087c0-80a3-4ebe-91db-ea039b3c36a8", "value": "240bd83c2f57e6e28f0117402a4fba1c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "a1e1dbea-9c23-4906-96d4-7c1ec9d2c75a", "value": "32c32b49487dc8b91b0dcc3dce66be2b3b1f5a45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "e5e2db65-5840-4118-9285-e2d1f5585568", "value": "c41420a1759debca01a347d21ce31593aa207ca5f3514bf36eefebb9515cd7f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055757", "uuid": "855976ee-8343-475c-89f5-09fcd75d0354", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "1c8c254c-85cc-4233-8569-3739c82b8092", "value": "2019-12-01T03:37:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "73e6a32a-062f-407a-98e2-38cc8cb1b2c5", "value": "https://www.virustotal.com/file/c41420a1759debca01a347d21ce31593aa207ca5f3514bf36eefebb9515cd7f4/analysis/1575171458/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "13a650ab-959a-4042-be36-ba885104adf2", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055757", "uuid": "9a4cc9c2-bd16-4336-a8f4-0b63238ce8c8", "ObjectReference": [ { "comment": "", "object_uuid": "9a4cc9c2-bd16-4336-a8f4-0b63238ce8c8", "referenced_uuid": "c94d77cd-e9e0-4db8-b96f-f2aff531545c", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-c29c-4a96-8c08-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "6cb30e8c-d58d-4bc0-8d41-b182196bf7b1", "value": "d4723b74dcaed5d4c7c50ecd4bfde484" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "5e120443-8906-4cf4-9a75-95500d179da3", "value": "0c1100c3263c5afd7d19ca0678af4c33a79591bb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "c647b607-1c6d-4ced-bd2e-6aa9261fc356", "value": "1460eb328b914d30935452587a558641526c89282b63290a231712d6c1a3c1bc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055758", "uuid": "c94d77cd-e9e0-4db8-b96f-f2aff531545c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "58944cd5-58e6-4b4f-b92d-5e2598c73db9", "value": "2019-11-16T03:02:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "0071db25-1b27-4f49-9aeb-c3ba81a3f85e", "value": "https://www.virustotal.com/file/1460eb328b914d30935452587a558641526c89282b63290a231712d6c1a3c1bc/analysis/1573873362/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "2f44dd0b-6236-44a8-8ccd-9ec78a2444ef", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055758", "uuid": "e8c3711d-2475-4e1e-9bd5-8dfb243d6513", "ObjectReference": [ { "comment": "", "object_uuid": "e8c3711d-2475-4e1e-9bd5-8dfb243d6513", "referenced_uuid": "d1da2898-a85e-47b1-a1cf-088854edef72", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-8118-471a-8964-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "800cd58b-5513-49c6-8e86-cdbb4c312463", "value": "449252f798020a342e11a86516378d62" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "d36a52c8-9f2b-4d09-bc23-a4a0e35d469f", "value": "ffca5c0b6dcae34ca9c1a280f5924895895b67b7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a2d0e793-be8c-4848-9e03-93737675f359", "value": "9a1c0b695bd632525b1a33629f16393409da089284ad36a2b8a7a86cd24c2cdc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055758", "uuid": "d1da2898-a85e-47b1-a1cf-088854edef72", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "47cb9bbe-643f-4a30-a642-4c0407d4040b", "value": "2019-11-28T10:26:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "077a96eb-315a-44e2-a88a-2a8981b5ce2c", "value": "https://www.virustotal.com/file/9a1c0b695bd632525b1a33629f16393409da089284ad36a2b8a7a86cd24c2cdc/analysis/1574936798/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "88f6bec2-338c-4d54-bb19-3f1be8e0338b", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055758", "uuid": "843f03fd-f8f0-46e3-afc6-48283b2c67c1", "ObjectReference": [ { "comment": "", "object_uuid": "843f03fd-f8f0-46e3-afc6-48283b2c67c1", "referenced_uuid": "aba95b98-4ece-4333-a3d7-ba5d458d2502", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-5680-4611-b6ec-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "f01dd404-deab-4f5a-9a82-5277cb08e9ab", "value": "1aada38f348c68c422df9490b8a7da07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "aac3170a-9e50-4a36-984b-d16e8084dd7a", "value": "be92f56addf44e8a9a6ac42b42403c0aca3fecd5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "628cb30a-483f-41a8-bf99-a63468d9af59", "value": "0bdf3c6e94121a3f2911f2acdd0514c38069b699859a29fde0d54b0a0cc37e85" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055758", "uuid": "aba95b98-4ece-4333-a3d7-ba5d458d2502", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "bc59eab2-cc37-44f6-8518-26738e16efe4", "value": "2019-11-24T16:28:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "98e36d23-f82b-47f4-953d-80ec70e7ec59", "value": "https://www.virustotal.com/file/0bdf3c6e94121a3f2911f2acdd0514c38069b699859a29fde0d54b0a0cc37e85/analysis/1574612930/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "dbe37ac1-4e3f-4dff-98c4-b7bce46e8a16", "value": "49/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055758", "uuid": "af6e9894-f165-457c-b788-04d7249d1994", "ObjectReference": [ { "comment": "", "object_uuid": "af6e9894-f165-457c-b788-04d7249d1994", "referenced_uuid": "7ba25183-ea7a-48a7-b08f-384f93f21ee4", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-bdc0-493b-90c5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "705bc00c-4f23-4477-b3c0-834c8ea98091", "value": "7c035bdc6ee262702bf9620c9d47db0a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "efd33ca8-fe28-4dfe-8374-dd87fdd66b9c", "value": "acbb0cb398b030c2071cc0a23136dba0177c5903" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "2d697e0a-5851-4353-a2dd-131e7c3e7514", "value": "f7e080a60a2b820f8860af7f197f29d32aab6f38ac9c9074aa906b20cfed5918" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055758", "uuid": "7ba25183-ea7a-48a7-b08f-384f93f21ee4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "6fb3373f-a179-4b37-8009-65c805b7ff64", "value": "2019-11-23T22:36:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "0c9222b0-c645-473e-a69d-b54d8ddf75dc", "value": "https://www.virustotal.com/file/f7e080a60a2b820f8860af7f197f29d32aab6f38ac9c9074aa906b20cfed5918/analysis/1574548595/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "33ce2e85-ca61-424f-bf81-8cea65657338", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055759", "uuid": "6f33a2fe-f083-4989-bae7-70dcea2414de", "ObjectReference": [ { "comment": "", "object_uuid": "6f33a2fe-f083-4989-bae7-70dcea2414de", "referenced_uuid": "e8fae15e-e914-4136-b3f0-1d718f31713b", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-b200-4ffc-882f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "adcc2f49-d539-48d6-b360-7541b65bc06a", "value": "040ead0c689937edb9c777e56b2f704d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "8b55333e-49e1-43a5-9d33-9954e1bfd00b", "value": "6a0b009f4946cbdd67bfeaded2021ed3ee4be560" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "1e78c73b-5f2d-40e7-a54a-8509862a2915", "value": "576b5faa19a20599f24a3322b098c214077112a0c1c96f5de5a1ee898595ad30" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055759", "uuid": "e8fae15e-e914-4136-b3f0-1d718f31713b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "1ed8361a-7e7c-4df8-ab57-6a381ce2181b", "value": "2019-11-21T10:40:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "9a88522d-e722-4149-be2b-3994a0fcaa92", "value": "https://www.virustotal.com/file/576b5faa19a20599f24a3322b098c214077112a0c1c96f5de5a1ee898595ad30/analysis/1574332823/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "da9def8e-029f-4602-afb4-434db4a0ec82", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055759", "uuid": "57c4c25e-09d4-4be9-bd08-f90fe51f8ed8", "ObjectReference": [ { "comment": "", "object_uuid": "57c4c25e-09d4-4be9-bd08-f90fe51f8ed8", "referenced_uuid": "c4096a02-42a6-470c-afa8-7e398c9440b1", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-a410-418a-84f6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "65c048ac-ccb8-4914-a080-29bb6eed02b9", "value": "2de6464e29658c2fc10ec9d5c379bc43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "eedc5ea0-1c78-4d31-a3d6-a640c7e6713a", "value": "38b8f70deabcb8e5a92adab0f4d953b786094462" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "05e56414-dbeb-4297-a89a-72dcc0dade6c", "value": "b16a89db2c9a766ac32fdd3898e5ca24b1bb755ace6c7438585ce72f5239f48a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055759", "uuid": "c4096a02-42a6-470c-afa8-7e398c9440b1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "75336682-d559-4ae7-9c11-77b790f90474", "value": "2019-11-14T09:09:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "59e7bd1d-b1ed-4fd2-a908-498ac8ba0cca", "value": "https://www.virustotal.com/file/b16a89db2c9a766ac32fdd3898e5ca24b1bb755ace6c7438585ce72f5239f48a/analysis/1573722594/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "a38a4813-a613-422d-a1db-ee8a72baf444", "value": "39/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055759", "uuid": "a1e23920-9593-42e0-a5af-ebf55ba78815", "ObjectReference": [ { "comment": "", "object_uuid": "a1e23920-9593-42e0-a5af-ebf55ba78815", "referenced_uuid": "9fc57478-7b97-4f3f-bb63-7ef94c4b4217", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-7614-48a9-abcc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "eeb4a987-df52-4971-8153-ef7b0a2f872f", "value": "c0897a4766a47d2a32b1e9d703933c6b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "f842d8e7-1884-44fd-87a8-2990bd0c4c06", "value": "d8ed96918b0ab77cf1a06ae9974a45c13419625c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "138523be-b44d-4b60-8c12-6c5d9daba90a", "value": "878eaace41f3e112afa57f52541613cd126979bede58b0a7eea091a057e75e88" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055760", "uuid": "9fc57478-7b97-4f3f-bb63-7ef94c4b4217", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "02800f88-7a80-4df5-9c48-214f7098c7ba", "value": "2019-11-29T04:51:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "21620a6e-4889-4f50-a2d5-0a9d52636d99", "value": "https://www.virustotal.com/file/878eaace41f3e112afa57f52541613cd126979bede58b0a7eea091a057e75e88/analysis/1575003063/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "1ec8e764-7516-41a0-9127-463fd66c4f34", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055760", "uuid": "8bdf4abd-0227-4932-81a2-3e4852d27812", "ObjectReference": [ { "comment": "", "object_uuid": "8bdf4abd-0227-4932-81a2-3e4852d27812", "referenced_uuid": "5540ba5e-d7d3-49c6-b9cc-e12710b055ff", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-7f0c-4dcc-847a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "1a3e5e06-5d97-480e-8202-963f0d1d33ce", "value": "bd7dea5b1975a525dbe30591b053a95f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "a63603ea-c0d6-4882-8f34-37d56a2e29a7", "value": "3508e91c858ff8d9a3b2224dacb4a2eaa783f3df" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "7a266bb6-bec9-49dd-ac8b-ea9d70f2cc88", "value": "f586ffd811378d6d3b706c5792b23cee7aa320ceea9694544f38ecc7983261c8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055760", "uuid": "5540ba5e-d7d3-49c6-b9cc-e12710b055ff", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "ee12cbd7-df54-4ec5-8364-3c544af85a6b", "value": "2019-11-29T04:25:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "391d9394-684d-4ee3-9f5c-2d659a7ae714", "value": "https://www.virustotal.com/file/f586ffd811378d6d3b706c5792b23cee7aa320ceea9694544f38ecc7983261c8/analysis/1575001526/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "86c86c13-b71b-4323-ba35-08c461983148", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055760", "uuid": "0d3626c4-d758-46c4-b1f4-f3ffb75548a5", "ObjectReference": [ { "comment": "", "object_uuid": "0d3626c4-d758-46c4-b1f4-f3ffb75548a5", "referenced_uuid": "ad748a67-b407-48c8-b20e-13d19eca50f7", "relationship_type": "analysed-with", "timestamp": "1576055894", "uuid": "5df0b456-0ac0-443b-852c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "d3755a20-0a5a-420a-b527-898a3b93ed36", "value": "ff01685eb2dc7fac5a671d4f00c24ded" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "acb54e8b-a7a6-4169-bcff-2cee3073723f", "value": "4ea5d730dfcd8784a95f142eb3c9093243d2c89d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "4e601e9d-a26c-4502-b857-7200b64d1514", "value": "c7baf739c5a78fda1d3aa48f71cefe7cec070c71ece8940566b398ab135e71b4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055760", "uuid": "ad748a67-b407-48c8-b20e-13d19eca50f7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "d107bb09-d8cf-4a08-9f5e-0fd4c91a1ff0", "value": "2019-12-01T04:57:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "ea6c8369-aa14-4b6c-8d5d-7255d68cf740", "value": "https://www.virustotal.com/file/c7baf739c5a78fda1d3aa48f71cefe7cec070c71ece8940566b398ab135e71b4/analysis/1575176241/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "449f3439-f8d9-42b9-9f85-af03d9210021", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055760", "uuid": "d7f97683-565b-42a0-97d3-bdb65e2fbd93", "ObjectReference": [ { "comment": "", "object_uuid": "d7f97683-565b-42a0-97d3-bdb65e2fbd93", "referenced_uuid": "1f667321-a70c-4b3c-92f3-4d1cd1683aca", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-1034-43a9-86c6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e626f998-f6f5-4c42-a83e-e31c848339ff", "value": "1ac2612dd4175b1f133e6336d859efc3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "90a5b102-e606-4915-ae7d-ee896cace425", "value": "40c7411689de5bb0cf59bd5d86a960ce13dd387b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "4fe7b7d3-d072-421c-a0c5-f043f1393fdf", "value": "fd55e025bb06dd688ed8aafae68f613d886184e93e7967d4a55dbb051ea48c40" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055760", "uuid": "1f667321-a70c-4b3c-92f3-4d1cd1683aca", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "675f2806-d26d-4627-bf7b-552fe327a0bb", "value": "2019-12-03T21:37:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "2afd9344-e812-4435-ab37-468c5042bc8a", "value": "https://www.virustotal.com/file/fd55e025bb06dd688ed8aafae68f613d886184e93e7967d4a55dbb051ea48c40/analysis/1575409050/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "0cdb5f68-9394-44d4-bd5c-bb54bf101cc9", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055761", "uuid": "32f451eb-9169-4c12-a78e-e55862a94f17", "ObjectReference": [ { "comment": "", "object_uuid": "32f451eb-9169-4c12-a78e-e55862a94f17", "referenced_uuid": "ea9d219d-6734-4c30-9739-4fd946062bf9", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-9224-4b2a-b92c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "46da56cb-50ab-4b83-b85b-d6db1836ed09", "value": "3788f92fbe91fd10b0f87b35e069b128" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "09867e56-b1bf-48a1-a81e-f8506cf2fa5a", "value": "aeaf302fd00a58d6959ce5096d0ffd7b24ea4e1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "1d734d90-2692-40c3-a96f-9900bfbd48bc", "value": "cbfae70f76b555df5c045a3236d56a8b3bdb7b80d05119658898b423f50c4293" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055761", "uuid": "ea9d219d-6734-4c30-9739-4fd946062bf9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "c69414ce-a2e7-4d41-b5c0-beb92ebb3c96", "value": "2019-11-22T00:58:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "733cfe7e-0926-49c2-933e-bc434acea8b4", "value": "https://www.virustotal.com/file/cbfae70f76b555df5c045a3236d56a8b3bdb7b80d05119658898b423f50c4293/analysis/1574384315/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "a753a6d7-d09c-4dc7-882d-9ec25870608f", "value": "43/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055761", "uuid": "8111e71b-c902-4992-a2bd-f5a9614cdbbc", "ObjectReference": [ { "comment": "", "object_uuid": "8111e71b-c902-4992-a2bd-f5a9614cdbbc", "referenced_uuid": "04d5b57d-03a9-453f-b7a6-2f16a70b721a", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-df78-4872-bffa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "f48f0adb-d2ed-4bf0-9d0b-002e1ad217e5", "value": "368cf682cde5389cbe9b5cfbda80b8e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "69b0a0e1-706b-4605-911d-cf90cccd2568", "value": "d0445f6fb9f81e749378a4088c92caab825a46d4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "c07360b4-ebc8-43ab-85d8-733a2abc3139", "value": "77cf0d5a5c3c8256ce3ebb1ed3c3937c181cf717986bb64d8457143171736197" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055761", "uuid": "04d5b57d-03a9-453f-b7a6-2f16a70b721a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "100849e6-4403-457b-aab1-ee7538f480cc", "value": "2019-11-28T10:26:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "29dc8e36-5fe0-4770-a6bc-159b5e83459e", "value": "https://www.virustotal.com/file/77cf0d5a5c3c8256ce3ebb1ed3c3937c181cf717986bb64d8457143171736197/analysis/1574936813/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "e5b5331d-431a-4730-af1b-1eec2271db9e", "value": "51/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055761", "uuid": "fa6205a7-6a6e-4801-89e7-8f25ba199a68", "ObjectReference": [ { "comment": "", "object_uuid": "fa6205a7-6a6e-4801-89e7-8f25ba199a68", "referenced_uuid": "6ad6afec-cb00-419d-a3e4-a1b88248047c", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-509c-4be4-8ba9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "283f71aa-003a-4373-b8f9-380fca0008b2", "value": "08761d9cba2654ba79465c54e19316e4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "efc74f88-1838-4a0f-a79e-5dd1429631f4", "value": "a68a67aebaba4b69bf4cc728f5e0331feb2e6e5e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "671add75-ee89-4baa-be5a-1f4f8f60a388", "value": "56919d739ea0b1107916a790cc2bf270afc21693b0f4c31a0bbdc9b5a70cf81a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055762", "uuid": "6ad6afec-cb00-419d-a3e4-a1b88248047c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "f9f934a6-d28a-43f1-a25b-772867acbf12", "value": "2019-11-10T14:41:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "ee9b2c32-96b9-48dd-9685-9d2659b52356", "value": "https://www.virustotal.com/file/56919d739ea0b1107916a790cc2bf270afc21693b0f4c31a0bbdc9b5a70cf81a/analysis/1573396864/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "72d5b1d9-8ef5-47f7-82dd-c4c74a99777a", "value": "38/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055762", "uuid": "2fc50d7f-d453-4546-a345-d4bed46eee2f", "ObjectReference": [ { "comment": "", "object_uuid": "2fc50d7f-d453-4546-a345-d4bed46eee2f", "referenced_uuid": "749f12c9-3e05-463d-9c48-5476c87c8a36", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-229c-407e-95d2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "2f4074c3-f4d3-42f4-9c3a-9c2199e24a06", "value": "50364f98ca64578bd53dad72582e6586" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "3d3c3652-b43d-4bdb-9bac-72bd8ef46654", "value": "2ba2f1b8c2971cccea5e4ec67ea2cd5ceeaa5dd8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "29bd7805-6c7b-4053-8f5f-a1d39c2a3d99", "value": "bea877537fcc69ad507962979b853651d7871edcdb286dfb42636203241dd287" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055762", "uuid": "749f12c9-3e05-463d-9c48-5476c87c8a36", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "d6c2168a-ae74-4dde-898c-1b81287cb979", "value": "2019-11-16T09:38:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "de5248d9-2339-4b2b-9d92-7718d73cd4ae", "value": "https://www.virustotal.com/file/bea877537fcc69ad507962979b853651d7871edcdb286dfb42636203241dd287/analysis/1573897112/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "084e2e87-9ed8-4aab-b90a-5dcf3e7302a0", "value": "46/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055762", "uuid": "58af372b-6894-4460-9af9-6a6494e62084", "ObjectReference": [ { "comment": "", "object_uuid": "58af372b-6894-4460-9af9-6a6494e62084", "referenced_uuid": "fa5519fa-76cd-4283-be2e-cf479c538281", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-4114-42c3-9dfc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "bb617d88-5992-4cd5-9b87-7831e6093189", "value": "c4e50c3656d8a066d0e7fc974cfd602d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "fe372a33-809e-4be6-a0a3-73e63c1ee8be", "value": "2ec190251edec89a0f0b6d6bb26cc77945517652" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "7e6a9ffe-d59f-471f-91bb-acca0007e28b", "value": "31fb9cc444848fe2c0b178119d5080419347f6dfdf76bf820834ad750285faa5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055762", "uuid": "fa5519fa-76cd-4283-be2e-cf479c538281", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "f4b1c68a-57b8-4937-8542-fdf05bd55a3a", "value": "2019-12-05T05:48:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "659e77af-b301-408c-a20a-d6a42cb135a4", "value": "https://www.virustotal.com/file/31fb9cc444848fe2c0b178119d5080419347f6dfdf76bf820834ad750285faa5/analysis/1575524888/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "453f188f-3a94-4df0-9bd9-566205308886", "value": "58/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055762", "uuid": "d1910cab-795c-4542-95fb-09893adc810f", "ObjectReference": [ { "comment": "", "object_uuid": "d1910cab-795c-4542-95fb-09893adc810f", "referenced_uuid": "39f75481-6d10-4b0c-81c2-27d908d8d24e", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-2728-4974-a39f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "851cfbd0-0e25-46e7-b075-27dc03dd92e8", "value": "84d00f26ceb715c12a32b902240cf746" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "f35c1b4b-32e9-4307-a653-3782689dfd18", "value": "fe10e2607dd230406f0792c50489cc54275b72d4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "56883a74-9950-43aa-a5da-cf98241e3c5f", "value": "608aa2fb4ceae9b590a2bf265e7e7a44337ed8c20f1884db16ab91b898bffbb3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055762", "uuid": "39f75481-6d10-4b0c-81c2-27d908d8d24e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "19dc5dd1-fd0a-497f-bc16-2807aed96a04", "value": "2019-11-28T01:40:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "74178fff-1e9e-404d-aff2-79c35042ee03", "value": "https://www.virustotal.com/file/608aa2fb4ceae9b590a2bf265e7e7a44337ed8c20f1884db16ab91b898bffbb3/analysis/1574905244/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "4b696362-b431-4616-ab2e-04d2f99b7a53", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055763", "uuid": "2dd3a782-5257-4c38-916a-9a98c9b58666", "ObjectReference": [ { "comment": "", "object_uuid": "2dd3a782-5257-4c38-916a-9a98c9b58666", "referenced_uuid": "ee72a41f-34bc-43d4-93b4-6e7513bd3162", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-ae7c-41b9-a7c0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "15412462-bfbc-4629-bd88-f12ca39a58bc", "value": "e84d420f975dd7b30b40a3727f355b5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "f299ef95-81ae-4843-b640-2465f86b8037", "value": "aebbf24cffc5a10315b0a81c3d4e18aee06a28ec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "e9c665da-559f-472e-aeb4-daa76f6c87d4", "value": "01f9ed2163e7decb379aaffaa35d0307b95c9ade7a1e20d476127867a3ea8256" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055763", "uuid": "ee72a41f-34bc-43d4-93b4-6e7513bd3162", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "42f13db6-8965-4ded-8db1-d9b395e65a9c", "value": "2019-11-10T22:38:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "ccc39595-e504-4c4d-a5b5-65f1b41800a7", "value": "https://www.virustotal.com/file/01f9ed2163e7decb379aaffaa35d0307b95c9ade7a1e20d476127867a3ea8256/analysis/1573425537/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "1d5315de-3232-4a87-af0b-075b41c00647", "value": "34/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055763", "uuid": "62d23ea3-e22a-4cf4-9217-0e679882cc83", "ObjectReference": [ { "comment": "", "object_uuid": "62d23ea3-e22a-4cf4-9217-0e679882cc83", "referenced_uuid": "eca2a236-4a01-4a6a-914e-e95542c236c2", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-d5a8-4e48-a995-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "de794cae-0dcc-4e0a-a9ce-8edd81566b51", "value": "bd97324f16e3731a4d63e9c15405b787" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "0b6de3d9-8c69-468d-843a-25d8fd7c6afa", "value": "4995d1e40bbd88591b55f54797420632f07b8d82" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "d4bb4345-e01e-4c75-a12e-026c077ec943", "value": "d00379abaf3060b9848ba406daa5948978df60429bbb447d629a0b233e60d112" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055763", "uuid": "eca2a236-4a01-4a6a-914e-e95542c236c2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "b90323b6-ab87-43c9-9629-2cf8a421d51a", "value": "2019-11-13T10:18:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "ed9cde54-4d6e-4022-a86d-a66e905d9a48", "value": "https://www.virustotal.com/file/d00379abaf3060b9848ba406daa5948978df60429bbb447d629a0b233e60d112/analysis/1573640304/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "f7a884b5-6de9-43aa-9108-7254689504c6", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055763", "uuid": "553f485e-b4d6-4cd9-a92f-f8f1f089fbcd", "ObjectReference": [ { "comment": "", "object_uuid": "553f485e-b4d6-4cd9-a92f-f8f1f089fbcd", "referenced_uuid": "af0a31eb-cf9d-442d-aae5-a1b510d0154e", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-5608-44e0-a74f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "66b84739-443d-4ecb-9753-e9c10fe13ccc", "value": "00d2c6a74b350734499317fe95951a0e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "c1805d56-3b28-401d-865b-1735e96abe89", "value": "326eabe29bcf100b15c6ede73190120366e4280e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "92e3d787-8992-4fe6-95a3-8c2d5f879acb", "value": "cd6247e8d69ce5e882e8efc8a4201ac3e3a61bd358a4501ed7ea23b5f95a7f39" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055765", "uuid": "af0a31eb-cf9d-442d-aae5-a1b510d0154e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "c157812f-ac07-481a-9699-95c12fd512c1", "value": "2019-11-09T01:20:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "0153bf74-6dbf-47cf-b4ba-7c80b099527f", "value": "https://www.virustotal.com/file/cd6247e8d69ce5e882e8efc8a4201ac3e3a61bd358a4501ed7ea23b5f95a7f39/analysis/1573262405/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "9e81f368-9aeb-420e-859f-950b12a1c373", "value": "41/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055765", "uuid": "12f133d3-37da-434d-b28f-f13998690487", "ObjectReference": [ { "comment": "", "object_uuid": "12f133d3-37da-434d-b28f-f13998690487", "referenced_uuid": "d6981862-91dc-42bd-afe4-78e54660f67c", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-a210-438c-8a48-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "c072bb02-fed0-4d7a-8155-431059c0010d", "value": "d116cabcc0df469b1b968374ce32167d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "02d231f0-9741-413c-89f8-872d68ae75f0", "value": "0d4de96b5da6f27836fd217ac5986ad22b440576" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "3f322271-5cf1-41b1-b592-e1cde8239756", "value": "5a029e225cd1e877ac6907bac15b0d9ca8a523d8641c40b56c7e06959f2285bf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055766", "uuid": "d6981862-91dc-42bd-afe4-78e54660f67c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "687b3716-fb46-49d6-aee8-3bb9ec9c1386", "value": "2019-11-30T07:29:07" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "7b28d436-2fca-4d32-90f4-c8af2d1469b7", "value": "https://www.virustotal.com/file/5a029e225cd1e877ac6907bac15b0d9ca8a523d8641c40b56c7e06959f2285bf/analysis/1575098947/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "6b08d83d-52ea-478d-8953-9b1e3e60c2b0", "value": "55/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055766", "uuid": "8d4d08fa-89fa-4a93-ae47-e6c385a9692a", "ObjectReference": [ { "comment": "", "object_uuid": "8d4d08fa-89fa-4a93-ae47-e6c385a9692a", "referenced_uuid": "121ff0cb-3515-41f2-a7f0-517f4734cb74", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-e3cc-4b7b-b4de-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "39d55fb3-618a-4d95-94be-b8c435600da3", "value": "c122194ee78fcf69b77214e77dcad493" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "02c4a533-c0e9-4d01-be12-4a02923c790c", "value": "17fef3496496131a2caa81667ae295a57824fe76" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "1f70ccce-3c00-4bd1-96bf-4b17ee540670", "value": "e781a624c56b45e8fcd37d57426fc03a7fe86a750b9885b75ad873086cca3b82" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055766", "uuid": "121ff0cb-3515-41f2-a7f0-517f4734cb74", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "76964b96-24c8-4053-aa23-70dadf21a57e", "value": "2019-11-16T07:07:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "0fe5db58-0b88-452d-8550-f64b81fc2bc6", "value": "https://www.virustotal.com/file/e781a624c56b45e8fcd37d57426fc03a7fe86a750b9885b75ad873086cca3b82/analysis/1573888074/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "e3eb03e0-bce5-4b6d-bf37-fbd503c2b0e0", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055766", "uuid": "dc27e937-a3fc-426a-8b8f-c2b01362dfb6", "ObjectReference": [ { "comment": "", "object_uuid": "dc27e937-a3fc-426a-8b8f-c2b01362dfb6", "referenced_uuid": "3aa13296-74d0-448f-946e-4d8dfea79884", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-9ec4-44f5-90c9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "12c38a79-0f16-473e-8975-7803d7a34d48", "value": "c78e60a0f9b8b173a70f72560b596bf7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "f4eb16d4-210f-444a-ac6b-13bba98df108", "value": "02704aa7de91d8eec4752cca4530f03e3b24d764" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "e822c62c-5490-46b0-b841-cda29bdf1663", "value": "b6f6a90c9aeea1c1cd79ad4c090ef6e7586f8b1ac4e3c81b16e8970de240d821" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055766", "uuid": "3aa13296-74d0-448f-946e-4d8dfea79884", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "da3903bf-f82e-4d6d-b8d2-59b5691d39e9", "value": "2019-11-18T07:37:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "cc691dec-67fa-445c-991c-c78c17cc4409", "value": "https://www.virustotal.com/file/b6f6a90c9aeea1c1cd79ad4c090ef6e7586f8b1ac4e3c81b16e8970de240d821/analysis/1574062637/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "494e96b5-08d2-4599-8847-b675d1d19ec3", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055766", "uuid": "8be3bbf6-0270-4d09-8f15-278921cb1395", "ObjectReference": [ { "comment": "", "object_uuid": "8be3bbf6-0270-4d09-8f15-278921cb1395", "referenced_uuid": "9ed15da6-ed0b-407b-b586-a94afc851003", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-6d68-42b4-a71a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "6ebc3fba-4d86-4839-8d9c-b5f6ca38a472", "value": "3f0a2559f09566c7f903dfee7d260294" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "33aaaa8f-0369-4901-add2-722cc5a4eea4", "value": "dc0936bdc57e0da6ef96e787f4784756e75c5e48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "009c419d-459d-45e2-b205-92da58572515", "value": "9ce1f1342c2da8446fdf6b79267cd4ce15d00fbd890c6e59abf5d7a90f988cc9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055767", "uuid": "9ed15da6-ed0b-407b-b586-a94afc851003", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "d84f0b83-99ad-4d6f-ad08-85b5ed49d9b9", "value": "2019-11-26T13:42:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "cbb5269c-43b2-4662-9775-79f74bc9e7f5", "value": "https://www.virustotal.com/file/9ce1f1342c2da8446fdf6b79267cd4ce15d00fbd890c6e59abf5d7a90f988cc9/analysis/1574775761/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "6c3fe6d7-7537-47a6-a0e5-e70463218130", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055768", "uuid": "891011ce-df32-48cb-8d94-65d3fc5f8682", "ObjectReference": [ { "comment": "", "object_uuid": "891011ce-df32-48cb-8d94-65d3fc5f8682", "referenced_uuid": "c5d5ae0f-a526-4531-9348-a609323990d3", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-93f0-4424-b590-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "cd0b738b-0dbb-4f2e-a081-e7b5bd268211", "value": "421d215bb3d34d5a2440d5d3cc7503c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "a987b015-7747-4ef8-861d-46f85edeabf6", "value": "979f9166ca8bbad324e9fd538b6ee2fe135770e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "2d320e50-691d-478d-9453-fdebe76d235c", "value": "b9b546dfbe34a6256c093ad7688cb447b89de2f9916dc073e6f7951a3ebbc830" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055768", "uuid": "c5d5ae0f-a526-4531-9348-a609323990d3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "b03a6dc9-3378-44f3-b53d-6376238c333a", "value": "2019-12-03T00:50:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "690c54c6-d3c3-4f76-84cb-861f853dd4d2", "value": "https://www.virustotal.com/file/b9b546dfbe34a6256c093ad7688cb447b89de2f9916dc073e6f7951a3ebbc830/analysis/1575334205/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "dc137f92-cea5-45a2-9d08-d0617c1c2d31", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055768", "uuid": "e65cdafa-8fda-4c15-b765-517ea37e400c", "ObjectReference": [ { "comment": "", "object_uuid": "e65cdafa-8fda-4c15-b765-517ea37e400c", "referenced_uuid": "dd269146-131f-4691-8c24-a2ae13fff493", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-d548-4187-8aca-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054938", "to_ids": true, "type": "md5", "uuid": "f21f069c-4fa9-4c01-a029-37f75a45d97a", "value": "8861409bbcd1e9141a0601efd8933c02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054938", "to_ids": true, "type": "sha1", "uuid": "df65b41e-e130-4397-91e5-e89c8389b5c4", "value": "6991177cd881e3973d7abdf41434a30f0431c3e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "407cef93-d76e-4f52-874d-b648c65891c9", "value": "9abc76cbab014199ecb4282d0a367017779ffdb76ba826d37efd2eec2f037bc2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055768", "uuid": "dd269146-131f-4691-8c24-a2ae13fff493", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054938", "to_ids": false, "type": "datetime", "uuid": "4154a86f-feab-4983-a910-d14175f2af20", "value": "2019-12-11T04:56:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054938", "to_ids": false, "type": "link", "uuid": "5a31ca01-2520-477f-b331-866f9bb72008", "value": "https://www.virustotal.com/file/9abc76cbab014199ecb4282d0a367017779ffdb76ba826d37efd2eec2f037bc2/analysis/1576040166/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054938", "to_ids": false, "type": "text", "uuid": "3aabc804-2e0e-436a-b47d-8e1461ad5c32", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055768", "uuid": "e00c6822-899d-4ec6-85ae-67a45dc2e857", "ObjectReference": [ { "comment": "", "object_uuid": "e00c6822-899d-4ec6-85ae-67a45dc2e857", "referenced_uuid": "eeb4ab97-a3f9-4995-be2a-ae76257f32e7", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-4370-4018-8bc0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "b72567ce-9656-4e61-adc1-0522598cb970", "value": "d6c3f47b3532f05363ea637f07d89fdb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "ace88fe5-e965-477a-9a20-7617d12704ca", "value": "796ae58666fdd7f840dbb445525115cdd34740e2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "581f0432-3411-4dcf-b033-f6ea245ee810", "value": "590752a39996f425b0a0033329dd816c195bade99edd7f4c7aadba84f1744eba" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055769", "uuid": "eeb4ab97-a3f9-4995-be2a-ae76257f32e7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "d2bd485c-ca43-49d5-975a-0eaf5efb9ece", "value": "2019-11-28T20:40:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "bb9e01c6-60e1-4539-8a57-7060bf22aa5f", "value": "https://www.virustotal.com/file/590752a39996f425b0a0033329dd816c195bade99edd7f4c7aadba84f1744eba/analysis/1574973615/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "68967b09-72d6-4371-9897-4ab994785794", "value": "54/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055769", "uuid": "75925d56-de1c-4741-8536-dd11890d8059", "ObjectReference": [ { "comment": "", "object_uuid": "75925d56-de1c-4741-8536-dd11890d8059", "referenced_uuid": "5bfa528d-17cb-48c0-842a-d6eaa50ddd6c", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-77c4-4e40-8c1b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054851", "to_ids": true, "type": "md5", "uuid": "bc8a1441-cc27-4982-943c-80c0d5c2acb5", "value": "4a094b1135d08c6b3db24b22388c8e2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054851", "to_ids": true, "type": "sha1", "uuid": "36e9066c-7aa7-4af0-8760-6c3012c35a7f", "value": "99a1558be9cbc1f8e5bcafbcceff1cc801b4abf1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054851", "to_ids": true, "type": "sha256", "uuid": "d68d7e09-f1f8-4fe7-b55a-e9304706d490", "value": "4bdb662003f9b91c203c140ea95e96f6795ebcc4eeaae68bfb8f82918872e511" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055769", "uuid": "5bfa528d-17cb-48c0-842a-d6eaa50ddd6c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054851", "to_ids": false, "type": "datetime", "uuid": "3f193854-b5e1-4286-88ed-f0c365fbed92", "value": "2019-11-16T14:13:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054851", "to_ids": false, "type": "link", "uuid": "473386eb-eb31-4337-b78d-49b77b15c48a", "value": "https://www.virustotal.com/file/4bdb662003f9b91c203c140ea95e96f6795ebcc4eeaae68bfb8f82918872e511/analysis/1573913627/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054851", "to_ids": false, "type": "text", "uuid": "65cb4666-ba15-47fb-9874-f8382c8de10e", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055769", "uuid": "ad7fdb40-e118-407a-9787-47f0c12ca2f9", "ObjectReference": [ { "comment": "", "object_uuid": "ad7fdb40-e118-407a-9787-47f0c12ca2f9", "referenced_uuid": "238e6584-fd2a-4ad0-8b8a-267df462773f", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-c490-49c8-9dab-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "d4af8964-f337-4ed3-8652-b62b2a8a2f40", "value": "7064fb6208a40991a295c2c2d8768c93" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "2f62ebc3-3a2f-4a2c-a41b-97043b8a8bfa", "value": "bc7d618036265968e775eab59109bbc3f9de0098" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "dcb8f05e-1c6a-425c-913b-631f76937113", "value": "b09e5f96a0eb011cdc9aa3a223c00459a2778a74f2d1f0fad982ac6ffc3157c2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055769", "uuid": "238e6584-fd2a-4ad0-8b8a-267df462773f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "2577498f-cb87-45db-91d4-dfae14bbf042", "value": "2019-11-21T10:47:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "b671f443-8e98-4b8d-93f1-af44f58d2c7a", "value": "https://www.virustotal.com/file/b09e5f96a0eb011cdc9aa3a223c00459a2778a74f2d1f0fad982ac6ffc3157c2/analysis/1574333273/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "a1ed0548-d2bb-4934-8aa7-9e172821179e", "value": "48/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055769", "uuid": "902ed478-e91f-489e-806f-1ef9bdca36b6", "ObjectReference": [ { "comment": "", "object_uuid": "902ed478-e91f-489e-806f-1ef9bdca36b6", "referenced_uuid": "6aa52ea5-c087-4ee5-82c3-7cfab18678ec", "relationship_type": "analysed-with", "timestamp": "1576055895", "uuid": "5df0b457-546c-4b8e-9b48-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "a79b3d17-f1fc-4eb8-9f31-9089a6c67003", "value": "60ba121d4dc5b514e1c9617178db7794" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "86100086-098c-49ce-a269-9df945d76947", "value": "747e077cfdf3e60f94d46b63eae01246bc3acab8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "b2b7e314-fdfe-4379-98a9-c43d021ab569", "value": "ab6792b3d193042bf502069939c409e15715efcc86b4d03410ffcb6eb4779b5c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055769", "uuid": "6aa52ea5-c087-4ee5-82c3-7cfab18678ec", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "78dbdc5f-3ed4-4823-9cc3-638f9d198c47", "value": "2019-11-29T06:06:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "f8f833b8-7a29-4b8e-80c1-b04326917fea", "value": "https://www.virustotal.com/file/ab6792b3d193042bf502069939c409e15715efcc86b4d03410ffcb6eb4779b5c/analysis/1575007612/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "d99d7dbc-90d1-4107-9bcb-a8962210a739", "value": "55/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055769", "uuid": "598b04ce-e5da-40e7-9864-faafb34ec389", "ObjectReference": [ { "comment": "", "object_uuid": "598b04ce-e5da-40e7-9864-faafb34ec389", "referenced_uuid": "c0d2a4c0-2180-4ade-a8a5-75fc536af3e9", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-fc54-4e0c-831a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "a6680e4f-9843-4bff-8c83-0aa1c020b8d0", "value": "5356f21a43153b6eaab6406fd64a427f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "a8515549-f599-4ab3-9999-79d7a6c4e873", "value": "591fbeaf2a098aa12133d56828a0bb49774cae7b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "b679a22c-f6c9-4ee5-8b66-11733e6c6e82", "value": "024efd926b745ad0e6a17407a0fb85844868daef8aacfc5c83ab34173c0036d2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055770", "uuid": "c0d2a4c0-2180-4ade-a8a5-75fc536af3e9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "11c0f5de-998e-4ca1-9abf-0a7ebd39aa06", "value": "2019-11-16T09:22:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b4fd01a8-82bb-44ff-a8d6-0e7135033ec3", "value": "https://www.virustotal.com/file/024efd926b745ad0e6a17407a0fb85844868daef8aacfc5c83ab34173c0036d2/analysis/1573896139/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "0e1ab7ab-ac83-410c-a34f-cb2bf9bdb161", "value": "45/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055770", "uuid": "6415e0f5-6146-43e0-bfb7-06ef088beccc", "ObjectReference": [ { "comment": "", "object_uuid": "6415e0f5-6146-43e0-bfb7-06ef088beccc", "referenced_uuid": "bec9b077-26d5-42fc-93e2-25690c9bb1a5", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-0a28-46cb-8d20-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "6741ac55-4d84-4f5d-adf5-ea5008a0fec6", "value": "2912756578c002783f4800992d32104a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "7cbd9004-671c-49b1-9375-ce314f1fe9ce", "value": "bffc7e6d9c1113208cb2e028ba0182dd86a42415" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "fe61ca1b-7439-4e42-86a8-5986fce75ec9", "value": "90d86f95cd827d8d1e9093257e118d59f7cfe02d869e52479a85673850e084e7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055770", "uuid": "bec9b077-26d5-42fc-93e2-25690c9bb1a5", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "7b9eafe4-4e57-4e15-a879-a68331c2d293", "value": "2019-12-04T01:40:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "9d053c55-297e-4f33-9dc9-8c452cd6c0f3", "value": "https://www.virustotal.com/file/90d86f95cd827d8d1e9093257e118d59f7cfe02d869e52479a85673850e084e7/analysis/1575423651/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "4bb573a7-a93d-45e3-9be9-5661d2a36dfc", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055770", "uuid": "f5fefe2e-5fc5-4a89-bb76-5a64c5775300", "ObjectReference": [ { "comment": "", "object_uuid": "f5fefe2e-5fc5-4a89-bb76-5a64c5775300", "referenced_uuid": "6642411c-81db-4e86-a094-aaa8caa8c6eb", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-6e6c-43bb-850b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "46cf4d50-3834-46f8-b7c3-d51b083789fd", "value": "759123209e632690cc02f7db2ea374eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "93b857f1-ef7d-403d-808f-6568f73ec8b7", "value": "d9286032b977f909fc2f8ee1da1a80bbb996199d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "85283429-8939-417d-8075-99703701c44b", "value": "ccbf899aa9f6c8b54ca16614053741007519febb63299e5435a3f6c690f3d0a0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055770", "uuid": "6642411c-81db-4e86-a094-aaa8caa8c6eb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "206efe21-0956-4168-9956-35be06e5f212", "value": "2019-11-26T13:52:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "f6918080-fd70-4e4b-84a3-d5f18938bf29", "value": "https://www.virustotal.com/file/ccbf899aa9f6c8b54ca16614053741007519febb63299e5435a3f6c690f3d0a0/analysis/1574776366/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "55d8e933-9a10-4023-8c28-60a397638bf7", "value": "56/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055770", "uuid": "95d32e3e-18d8-49ce-b395-25c9bd0e4d63", "ObjectReference": [ { "comment": "", "object_uuid": "95d32e3e-18d8-49ce-b395-25c9bd0e4d63", "referenced_uuid": "9b6e178e-5b5e-4b18-800c-6de5e925710f", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-2534-4148-bd40-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "2b4fa083-ded5-4b48-bee4-58d9cdf5b6c9", "value": "4dd41706aca9ec70494dd8ba532e3067" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "8ba43aa7-5309-405c-8280-300e233f387c", "value": "29df7529efcc96533906fe8febedbfc4ef5a59ee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "a37e15d8-c2ce-4cdd-b3b1-be42a18c86d9", "value": "9fd9100c7ca4b77e522e14b979a431e8cd2349a359b9e7cfd13a282291f7c8d2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055770", "uuid": "9b6e178e-5b5e-4b18-800c-6de5e925710f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "b729da63-b4cd-47d0-8a3f-92c24e557a3c", "value": "2019-11-10T22:35:44" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "4e5d719d-3d5f-4892-b6f1-d6c94fdf1bce", "value": "https://www.virustotal.com/file/9fd9100c7ca4b77e522e14b979a431e8cd2349a359b9e7cfd13a282291f7c8d2/analysis/1573425344/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "92f60c68-90da-45ac-adc2-e02f055a8c5f", "value": "34/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055771", "uuid": "aaab1a77-85aa-497f-b600-f08170e3dd11", "ObjectReference": [ { "comment": "", "object_uuid": "aaab1a77-85aa-497f-b600-f08170e3dd11", "referenced_uuid": "06013ee4-86be-4174-a724-c99d5ef046c7", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-1dc8-4956-9549-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "752c3148-e582-4ab4-8113-ce3b0cbef2b0", "value": "5d1c7b9b11230be7fab345d9d37e8985" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "e8faa340-fcc0-4218-b8cd-78dfd51ee6a9", "value": "a2c64b6001fa293f12c53e547f1eee2006a902f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "e0a93411-3338-412e-87e0-3c9a75c7ed07", "value": "64a8e288112a982aff6ca02c49a0ae0b2dd41d23b04433b93a573b62e43a441f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055771", "uuid": "06013ee4-86be-4174-a724-c99d5ef046c7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "4c57e1b0-0c25-4e47-8411-136bacbda36f", "value": "2019-11-17T08:52:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "a462fb61-0d3e-40d3-a0cf-60bcd7a0dbc2", "value": "https://www.virustotal.com/file/64a8e288112a982aff6ca02c49a0ae0b2dd41d23b04433b93a573b62e43a441f/analysis/1573980721/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "6dcb3d2b-051c-4b5b-b275-a4788e622491", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055771", "uuid": "6fadbbba-7434-4127-9bb8-937caf40dbe8", "ObjectReference": [ { "comment": "", "object_uuid": "6fadbbba-7434-4127-9bb8-937caf40dbe8", "referenced_uuid": "e875e51d-6da6-42c4-b9ee-6a7717def8e1", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-26fc-47e1-9458-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "33090a3c-8ae3-49c9-aa92-b41225c74100", "value": "29e363043d49225d30c55cfcd90ee340" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "c82c527a-9087-4281-b387-4361a6d194b8", "value": "560cb10fae5672ac186dbde639780ce49855dca2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "d358db2a-dc7b-4fae-ac72-1d5961207067", "value": "ae7d2ea6a9157f27aafa28d73808b959326bfb14597bdc4d52060b4fc76b8304" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055771", "uuid": "e875e51d-6da6-42c4-b9ee-6a7717def8e1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "d31270f9-483f-4837-91a5-babbdddb9d8d", "value": "2019-11-14T09:10:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "90c1f6d9-bb44-4ef8-9c80-f2fe23bab6db", "value": "https://www.virustotal.com/file/ae7d2ea6a9157f27aafa28d73808b959326bfb14597bdc4d52060b4fc76b8304/analysis/1573722647/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "fdd01cbc-be85-4177-986b-4de0beb34ff7", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055771", "uuid": "3fe4d794-f60c-4345-8996-2d65560e411e", "ObjectReference": [ { "comment": "", "object_uuid": "3fe4d794-f60c-4345-8996-2d65560e411e", "referenced_uuid": "4ee103d5-0790-48b1-9407-e91e67854c3a", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-cc3c-4971-aef0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "d89d7ff3-7094-4692-afbc-1cdb4e01b793", "value": "90eac308370dc3783455a9ed6d07f1d4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "d9a857a1-9655-4656-a5bd-a1267b5c9ce7", "value": "14611d3bb82663fbc89128400906b0e0378a8671" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "e6b51fda-45eb-4568-a6c0-ce021d5398a7", "value": "a1dce29debeaa91c77b2b14915408550d6ea9f56fb10ca17066d348759f8df20" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055771", "uuid": "4ee103d5-0790-48b1-9407-e91e67854c3a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "b6bf5307-eac6-4984-bc30-c0cca5121763", "value": "2019-11-12T16:05:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "1552d4d5-6595-4f2b-b988-a72505ef46c7", "value": "https://www.virustotal.com/file/a1dce29debeaa91c77b2b14915408550d6ea9f56fb10ca17066d348759f8df20/analysis/1573574746/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "49e2e7b1-9f11-4c80-a6b8-770cbe76bc8e", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055772", "uuid": "ecc40381-0188-4695-a7e1-1f8752dfdb9e", "ObjectReference": [ { "comment": "", "object_uuid": "ecc40381-0188-4695-a7e1-1f8752dfdb9e", "referenced_uuid": "f2ed2385-8cb0-4b23-9c45-6c5a682a2efb", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-b3b8-49bd-81ef-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "85764995-3d62-482b-ba03-8513fc5da238", "value": "7c1884dbb7ce0e7d1c80bd704b4e75ca" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "c9d176fd-4e19-4bbf-aac6-238c9fd4604d", "value": "b778745dfaa061429c637d13dba646325a61f716" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "da311b33-ec3a-4b4c-ba47-b1ba59c86fd7", "value": "6f38d55197506412ffb4e1563d1a4255000da0b125b6be7112c92555776c34bf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055772", "uuid": "f2ed2385-8cb0-4b23-9c45-6c5a682a2efb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "ac2e317d-e39b-4ffc-83ff-3ae1620cfc1f", "value": "2019-11-17T03:35:00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "466bcbbe-b92b-4b24-8d11-d7debb1349f3", "value": "https://www.virustotal.com/file/6f38d55197506412ffb4e1563d1a4255000da0b125b6be7112c92555776c34bf/analysis/1573961700/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "9bdd8397-66d0-434c-b406-9192458b486b", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055772", "uuid": "a4c4e3fa-fb63-4889-bdcc-743ed7a11eb8", "ObjectReference": [ { "comment": "", "object_uuid": "a4c4e3fa-fb63-4889-bdcc-743ed7a11eb8", "referenced_uuid": "232966f6-d638-4faa-b81a-66e273133adc", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-5ed0-42a0-91c6-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "159038f1-d5f0-4ede-b4a4-ef0b72589011", "value": "8de309f9ef3a09a205fba8ed7cb1c5ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "7042e37d-9c53-48ee-8693-798e6633aae9", "value": "2f218a0f316599f41ca07b5b119d6afd83021d91" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "e3b0768c-a85d-4866-ac16-ea08ba8b979a", "value": "ad573114b70a99dc487ad50eed634303c4acea26c0b26e456599971aa8607d42" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055772", "uuid": "232966f6-d638-4faa-b81a-66e273133adc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "2dab3770-3322-48e9-ac26-b97b0c2b779a", "value": "2019-12-01T03:36:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "cd873261-40d1-454d-8e7c-cc28f454547c", "value": "https://www.virustotal.com/file/ad573114b70a99dc487ad50eed634303c4acea26c0b26e456599971aa8607d42/analysis/1575171384/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "6ec319d2-cddd-48d9-bc58-169f5c862802", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055772", "uuid": "d2ff7c1d-b222-45da-84c2-110cd100ebfa", "ObjectReference": [ { "comment": "", "object_uuid": "d2ff7c1d-b222-45da-84c2-110cd100ebfa", "referenced_uuid": "8e781d79-b7cd-4978-8515-394ca1f48d91", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-cfb0-4c08-8813-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "d5333062-298a-46b5-aa4f-0d7d8a377ae9", "value": "50228707cc9c3a76215571def230dcce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "f4ad554f-c3f2-4e4d-bc51-323c5675d3be", "value": "794e546e64728082077fefccf095e5d2458f0d42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "08e4cb3d-28d5-4831-aa7d-13f9b022ad46", "value": "fb951bef895718adf17a3be416c9d56d6685e9faff8399dd80c36d98a98a9db5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055772", "uuid": "8e781d79-b7cd-4978-8515-394ca1f48d91", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "b918dda1-3821-4575-a82b-10d25be3008f", "value": "2019-12-01T05:02:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "264fadc8-fc05-445b-9019-8595980569ad", "value": "https://www.virustotal.com/file/fb951bef895718adf17a3be416c9d56d6685e9faff8399dd80c36d98a98a9db5/analysis/1575176576/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "86244421-caa7-4e15-ab7d-ed9358c9af93", "value": "57/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055772", "uuid": "0de6bc75-19c8-4f53-b103-bd92fc36f4f0", "ObjectReference": [ { "comment": "", "object_uuid": "0de6bc75-19c8-4f53-b103-bd92fc36f4f0", "referenced_uuid": "e0454c25-d52b-48f0-911b-72f128304322", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-9c80-46eb-be38-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "da3b1ff8-77ed-4b40-9131-8845af502296", "value": "65143a2e0ed552ce0729a5caa130f6a2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "40cb4afc-c837-4c33-89ce-728b87c8259f", "value": "489d201cd103ede64b149fe6bc84b920bed1e45b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "9da02926-2767-471b-a5c6-4e03732d7b37", "value": "2b8cafac06fc630b469df01db694a4616ca31fdb32b4ffea56ff514618fb6103" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055772", "uuid": "e0454c25-d52b-48f0-911b-72f128304322", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "94ee08aa-d8e0-47c3-b98c-59ad2adf14d5", "value": "2019-11-12T11:24:35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "028857a9-454c-45d9-8fbf-e3804683807f", "value": "https://www.virustotal.com/file/2b8cafac06fc630b469df01db694a4616ca31fdb32b4ffea56ff514618fb6103/analysis/1573557875/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "1f50c836-8090-48f0-8ac0-b08c8fe95bad", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055773", "uuid": "1214d8ae-4a94-44e3-b79f-d2e7afc0818b", "ObjectReference": [ { "comment": "", "object_uuid": "1214d8ae-4a94-44e3-b79f-d2e7afc0818b", "referenced_uuid": "4effd1bb-52d8-4f35-b34b-c78d591ce23c", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-b030-4944-9999-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "1a42a189-ad3e-49e9-9e56-1c3c7590a622", "value": "67892f55ed06726dbd158ae28375eea2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "e4582da4-107b-4093-b8f8-272fb478bf37", "value": "f0f9ac5c0c0f3547ca85f74c292188e1fc56c1e1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "f2658eb0-af3e-466e-ac0b-113e682831d6", "value": "94e129b1a140a2a53e25cdbfb0ffd2ff02dd306711ac5c038b1b124fe374036a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055773", "uuid": "4effd1bb-52d8-4f35-b34b-c78d591ce23c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "8927ab0f-125b-4736-a3b5-bf93825d1157", "value": "2019-11-16T23:40:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6ea5f052-3997-4d83-895f-ea9f5af85de7", "value": "https://www.virustotal.com/file/94e129b1a140a2a53e25cdbfb0ffd2ff02dd306711ac5c038b1b124fe374036a/analysis/1573947619/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "d02a1034-c32d-4822-a034-08554fe885c5", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055773", "uuid": "5d73fa50-2098-4266-bc83-0a9addca5070", "ObjectReference": [ { "comment": "", "object_uuid": "5d73fa50-2098-4266-bc83-0a9addca5070", "referenced_uuid": "c23e5d0a-9014-4fe9-a86e-d1d53fde3bdb", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-5330-420a-aede-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "aef82c74-b7e8-422e-ba90-f1de224ad908", "value": "c2bfca469b61a22def0cdebaf9a1951a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "cb611f39-501e-4156-b699-395353ef19e4", "value": "04b34173c49ee652ee1da8d2136157caf449f979" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "929d953c-e445-46ac-9a0b-e27f4292e1bf", "value": "f21d9a07d47f5e9e68f76084f09e7363bc9b5b4a7de3700d478f2b1bbe6e829f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055773", "uuid": "c23e5d0a-9014-4fe9-a86e-d1d53fde3bdb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "5c9b2390-bfc3-4707-9dad-5348cbd2cbc7", "value": "2019-11-18T07:37:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "0e79a206-4a5b-4c1b-94bb-0eb65a9186a2", "value": "https://www.virustotal.com/file/f21d9a07d47f5e9e68f76084f09e7363bc9b5b4a7de3700d478f2b1bbe6e829f/analysis/1574062641/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "6dfee67e-792e-46ed-afe8-2f0c4edd664a", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055773", "uuid": "08636a98-7447-4e50-9578-93efa2fef7c3", "ObjectReference": [ { "comment": "", "object_uuid": "08636a98-7447-4e50-9578-93efa2fef7c3", "referenced_uuid": "991a8a37-e9d6-418c-8f99-fa5cf626362a", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-1a48-4d1d-aa4d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "37f54593-e8d2-4797-bd02-d6ee7ccb47ab", "value": "438b2d80ce47bf354c577028df216d2b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "440bfc5f-72ce-4d3b-8245-e518aa2107c8", "value": "5ceb24515733494fafdf1f0ea28a028da610487d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "5b7322d4-de7b-4e83-8a4c-c1dc5f9ce7c8", "value": "2e8b35c7bbb105d779c8ee29f3bd89f1e1753cf1890df83388ceff019ddb7ab9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055773", "uuid": "991a8a37-e9d6-418c-8f99-fa5cf626362a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "e233b053-fb06-4f5f-8b86-029b54656b1a", "value": "2019-11-22T12:32:33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "5ef8f9af-592d-49aa-8e1c-e7e9c48ade1f", "value": "https://www.virustotal.com/file/2e8b35c7bbb105d779c8ee29f3bd89f1e1753cf1890df83388ceff019ddb7ab9/analysis/1574425953/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "b4b2ad0f-70d6-4205-9ec0-01e26ba01a02", "value": "43/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055773", "uuid": "f29547a7-5ec8-4bd2-873c-9c46e578c585", "ObjectReference": [ { "comment": "", "object_uuid": "f29547a7-5ec8-4bd2-873c-9c46e578c585", "referenced_uuid": "501a98f6-aaf0-4d27-8dc8-7d02d7cf0584", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-e200-404f-8082-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e25bba7c-c240-49fe-a230-ab7de03dc6c3", "value": "b52eca69455194fd13bdf303c60812c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "ee98f739-adf1-4194-94f6-5ac1290eafde", "value": "9b36d38956b94aed542e382634040c66ff717b63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "fe465367-6429-4f06-b4b0-12872a084dcc", "value": "bd0fdb7472b937dbc36b42e01c2b201fd7c8de76e0bf5f3c9b656cab78380c43" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055774", "uuid": "501a98f6-aaf0-4d27-8dc8-7d02d7cf0584", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "d51622ba-e806-4764-b6d8-20cc9861a18b", "value": "2019-12-08T19:08:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "ba41875a-bd98-4c0e-a407-2989eb95410e", "value": "https://www.virustotal.com/file/bd0fdb7472b937dbc36b42e01c2b201fd7c8de76e0bf5f3c9b656cab78380c43/analysis/1575832098/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "2836190d-ebf4-40ba-81a1-dd34ec51852b", "value": "59/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055774", "uuid": "0dca173a-8b40-47e3-8a33-dead4e124096", "ObjectReference": [ { "comment": "", "object_uuid": "0dca173a-8b40-47e3-8a33-dead4e124096", "referenced_uuid": "8b00d70c-2614-4efc-b5a0-a69f87d4cf0d", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-ecc4-4490-be76-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "2986ebae-5796-4701-ab03-2d294c0e0b3e", "value": "45d6e12832b30042daf0593a7c017cfb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "fd446c35-4379-4448-85ba-a15da3d0adfb", "value": "e9e90c4c4869775a321841e3263ca855b449be12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "07b1e95b-339e-43dc-8cbf-5d4b5c9218c3", "value": "603b8b68189d423aee83a9f2113d293538eb9d8f0ac4a58bda55734006734b4c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055774", "uuid": "8b00d70c-2614-4efc-b5a0-a69f87d4cf0d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "4de92a56-d0f6-4856-bb70-b201654506ce", "value": "2019-11-24T16:19:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "de5c5a1c-4904-4108-941b-b0d1718af9b0", "value": "https://www.virustotal.com/file/603b8b68189d423aee83a9f2113d293538eb9d8f0ac4a58bda55734006734b4c/analysis/1574612383/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "5c14244e-38fd-489e-ac85-baa53174bb22", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055774", "uuid": "0852caf7-8875-45eb-a91b-33d2334b172d", "ObjectReference": [ { "comment": "", "object_uuid": "0852caf7-8875-45eb-a91b-33d2334b172d", "referenced_uuid": "d4fdae16-e9e7-4111-ada2-171b8da4e5c8", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-02e4-4b3a-a771-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "2fa03bf1-f13d-41ec-9fa3-7c22a0c9d8dd", "value": "31bcc76678b75bb6296ee9ffa29a1683" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "164b8728-0d62-4011-90dd-168670b3d55b", "value": "4063db9e988a1c1662b7415bd94ea5c2f4a8fd79" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "9e488b2d-7b79-4888-8dba-b7b914ab96cf", "value": "876b129b5571a80390ff1b9420d6a422fffad80396cd524c8a28d79a594e5785" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055774", "uuid": "d4fdae16-e9e7-4111-ada2-171b8da4e5c8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "b6064c02-eeb9-4e04-9bd2-9b8d58605938", "value": "2019-11-10T13:41:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "4d1dc1d3-0649-41af-9ee4-5c050fcc95c8", "value": "https://www.virustotal.com/file/876b129b5571a80390ff1b9420d6a422fffad80396cd524c8a28d79a594e5785/analysis/1573393274/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "22da91f4-8919-482c-b30a-1b3aa5caab1b", "value": "39/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055774", "uuid": "3cdd59f8-6d0e-413e-b96b-4ac44e6ce56c", "ObjectReference": [ { "comment": "", "object_uuid": "3cdd59f8-6d0e-413e-b96b-4ac44e6ce56c", "referenced_uuid": "2ffce14c-5ef9-4e63-ad94-9d81c43da9b0", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-ea48-4445-8c21-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "2df14d7a-5e69-420c-b49c-450ceb208d9c", "value": "7352a511b046731aa519088cccb591b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "c20d3735-723a-4aee-a891-62dbf2deddd7", "value": "250ae0b45c11af0771a204e6b808ae8621119736" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "dc71f7f2-c1cd-4650-8a1b-75432af28a2e", "value": "2cd85602d84cec93946952f095113774a4e00cce2f8211275b7fa86392598fc1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055774", "uuid": "2ffce14c-5ef9-4e63-ad94-9d81c43da9b0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "692d3afc-8d21-4a3a-9fef-f54c0e8b3501", "value": "2019-11-13T06:22:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "3c7e3167-0fae-410a-bba8-16a22f73c6df", "value": "https://www.virustotal.com/file/2cd85602d84cec93946952f095113774a4e00cce2f8211275b7fa86392598fc1/analysis/1573626156/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "99c46b2b-2ee3-4ff0-a03d-84b5156b146f", "value": "42/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055775", "uuid": "480a2886-8b70-448e-a467-91972d8ee88d", "ObjectReference": [ { "comment": "", "object_uuid": "480a2886-8b70-448e-a467-91972d8ee88d", "referenced_uuid": "630d727b-ebb7-422a-9e2c-7f7d651462cf", "relationship_type": "analysed-with", "timestamp": "1576055896", "uuid": "5df0b458-9c24-4f73-974f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "8747342e-25b5-4b5d-9398-3eabb61a1a08", "value": "2c621f4d1d6cf91d8afe732e3f9bb351" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "eadbaee5-6b90-46b8-910e-255eaec34a0b", "value": "43af607eee5bc01c200290a493b53750357937cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "de822547-7f47-4aae-b1c6-d8187b08c9ed", "value": "2a2b7c96b4976ac66c22872575123b72bd9d285001f83c8e81f352afbc0a68ea" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055775", "uuid": "630d727b-ebb7-422a-9e2c-7f7d651462cf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "3296d7fb-3e47-4b46-bc2c-bf13ff2dbdc2", "value": "2019-11-23T22:10:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "347b3fe4-3790-4430-9ad7-7d55b38ada02", "value": "https://www.virustotal.com/file/2a2b7c96b4976ac66c22872575123b72bd9d285001f83c8e81f352afbc0a68ea/analysis/1574547029/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "f692b21a-fbef-4fdc-a72b-b0b1c6fc333e", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055777", "uuid": "8fe13168-7f35-46b0-8673-334a93b1c445", "ObjectReference": [ { "comment": "", "object_uuid": "8fe13168-7f35-46b0-8673-334a93b1c445", "referenced_uuid": "7eccc0ad-3bc9-4f27-bf29-42c689fa8b13", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-1d6c-40e0-b400-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "978ef58e-75ae-48bd-9b48-58f189e77ac7", "value": "038bff78b1e04a4ce19580dff28187d3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "c50a5add-9abc-4120-aa0a-da7d44cad3ad", "value": "ae0c1e5ef14899fb954b54f6259ab8d3fe8c45b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "b35af8f4-afb1-42ac-b8c4-5c77767a8cf0", "value": "90eb6adc4f5f291590b8da5f7e0ef1d97e3e7ff10ce825c8c0badc79a1df5487" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055777", "uuid": "7eccc0ad-3bc9-4f27-bf29-42c689fa8b13", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "3edfa5cb-b68f-4229-a181-53dc65f6fc58", "value": "2019-11-13T03:56:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "94090334-dd82-4c65-bb5d-e156720ce7de", "value": "https://www.virustotal.com/file/90eb6adc4f5f291590b8da5f7e0ef1d97e3e7ff10ce825c8c0badc79a1df5487/analysis/1573617388/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "976a4c4c-19ff-492f-81ab-3bf2d69048b9", "value": "44/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055777", "uuid": "693eb4a6-6c91-4f3d-8a41-39b4a388b08c", "ObjectReference": [ { "comment": "", "object_uuid": "693eb4a6-6c91-4f3d-8a41-39b4a388b08c", "referenced_uuid": "217bde46-aa3d-4969-a68a-36d0385f7301", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-4b5c-42ec-8672-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "cdb2afa0-aa3e-45fb-80c4-f635e86396be", "value": "6c5f694407aaacddf10fa257f44f61a2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "7b1d4b6e-6403-4590-bc64-d127237e1b62", "value": "a83d4fc1b24a7581df3fc3fdc553a0b4abf9add1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "e1fc717c-da82-42f3-8bef-ca617f698f16", "value": "849dcba27a0f40c293c2ccf9c08cedbf7e8547c5be20b3c398df896bb9b343e7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055777", "uuid": "217bde46-aa3d-4969-a68a-36d0385f7301", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "d0f7a4da-4c22-488b-803f-2d3e87c260b5", "value": "2019-11-20T12:02:13" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "06f9f889-d147-4cef-a6f2-0168b39a5104", "value": "https://www.virustotal.com/file/849dcba27a0f40c293c2ccf9c08cedbf7e8547c5be20b3c398df896bb9b343e7/analysis/1574251333/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "d3a1ddb8-c21d-48a8-a99a-dfef38f5d55c", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055778", "uuid": "61fb8e5f-2103-4a55-afb2-db120c501d56", "ObjectReference": [ { "comment": "", "object_uuid": "61fb8e5f-2103-4a55-afb2-db120c501d56", "referenced_uuid": "a4d0a189-bce0-447a-bb3c-57f45d66d69b", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-86f0-4446-97ce-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "1a7efbb6-91d6-4def-b745-e2dc59a71259", "value": "9e3481e8be6e431c1ab33b4afeb84222" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "490ab6a5-31cb-4a68-9b4f-618dc636469c", "value": "2a25c5c083acf747ea62e52c4c521b0accb95320" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "cd76eb29-627b-438a-a59a-e4b455ca8a07", "value": "88684cfaf2c29fd61382af8577f660767504de6236d8a98a087b4745c958e494" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055778", "uuid": "a4d0a189-bce0-447a-bb3c-57f45d66d69b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "cdb87fae-92c1-4037-b649-fed6bbc2328e", "value": "2019-11-13T03:59:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "2e645585-c14d-4145-a6c7-a40499270c26", "value": "https://www.virustotal.com/file/88684cfaf2c29fd61382af8577f660767504de6236d8a98a087b4745c958e494/analysis/1573617546/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "c0940425-05b5-45fa-9bb5-39ac0850364d", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055778", "uuid": "5d9cb84e-117e-46f3-84f0-5508358b9dec", "ObjectReference": [ { "comment": "", "object_uuid": "5d9cb84e-117e-46f3-84f0-5508358b9dec", "referenced_uuid": "610de0c0-a0c3-44ae-8bea-75a8d691a50e", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-a208-4aa5-ada2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "a0279cf2-3a9d-4e0a-93aa-36332520fa18", "value": "1acb00e8f6397966265f7402368ea7ce" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "faf52635-a344-42e0-8cc2-4ac66db7da2d", "value": "b14dc43a7fa759bd4de27e5a7877dec43c5ba2eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "7387bed9-7c77-4367-a3f7-68c269748b95", "value": "2ea3ceed200e046612256acc1f69a7d0582ed5211f537d941ac93360e8403559" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055778", "uuid": "610de0c0-a0c3-44ae-8bea-75a8d691a50e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "50b964b0-eabe-4f15-b070-bfec1124851f", "value": "2019-11-24T16:25:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "a7877257-02bb-45eb-9782-107c1c69ecfd", "value": "https://www.virustotal.com/file/2ea3ceed200e046612256acc1f69a7d0582ed5211f537d941ac93360e8403559/analysis/1574612724/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "49abe2ad-1547-4b34-949c-077ffc5f3caf", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055778", "uuid": "15c09bb1-2f0f-4e13-9722-d2eda392d772", "ObjectReference": [ { "comment": "", "object_uuid": "15c09bb1-2f0f-4e13-9722-d2eda392d772", "referenced_uuid": "7f0a542d-75ec-4857-8d9c-2c2feac75c60", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-1ad8-464b-a11c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "f5eff8b1-d0aa-4ae5-ab35-5711a85c7533", "value": "e6e0d4310b85fc1d2b0b0f5175d62645" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "98e880ab-7c4c-4676-bad0-558db7d0d711", "value": "f69ec1d38aff18bc05b9ddc194603df2c962e415" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "824d4ce5-441a-4339-b7f9-a34ab63c4036", "value": "673eba40a6a1d012467081271d749eef31bdbac99f4033c737bca40cd71dc66f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055779", "uuid": "7f0a542d-75ec-4857-8d9c-2c2feac75c60", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "9c22a2cd-ae69-4f7f-af67-d2f1b368ab5d", "value": "2019-12-01T04:56:25" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "e5763e2c-d4ab-42bb-9721-527703e1fe10", "value": "https://www.virustotal.com/file/673eba40a6a1d012467081271d749eef31bdbac99f4033c737bca40cd71dc66f/analysis/1575176185/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "26c3622b-b98c-4981-9d90-ce9e925adeb3", "value": "53/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055779", "uuid": "de874556-ef37-403a-9d10-fa16f100b3ef", "ObjectReference": [ { "comment": "", "object_uuid": "de874556-ef37-403a-9d10-fa16f100b3ef", "referenced_uuid": "fef9c7a3-2181-484b-bc36-6f4352cb265b", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-2790-4077-97b5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "6b7ead25-4f51-49d2-8ef3-3fe30c733aeb", "value": "e2b41d2f6b890e6fb4b9b03daf655a29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "a791762f-0d48-4c6f-8060-1c8f996a6728", "value": "ce632659a492eb0f5e8b9fc95bce681a180f7c01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "db377a77-a7a5-4abd-92e9-fb2cf815f518", "value": "69093a5cea07689d44aac2648c80a2e934f870615bd1d85d8aad480d7e559452" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055779", "uuid": "fef9c7a3-2181-484b-bc36-6f4352cb265b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "1da6042f-7b95-49e6-a8f4-957beadb2cd0", "value": "2019-11-05T07:37:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "a116bb46-b15a-4644-80bb-d6a2434c7864", "value": "https://www.virustotal.com/file/69093a5cea07689d44aac2648c80a2e934f870615bd1d85d8aad480d7e559452/analysis/1572939421/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "ae2653f5-302b-48f5-a626-92a26c299382", "value": "26/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055780", "uuid": "b90c13cf-564f-496a-99d7-29c19e842eb7", "ObjectReference": [ { "comment": "", "object_uuid": "b90c13cf-564f-496a-99d7-29c19e842eb7", "referenced_uuid": "fee9a30f-77d8-4e7f-a9ad-aba3bc0767ab", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-6118-4a54-b5d0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "7da95038-76bc-4c9f-bcc5-fa2dfe9e9384", "value": "a27d03177afe42bafeaca69638723254" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "61768568-0eb0-4d02-a587-62b190a21211", "value": "3fab7083d0781969fb523df4b7108614cb679617" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "78b407cc-2c07-4840-bcc8-959052ffa29d", "value": "9ac35b8b97c10bf93965ceaeea0f6ec47342a74427f97836a3805973be69e24b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055780", "uuid": "fee9a30f-77d8-4e7f-a9ad-aba3bc0767ab", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "73b7bf7f-4047-4307-8209-cb7a3d192e66", "value": "2019-11-26T15:08:32" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "a355cad0-9467-4f7a-a0e6-7781fe356123", "value": "https://www.virustotal.com/file/9ac35b8b97c10bf93965ceaeea0f6ec47342a74427f97836a3805973be69e24b/analysis/1574780912/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "f07bb02c-5c94-4650-86e1-d86a967333e1", "value": "54/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055780", "uuid": "df08daec-a00a-43b4-8601-d515dc2651b0", "ObjectReference": [ { "comment": "", "object_uuid": "df08daec-a00a-43b4-8601-d515dc2651b0", "referenced_uuid": "07d36978-be41-47ab-8996-78330168c467", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-1c54-403e-8df5-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "8b4ed69c-c770-4f4d-98d6-0dca45d69cc3", "value": "ce9700b3471afb57bb2cba95d1981eb0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "bcd0b68b-babd-4857-a433-f641eedfc472", "value": "8cf9652461eec252593f4c4f5693752706e3631b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "b09ead4e-a43f-411b-97eb-3c13b6f8e760", "value": "03b8210693afae7306e09bf2032a5cc47d88b623aadac02e6bf932e887454c5b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055780", "uuid": "07d36978-be41-47ab-8996-78330168c467", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "5a8f34d5-f408-42c6-b6be-46396ea67606", "value": "2019-11-25T22:34:05" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "5ec5500b-e8b2-4bd4-bcd9-0e4e6621f74b", "value": "https://www.virustotal.com/file/03b8210693afae7306e09bf2032a5cc47d88b623aadac02e6bf932e887454c5b/analysis/1574721245/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "b2bfb69e-e60f-4ff4-9154-b6ed29ac3522", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055780", "uuid": "e7608a9e-eaea-4cad-ab79-18e62041c6e0", "ObjectReference": [ { "comment": "", "object_uuid": "e7608a9e-eaea-4cad-ab79-18e62041c6e0", "referenced_uuid": "faad4461-56e8-4856-b5a8-a9655b7a27fd", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-44ac-427b-a3e3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "da22bdef-a634-48fc-bfe1-98c0da20cb2d", "value": "44ea81a890731636cd98dc89809a9dc5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "f4426cce-f063-4a28-9a12-73726f981767", "value": "1e832a29b28fdc2c3eca0ab18ee017591f1457e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "936cb004-dd36-4493-9ba3-d74897941fbb", "value": "decff0530202a546210fc055e1a6b0f912678ed85d2d77ef48eff23ac2719019" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055780", "uuid": "faad4461-56e8-4856-b5a8-a9655b7a27fd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "c99790ed-fc27-4338-ab4a-a850cd2a7dfb", "value": "2019-11-23T21:56:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "31eed645-2a8f-4113-a8fb-dee8a137090b", "value": "https://www.virustotal.com/file/decff0530202a546210fc055e1a6b0f912678ed85d2d77ef48eff23ac2719019/analysis/1574546163/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "a01bafde-3824-4ebe-81d3-61ad51170d55", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055781", "uuid": "963635bb-375a-4bfb-acf5-d01d25647a85", "ObjectReference": [ { "comment": "", "object_uuid": "963635bb-375a-4bfb-acf5-d01d25647a85", "referenced_uuid": "b393d054-939f-4cf1-94da-8a49e472be24", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-1f04-4e41-bca7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "35d09c34-ee55-465e-9c0a-f1c76022ec27", "value": "e98d301496a1b16b4de457a3faae23a6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "8bb93492-a313-48e1-9bf1-a46d9c6c3071", "value": "2472d433eecd014b1fbfb3893f72dff0d4e04133" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "ca206c11-91c2-438f-a832-341178316d77", "value": "b99ae37e732f458040573ceef72314171ee8e84ea1072719deb79a0d957d748b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055781", "uuid": "b393d054-939f-4cf1-94da-8a49e472be24", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "0045011c-bfd9-47ec-a834-598c6fcc9ac4", "value": "2019-11-27T04:02:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "72d40200-a060-4663-a3bc-8e111702bb9c", "value": "https://www.virustotal.com/file/b99ae37e732f458040573ceef72314171ee8e84ea1072719deb79a0d957d748b/analysis/1574827348/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "d42293ed-5f09-4111-a6bd-995e10bf38da", "value": "55/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055781", "uuid": "c1f29f2b-4ded-4ed9-9459-f32dbd82721e", "ObjectReference": [ { "comment": "", "object_uuid": "c1f29f2b-4ded-4ed9-9459-f32dbd82721e", "referenced_uuid": "3f631738-ec40-48db-b60a-7b51df7fb5f6", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-2ba4-467e-a564-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e7538cf6-7be4-4204-8938-cd49cdeebd76", "value": "a8d565950c1ef1fda15ccdd0874448c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "23848aaf-466a-48cf-ac01-0baf7c838df1", "value": "af9dd41bb34899779e93a2c7e1db6055ca5d70ed" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "28cfa22d-89b3-42d9-b020-e620b55694a2", "value": "d0ea8533befeede8e05e192ff3b00a1e689cfe65c8db15abd0ebd28aad81b297" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055781", "uuid": "3f631738-ec40-48db-b60a-7b51df7fb5f6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "b8d37291-d8b8-4b82-9d44-f46c494f43c9", "value": "2019-11-16T14:15:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "53a59ee2-0197-4a39-9880-55969a8e7ea5", "value": "https://www.virustotal.com/file/d0ea8533befeede8e05e192ff3b00a1e689cfe65c8db15abd0ebd28aad81b297/analysis/1573913711/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "3feee76b-f031-48bc-a670-20e4b2c41782", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055781", "uuid": "08d27827-1254-404c-b30b-73b3be143ede", "ObjectReference": [ { "comment": "", "object_uuid": "08d27827-1254-404c-b30b-73b3be143ede", "referenced_uuid": "a4bec410-e2dd-4406-b859-6179ed1201ec", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-1490-4acf-8649-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "1911c8bb-d00d-45b5-8272-5d0d71213966", "value": "585cf1383a9e33cc3351e30680e7e2a6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "ac8a3ef5-9813-43c2-8e16-6d6feb25e6dd", "value": "979332cdc71848befdde12e4cca1390b977e3045" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a63eb837-29e6-4864-91ae-a837321563c9", "value": "d96e18f786de1a4909c6bb5ca307b459918278bd6dd5aa2660ea48268233386f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055782", "uuid": "a4bec410-e2dd-4406-b859-6179ed1201ec", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "9a872605-bc26-4c9b-b09d-5109a8f31239", "value": "2019-11-14T09:10:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "602a766b-be5a-485d-813a-6803665ce135", "value": "https://www.virustotal.com/file/d96e18f786de1a4909c6bb5ca307b459918278bd6dd5aa2660ea48268233386f/analysis/1573722654/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "cfc4eda8-1eab-4fe1-abe0-ccbcc63b87e6", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055782", "uuid": "63a3faa1-d34c-4f73-9aff-9baca3137eae", "ObjectReference": [ { "comment": "", "object_uuid": "63a3faa1-d34c-4f73-9aff-9baca3137eae", "referenced_uuid": "39e9da1a-04ea-4f8a-92b4-83c2b28af2a0", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-f788-41af-9dca-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "a04c74d1-0eb0-414a-be5e-859687964f2f", "value": "cdebda90c26b07a019dacdd9788de227" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "0e56ac87-1d83-4e9b-b4f5-5e764081a63f", "value": "dc0607e5de9a21e5e4e7b1ef4a36caa51f461cb7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "3f0d6716-bfe1-4b3e-91a7-d3d0a566eb58", "value": "611cea5f84c2c74b0e6261ffe4e2fb4bc138ad16a526a618f7b68956aad54dda" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055782", "uuid": "39e9da1a-04ea-4f8a-92b4-83c2b28af2a0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "9baea4c9-8efc-44b9-a1e6-2f7f2e1a3622", "value": "2019-11-08T05:28:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "1ecc401f-9932-4d16-84ab-b5985eb4218f", "value": "https://www.virustotal.com/file/611cea5f84c2c74b0e6261ffe4e2fb4bc138ad16a526a618f7b68956aad54dda/analysis/1573190890/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "34bacd59-4dd9-4229-8af5-feb7a8437181", "value": "11/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055782", "uuid": "97d056b4-77a1-4ba4-a9db-bae0cf629aba", "ObjectReference": [ { "comment": "", "object_uuid": "97d056b4-77a1-4ba4-a9db-bae0cf629aba", "referenced_uuid": "0e895b28-8b79-415b-9795-85c278ae5448", "relationship_type": "analysed-with", "timestamp": "1576055897", "uuid": "5df0b459-6540-4afa-a922-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "e424f055-5af1-493f-bcc1-b9024c304cc1", "value": "ee7959b2ea5ad8886d1248fd397da9c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "762e139c-2100-44d6-939e-19d85fb2e18b", "value": "4f18e48f567a4062919f55ae9424ad2407e428b0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "57197ef2-1c26-4155-87b4-22056af65a8a", "value": "dd73b9d898d7663b38388a2f2d36f3ef72e5def1b2e67310158273f66cba61a5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055782", "uuid": "0e895b28-8b79-415b-9795-85c278ae5448", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "c5af8e19-3edd-4ab0-b60d-2c637891602d", "value": "2019-11-20T17:06:49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "db35b721-e6ca-4702-8368-18b0379646a2", "value": "https://www.virustotal.com/file/dd73b9d898d7663b38388a2f2d36f3ef72e5def1b2e67310158273f66cba61a5/analysis/1574269609/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "02666ecf-5c5b-4921-b9ad-565565bf2925", "value": "47/65" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055782", "uuid": "09dda9cd-6cf1-4605-95e5-a025d9038f02", "ObjectReference": [ { "comment": "", "object_uuid": "09dda9cd-6cf1-4605-95e5-a025d9038f02", "referenced_uuid": "8005aad4-bb1c-47dd-8cf6-5e31eb8e85d4", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-0ce4-44c4-8023-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "ff182f1c-7a46-4cd3-a115-e1e32387a3c6", "value": "ca02d99330289d7c674563967a11ee94" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "adff1b4f-a939-4ad6-b9fb-e5b8ade5dbc9", "value": "de00c5460569a966da24db3e76ace3d3da547da3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "e86de4e5-eb65-4fd1-b16d-e70ad9b928b8", "value": "e246f1af92ee0dc1772a1a6a546891984ee3b3cd5a7258d61f95b4c3e2b113c9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055782", "uuid": "8005aad4-bb1c-47dd-8cf6-5e31eb8e85d4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "52048166-f0ec-44ea-a092-764c8d1b3e81", "value": "2019-11-18T13:13:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "f8938903-26f9-42fb-a8d7-a8606b9f6c5d", "value": "https://www.virustotal.com/file/e246f1af92ee0dc1772a1a6a546891984ee3b3cd5a7258d61f95b4c3e2b113c9/analysis/1574082791/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "dd7acc4b-6818-4930-9393-285325f51d13", "value": "52/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055783", "uuid": "3e18aef9-9f41-4f5c-84c1-1a9e45d094fc", "ObjectReference": [ { "comment": "", "object_uuid": "3e18aef9-9f41-4f5c-84c1-1a9e45d094fc", "referenced_uuid": "763b5eb5-7aa6-4e5e-ad34-51aa053692cd", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-2b04-4e51-b74c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "1220fcd1-94db-4edb-b108-6808d6997830", "value": "2f24f562df2a3819c12d26e32bc02e55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "99be6f0e-4b0f-4958-bd55-2d04efaf521b", "value": "5c0323ee395c1d8aa0a91a79ab7a08480f13db11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "a892d1f8-91e8-4255-8285-52ac1d8c3809", "value": "eff68eb29c3efcdcbc71a3094cc9b7105cce0d53c9b066995c35ef0c31f5acba" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055783", "uuid": "763b5eb5-7aa6-4e5e-ad34-51aa053692cd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "0ea6e344-ac7e-4cfe-96b5-d62dd4f2d754", "value": "2019-12-05T21:10:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "69a4251a-c087-443d-bc5b-9e785008eea7", "value": "https://www.virustotal.com/file/eff68eb29c3efcdcbc71a3094cc9b7105cce0d53c9b066995c35ef0c31f5acba/analysis/1575580237/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "412bb585-ad86-4d96-83a5-ec9e6615e6fb", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055783", "uuid": "ef35229e-e31a-460d-a92a-2e68594da9da", "ObjectReference": [ { "comment": "", "object_uuid": "ef35229e-e31a-460d-a92a-2e68594da9da", "referenced_uuid": "87dee87d-1be6-475d-9a87-f8872a53a501", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-0c68-4e8d-806e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "8ba178b6-e789-4613-a361-0ed2b48e3b2c", "value": "0ab529ea5a0494e04992c886498fd214" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "dad1f290-e2b2-4a9c-a259-347fc1613838", "value": "1012edebc40932683895d27c59fa4e0b77776053" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "893e8f84-a210-4218-83af-96b15eef141e", "value": "345dd3d94a7f7c68034d64523189443cc0d5112b6aa826783e6dbf5842aa7362" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055783", "uuid": "87dee87d-1be6-475d-9a87-f8872a53a501", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "53632182-6ced-4764-835b-8c2bfa435233", "value": "2019-11-15T13:23:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "29af12fc-6ee3-4ea2-994a-3d30c6fdb91e", "value": "https://www.virustotal.com/file/345dd3d94a7f7c68034d64523189443cc0d5112b6aa826783e6dbf5842aa7362/analysis/1573824188/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "5653a984-9b45-4f22-aaaa-5002f7d53c09", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055783", "uuid": "e8030f48-91fd-4f6b-b8ea-cecc32f6a78b", "ObjectReference": [ { "comment": "", "object_uuid": "e8030f48-91fd-4f6b-b8ea-cecc32f6a78b", "referenced_uuid": "deb59489-ba40-43d4-b4ab-164d41931d90", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-c4a4-48e7-b80f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "cf28485d-73cc-4690-ade3-6c7028f6a828", "value": "e5d67daa8506ce7c44f0296742091045" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "a58bdd8c-2e28-4e62-ae29-c703470f30bf", "value": "576e5b85cf050d00e32155e8ec62d650101862bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "41d52ebf-a3b3-4179-bc1c-d87c51b779c9", "value": "0c19f0684d6cef08612c2ebe66ba38050aac3a68822a181390455882da6fe71e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055783", "uuid": "deb59489-ba40-43d4-b4ab-164d41931d90", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "e58b7216-0ac3-4a6f-b8b2-1211216066e6", "value": "2019-11-12T10:42:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "e84fbfd5-74ce-4537-a5dc-930721c13bbe", "value": "https://www.virustotal.com/file/0c19f0684d6cef08612c2ebe66ba38050aac3a68822a181390455882da6fe71e/analysis/1573555343/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "8dfa2912-988c-4dc7-b169-287a01a218c9", "value": "36/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055783", "uuid": "c84edebc-c688-408e-ad95-7a021be439cf", "ObjectReference": [ { "comment": "", "object_uuid": "c84edebc-c688-408e-ad95-7a021be439cf", "referenced_uuid": "548bb10a-e236-4d27-aed2-fa6137c005ae", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-92c0-4bab-9e84-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "776d4e2e-9ece-4039-b08f-9e64882c01b9", "value": "ce2bfc23adf847e8969af98dfd48cd46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "958c08b6-fff4-4de1-a6b4-77d6d799fc67", "value": "d3e672822cd3fdca47966bf509ee8cb03ee388eb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "caa05093-66e0-4768-97a9-6f6e4702535b", "value": "6f381faf83806ecf983e0325b130994760f6e058d55bb367237e46d5be70d1cc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055783", "uuid": "548bb10a-e236-4d27-aed2-fa6137c005ae", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "8e3c0ea6-0ca2-4076-9045-da33eb8dfd4c", "value": "2019-11-15T02:10:08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "d6006211-cc4b-4adb-a643-b61420105257", "value": "https://www.virustotal.com/file/6f381faf83806ecf983e0325b130994760f6e058d55bb367237e46d5be70d1cc/analysis/1573783808/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "50a0058b-52cd-4d6a-a333-5531c7f05e5d", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055784", "uuid": "c6bdd2f7-846b-4054-98c8-b022f346923c", "ObjectReference": [ { "comment": "", "object_uuid": "c6bdd2f7-846b-4054-98c8-b022f346923c", "referenced_uuid": "400ea43c-ccc4-4e2a-91d3-0f1785b2f42b", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-63bc-4e0a-b101-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "9231a247-01ba-405e-bf82-5e87c38d235d", "value": "22cf9a5c02f38664643842083cee7a22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "a1db5f44-e8ad-42f1-8e80-23de755cdd4b", "value": "516487da54231d75bafe326304b96ec083891ffa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "f3f4d5d8-dbbe-4650-803d-0cf8c7106558", "value": "9c5c4c15432a28b801e3089ac6f1e3bb8bb69d7fe701d24c064bac4164d172ea" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055784", "uuid": "400ea43c-ccc4-4e2a-91d3-0f1785b2f42b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "4b97a3f7-e847-424c-b88e-2f8965ff824b", "value": "2019-11-10T21:31:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "893ec8de-1a89-4abe-ba55-753b6384ce3e", "value": "https://www.virustotal.com/file/9c5c4c15432a28b801e3089ac6f1e3bb8bb69d7fe701d24c064bac4164d172ea/analysis/1573421472/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "b93e8dc3-6c3b-4d22-a8d3-d972b8813f1a", "value": "41/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055784", "uuid": "18828ed6-01af-4af3-ab4d-fca690d96af3", "ObjectReference": [ { "comment": "", "object_uuid": "18828ed6-01af-4af3-ab4d-fca690d96af3", "referenced_uuid": "2ecf2c6f-1090-4fda-804c-514e7dbe4943", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-af40-43ec-8989-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "90ce826a-ef54-427e-ba38-1de818e5409c", "value": "fc8b1c51ebd282da1cf4c8c40db4bc63" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "b879ac6f-cd11-4bc1-a3ad-cfca2a75874c", "value": "527a227bef4bde49daf388b21004e97302d62629" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "10f7bdea-1e3a-4243-aaa4-7a8a4fed29a7", "value": "135e78b23deb6a4d01e151ad0106036a8db5df2b92e4b44ae096a5f1150a79ed" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055784", "uuid": "2ecf2c6f-1090-4fda-804c-514e7dbe4943", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "2b4e7ed9-2bc8-4949-8cac-212680e7f8fd", "value": "2019-11-04T17:09:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "febd761e-fde2-4398-9f08-094787767def", "value": "https://www.virustotal.com/file/135e78b23deb6a4d01e151ad0106036a8db5df2b92e4b44ae096a5f1150a79ed/analysis/1572887381/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "176b96b2-5f4b-4600-a154-913a0093fc36", "value": "9/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055784", "uuid": "2778deb9-c215-475b-b26c-1658a49e0c97", "ObjectReference": [ { "comment": "", "object_uuid": "2778deb9-c215-475b-b26c-1658a49e0c97", "referenced_uuid": "c37dc55e-4889-4204-abee-1e8e26c434ec", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-9cd0-4e5a-88a4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "5defb2d6-6ebb-4445-8e63-21aa4c0a0ffa", "value": "70e69d4b6de8e2abdcaac5d3726c763e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "6a91a5af-6ed1-423d-a9f6-822a6e49fea3", "value": "c2e06d835ea896e444cbfece8ae4662a16e9d203" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "416876a6-384b-4111-a7b8-f159ffb677c2", "value": "7f882477d3f1b5925f53dfeb5c0f582e9e1813c10c46a2ac0989ed6417fb0a76" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055784", "uuid": "c37dc55e-4889-4204-abee-1e8e26c434ec", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "6e24f2e5-788d-4b6f-8dad-d83d171bcf7d", "value": "2019-11-21T10:21:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "07d419df-37c1-42a2-b55f-c2b3dd500c0d", "value": "https://www.virustotal.com/file/7f882477d3f1b5925f53dfeb5c0f582e9e1813c10c46a2ac0989ed6417fb0a76/analysis/1574331710/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "4c8ab864-4b9b-470f-ae59-65561a63f331", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055784", "uuid": "769adf14-6a7f-47dc-b97d-3a7d94fee27b", "ObjectReference": [ { "comment": "", "object_uuid": "769adf14-6a7f-47dc-b97d-3a7d94fee27b", "referenced_uuid": "f7bec7d6-bdbb-4134-bc6b-913adb67abf3", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-eea0-4c38-ac53-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "717e70e1-c8fe-4934-b20d-46260b764205", "value": "c0a02048b1038aec265008c7d251da8b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "cc707d77-9014-421a-9b5a-df831494469b", "value": "b2f10487a08dccc09750c49e313a54f53dbcb0f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "840f562b-f707-423f-ac76-a64164e2ffc2", "value": "d4af0967f5d0934dadb18b1e05ae908d586a8817305f89592ea272e7009d9f46" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055784", "uuid": "f7bec7d6-bdbb-4134-bc6b-913adb67abf3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "2ba1df53-1aed-4c9a-a819-2244693ba579", "value": "2019-11-28T06:42:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "85392bc9-5175-4813-a852-6a4c79c005ee", "value": "https://www.virustotal.com/file/d4af0967f5d0934dadb18b1e05ae908d586a8817305f89592ea272e7009d9f46/analysis/1574923376/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "6e34cfad-e096-4349-a044-23a8b8a812fc", "value": "53/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055785", "uuid": "cea3da5e-0781-4762-a3b8-4c500d2f5eb2", "ObjectReference": [ { "comment": "", "object_uuid": "cea3da5e-0781-4762-a3b8-4c500d2f5eb2", "referenced_uuid": "6ea26dff-4241-4783-9fa6-acde12bd3821", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-9d38-4739-9156-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "6c98c73a-b5b8-4080-92ab-f65fe67e21fb", "value": "e5c6ee86fe93a53d0205e7d5129f7963" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "9fb4c594-1430-4347-b0b6-0eab0a533109", "value": "9be8282a355cf7359e0060977f1f4242be985dcb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "03f85d45-76b4-450b-8dce-d6cc54c419ad", "value": "aed94a273cd5238ddfb5fce13847f51857beebec9e2fe22a8726efbe42498746" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055785", "uuid": "6ea26dff-4241-4783-9fa6-acde12bd3821", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "aa0d851f-efc1-447d-9feb-5de4db33b71a", "value": "2019-11-24T16:30:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "026b73d4-a7f6-4c6d-91e0-eda76ad03004", "value": "https://www.virustotal.com/file/aed94a273cd5238ddfb5fce13847f51857beebec9e2fe22a8726efbe42498746/analysis/1574613020/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "88fd05a4-c450-4093-b3ae-02edda7f01e1", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055785", "uuid": "5a1c17f8-2f91-4529-b7b0-f5fd54c0d7c1", "ObjectReference": [ { "comment": "", "object_uuid": "5a1c17f8-2f91-4529-b7b0-f5fd54c0d7c1", "referenced_uuid": "29ea3c62-b290-46de-8d0d-fc15e8b101ee", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-9884-494e-bea2-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "81b71434-e904-4209-8992-3e7a9f063c0e", "value": "8dc2fdeebc33452195743999e5a08e6b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "d7a17bfe-6891-43b0-b6a5-3a45928d000c", "value": "c8cdca9aacd19f9b3fe6113a21cca7418492fa39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "4aa53bce-f0bb-452b-9a90-4ca6a50753fa", "value": "bdc55acb282895b9942d5b188e752b35e106a55ad17f4357c0c2fe098da92e50" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055785", "uuid": "29ea3c62-b290-46de-8d0d-fc15e8b101ee", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "a739e2d5-de8d-4975-aa1b-83c8c4c1acb4", "value": "2019-11-20T11:52:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "7d09d52e-bfa1-43ca-bc96-4f5e3b1cd2c9", "value": "https://www.virustotal.com/file/bdc55acb282895b9942d5b188e752b35e106a55ad17f4357c0c2fe098da92e50/analysis/1574250758/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "cd2fc364-423d-4ae2-9725-02a6f3590ff6", "value": "41/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055798", "uuid": "0b6a4da5-0bba-48f3-868e-9a13e381aeb6", "ObjectReference": [ { "comment": "", "object_uuid": "0b6a4da5-0bba-48f3-868e-9a13e381aeb6", "referenced_uuid": "b279bb8d-cd93-45ad-ab71-bd1ab6f73374", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-7bfc-4c2b-815b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "d0340c6a-ddb3-4756-8264-fa0f4dcdd213", "value": "e50c8ca565e8ac6e5b919343c0bb5719" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "d19ef095-17a6-4762-ad8c-ec307e136438", "value": "88924252d537004e1421fd058e998120d34bf94b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "ab21eb90-c66b-490f-82f4-15a704ca44bf", "value": "9726003bb13cbbb847c3f771c2097722038a0487a721b1f3d5cfaf01e891a3cf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055798", "uuid": "b279bb8d-cd93-45ad-ab71-bd1ab6f73374", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "1cc0e528-9223-4409-b156-8af34843ada4", "value": "2019-11-24T16:24:47" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "63802fd1-9d01-46ef-bf75-173548b0c77e", "value": "https://www.virustotal.com/file/9726003bb13cbbb847c3f771c2097722038a0487a721b1f3d5cfaf01e891a3cf/analysis/1574612687/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "924e248b-9ab7-4ff4-afbe-ba8d3541c483", "value": "50/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055798", "uuid": "f0b4b63b-d2dc-498d-82c4-2336a319e7da", "ObjectReference": [ { "comment": "", "object_uuid": "f0b4b63b-d2dc-498d-82c4-2336a319e7da", "referenced_uuid": "8c9ae71a-d8cb-4fa9-9db5-27afe3787bd0", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-b268-4d21-8544-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054891", "to_ids": true, "type": "md5", "uuid": "d62895e7-f23f-43ee-9839-70424a58f4f1", "value": "22c5bfdf8604003e8fc79646c7e2f264" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054891", "to_ids": true, "type": "sha1", "uuid": "3d190eb9-a11f-4060-af16-f730aebc4d12", "value": "f564fa91c113b653da1829dbda8fca81fec477b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054891", "to_ids": true, "type": "sha256", "uuid": "2bf445c1-55bf-41aa-99aa-94bca53285ce", "value": "975e95134bd072c19cda96a2f372467e6f3e6833e14db37de0f0b47e5a857019" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055798", "uuid": "8c9ae71a-d8cb-4fa9-9db5-27afe3787bd0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054891", "to_ids": false, "type": "datetime", "uuid": "2e1531b3-a6c7-4d07-b259-105e5a52c832", "value": "2019-11-20T12:08:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054891", "to_ids": false, "type": "link", "uuid": "24a2a135-d7ab-4df6-9d07-19b44cfad4dc", "value": "https://www.virustotal.com/file/975e95134bd072c19cda96a2f372467e6f3e6833e14db37de0f0b47e5a857019/analysis/1574251699/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054891", "to_ids": false, "type": "text", "uuid": "18c863c6-0530-4a35-933b-3bc5e1a4cbe6", "value": "47/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055799", "uuid": "13d97b4c-5ebf-4c4e-b053-23a65c88d670", "ObjectReference": [ { "comment": "", "object_uuid": "13d97b4c-5ebf-4c4e-b053-23a65c88d670", "referenced_uuid": "afc87775-b270-46ca-a6b3-420a46e49a13", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-d504-42ad-9a5a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "303aec56-164b-4131-af3d-230d339abf26", "value": "1e2ccd933cb78f9a41195170426567c6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "f29b9175-07e8-406f-af67-8743b4fb7b8a", "value": "af3c0ce486dd68c2033e3c5a9ce420ec6f8ba0f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "dfe774ed-0dca-4705-85c8-a0e8d6f33eff", "value": "1b50d9c750036e5e154dc86d3daa50502dc2fbf74847d7df401a0df41294d4c0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055799", "uuid": "afc87775-b270-46ca-a6b3-420a46e49a13", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "b22fbe70-c60c-449d-bf43-b6ddf9827255", "value": "2019-11-26T15:03:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "26b9eda3-83db-4aa1-a682-3e159043b23b", "value": "https://www.virustotal.com/file/1b50d9c750036e5e154dc86d3daa50502dc2fbf74847d7df401a0df41294d4c0/analysis/1574780638/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "a066a8f1-06a6-4578-adfb-5ece1c8ed4b5", "value": "53/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055799", "uuid": "834d3a9f-32d7-4e85-91d2-c5127dd44a80", "ObjectReference": [ { "comment": "", "object_uuid": "834d3a9f-32d7-4e85-91d2-c5127dd44a80", "referenced_uuid": "d7e2184f-3d98-4617-bebb-a7d5b6f02cc8", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-01b8-4dde-b646-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "76e304f0-018d-4330-81a1-8e249b1b933a", "value": "78403fef144474dd6b1d2c7723234d22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "5412d776-4c98-4b5f-9cfc-551e99b0babf", "value": "6a16e31eed9b6d7cbc55aee637ee500457718cd2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "21e6dd4f-5130-4007-9cdf-71a87641cc74", "value": "2582b2898823e26096b851f130d38745d1680253f4cbc162044220b803c39a0b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055799", "uuid": "d7e2184f-3d98-4617-bebb-a7d5b6f02cc8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "5c65b880-d119-4708-86fd-f218f423f9ff", "value": "2019-11-07T21:26:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "051dfb28-eb70-4eef-a9ee-fb202cd69308", "value": "https://www.virustotal.com/file/2582b2898823e26096b851f130d38745d1680253f4cbc162044220b803c39a0b/analysis/1573162006/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "0197d523-1d7b-405a-a0aa-325b6a157693", "value": "36/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055799", "uuid": "1cae09e5-ff7a-4a82-9577-fe163db614ce", "ObjectReference": [ { "comment": "", "object_uuid": "1cae09e5-ff7a-4a82-9577-fe163db614ce", "referenced_uuid": "59739339-aa52-4345-81f3-48eab8bb78bf", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-e454-4e33-b274-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054936", "to_ids": true, "type": "md5", "uuid": "7f58ab4b-1d72-477c-9dff-e066bce2d3b5", "value": "371e3318f3d6ffd8aa44479fe315cbba" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054936", "to_ids": true, "type": "sha1", "uuid": "5e2271aa-e897-426b-825f-e7d1a4cdcf50", "value": "916ac087fa11b660d1ef6436818bc733a4e0d1a2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054936", "to_ids": true, "type": "sha256", "uuid": "2a13297e-0bef-4abd-9942-0bdb959aa054", "value": "41cd33e04e6884ec3b47ca09f0621589fd7f2be3b4afbb5b64aa21dc2e9433a6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055799", "uuid": "59739339-aa52-4345-81f3-48eab8bb78bf", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054936", "to_ids": false, "type": "datetime", "uuid": "700b3cf1-38c2-4ff2-a0a2-3cfe0e3d56f4", "value": "2019-11-04T18:13:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054936", "to_ids": false, "type": "link", "uuid": "8de7accf-4cb4-4b7b-a627-d4ae27b8ea53", "value": "https://www.virustotal.com/file/41cd33e04e6884ec3b47ca09f0621589fd7f2be3b4afbb5b64aa21dc2e9433a6/analysis/1572891202/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054936", "to_ids": false, "type": "text", "uuid": "7180f81c-0bfb-4dfb-8fe1-5ccab322dd17", "value": "9/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055800", "uuid": "808620ce-1aa5-4f04-86af-a9bf134b7623", "ObjectReference": [ { "comment": "", "object_uuid": "808620ce-1aa5-4f04-86af-a9bf134b7623", "referenced_uuid": "5db01ac1-ff59-4b8b-bb39-c0a3d26d50fd", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-9b28-4d6e-b62c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "89323b1b-3a8d-45f7-bc15-527704afa73c", "value": "523b85b39dde5f04419dd410ff3fb3f9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "c61bcd2e-62fb-4b85-a76a-7e6db3262231", "value": "010f66c9cb814781d287c7b317005aa5c4cc16b2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "456077a6-ff5b-4f56-a254-03fa8815d629", "value": "3889af36e1225cfe1771ce732032bc02885ecc5cc25808693ddd8b9bbad585d1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055800", "uuid": "5db01ac1-ff59-4b8b-bb39-c0a3d26d50fd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "32893bb1-fa03-44aa-a782-5bce8ca56554", "value": "2019-11-14T20:27:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "bf110cf8-501b-47c3-808d-53776cd8b63d", "value": "https://www.virustotal.com/file/3889af36e1225cfe1771ce732032bc02885ecc5cc25808693ddd8b9bbad585d1/analysis/1573763257/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "460beb85-1bfa-46a4-9a3c-4161bfc11671", "value": "42/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055800", "uuid": "220ab859-2e0a-4cd8-b7a5-533400015a1c", "ObjectReference": [ { "comment": "", "object_uuid": "220ab859-2e0a-4cd8-b7a5-533400015a1c", "referenced_uuid": "49e6be60-5f03-4f64-8477-7dae8f91abc1", "relationship_type": "analysed-with", "timestamp": "1576055898", "uuid": "5df0b45a-7cec-466d-859f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "7e8c6c95-313d-48de-acd1-c6fa67e9a831", "value": "87e56fd77b5cd3191ab7e8f17e919454" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "711f2283-dfd8-4440-b673-1657b07a19c5", "value": "035e68e2d7a5c950ebe1ebf00e48ed1acfd9b8e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "89215f62-f8b2-44af-973d-ff9e8f18b5a5", "value": "e746313a774296e024bd6cccc4d320f2d8d10d87caaa79afaaf5076138e89ea7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055801", "uuid": "49e6be60-5f03-4f64-8477-7dae8f91abc1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "40e09d63-5a1b-493e-ba61-0d9d93408c2e", "value": "2019-12-03T20:18:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "3c6620c4-b796-4848-831c-93fb0bbd4a3d", "value": "https://www.virustotal.com/file/e746313a774296e024bd6cccc4d320f2d8d10d87caaa79afaaf5076138e89ea7/analysis/1575404326/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "4867a6d4-2413-4c3b-a884-4a05257c30f9", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055801", "uuid": "de3c5515-69bb-4285-9c4f-fb3ee777ce49", "ObjectReference": [ { "comment": "", "object_uuid": "de3c5515-69bb-4285-9c4f-fb3ee777ce49", "referenced_uuid": "984595e7-dce1-45b9-a410-2294d6fb28f2", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-86b8-4764-8735-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "5f6c5e14-0500-41a8-8d2a-48700c774b6b", "value": "556c974218467457b7cb0e6d1598c252" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "ebfb512a-0dcc-4afb-ab9f-9f6b48fe89df", "value": "de0e2c0990c25b8d15e5d8fb4954d8665e516a35" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "2ef4b839-046b-4e18-a29a-93695c451d40", "value": "61c523739188d42e8061ec5727f86be931bef90078c1195e9d7cc126db4aaaf6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055801", "uuid": "984595e7-dce1-45b9-a410-2294d6fb28f2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "3a740380-ad48-4a3e-a7c0-0f19db51ad5c", "value": "2019-11-17T03:34:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "78118ac8-1111-45a1-a291-2d62a938c010", "value": "https://www.virustotal.com/file/61c523739188d42e8061ec5727f86be931bef90078c1195e9d7cc126db4aaaf6/analysis/1573961694/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "4b459db3-5fbd-4461-8d17-cd49447fbc60", "value": "42/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055801", "uuid": "d51dcfe9-d081-4a2c-bf88-b984c5cb4a0d", "ObjectReference": [ { "comment": "", "object_uuid": "d51dcfe9-d081-4a2c-bf88-b984c5cb4a0d", "referenced_uuid": "25fb5c72-5de0-425b-81d2-4879e920744e", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-63dc-4e84-bc2e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "c0f06a6b-43c1-4c15-81c6-55c4bb2db87e", "value": "55dbb5bbc3c03e62b35092074bc91ed5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "5fa13017-5069-4a29-8175-9c1cac5429eb", "value": "56b2f7d2abc6ebe55c7639bcccc8347fe711c2a0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "17fe65f9-e4fb-4087-989b-fd6209f14ee0", "value": "da6bc58ed98b2b1e9c79502248409a6041e10f04d81411f7ced305e589c03618" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055802", "uuid": "25fb5c72-5de0-425b-81d2-4879e920744e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "9dcdd1bc-0213-4e21-bbf6-cdeb71bb2750", "value": "2019-11-11T04:48:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "a804f83d-490e-4d2d-a645-a947ae19b6a9", "value": "https://www.virustotal.com/file/da6bc58ed98b2b1e9c79502248409a6041e10f04d81411f7ced305e589c03618/analysis/1573447719/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "b8fabe1e-3143-4f1c-ab61-dcfc1ce5c166", "value": "33/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055802", "uuid": "ce35ad64-3e90-4857-bfa8-7d574eeb63ee", "ObjectReference": [ { "comment": "", "object_uuid": "ce35ad64-3e90-4857-bfa8-7d574eeb63ee", "referenced_uuid": "7b9b54ed-c035-476c-8474-6b5239f424ae", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-344c-4ba7-b1cf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "8a1eb52d-7781-45c0-90c9-8092b995763d", "value": "bddafd819ea8f2ed5c172c244cfb2ab8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "665d0696-89cb-4a9f-82c5-d85a82e333f4", "value": "d7026d433176c37b0ddc56560025f76570fa6008" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "8b20b673-62d8-4784-8dd1-d4d68e03cdbe", "value": "a00c5219a5c8c3a934ffd4faff9a79a964c8b60280f6c26ee18490b2f9be0152" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055803", "uuid": "7b9b54ed-c035-476c-8474-6b5239f424ae", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "511ecf5b-aaec-49b2-b957-5ce151023a3d", "value": "2019-12-03T04:24:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "826aba18-f7e9-47d6-9ad7-4281ce7a705b", "value": "https://www.virustotal.com/file/a00c5219a5c8c3a934ffd4faff9a79a964c8b60280f6c26ee18490b2f9be0152/analysis/1575347066/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "10307f04-d3b7-4d1c-9a08-56998a49365c", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055803", "uuid": "a372a0f0-51f2-4b79-86b3-d5b6611b0530", "ObjectReference": [ { "comment": "", "object_uuid": "a372a0f0-51f2-4b79-86b3-d5b6611b0530", "referenced_uuid": "4f37be4f-53b9-444e-93e6-32a31d8cecdd", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-2a68-4504-9990-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "0cccc47f-0249-4207-afe6-dc5b5799dd04", "value": "6a40f9fb6c19ea1e589dfc3777234f50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "5708d8a7-5bcf-47ca-8ba9-ace49afdcd6e", "value": "bf4e4e792097dc818687141aa890522c7c537de7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "0b637b3e-b7a6-4eed-bbd3-536543647f9d", "value": "4e125c0e8b8578dbaa20638a4aac926a79cef3a6621d3351bb630eb243fe33f0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055803", "uuid": "4f37be4f-53b9-444e-93e6-32a31d8cecdd", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "e40bf106-9e06-4a9b-abe8-43a7f745b772", "value": "2019-11-30T20:28:50" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "b16c29bb-84ad-4144-8039-f707997d6061", "value": "https://www.virustotal.com/file/4e125c0e8b8578dbaa20638a4aac926a79cef3a6621d3351bb630eb243fe33f0/analysis/1575145730/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "a7e5e2eb-a12d-410d-885d-c7b94f4594e8", "value": "53/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055803", "uuid": "d63422bf-765c-4422-bae3-e05722b7f50b", "ObjectReference": [ { "comment": "", "object_uuid": "d63422bf-765c-4422-bae3-e05722b7f50b", "referenced_uuid": "5b62e69d-b12c-45ef-a7bd-92a71dc212e0", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-6d30-4a83-bb0d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "f8a3fcba-a378-4e06-9b4b-8e672174e974", "value": "b796a678563d69bf24cc44191340060c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "89502d96-2a02-46e6-96e4-fefe0d1c5ea3", "value": "9b19764f99c79d76994558607c673e66ae879c0e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "9c8d8e68-5b0d-4137-89a2-de7224084c74", "value": "41d588da12f978f1456436f3fd0a33bc6ac8b1965ff7a43ff252e16f8100cab7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055803", "uuid": "5b62e69d-b12c-45ef-a7bd-92a71dc212e0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "c4d83b44-92e6-47fb-8807-e8b97b163a21", "value": "2019-12-01T04:53:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "08d3cb13-bd4a-4279-97ef-3517730df80c", "value": "https://www.virustotal.com/file/41d588da12f978f1456436f3fd0a33bc6ac8b1965ff7a43ff252e16f8100cab7/analysis/1575175982/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "720a7357-24ef-44ed-904f-05e88c444407", "value": "52/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055803", "uuid": "0a9c29f7-5eb4-4f37-9857-a94edd3484a9", "ObjectReference": [ { "comment": "", "object_uuid": "0a9c29f7-5eb4-4f37-9857-a94edd3484a9", "referenced_uuid": "9724179c-5715-42c7-bfd9-4375d2987e24", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-497c-4083-87e1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054850", "to_ids": true, "type": "md5", "uuid": "8d5a3d9e-ebe7-4f26-8d33-18f37b6825e1", "value": "8dec47292017fcc3cccad7824270d6a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054850", "to_ids": true, "type": "sha1", "uuid": "e369e299-86f3-43e4-a506-8ecba385ce95", "value": "7819a80017f49e8500cdb41ce580709ca3165065" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054850", "to_ids": true, "type": "sha256", "uuid": "2490d994-a4c2-4d78-82e8-ff30cfe234f3", "value": "1461a178a2aeefd5c2ac2ec2d500012b5c60dd3b34eeefc3c261c019549f0288" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055804", "uuid": "9724179c-5715-42c7-bfd9-4375d2987e24", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054850", "to_ids": false, "type": "datetime", "uuid": "e5bf0b9c-e2e6-4cb7-bba2-ccc93bba9d89", "value": "2019-11-16T08:53:02" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054850", "to_ids": false, "type": "link", "uuid": "869bf76a-d7d6-4c9d-bde4-16f81a75527c", "value": "https://www.virustotal.com/file/1461a178a2aeefd5c2ac2ec2d500012b5c60dd3b34eeefc3c261c019549f0288/analysis/1573894382/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054850", "to_ids": false, "type": "text", "uuid": "93ce8f6b-1b04-426c-85b9-1c2c85854dd1", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055804", "uuid": "0dc9e074-7188-49a7-8cf1-61c271067d0d", "ObjectReference": [ { "comment": "", "object_uuid": "0dc9e074-7188-49a7-8cf1-61c271067d0d", "referenced_uuid": "44d573b8-8c3b-4f81-b359-b44706171679", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-6bf4-4a40-8d44-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "caff9554-1bb4-4144-98b2-f1ee69fa7807", "value": "4b3736b1cbcd348f59796e45e5beb0e8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "c06de7ce-6df3-4218-835a-8da48f8b70fa", "value": "ed0612611c53dff86cb4529b5a8067a119f8e64f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "d4a8e5f0-3e2d-434c-aa4d-a5f4bd3d6986", "value": "7303a39cc0af4c27eb0eaf3d164e5a046da3a1fdcd1d6815e6e72f4635ac6982" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055804", "uuid": "44d573b8-8c3b-4f81-b359-b44706171679", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "c70482bd-e075-4a61-b85b-8896b8ab72d5", "value": "2019-12-01T05:08:31" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "0fae1e57-fb8e-4a60-a126-7317d4550fb1", "value": "https://www.virustotal.com/file/7303a39cc0af4c27eb0eaf3d164e5a046da3a1fdcd1d6815e6e72f4635ac6982/analysis/1575176911/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "2a29fc49-b891-470c-8ec1-6e8ff3881e70", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055804", "uuid": "ec57281d-a52e-4ec3-9864-88ecf7d077ba", "ObjectReference": [ { "comment": "", "object_uuid": "ec57281d-a52e-4ec3-9864-88ecf7d077ba", "referenced_uuid": "ee086507-5a2b-4b5f-af7f-67efcc717313", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-dd60-4bb6-bb25-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "7e7c65f1-5263-4be0-9c16-9d20bf31e232", "value": "9a75d25449e621059d61fcdf5f5b0177" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "c9cf2101-d280-4fb3-bfb2-f14642f74314", "value": "2acb1a7210eb8ed9c3e397664155027abef451f8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "bfeb89ca-d4f6-4cf1-8c51-79f9a4ee7aae", "value": "71d10f273af4861dd0a8844f92370c2982470a0e5f8c16ea85a901e0d0cf0a65" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055804", "uuid": "ee086507-5a2b-4b5f-af7f-67efcc717313", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "3051eb85-c6b1-441a-b32c-c336519c7af9", "value": "2019-11-20T17:06:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "50a7c2a6-7a5a-4e37-b8c0-d18c936b8b7f", "value": "https://www.virustotal.com/file/71d10f273af4861dd0a8844f92370c2982470a0e5f8c16ea85a901e0d0cf0a65/analysis/1574269583/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "428a2b7d-0b9e-4d79-835f-507e4fd8e99d", "value": "48/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055804", "uuid": "60f91c41-4fa6-495e-859a-d5728619dd96", "ObjectReference": [ { "comment": "", "object_uuid": "60f91c41-4fa6-495e-859a-d5728619dd96", "referenced_uuid": "439fe388-297c-4b78-82d2-4228f0918a54", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-d09c-44a7-b9a4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "999052da-e0b2-4e10-a79e-43b419c151df", "value": "5d5818a8357abad8624ea7b3d0db302e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "22f9323d-16f9-426f-8a77-623c9d995c07", "value": "de3583045d5e6c94749170171c7d0d8930e2d035" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a32d2096-e450-4070-bbcf-d37ff1a4fd5f", "value": "b2aaeee604cc6cd5084d2f953fd191c4184198adb5d65800e25a5a288dfd07fa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055805", "uuid": "439fe388-297c-4b78-82d2-4228f0918a54", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "938ab6d1-f0b7-4ecf-889a-e201e5ee448f", "value": "2019-12-03T20:26:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "2ba5c241-b161-4263-8fd2-a8a878019a9c", "value": "https://www.virustotal.com/file/b2aaeee604cc6cd5084d2f953fd191c4184198adb5d65800e25a5a288dfd07fa/analysis/1575404772/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "3fca2014-8936-465f-8f43-5b2fa1b8a040", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055805", "uuid": "9dc9c877-a7a9-41c8-8896-95614059c37a", "ObjectReference": [ { "comment": "", "object_uuid": "9dc9c877-a7a9-41c8-8896-95614059c37a", "referenced_uuid": "ff2fc6cb-0daf-4349-bd62-b213f05340f4", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-efb8-43bb-9ddd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "c7455a5e-b140-4b41-9508-393685c7efa5", "value": "202e43cf0d320b3ac38fd6043012d9f2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "1d63fddc-7aa4-4251-af24-b77139d5feab", "value": "013a0d399fb3e4c6b9fe9178ecc8bb1321e9383f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "b615b863-2732-40be-b092-cd6d19382a52", "value": "1583e4d2966f0eab80c3defc26dd95d0020759b5c6024840d91a18cf14c999ea" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055805", "uuid": "ff2fc6cb-0daf-4349-bd62-b213f05340f4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "f75e38ff-b759-43d7-bfa5-f767421ce25c", "value": "2019-11-10T21:37:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "27355162-d957-4726-a636-3e148444a7f8", "value": "https://www.virustotal.com/file/1583e4d2966f0eab80c3defc26dd95d0020759b5c6024840d91a18cf14c999ea/analysis/1573421823/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "19084828-615a-4911-84f7-ce8a36e434b9", "value": "39/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055805", "uuid": "6b00327e-4ddf-4dec-a46a-7833c829ef78", "ObjectReference": [ { "comment": "", "object_uuid": "6b00327e-4ddf-4dec-a46a-7833c829ef78", "referenced_uuid": "725442e5-1e94-45f4-b174-26c11c4375be", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-c524-48a1-a6ec-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "251aaf2b-db41-4a66-b87e-7f2317ffdb1f", "value": "c7f530a28374d62ebfc64377a7ec92c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "fe7d6fe5-f94b-401e-8390-db57ba0ab48a", "value": "174cf0f9b6d37e48923d0a19bf6b90ac50ad2119" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "a5f6206f-cabe-46d7-b8fd-c6f19e3cc3da", "value": "3281a69666a207a4badc2a0a7344bcc94123df12f04f41191cfd5c8f1872159c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055820", "uuid": "725442e5-1e94-45f4-b174-26c11c4375be", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "973689b8-9210-4ec2-b368-c95735d06712", "value": "2019-11-07T02:38:06" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "ab51583f-c6b6-44a3-87b4-f7023b9d6581", "value": "https://www.virustotal.com/file/3281a69666a207a4badc2a0a7344bcc94123df12f04f41191cfd5c8f1872159c/analysis/1573094286/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "08e0dd3a-8de2-487c-8c5b-8512fbee4240", "value": "23/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055820", "uuid": "8f60f10f-0bb2-4abe-96c7-870315a567d5", "ObjectReference": [ { "comment": "", "object_uuid": "8f60f10f-0bb2-4abe-96c7-870315a567d5", "referenced_uuid": "66262593-7c34-491b-bd63-bae2c5717a2e", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-9a24-4416-bcb1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "98866a0c-5a49-4cbd-b026-6f8582624e6f", "value": "f7a23ee091c4b495611c1ca1acb3dc33" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "1b523c73-2e54-46d2-994d-e81990f548e7", "value": "7e3369d28d550383cddb2ed963312e596a4e2b34" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "9c5e46c0-0093-453c-b479-6ed1869468b7", "value": "e080dd64361c5d7855494333fb91dda700b0fdb898d7e0b37fb55d89dda4899c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055820", "uuid": "66262593-7c34-491b-bd63-bae2c5717a2e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "2b5f9422-6a8b-42da-be47-0de9be53314e", "value": "2019-11-20T11:53:26" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "09fa3efb-9d63-4e39-9c2d-7724bb53de30", "value": "https://www.virustotal.com/file/e080dd64361c5d7855494333fb91dda700b0fdb898d7e0b37fb55d89dda4899c/analysis/1574250806/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "f561c60b-5026-4a7e-9815-350888ff502e", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055821", "uuid": "4a596c88-c2da-4708-bc04-8137ec167945", "ObjectReference": [ { "comment": "", "object_uuid": "4a596c88-c2da-4708-bc04-8137ec167945", "referenced_uuid": "81b66735-8b1b-4ba7-9930-47afc63d8a2b", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-4c40-4127-b6d7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "7f506115-4815-4e84-9fd0-9361251dccba", "value": "a8469c2aac8ac92a95fb4c3ac4579739" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "d248249a-87ae-418a-8146-b88ab40251f8", "value": "f554d37ecc27f12672691cf2647aecf643674459" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "d8e5a05a-990e-4179-a83e-a55d45ffa9dc", "value": "91f1b3a4c4af40cee470b75619653eeb88db8b37958159b6df262ed01d2ed7c3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055821", "uuid": "81b66735-8b1b-4ba7-9930-47afc63d8a2b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "d7c757df-baf0-4fff-9602-d9f0af4e9988", "value": "2019-11-21T10:49:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "8ebd067e-55d2-4458-a3b5-c42ae19be059", "value": "https://www.virustotal.com/file/91f1b3a4c4af40cee470b75619653eeb88db8b37958159b6df262ed01d2ed7c3/analysis/1574333392/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "66527e6e-9d1a-4331-badb-0dbae58ddb2e", "value": "48/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055821", "uuid": "25fc58fc-4486-4519-8f8a-b37ef6ab6431", "ObjectReference": [ { "comment": "", "object_uuid": "25fc58fc-4486-4519-8f8a-b37ef6ab6431", "referenced_uuid": "9824f125-6779-4a9a-bd60-063532f4ed5d", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-a128-465b-a6b0-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "2ed21264-292c-4b62-b728-f90a29023401", "value": "8730d47ec35f5f01cd0e5624f0ad1d19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "0b3a61dd-6c14-41ef-b9f1-9c30c8f4dd6d", "value": "0da65cb425d34e955d8f081f669179cbd93880d7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "e9848eb0-f452-4c65-8e90-2164f90436d1", "value": "2f283ad12fbd85f295a46dd108d2b9f7c59bf49c617e26c4f996931c93ecca8b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055821", "uuid": "9824f125-6779-4a9a-bd60-063532f4ed5d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "e44a70e4-a23f-47b8-943d-d8dace64bd77", "value": "2019-12-07T09:40:18" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "d05fc176-914b-44d1-8ec0-919cc597e577", "value": "https://www.virustotal.com/file/2f283ad12fbd85f295a46dd108d2b9f7c59bf49c617e26c4f996931c93ecca8b/analysis/1575711618/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "fe7ef037-1cfd-4b71-9fd0-36c79cdf04d7", "value": "55/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055821", "uuid": "bd63552b-3ce3-46f6-978c-5b6b15ea5b0f", "ObjectReference": [ { "comment": "", "object_uuid": "bd63552b-3ce3-46f6-978c-5b6b15ea5b0f", "referenced_uuid": "3df48e75-a739-4211-9407-6311765cdaa9", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-4c1c-4b4d-93e9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "40fae1d3-9272-43cc-8f87-0c46ff158ee3", "value": "d7e7e8babd291ce721dbd28c9216073a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "74fa2249-026e-47c5-a055-21dd5cc1d5cc", "value": "a9fcd71863c7c73ef5669190eeeafe5ce3a444aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "a109481a-9d11-4688-aed1-f728138ef0f1", "value": "778f10e44ad76087857af1f4168a4f6fb3a5f03b160d19ae02c467e98597fbac" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055821", "uuid": "3df48e75-a739-4211-9407-6311765cdaa9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "6f00df8c-db4c-4b4d-ac78-d3c068a2731b", "value": "2019-11-14T13:25:55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "de8a524a-6b1a-4ffd-b0e3-1e2a0c3f895d", "value": "https://www.virustotal.com/file/778f10e44ad76087857af1f4168a4f6fb3a5f03b160d19ae02c467e98597fbac/analysis/1573737955/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "5b412bc4-97e0-4248-87f5-78cfb80d2e78", "value": "47/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055821", "uuid": "a4b3cf43-3ee3-4127-9013-8ff15a37ef5a", "ObjectReference": [ { "comment": "", "object_uuid": "a4b3cf43-3ee3-4127-9013-8ff15a37ef5a", "referenced_uuid": "1e4f61f4-b717-486e-8313-76ca42f9d871", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-3d40-43e1-9c5e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "e21dee8a-d320-4623-a253-7914ea1e5e18", "value": "7fa8ac5c4e36005705b9367f82b8f980" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "802147f4-9167-4631-a7a8-1403a06e5c62", "value": "c8e8321bf432bab593c43c7f4d5e722f59a98c55" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "28a1e121-278c-4b51-bd79-6b6bc7afbd1d", "value": "31e422b17cd0cce5cbd49cbe452772c16693fecd97f05558db60b5a331757bcd" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055822", "uuid": "1e4f61f4-b717-486e-8313-76ca42f9d871", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "25af1bbc-a0e6-4f17-a2e9-cf77acf0a218", "value": "2019-11-18T07:37:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "417680b5-95c1-42ad-a1d3-4eed68927bf7", "value": "https://www.virustotal.com/file/31e422b17cd0cce5cbd49cbe452772c16693fecd97f05558db60b5a331757bcd/analysis/1574062644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "2b42c3e8-a2c1-421e-a19b-0705c736c9c6", "value": "50/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055823", "uuid": "41837ce0-6fc9-4bf3-bbd7-b5db13b56d8a", "ObjectReference": [ { "comment": "", "object_uuid": "41837ce0-6fc9-4bf3-bbd7-b5db13b56d8a", "referenced_uuid": "a480ec19-a2fc-4c23-a2ba-d901c3e46209", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-0fec-406f-a5ba-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "4f1684ed-6146-41c4-8c73-ad1621876325", "value": "e63799d433190ec8b61d19a9f225dd5f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "b26fa6f0-975c-49e7-84ef-7e166c0cc157", "value": "84b87156b438da0a5e905443f09f12df2d27677d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "e28df2be-3f3e-4120-a4d0-f71464e40c31", "value": "e8c699ad010c200d8764cae0d4b75762379b321ab52e0614617a7bedfd42994e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055823", "uuid": "a480ec19-a2fc-4c23-a2ba-d901c3e46209", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "22ef1927-eb7f-4975-90b4-daf7476cb4f7", "value": "2019-11-17T08:48:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "130ab3d4-2d55-4d9c-9d63-33bec1295d5d", "value": "https://www.virustotal.com/file/e8c699ad010c200d8764cae0d4b75762379b321ab52e0614617a7bedfd42994e/analysis/1573980521/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "25fc8c52-a38d-46b2-ae61-6cc867eaa772", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055823", "uuid": "2a34cf03-2091-4bd1-bfc6-b0c4f096701c", "ObjectReference": [ { "comment": "", "object_uuid": "2a34cf03-2091-4bd1-bfc6-b0c4f096701c", "referenced_uuid": "045a999a-05af-4f68-97b3-c67877b7306f", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-9d6c-48e0-ac0f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "10b04a93-a2d8-495d-9698-f863bc743d90", "value": "3409f85d03db44e5b37fdc8a4e95f9a4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "eb8b028b-52ff-47cf-b826-873d39cfcaa7", "value": "25f1ce50d805fdeeeb43edb3eb915f3b73993a7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "d179af3e-7163-4db6-9313-79fddf878d9e", "value": "b636ad3e666a2fd724a2719bed3c7bf04cb21eff830409eb806553be8835e424" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055824", "uuid": "045a999a-05af-4f68-97b3-c67877b7306f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "cf2ea883-3cd3-4bf9-9ffa-25bba0f57fab", "value": "2019-12-02T13:21:39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "42b19bf4-419e-4725-acd1-dd1aed879022", "value": "https://www.virustotal.com/file/b636ad3e666a2fd724a2719bed3c7bf04cb21eff830409eb806553be8835e424/analysis/1575292899/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "79c3f838-18bf-41dd-afaa-2da1b7af2662", "value": "53/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055824", "uuid": "eb9212b0-60a3-40d9-b087-27ab8db99dd6", "ObjectReference": [ { "comment": "", "object_uuid": "eb9212b0-60a3-40d9-b087-27ab8db99dd6", "referenced_uuid": "de7e7abe-cf70-41bf-b039-e3e9e9118bef", "relationship_type": "analysed-with", "timestamp": "1576055899", "uuid": "5df0b45b-7298-4302-95bb-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "1e89e22c-1632-4ec5-a91c-55e9d8a4a298", "value": "cab204d321bf867dd51129f865a37310" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "4ff59eaf-04c4-439b-94e8-2111fadb0e88", "value": "c5c8e76181f46d87acaa8de9eaebc3bb0bd3e8f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "49b4e0a2-cfbc-4609-b4fb-2e24504257fe", "value": "d093211ca6df1e26dff4ec0e2b432c56e7d0a3eb08e53d00a990e5a4c919e7e6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055824", "uuid": "de7e7abe-cf70-41bf-b039-e3e9e9118bef", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "a331aa07-150d-49ec-a9e3-7655fde97972", "value": "2019-12-10T05:09:22" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "2de0cab7-af1e-4594-92f3-fb6637133551", "value": "https://www.virustotal.com/file/d093211ca6df1e26dff4ec0e2b432c56e7d0a3eb08e53d00a990e5a4c919e7e6/analysis/1575954562/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "d08a83f1-4c6b-4ea0-af4a-d2cd9e2a5e17", "value": "60/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055824", "uuid": "c4a5d335-d05a-4f1b-927b-f07d48ceeade", "ObjectReference": [ { "comment": "", "object_uuid": "c4a5d335-d05a-4f1b-927b-f07d48ceeade", "referenced_uuid": "ffd6cead-93b2-4611-b25b-a918732de14e", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-f2f4-4ea5-a2f4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "97c9dd1b-8206-4895-b22d-3cbdc8337234", "value": "a1824387fca3e5a3cd76026f69e204f0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "c4778246-d58a-457d-8413-bf6d1d817e7c", "value": "2cb26b1a4d08902318dc37c9b830267b7437e17c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "cc872d35-41a1-48c0-9bce-3e7f8a39270a", "value": "f2887e2d29564f6a7ba1e0138b907fac713463a5906ff38a2819c6bc4f7e82fc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055824", "uuid": "ffd6cead-93b2-4611-b25b-a918732de14e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "2b1dcb0e-8708-44b7-a9bf-dad7d4ad8b7e", "value": "2019-11-12T17:40:48" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "a1415fb7-c366-47fb-a847-05163125f89d", "value": "https://www.virustotal.com/file/f2887e2d29564f6a7ba1e0138b907fac713463a5906ff38a2819c6bc4f7e82fc/analysis/1573580448/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "ce0079c9-cfba-4c8b-a976-b66a77c2df99", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055824", "uuid": "387fd63b-aefa-4afd-853c-caf75eacdb7d", "ObjectReference": [ { "comment": "", "object_uuid": "387fd63b-aefa-4afd-853c-caf75eacdb7d", "referenced_uuid": "a518f4a8-4592-4a87-a370-8bf4338440a6", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-9c3c-4e2e-b6aa-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "85d01822-ec79-4a78-9e94-3424ae304e6a", "value": "32cb296c72766a6bb0dd501599bd8535" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "ace87804-2a2a-48ac-b570-f7cf70ae4729", "value": "2d8832336a06b11dbc71301297d2153d7859e53b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "f07de3d6-403a-4558-b3fe-f2c0a7dc22c5", "value": "3ab1d7b7e41a79c7147027fb2f8e921ed35167322281f1936cc321f1f916f3e3" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055825", "uuid": "a518f4a8-4592-4a87-a370-8bf4338440a6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "8ddf364a-63df-46cb-9d00-03025c03e6e0", "value": "2019-11-16T08:44:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "cbb33afb-f6b0-455b-881a-37c7fbef1817", "value": "https://www.virustotal.com/file/3ab1d7b7e41a79c7147027fb2f8e921ed35167322281f1936cc321f1f916f3e3/analysis/1573893861/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "d9b39fec-ad6b-4605-9f42-c6594dfaacd5", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055825", "uuid": "bf1d74a7-6453-41df-b8c0-c8036ca30e3b", "ObjectReference": [ { "comment": "", "object_uuid": "bf1d74a7-6453-41df-b8c0-c8036ca30e3b", "referenced_uuid": "e24f718d-46ce-48de-a1d5-5b59fa3fcb50", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-86bc-4dc1-86a9-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "6246f984-fba0-4ab8-afb6-05c01b979862", "value": "41f5638751db78bb55234e2668710e09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "8ec0cbc5-e095-4173-9f8a-703ac02699ea", "value": "75282f562d38226a74dc0e66d981168c2b073c80" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "0930b457-2d23-4ce3-9cef-c6db5ed953f0", "value": "336ee5f4b81ae7d30a17c6251b78af87f1a9815f19f732f78961584f268ddb0e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055825", "uuid": "e24f718d-46ce-48de-a1d5-5b59fa3fcb50", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "e73abc26-2c81-467e-a55f-bba725c59617", "value": "2019-12-03T20:41:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "f1201a3a-b9a6-474a-b77e-afc6b2defb24", "value": "https://www.virustotal.com/file/336ee5f4b81ae7d30a17c6251b78af87f1a9815f19f732f78961584f268ddb0e/analysis/1575405664/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "98e5c78c-2102-4afa-8c32-5a17d2567bce", "value": "56/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055825", "uuid": "f9bd53e5-f96d-4b52-a85b-d008fb299c67", "ObjectReference": [ { "comment": "", "object_uuid": "f9bd53e5-f96d-4b52-a85b-d008fb299c67", "referenced_uuid": "ed42186f-425b-4534-9e72-6d8667bc2763", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-3b2c-4003-a3ac-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054861", "to_ids": true, "type": "md5", "uuid": "db28d2a3-0445-4fb5-9a62-93991f1137ae", "value": "c4319b3de449f0d95a2c678ccf15a184" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054861", "to_ids": true, "type": "sha1", "uuid": "2b82ac99-a447-40ec-8c50-3ee9335d837b", "value": "99d9d6bf4b78d3ae0f6afa675c36438c31ffe443" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054861", "to_ids": true, "type": "sha256", "uuid": "42acd33e-824f-4b07-ab2c-746398850058", "value": "9091f32108282e5a2edfe5ca09d24f9cf335142e1061b2274f13a2534047d52a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055825", "uuid": "ed42186f-425b-4534-9e72-6d8667bc2763", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054861", "to_ids": false, "type": "datetime", "uuid": "df91305a-3e14-44c4-b020-f878e2663309", "value": "2019-11-17T05:20:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054861", "to_ids": false, "type": "link", "uuid": "7c634c53-80b7-4286-b4af-73399eea5028", "value": "https://www.virustotal.com/file/9091f32108282e5a2edfe5ca09d24f9cf335142e1061b2274f13a2534047d52a/analysis/1573968037/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054861", "to_ids": false, "type": "text", "uuid": "6262e7bd-e0c9-4daa-9413-4e21fbb9c90c", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055826", "uuid": "6057798b-3af5-424e-9be6-1f63bdbee336", "ObjectReference": [ { "comment": "", "object_uuid": "6057798b-3af5-424e-9be6-1f63bdbee336", "referenced_uuid": "82c95c8e-9acd-4d94-84bf-a2732dbbd804", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-ae60-4f24-958c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "306acfe7-135c-43d1-8121-6c188cea659e", "value": "afae1a53d93dce41d8562f5fe56fd9aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "d1be458b-fe3f-4b3f-8b20-4ee2ee0480cc", "value": "ad4051b260efe9451b7bdcce3e1c366cc29f1137" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "1fc5e7ba-45a6-4eb0-b433-d7ae42a1b09b", "value": "d1b58a7f25a5237bebb4104e247d7e036ea2b1a48f4342c88a117b1e8a43ad51" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055826", "uuid": "82c95c8e-9acd-4d94-84bf-a2732dbbd804", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "2a75dc3b-b433-4fb0-8d8d-7aa92baa96a6", "value": "2019-11-10T14:41:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "6ffd0388-c494-4d12-ada6-8f933ada2a37", "value": "https://www.virustotal.com/file/d1b58a7f25a5237bebb4104e247d7e036ea2b1a48f4342c88a117b1e8a43ad51/analysis/1573396875/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "0523af84-12cb-4f82-9b2d-0c2439090a9d", "value": "39/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055826", "uuid": "c307c82e-5ee9-40b4-a57a-bc100bc9d5dd", "ObjectReference": [ { "comment": "", "object_uuid": "c307c82e-5ee9-40b4-a57a-bc100bc9d5dd", "referenced_uuid": "d1ae46d6-dff2-42eb-a2eb-3caf259da849", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-6b90-4e29-b73f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "60978666-c250-4844-9686-dd5196f9cac9", "value": "2096b31942e11ea6162742ad00c4ec08" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "00b43dd5-c211-4428-b37a-633c62f368ea", "value": "694a29886301d38b19604180feec3f68c429e851" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "9f92bb29-4cf7-4b6d-83ee-4afd29de0c68", "value": "dfbd3927e48c1772fcd2f57baeed5f5292a12540cc0c061fa0e576ac37d38350" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055826", "uuid": "d1ae46d6-dff2-42eb-a2eb-3caf259da849", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "9d71b4ec-c1d7-4498-9904-cf996f266471", "value": "2019-11-26T14:37:30" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "2d9f5282-9a95-47f7-a949-9ecc7c98be13", "value": "https://www.virustotal.com/file/dfbd3927e48c1772fcd2f57baeed5f5292a12540cc0c061fa0e576ac37d38350/analysis/1574779050/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "48638a71-1c67-4f9e-bd99-58e71d8e0ff2", "value": "57/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055826", "uuid": "9d27efc7-ae77-4a63-8946-2b5f139d9ceb", "ObjectReference": [ { "comment": "", "object_uuid": "9d27efc7-ae77-4a63-8946-2b5f139d9ceb", "referenced_uuid": "24d1e65b-5461-4b43-8cda-af45bff380a7", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-4de0-4651-b79a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "1badbc78-9e7f-4f36-9d6a-dd024f737508", "value": "480d75f8e22948f5260544d6da36ed00" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "39cf7ed7-5317-40d4-81c7-fea844cc3231", "value": "32edd01433d5955fec45ebc3bd679e91f83fe001" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "e8c1b5bb-2ded-4598-9543-3a419c739a25", "value": "0fd0a413f060bfd03456ccc0ee43b86e1614a96c8727c59deb2f7d09059051e4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055826", "uuid": "24d1e65b-5461-4b43-8cda-af45bff380a7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "9aa3b83a-9d0f-4915-b9b5-6877c32c99c3", "value": "2019-12-01T05:16:37" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "521b9cd2-3777-4dbd-b832-677503531868", "value": "https://www.virustotal.com/file/0fd0a413f060bfd03456ccc0ee43b86e1614a96c8727c59deb2f7d09059051e4/analysis/1575177397/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "fd613591-e900-48d2-aed6-e72b2eef756c", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055826", "uuid": "35446faf-0ddb-4f87-854b-385260b95671", "ObjectReference": [ { "comment": "", "object_uuid": "35446faf-0ddb-4f87-854b-385260b95671", "referenced_uuid": "835f33ab-3f7a-4ce3-8abd-aab87b77e4bc", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-5610-42c9-959d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "e0beee05-c64e-4fc6-9c6f-130ae18d0508", "value": "fdba3ef7db009e0bd0b572a13ce86ec5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "9d80ce92-2a20-4802-a30f-dae82522c2cb", "value": "913920f7f00c93165f494b49510f2758784a94c1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "13a25696-897e-4486-920d-56bd070c3886", "value": "4c289673d7e8272c016e3b9925dfde7b19a2c7c9f6db70102f7c7d882f4b17e4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055827", "uuid": "835f33ab-3f7a-4ce3-8abd-aab87b77e4bc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "7d1edf35-42ec-446b-8716-444dbe102191", "value": "2019-11-18T07:37:29" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "7cc1cfb6-b289-4bda-bf8b-caebbbb9aa0c", "value": "https://www.virustotal.com/file/4c289673d7e8272c016e3b9925dfde7b19a2c7c9f6db70102f7c7d882f4b17e4/analysis/1574062649/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "da219885-71a7-404e-aa76-0bf1fd5a3375", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055827", "uuid": "91f2a406-203d-4994-9682-e7108f0df365", "ObjectReference": [ { "comment": "", "object_uuid": "91f2a406-203d-4994-9682-e7108f0df365", "referenced_uuid": "8a91dc91-0540-4679-b542-4a6626806420", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-a74c-4e38-a876-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "957aee6e-967c-4a48-b238-d8fa53bac201", "value": "f0f25aaa83d9cf9cc1409a1206269e84" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "34eb2d22-dce4-42ba-8355-a21d12097e99", "value": "3b2a9c29f9efa3236a0ce581114cdb2cbb6ee5da" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "ee1857c4-0e94-4f9a-b174-5dc318fe40a0", "value": "356805e9fc94bd5ec769e2d5b524e79b1c3fba43a9011fa338da3e10bb67fbda" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055827", "uuid": "8a91dc91-0540-4679-b542-4a6626806420", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "1dd6f8e4-876d-4789-bd6a-9dfb43bb44ad", "value": "2019-11-08T06:28:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "4eba6ec8-8de2-4d3a-a451-c3892f6ee147", "value": "https://www.virustotal.com/file/356805e9fc94bd5ec769e2d5b524e79b1c3fba43a9011fa338da3e10bb67fbda/analysis/1573194495/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "c224a544-dc47-4c43-92f1-0cdc72a4b67b", "value": "19/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055829", "uuid": "5b141a34-9277-4a85-beac-d7493563108f", "ObjectReference": [ { "comment": "", "object_uuid": "5b141a34-9277-4a85-beac-d7493563108f", "referenced_uuid": "3e844dc3-b609-47db-9acc-099b34ce7d02", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-1484-4ade-a786-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "047850fc-353f-4298-b8e5-3d2f31b54fdc", "value": "795432e4176ee402bf56afb158d9ba93" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "3d0a95cb-f967-4ef0-a659-e0bc15c03fb6", "value": "237e52585118027eab7661ff6ad5c7e5de2e2611" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "7f5dbfcc-1f09-4258-9418-f8610379eb58", "value": "def6d7b27b2c5411a53d44b5cfde7be57d9d72f0fac36c639d830bb9eac1c174" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055829", "uuid": "3e844dc3-b609-47db-9acc-099b34ce7d02", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "bdebe95e-a5b8-4b7e-9760-d936ff1119fc", "value": "2019-11-15T13:22:14" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "dddd3458-df43-4cf5-8923-5533935c1117", "value": "https://www.virustotal.com/file/def6d7b27b2c5411a53d44b5cfde7be57d9d72f0fac36c639d830bb9eac1c174/analysis/1573824134/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "fdbe7b9c-ba55-4adb-9395-3ff13b8d99f9", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055829", "uuid": "047dc7a9-043d-4f84-8cdf-ab188f1bb32d", "ObjectReference": [ { "comment": "", "object_uuid": "047dc7a9-043d-4f84-8cdf-ab188f1bb32d", "referenced_uuid": "1199ba69-0bf0-46ef-b935-a55651b947ed", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-3650-4dd4-b968-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "4e672a43-7363-42c9-a490-c6c43fda4e70", "value": "f4720f95e635bf54c31259e45b5f829d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "64d6bd38-0ff0-4423-8cdf-e507655108fc", "value": "8bbd7d67d7471ad99013f1d42da89cde034fa2fb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "9af22e4a-4f22-4b91-8b64-952b372591e6", "value": "ba68ac8c05da97e6cfcb6853a92232b5443ac43c1e11c14e4d4a15b684a6dc8b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055829", "uuid": "1199ba69-0bf0-46ef-b935-a55651b947ed", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "516c739f-0522-423a-b63f-c3d7196a752a", "value": "2019-11-14T09:10:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "16763a92-bfde-4d0d-8e39-97f66d004308", "value": "https://www.virustotal.com/file/ba68ac8c05da97e6cfcb6853a92232b5443ac43c1e11c14e4d4a15b684a6dc8b/analysis/1573722651/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "1f14e0ed-48a6-4ec3-83fe-c310314c1cab", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055829", "uuid": "e5c22d2f-bf18-47e1-b9f1-e649da622ba6", "ObjectReference": [ { "comment": "", "object_uuid": "e5c22d2f-bf18-47e1-b9f1-e649da622ba6", "referenced_uuid": "994fbf8a-51e0-46e6-acdd-8ce215181e20", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-e48c-46fe-a609-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "da72137a-3eef-4d3a-8bc2-898585177cc4", "value": "e96618309d3776f95a23fb9783009887" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "7a1f50ff-6fdf-47d8-89cd-7247db7b1df0", "value": "815f3d5961ae739d1800ed1fd9f6504e39ea74a9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "82f1ef8b-75f8-4907-b95f-b5193cb3bcf8", "value": "dd55cbf28ffb502bb38398c03f454a361330902c3fc4e465eb8865c8432d6b4f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055829", "uuid": "994fbf8a-51e0-46e6-acdd-8ce215181e20", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "15165f50-4c47-4c80-aa35-2c0ef13bdaf1", "value": "2019-11-26T13:12:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "3bdd7f24-d59b-42d9-8114-014d13b4f786", "value": "https://www.virustotal.com/file/dd55cbf28ffb502bb38398c03f454a361330902c3fc4e465eb8865c8432d6b4f/analysis/1574773979/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "d6835df5-2eb4-4be5-887d-2904b9ae1599", "value": "54/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055830", "uuid": "bc463676-fa0d-4152-a4ac-f9568ad30f21", "ObjectReference": [ { "comment": "", "object_uuid": "bc463676-fa0d-4152-a4ac-f9568ad30f21", "referenced_uuid": "9b02493c-909c-47f1-adea-240736dc4ed6", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-3034-46a6-a17c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "98eb7012-7803-488c-b38d-056ee221d60c", "value": "e54fad71693ebebb814a2cdfd3c26247" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "cefc948f-5e08-4053-b44e-d038d9a67bfb", "value": "0135b2b8eb323c2090ee26d99f0531aed15b623d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "c9645218-0df9-47c2-8220-952bad144cbf", "value": "9528d0c578157a0c18d495e807bcc5acc82f84a03a52576e6e824698f748c12f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055830", "uuid": "9b02493c-909c-47f1-adea-240736dc4ed6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "390f284e-f060-40fd-bdc6-bfa33a99aaa6", "value": "2019-11-10T22:39:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "6f9d5651-ddd0-463e-a424-5e87f3e56502", "value": "https://www.virustotal.com/file/9528d0c578157a0c18d495e807bcc5acc82f84a03a52576e6e824698f748c12f/analysis/1573425591/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "3775fb5d-67cc-45d7-bf8f-5e2d47424705", "value": "35/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055830", "uuid": "e0309f0b-5aea-46c3-b31c-85409e2f1575", "ObjectReference": [ { "comment": "", "object_uuid": "e0309f0b-5aea-46c3-b31c-85409e2f1575", "referenced_uuid": "9347bd73-b4ab-4e99-83f0-a9b892bd2cd3", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-db28-4d5b-9756-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054843", "to_ids": true, "type": "md5", "uuid": "6911f351-467c-4b85-ba76-503bfed0075f", "value": "1581c61692e8ca00968579a485710e3c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054843", "to_ids": true, "type": "sha1", "uuid": "c564613e-329e-483f-b75f-23eb8e0fb89f", "value": "f9f9e891e40de848aeb0ae92a9e6d112807ab5ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054843", "to_ids": true, "type": "sha256", "uuid": "aa26f0cf-b3eb-4718-a884-cb2f6e1b839d", "value": "45363875792ec1150f235d43a398d5080019a31487e322d0bf2221279424da64" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055830", "uuid": "9347bd73-b4ab-4e99-83f0-a9b892bd2cd3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054843", "to_ids": false, "type": "datetime", "uuid": "92dd930d-bff2-43d9-9c72-aff61cad7e2e", "value": "2019-11-21T10:32:28" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054843", "to_ids": false, "type": "link", "uuid": "fe4df3ff-b59a-4f61-b9bc-11821e13a017", "value": "https://www.virustotal.com/file/45363875792ec1150f235d43a398d5080019a31487e322d0bf2221279424da64/analysis/1574332348/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054843", "to_ids": false, "type": "text", "uuid": "fc9b1119-927c-4769-a26c-9a4285ae3f7a", "value": "49/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055830", "uuid": "a1f459a8-8d2d-445f-8ae4-be737e996cf6", "ObjectReference": [ { "comment": "", "object_uuid": "a1f459a8-8d2d-445f-8ae4-be737e996cf6", "referenced_uuid": "631266d9-9ebc-4b97-b95a-9042ce7b37e4", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-8168-48a2-954f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054876", "to_ids": true, "type": "md5", "uuid": "8e269e6c-1c05-4cdd-87b3-39213baef2e1", "value": "570aa0b95fc0e215d9450882a2a23ccc" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054876", "to_ids": true, "type": "sha1", "uuid": "829dd184-d984-4777-93f3-02dcba00fb82", "value": "b1ec8e6b7d04877be6570654f904d029270c613f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054876", "to_ids": true, "type": "sha256", "uuid": "dffb9e69-fe78-4b57-a163-76149377039f", "value": "f281a3f88fd4aca86b05300e4a00f26974154aed73715de92456d26cbe6fd873" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055831", "uuid": "631266d9-9ebc-4b97-b95a-9042ce7b37e4", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054876", "to_ids": false, "type": "datetime", "uuid": "f73e95c9-bac3-48c8-9a00-b258a794ae82", "value": "2019-11-17T08:42:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054876", "to_ids": false, "type": "link", "uuid": "a50fa30c-a3e6-4341-942e-118126bf928d", "value": "https://www.virustotal.com/file/f281a3f88fd4aca86b05300e4a00f26974154aed73715de92456d26cbe6fd873/analysis/1573980163/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054876", "to_ids": false, "type": "text", "uuid": "aa121851-84d4-416b-b3b2-510d39ef9473", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055831", "uuid": "1c80147c-14a8-4788-a975-fca23e47c4be", "ObjectReference": [ { "comment": "", "object_uuid": "1c80147c-14a8-4788-a975-fca23e47c4be", "referenced_uuid": "82717ca0-1aca-4e43-b093-95115091b83e", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-e2b8-46d2-a8ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "88f8e66f-f241-44f3-92ea-bcab20e001e9", "value": "bd19a5a4a17fb727a5dca2103a0b7cee" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "72b8714b-e5b8-4f27-9a4d-6bb81c3d6a0f", "value": "68af7167caa9b0fdd185286f92fbfbc9ff45ac9b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "b0b449e6-4cc6-4afb-8daf-6e587845f401", "value": "f0c4aaffdfaed2db209a76aa99bc98518f489f1c62bec0be7584cd210bc0b31f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055831", "uuid": "82717ca0-1aca-4e43-b093-95115091b83e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "cc954813-ad5b-40c6-bb1e-94ff867ace29", "value": "2019-11-20T12:03:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "2c63a5ab-c4e3-4ad5-b05f-13e88dc8cf92", "value": "https://www.virustotal.com/file/f0c4aaffdfaed2db209a76aa99bc98518f489f1c62bec0be7584cd210bc0b31f/analysis/1574251436/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "49d41418-faa4-4dab-b6e1-cb8fb310d7a0", "value": "49/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055831", "uuid": "c2a8bed0-ecec-4727-aff3-9692b710ec87", "ObjectReference": [ { "comment": "", "object_uuid": "c2a8bed0-ecec-4727-aff3-9692b710ec87", "referenced_uuid": "0bd0a4e4-3dee-4363-855f-290fbcfb272b", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-fcc0-4db9-b23e-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "bfa67707-6d6f-4ec6-bcf1-a71d12feba67", "value": "cd4e7916038cf877ec44f1a665806bd0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "d747e0ca-7503-4ffb-ac8b-d52a065d1e93", "value": "106cc19f5c5fc48c3f008dd80c7bfa2aaa572a4c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "c6f5c170-3902-4b40-aff3-fa938e53f8bc", "value": "f0c31f19ca1159657e2777c50ce5e1c6c4247b50da33300694bf4f2c7287f01b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055831", "uuid": "0bd0a4e4-3dee-4363-855f-290fbcfb272b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "134dbfa9-0e34-4605-9031-918ee0379e33", "value": "2019-11-09T14:01:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "31f26bbc-d0e7-4e48-9e44-16c6f2c42c6a", "value": "https://www.virustotal.com/file/f0c31f19ca1159657e2777c50ce5e1c6c4247b50da33300694bf4f2c7287f01b/analysis/1573308071/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "17b36523-046f-42f5-983d-0d46f227ff74", "value": "16/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055831", "uuid": "f72eda7d-b70f-4693-8822-0a78cfa8cc8e", "ObjectReference": [ { "comment": "", "object_uuid": "f72eda7d-b70f-4693-8822-0a78cfa8cc8e", "referenced_uuid": "463ae21e-bbde-444e-89d3-99479d75ae8e", "relationship_type": "analysed-with", "timestamp": "1576055900", "uuid": "5df0b45c-9f80-47d2-94ab-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "2164fcf8-6dbe-4afd-b480-ad0770f9fb80", "value": "42acc79d61819930ff0bc41b394e9300" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "9e3d9e1f-ba1f-4f08-bc8d-266bd92a3067", "value": "fcbd5a9c690d3fdefadffa0cfe0290a538d08df2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "86305d1c-0d59-4355-ae16-dabe68098a1a", "value": "10079b5bba74566cd2daec9376f14acfd3ffaeed56f9a79d45d87ea795c21e33" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055831", "uuid": "463ae21e-bbde-444e-89d3-99479d75ae8e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "513ebe33-264b-4fe6-8070-a2dfbb0b7222", "value": "2019-11-17T03:36:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "46673cb1-66d9-44e5-acaa-00c928e76167", "value": "https://www.virustotal.com/file/10079b5bba74566cd2daec9376f14acfd3ffaeed56f9a79d45d87ea795c21e33/analysis/1573961817/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "058d2fff-392c-4948-a707-c039abfd0fc4", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055832", "uuid": "1e15b2c6-4e3e-43b6-91db-741c882e5f57", "ObjectReference": [ { "comment": "", "object_uuid": "1e15b2c6-4e3e-43b6-91db-741c882e5f57", "referenced_uuid": "290a99ee-e5ed-44f3-b8de-a50139d24917", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-be34-4c1c-918f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "7e50c175-4d49-4815-adfa-64f6f709c20b", "value": "12b3dbe7421cfb533556b371da7677ef" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "0a61bd8a-c378-4778-a22d-ed496c70b34c", "value": "00683372a73bf4a41d44606aac8c28a65a14227d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "4cbddf30-6ceb-49c4-a157-55e596a7e345", "value": "2df028b7d9b691bf3c25d8579c5b7846f40227eb00b563e04956fc1981fd5ba9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055832", "uuid": "290a99ee-e5ed-44f3-b8de-a50139d24917", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "f8a2f851-ad29-4250-8476-cbacefbee5b9", "value": "2019-11-23T22:01:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "b9d43c51-bba0-461f-9f5a-2c89c48e3818", "value": "https://www.virustotal.com/file/2df028b7d9b691bf3c25d8579c5b7846f40227eb00b563e04956fc1981fd5ba9/analysis/1574546501/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "792b6174-6677-4373-977f-e3f28a77a162", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055832", "uuid": "eb99d484-d0eb-4eb3-97c7-8f2aff1583fb", "ObjectReference": [ { "comment": "", "object_uuid": "eb99d484-d0eb-4eb3-97c7-8f2aff1583fb", "referenced_uuid": "6339d9ce-f18b-4cab-b0ba-90603d434da7", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-8508-408f-92de-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "a732da85-ea04-4621-a4b2-6b2a38e19b4b", "value": "c508f7a19735cba1cf6cfd8b1ebaaf3b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "154f5632-5fca-4a97-8e7a-40e2b79c90a3", "value": "e44bfcaee1789165b5a8f3a1aed4d404d481d514" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "477d9547-9ff3-447e-bcf4-2a92dd393801", "value": "676f1bb1cf144e5fb86776954be0a1471218cf502c5d0ecc23defaddd05e56d6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055832", "uuid": "6339d9ce-f18b-4cab-b0ba-90603d434da7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "c52bc965-2fdb-4b4d-b523-08a36c694326", "value": "2019-11-20T11:52:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "fd7d3128-d826-4ad9-acdb-23e25394c335", "value": "https://www.virustotal.com/file/676f1bb1cf144e5fb86776954be0a1471218cf502c5d0ecc23defaddd05e56d6/analysis/1574250779/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "93115e2b-d373-4999-8ec5-1159f9022c59", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055832", "uuid": "7b96abe4-4bab-4097-bdb3-ac8a298c6796", "ObjectReference": [ { "comment": "", "object_uuid": "7b96abe4-4bab-4097-bdb3-ac8a298c6796", "referenced_uuid": "7bd1774b-123a-4795-a208-e214b34da6d7", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-7b80-4f0a-ad18-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "dfdaf658-0651-415a-935d-314fcdaef656", "value": "0c113872afb0fb48f9df3b23917eca89" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "01bb7017-f532-4b58-b7ca-3b1d6956cc18", "value": "bee2bebe19024594bddf17189b01f19485fa1436" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "76d3bbf1-0f8e-4a02-a133-1e47b3fa1089", "value": "9cf345394b70a129fb77e130037c740fe2733b1301bc07b809d14fac187eed2a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055832", "uuid": "7bd1774b-123a-4795-a208-e214b34da6d7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "5819bcba-b75e-4826-b532-43d524af1229", "value": "2019-11-13T03:56:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "b91fe26b-f284-4468-bb52-db8663caeec0", "value": "https://www.virustotal.com/file/9cf345394b70a129fb77e130037c740fe2733b1301bc07b809d14fac187eed2a/analysis/1573617370/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "088a1e01-4fc1-4d0e-b0be-1e3f6628ac87", "value": "44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055832", "uuid": "790e9ba9-414b-442e-a128-1d3a40dd80f4", "ObjectReference": [ { "comment": "", "object_uuid": "790e9ba9-414b-442e-a128-1d3a40dd80f4", "referenced_uuid": "f34ac31a-c93f-46a2-9bc1-c0bb0941f729", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-1544-4f4e-8736-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054918", "to_ids": true, "type": "md5", "uuid": "ce780ec7-51b7-40bf-bd91-9c3edc0287f7", "value": "7da05821f50e18bfdad0302800175012" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054918", "to_ids": true, "type": "sha1", "uuid": "37921e1e-c7d5-4933-bf67-417925efd455", "value": "9cc6643ec243e08f8dd5909b57070efabffbcf45" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054918", "to_ids": true, "type": "sha256", "uuid": "007d3ae5-2b84-42a3-aff7-f8b7b06c9d91", "value": "39f9d63667821d7b12267a250b84e6979eb7b88b1c7573e82da42dcd162b81ca" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055833", "uuid": "f34ac31a-c93f-46a2-9bc1-c0bb0941f729", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054918", "to_ids": false, "type": "datetime", "uuid": "268d4b7c-89c3-4c89-9d38-30219422c256", "value": "2019-11-16T03:07:24" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054918", "to_ids": false, "type": "link", "uuid": "cb4208de-268f-48a5-ba9e-04cdd36f4336", "value": "https://www.virustotal.com/file/39f9d63667821d7b12267a250b84e6979eb7b88b1c7573e82da42dcd162b81ca/analysis/1573873644/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054918", "to_ids": false, "type": "text", "uuid": "abb4534b-b57a-4c81-8b99-fc14de994dba", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055833", "uuid": "0f18d2de-6860-448d-87ad-d7daeb9022eb", "ObjectReference": [ { "comment": "", "object_uuid": "0f18d2de-6860-448d-87ad-d7daeb9022eb", "referenced_uuid": "78e30eb5-6d68-493c-b7e9-01d872e9b47e", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-8e10-4a1e-8b95-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "7b23921e-d308-4c38-ac28-1930a4648cd5", "value": "9b4774b6033da19753bdde316eb6f67e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "7ff2caca-a141-485e-83ba-115dcf01ffcf", "value": "6817de55865b4e198dac84c934b39c0ac78c3b90" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "fff24805-ffa2-4845-b831-8672c75a6b86", "value": "6cc3efcc4d64393074d60aea4c50585af789ff68b4c7b1181abf352b129a8840" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055833", "uuid": "78e30eb5-6d68-493c-b7e9-01d872e9b47e", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "31c61828-2449-43b1-9f61-e0d110a96bab", "value": "2019-11-18T07:37:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "d6c87ec0-e31f-4df3-a13a-fdf79950691f", "value": "https://www.virustotal.com/file/6cc3efcc4d64393074d60aea4c50585af789ff68b4c7b1181abf352b129a8840/analysis/1574062647/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "08161ed0-99e5-4393-88ab-812d4cbe7ca5", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055833", "uuid": "0e905908-feb4-4bc9-9c9f-be6c013deabe", "ObjectReference": [ { "comment": "", "object_uuid": "0e905908-feb4-4bc9-9c9f-be6c013deabe", "referenced_uuid": "2bdc1369-156f-4352-b274-343e87e014fc", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-4090-48c0-aeda-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "69e2abc9-0812-4ed8-b671-c8bf45f6edf5", "value": "65487edc873b631cea9be79b176dcbc3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "381b68f2-49d3-4763-9594-58641e969f18", "value": "7b3ec09c372ea1fe66eae05b633f65655abf41dd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "cdc1f10e-90d9-4798-a289-533eef4521da", "value": "8264b7930cd796ac0665159e87568b3d493449815a3a38fdbbf36ef4a732e046" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055833", "uuid": "2bdc1369-156f-4352-b274-343e87e014fc", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "94344ebd-233f-425f-8bd2-eeda20ef7a25", "value": "2019-11-08T13:26:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "9ab0bc70-c43d-4ea4-bbd3-b6679ae70054", "value": "https://www.virustotal.com/file/8264b7930cd796ac0665159e87568b3d493449815a3a38fdbbf36ef4a732e046/analysis/1573219616/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "26e6fa8b-a520-4dac-97a0-29ff36be9206", "value": "20/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055833", "uuid": "6620f764-ad31-496f-a9b1-1f5d3cba2720", "ObjectReference": [ { "comment": "", "object_uuid": "6620f764-ad31-496f-a9b1-1f5d3cba2720", "referenced_uuid": "e6afe7fd-4808-48f3-9e13-86d21eb5d043", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-42c8-4129-aa5c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054900", "to_ids": true, "type": "md5", "uuid": "922f7ec9-e6ac-43f8-95da-fdff98885415", "value": "3f80b5f5806063ef9ae9f92eb5c64488" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054900", "to_ids": true, "type": "sha1", "uuid": "cc82c30f-4a06-4da6-85bf-87ebebe123f8", "value": "eaf33f007b5bb4d4185cc4c86f82f18aa1e9b66b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054900", "to_ids": true, "type": "sha256", "uuid": "94d80d6b-97a8-4660-9083-c050f89ca31d", "value": "122e7c75b0d159fbe36e277b1c66fe136fb58a73f42c8a3ffe8677fde56c1daf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055833", "uuid": "e6afe7fd-4808-48f3-9e13-86d21eb5d043", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054900", "to_ids": false, "type": "datetime", "uuid": "a5ac96aa-52a9-4e73-8d2d-39029d56b86b", "value": "2019-11-26T15:28:09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054900", "to_ids": false, "type": "link", "uuid": "960702d0-8c2e-45fe-8f54-39a3be413a12", "value": "https://www.virustotal.com/file/122e7c75b0d159fbe36e277b1c66fe136fb58a73f42c8a3ffe8677fde56c1daf/analysis/1574782089/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054900", "to_ids": false, "type": "text", "uuid": "5025024b-a3db-4775-b1a8-e7f31ff9b945", "value": "52/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055834", "uuid": "2c25a987-39a8-4df4-a449-34c6e50aaa83", "ObjectReference": [ { "comment": "", "object_uuid": "2c25a987-39a8-4df4-a449-34c6e50aaa83", "referenced_uuid": "d0988bd5-e3fe-4b3d-86cc-4f487be10b9a", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-e8a8-4d7e-9aa7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "8c759a2c-3e3a-48fe-a909-2896157d2243", "value": "30215f8873baef28cc31b47b8b5323b5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "ca79370b-6829-4d7c-a7c9-d7d5181812fb", "value": "2ce88c677df2830e7d58da1dcc0aabbc91bfb9f6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "b484d231-bb08-438b-8975-47d74ede0930", "value": "28348068d4a96533884f5c481a16083dcd8e331c09facf08df1a331fe6ba4395" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055834", "uuid": "d0988bd5-e3fe-4b3d-86cc-4f487be10b9a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "26e987df-8396-4443-8e3a-ebb1c13fb482", "value": "2019-11-23T22:10:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "53622cf2-e4ae-4e11-bd1d-9e6a5bab9ff7", "value": "https://www.virustotal.com/file/28348068d4a96533884f5c481a16083dcd8e331c09facf08df1a331fe6ba4395/analysis/1574547021/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "3f6334ea-cf16-4e6d-b0a2-0ee2ab541810", "value": "51/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055835", "uuid": "31aab19d-f800-4ef6-8d32-74c6db0f8981", "ObjectReference": [ { "comment": "", "object_uuid": "31aab19d-f800-4ef6-8d32-74c6db0f8981", "referenced_uuid": "d65a4876-fa23-4956-9b83-993ca4626952", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-f27c-48f7-89b8-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "60ed5777-fe76-4fbe-8300-67c6923c7e51", "value": "b56a8cbbc280446caf72667f1701d593" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "934aadb5-00c5-434a-aaff-e58e471a71bf", "value": "db016d0c4e5f9fd83b857e49971b4cdd8c58d861" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "516a7124-adec-4b58-a18a-44fcb22d8ffe", "value": "574de62d0fa0bc8fe1af444960a9d8fb61f95f5bb23b42c9832fe7d288b7d147" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055835", "uuid": "d65a4876-fa23-4956-9b83-993ca4626952", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "23b8d8e5-951b-4e51-8c32-cd0848832d35", "value": "2019-11-20T11:48:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "5a95c0ac-708c-40de-86d6-1df4c8c8b309", "value": "https://www.virustotal.com/file/574de62d0fa0bc8fe1af444960a9d8fb61f95f5bb23b42c9832fe7d288b7d147/analysis/1574250531/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "a4a5a5c5-1070-494c-9ace-60556c67f14b", "value": "47/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055835", "uuid": "1f9dc79f-f7b3-46ce-a6cb-31984ae06835", "ObjectReference": [ { "comment": "", "object_uuid": "1f9dc79f-f7b3-46ce-a6cb-31984ae06835", "referenced_uuid": "33a5510d-f8d9-4e09-ac75-a43c9fa9c815", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-88c4-4a8a-ab64-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054917", "to_ids": true, "type": "md5", "uuid": "8d3891e0-beed-4d78-a93c-71e17c1d1488", "value": "c4917443928e74a6277768a0a2658b7d" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054917", "to_ids": true, "type": "sha1", "uuid": "5b6397c9-9a4a-4a9f-a868-6a502ad20565", "value": "151d8dd17c842f2ab011afb4cbc7711ee6a518e6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054917", "to_ids": true, "type": "sha256", "uuid": "a43dedf9-9da5-41da-a63f-a58fee1eb14e", "value": "5e05284cb4efc45f8cf8ca3818bb9461f2a106285ecd2b23125046691a3839e6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055835", "uuid": "33a5510d-f8d9-4e09-ac75-a43c9fa9c815", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054917", "to_ids": false, "type": "datetime", "uuid": "7a60b2fc-70b5-4930-9502-2cc8336dc88a", "value": "2019-11-13T09:22:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054917", "to_ids": false, "type": "link", "uuid": "944981c6-eba3-4b1f-a0b4-2f693514a82e", "value": "https://www.virustotal.com/file/5e05284cb4efc45f8cf8ca3818bb9461f2a106285ecd2b23125046691a3839e6/analysis/1573636974/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054917", "to_ids": false, "type": "text", "uuid": "122ed7c0-7a7a-4ec1-8cfa-cd8d25db827f", "value": "49/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055835", "uuid": "af2c0ba7-1d20-40b1-8df4-ba840f095ec5", "ObjectReference": [ { "comment": "", "object_uuid": "af2c0ba7-1d20-40b1-8df4-ba840f095ec5", "referenced_uuid": "0f05b691-83cd-427e-b4f1-d023a58e914b", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-bb04-44ae-9fb3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "ace614e7-5b9d-4f57-8bf4-9b2798a14845", "value": "e5377004a96bf5b2b5653eb7802b98b6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "0c98d37e-8c67-4681-97ce-fedbde11c213", "value": "7dc40ac9efb86909b51cdd34e3e5bb192a4809bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "d77bed89-efd2-4ac0-8e59-d9347c8c4082", "value": "52a1dc7dbb067a3c37b3ee776f56e97b926fcf419d7dac3b1b99576ff1095fbf" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055835", "uuid": "0f05b691-83cd-427e-b4f1-d023a58e914b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "8adfc3ea-fc4e-45f5-b08c-34f663cf8b0b", "value": "2019-11-17T03:34:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "e413824c-6193-451c-a4ed-19610e6098e7", "value": "https://www.virustotal.com/file/52a1dc7dbb067a3c37b3ee776f56e97b926fcf419d7dac3b1b99576ff1095fbf/analysis/1573961663/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "e875a169-6077-4051-a8e8-9a1808742117", "value": "43/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055836", "uuid": "e4037054-8a55-4fdc-8e7c-6c8ee7055455", "ObjectReference": [ { "comment": "", "object_uuid": "e4037054-8a55-4fdc-8e7c-6c8ee7055455", "referenced_uuid": "8d164152-93e4-491d-8174-71ce50247de7", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-6630-4e12-bf66-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "65f6a68c-5235-4ac4-82d1-eae8bfd8aec7", "value": "82cc3ba7cf377710eb9d7b16d7cc07f1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "cbdfc3ad-a5b4-4a79-b101-29c51cbf5616", "value": "f8516778b8c615a0b04382c1ad93e6cbd190fa8f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "816a0ec0-9303-48dc-b34c-31ddfe1d2092", "value": "c8d71f59dcbb6a9248a1d6d2face02c1e7f7d54a70ccf32d1111cb0ec81d21af" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055836", "uuid": "8d164152-93e4-491d-8174-71ce50247de7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "9b8ec38c-8c7b-4c42-9d1c-0ec30ef0d9d9", "value": "2019-11-20T18:50:57" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "f46e5b1f-b4a5-4b22-9634-1af7220d727b", "value": "https://www.virustotal.com/file/c8d71f59dcbb6a9248a1d6d2face02c1e7f7d54a70ccf32d1111cb0ec81d21af/analysis/1574275857/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "1cba8761-816c-4eab-89f2-34557114cac7", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055836", "uuid": "e1fdbd81-ae8d-40a8-8a37-aa3da6836d41", "ObjectReference": [ { "comment": "", "object_uuid": "e1fdbd81-ae8d-40a8-8a37-aa3da6836d41", "referenced_uuid": "d8d6cc05-a655-4af7-9dae-3486ca8047f8", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-afe4-408b-80e3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "e0485092-289b-46de-8c85-2e6ce9a2de01", "value": "eb68198fe475e9635a0e29601db71e6f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "35f6147e-a92a-4b98-a5a7-72fea07c76c0", "value": "50dd3dc5ccafc578167d26be27085acd3a939e7e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "65f571fd-c191-4d09-a0be-894615374275", "value": "bfafa8be3980f026bc1a0561f7a376f83b2c4dd0594654acf3499df18c84c29a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055836", "uuid": "d8d6cc05-a655-4af7-9dae-3486ca8047f8", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "63e44892-31fd-4c1d-82f3-eeee0deb082b", "value": "2019-11-05T14:38:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "b7f99b21-899a-481a-82c9-c41c00d3f5ad", "value": "https://www.virustotal.com/file/bfafa8be3980f026bc1a0561f7a376f83b2c4dd0594654acf3499df18c84c29a/analysis/1572964718/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "82e01fd0-8ea2-4fa7-927a-898994779db9", "value": "29/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055836", "uuid": "9d6f735a-20a6-43bd-bd48-cc666ccf0bc3", "ObjectReference": [ { "comment": "", "object_uuid": "9d6f735a-20a6-43bd-bd48-cc666ccf0bc3", "referenced_uuid": "16861013-0e17-4c80-9221-24cc9b73b85b", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-7974-4ebb-98d7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054846", "to_ids": true, "type": "md5", "uuid": "8fad2e28-a693-447c-b81f-5e6b40570bc0", "value": "bc6e933ecddd5fda107c3901f295ce16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054846", "to_ids": true, "type": "sha1", "uuid": "c81b3fa4-e184-440d-bf44-608830084e58", "value": "7f90faeec5c486b3f2cdb7a1a0498f57d2490ea8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054846", "to_ids": true, "type": "sha256", "uuid": "99a8f592-8cbd-41b7-b98d-b866d5228970", "value": "6cee05723caefbd2f1f92aad74d7f1cac9f0074e20b4423fff56e1a8acd689c2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055836", "uuid": "16861013-0e17-4c80-9221-24cc9b73b85b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054846", "to_ids": false, "type": "datetime", "uuid": "d28b30f3-6d36-4a30-b82a-13132d7cc861", "value": "2019-11-24T16:23:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054846", "to_ids": false, "type": "link", "uuid": "985799f9-e317-4d56-8fc4-00c2f883db7f", "value": "https://www.virustotal.com/file/6cee05723caefbd2f1f92aad74d7f1cac9f0074e20b4423fff56e1a8acd689c2/analysis/1574612603/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054846", "to_ids": false, "type": "text", "uuid": "1c2beb13-a58c-4e40-9153-969becfde05f", "value": "52/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055837", "uuid": "9f72b5eb-27e6-441d-ab60-7fd97834c781", "ObjectReference": [ { "comment": "", "object_uuid": "9f72b5eb-27e6-441d-ab60-7fd97834c781", "referenced_uuid": "b3a698f4-af39-4d2a-b5f1-0826edb603f1", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-6414-4f5f-a402-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "e4e395cb-5ecf-4a8d-a6a1-97aeaf46ba2e", "value": "79e3ae4176aafda4aef69e646dcdf5cd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "54b02807-7373-420a-bc7f-29f51880a126", "value": "888cf3f4e5e610aaec24feadc6ee67645a30d993" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "92f01408-c1b3-403a-bc55-f8278af0100e", "value": "781f84274d6432596325a04276a68d0c5599bfdb98771a853400d94605dae631" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055837", "uuid": "b3a698f4-af39-4d2a-b5f1-0826edb603f1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "d24d6f8d-2663-405d-9283-fefef2f80a3e", "value": "2019-11-17T03:36:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "e47d724f-e09e-4183-a2fc-41f3a84ae715", "value": "https://www.virustotal.com/file/781f84274d6432596325a04276a68d0c5599bfdb98771a853400d94605dae631/analysis/1573961801/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "a579e1a2-4ef9-4330-90b2-f46e1aed5486", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055837", "uuid": "dc226cf9-3901-4edc-90f9-9de75bd2d00f", "ObjectReference": [ { "comment": "", "object_uuid": "dc226cf9-3901-4edc-90f9-9de75bd2d00f", "referenced_uuid": "93d35eb5-e307-4820-a47a-a57aa72cfe2c", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-b1ac-4542-9a6f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "2d0c9bfc-c31f-4708-987d-68af90b7e816", "value": "af87cfd616077e11600a47c62a5b96f9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "d2c3e153-b92a-4496-b441-c0bac93083a8", "value": "1356bcd1fff013be285fc3f7ec33078fe3710470" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "f3e1bfc0-1efc-4149-86ab-876bf31c9fed", "value": "281841ed84abc658c8b77a2a284d4a95f5e82cd3990135f463cd2a45c719bfeb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055837", "uuid": "93d35eb5-e307-4820-a47a-a57aa72cfe2c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "b312a556-2d2c-4721-a7d6-45b934baee52", "value": "2019-11-27T16:34:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "66dc26e9-689b-4e94-b0c7-cf242ff4bca8", "value": "https://www.virustotal.com/file/281841ed84abc658c8b77a2a284d4a95f5e82cd3990135f463cd2a45c719bfeb/analysis/1574872492/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "7a21ee72-83b5-49f3-b473-8a571c0ed326", "value": "48/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055837", "uuid": "2cabe989-3926-4b82-a18e-ee6350cfb8b1", "ObjectReference": [ { "comment": "", "object_uuid": "2cabe989-3926-4b82-a18e-ee6350cfb8b1", "referenced_uuid": "2b338a76-e93c-4865-86ce-579be4f77db0", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-8390-4907-b230-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054938", "to_ids": true, "type": "md5", "uuid": "cf5bacdd-0956-4297-b314-9dcb33c8768f", "value": "f942193f278026cfc1bb338da9a49fdd" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054938", "to_ids": true, "type": "sha1", "uuid": "cc676941-ba87-4291-a920-cb6aac8dc0fa", "value": "e94d86dc41cf26a01e397b91855611df6a684bc8" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054938", "to_ids": true, "type": "sha256", "uuid": "324e1724-a260-4e01-97ef-a4bc0cb9aa9b", "value": "7bbd5336a9e203070e55890136006d4c41d4b87fa89986600b11669a15c0dad2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055838", "uuid": "2b338a76-e93c-4865-86ce-579be4f77db0", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054938", "to_ids": false, "type": "datetime", "uuid": "47e145c7-7f42-435f-8d16-60ac75ee6e66", "value": "2019-11-15T11:09:11" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054938", "to_ids": false, "type": "link", "uuid": "d30fda7b-9a98-45eb-beca-4a78ae5c00c0", "value": "https://www.virustotal.com/file/7bbd5336a9e203070e55890136006d4c41d4b87fa89986600b11669a15c0dad2/analysis/1573816151/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054938", "to_ids": false, "type": "text", "uuid": "49a2258f-e9e2-40e9-a2d8-4c0ecd928337", "value": "47/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055838", "uuid": "96a29e4d-f0b4-46a6-b1fc-7149ae1ad279", "ObjectReference": [ { "comment": "", "object_uuid": "96a29e4d-f0b4-46a6-b1fc-7149ae1ad279", "referenced_uuid": "31c7787b-9094-44df-b7ca-87a0e7021c77", "relationship_type": "analysed-with", "timestamp": "1576055901", "uuid": "5df0b45d-eed8-457d-8a80-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "808f051c-6a9d-4162-b963-a34ad932487d", "value": "d27d2e3a6dd4bf06eb3299af2bd6c15c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "3380ef5c-0dd4-4323-987a-388e794f9535", "value": "31a36074be839120f317d4f339f2147fea6470b1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "518ec440-fdaf-4eec-8b19-5dbace8ed9ce", "value": "bd705bae29e82a184dc1b697fe12e31e0856fd5cdfafb8e6eabd6e78ae4a16d2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055838", "uuid": "31c7787b-9094-44df-b7ca-87a0e7021c77", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "91a03381-aff7-46c7-8037-9ebe8cb332e0", "value": "2019-11-28T06:25:04" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "0bb5c536-2db5-4b14-a927-3a26fb94dbe8", "value": "https://www.virustotal.com/file/bd705bae29e82a184dc1b697fe12e31e0856fd5cdfafb8e6eabd6e78ae4a16d2/analysis/1574922304/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "84a1e548-7088-4658-865c-4362c54f7ce1", "value": "55/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055838", "uuid": "49eb8d09-d848-4ff0-8816-a3d7326ebccf", "ObjectReference": [ { "comment": "", "object_uuid": "49eb8d09-d848-4ff0-8816-a3d7326ebccf", "referenced_uuid": "062efe17-65a7-4b2f-b136-d58822c364f1", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-1f24-4bba-b14a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054890", "to_ids": true, "type": "md5", "uuid": "8b7f08e9-1f1c-4241-8cc6-471972c291a3", "value": "0a27168a3cdfc3103ccb4c459ff230c9" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054890", "to_ids": true, "type": "sha1", "uuid": "c84318af-a48d-4911-a29b-12b4d151a2a0", "value": "487973cf83325eee28c7911546a5aba0c7e94b56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054890", "to_ids": true, "type": "sha256", "uuid": "d76e3076-ca6c-4c93-b455-7f98ab7c3c5a", "value": "6540b42f334391d3e48b964e39e199e9d75d7e58086aa6c40b528c9bb306ec8b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055840", "uuid": "062efe17-65a7-4b2f-b136-d58822c364f1", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054890", "to_ids": false, "type": "datetime", "uuid": "93b93eb8-8bef-48a4-b3b2-9f2277052e0a", "value": "2019-11-26T15:03:16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054890", "to_ids": false, "type": "link", "uuid": "c6568d2f-e929-46c1-a2ee-4c8eb50457b5", "value": "https://www.virustotal.com/file/6540b42f334391d3e48b964e39e199e9d75d7e58086aa6c40b528c9bb306ec8b/analysis/1574780596/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054890", "to_ids": false, "type": "text", "uuid": "8a7a45a2-2086-4983-af9b-66d183972501", "value": "51/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055841", "uuid": "db7298fa-263b-498f-960f-1b194cfe4de5", "ObjectReference": [ { "comment": "", "object_uuid": "db7298fa-263b-498f-960f-1b194cfe4de5", "referenced_uuid": "e2c7bb3e-63e8-4dee-bbd8-b7d6dc6e2e02", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-8408-453f-b9b7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "a0d754f9-7e32-4cf0-b275-0ffa94b3e01e", "value": "bd7dab59e6badce95dbe6d6d40778d09" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "e71396f2-d715-4f30-9587-917cfb665311", "value": "4652a511a93abff691e7ba012180a1f89843bc59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "409a9d76-ebf3-4a6a-b6a0-4d5835885a39", "value": "7f160a49ee4ad098f972f8bf86b52afeca4ccd77ed47f5282b36a9ab40040e5e" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055841", "uuid": "e2c7bb3e-63e8-4dee-bbd8-b7d6dc6e2e02", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "b254ae70-92a6-47ce-897d-c1c36d2d1b27", "value": "2019-11-17T10:14:43" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "21a45685-b76f-4220-ab22-124397af45b3", "value": "https://www.virustotal.com/file/7f160a49ee4ad098f972f8bf86b52afeca4ccd77ed47f5282b36a9ab40040e5e/analysis/1573985683/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "1a1cd1d6-0a7a-4625-9583-9867e6dceaf9", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055841", "uuid": "1e073b10-f5b2-4b40-b03d-2ac3c346c623", "ObjectReference": [ { "comment": "", "object_uuid": "1e073b10-f5b2-4b40-b03d-2ac3c346c623", "referenced_uuid": "78957d62-12a5-4e50-95bb-1bfc7d52c0a3", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-8c58-4eb6-9e61-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "dfa0f501-5597-4963-917b-eedb059268dd", "value": "9c8e3d1cfd6d13544d9a2b9b2ba7384a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "cb6dba7d-072c-4756-bc47-057e88d799ae", "value": "1e5b7486fe1d00ad7de6056563a9b5990e5638c7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "d7954200-b5e8-485b-be78-7162d4c98fd1", "value": "bbd1ebcab780a0d5018b033a89b83ea4216aad07c8c73e41c86e878d77d8a8a0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055841", "uuid": "78957d62-12a5-4e50-95bb-1bfc7d52c0a3", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "88526ae0-fbb6-44d3-8cdd-05e595b97849", "value": "2019-11-17T10:06:19" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "93eff5c2-5752-4858-93af-4cb4cbe15bb6", "value": "https://www.virustotal.com/file/bbd1ebcab780a0d5018b033a89b83ea4216aad07c8c73e41c86e878d77d8a8a0/analysis/1573985179/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "d8fcfd35-cc14-436c-8456-62825fae07bb", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055841", "uuid": "7b06cd6d-1b04-4eb1-a5b3-5ac16957a74b", "ObjectReference": [ { "comment": "", "object_uuid": "7b06cd6d-1b04-4eb1-a5b3-5ac16957a74b", "referenced_uuid": "225b9831-90f0-4a1d-b648-39c64b06e224", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-6800-41d9-8077-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "4c7ab784-3690-4f5c-ab64-25f56e3f5258", "value": "76cb9adc877e519f8e6954434e79dea1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "54e94948-bea0-43ff-ab8c-12f40b6c51ee", "value": "364559a5e20c44a51f4caeb174929cd0ed21a1c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "8f283db0-2c45-44fa-96ba-428317db6c8a", "value": "5a7b1f75b6082530340c4cacbc39341ec9c259f78297194fa0d6143cdf67c92b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055841", "uuid": "225b9831-90f0-4a1d-b648-39c64b06e224", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "490b9395-29af-4f73-8350-b41704f85eaa", "value": "2019-11-26T13:54:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "c5b56ba8-7f3a-444f-aa01-1f6d27d87f00", "value": "https://www.virustotal.com/file/5a7b1f75b6082530340c4cacbc39341ec9c259f78297194fa0d6143cdf67c92b/analysis/1574776467/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "81de19d1-2831-455e-8041-586936747ef9", "value": "53/67" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055842", "uuid": "4291cde9-27ef-450d-92ba-2744f8c947b6", "ObjectReference": [ { "comment": "", "object_uuid": "4291cde9-27ef-450d-92ba-2744f8c947b6", "referenced_uuid": "c144293b-4b7f-4679-904f-b7434c4d9c8a", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-2da4-445a-9f9a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054919", "to_ids": true, "type": "md5", "uuid": "af77e3a8-1512-4e82-a1af-245daeb74e09", "value": "850dd8031df8996f6066b7dead89cf7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054919", "to_ids": true, "type": "sha1", "uuid": "dc253e45-1686-4ae1-b9b5-c2425220b993", "value": "f0bb13f5f84eaa29cc8e4bfa214a6a4aae332a9e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054919", "to_ids": true, "type": "sha256", "uuid": "d918f0f6-ce52-4f49-b2ab-f618ccac6b4f", "value": "800636f452b0dad4e1b48e925463194ebb26ee2bb2a7d30e263766ae05801f13" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055842", "uuid": "c144293b-4b7f-4679-904f-b7434c4d9c8a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054919", "to_ids": false, "type": "datetime", "uuid": "6e84744a-7c12-4bde-9926-2be149004e8f", "value": "2019-11-26T14:39:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054919", "to_ids": false, "type": "link", "uuid": "12eff1fb-cbfb-4c03-bd7b-280de6dde94d", "value": "https://www.virustotal.com/file/800636f452b0dad4e1b48e925463194ebb26ee2bb2a7d30e263766ae05801f13/analysis/1574779161/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054919", "to_ids": false, "type": "text", "uuid": "36831e4c-4a3a-4165-9851-13131e10c40e", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055842", "uuid": "42f53055-e221-4cf7-b437-044ce5ca2211", "ObjectReference": [ { "comment": "", "object_uuid": "42f53055-e221-4cf7-b437-044ce5ca2211", "referenced_uuid": "178b2283-f003-4655-adb2-b3eb8bfb8661", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-caf0-4c52-81c1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "776a7f72-0fbb-4346-a452-31a1c4ddb13a", "value": "3cf6081cba529416b1061526b043ecac" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "001bb39e-7ee8-4b2f-911e-4ec4bf8483db", "value": "6bfaf1d63fb8ec6f6eaf5a7b363f67be4b7948ec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "f4a4f03c-35cd-4d3c-b1c9-29ad7f4ee13b", "value": "06fc21ab8354c6f6012ecc23d1c5fda1f8cb0be3b474a96da9587c6cadba99f6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055842", "uuid": "178b2283-f003-4655-adb2-b3eb8bfb8661", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "a0c0cf75-ede8-4d87-8d24-50c9e078cf1d", "value": "2019-11-16T08:47:59" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "9165dfc6-881f-4ea5-98f8-ecb985f8a9f6", "value": "https://www.virustotal.com/file/06fc21ab8354c6f6012ecc23d1c5fda1f8cb0be3b474a96da9587c6cadba99f6/analysis/1573894079/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "8e76d993-be80-434d-b021-b116339c9ca3", "value": "46/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055842", "uuid": "e077c8e1-eee3-490d-a8e6-650a84d6da8d", "ObjectReference": [ { "comment": "", "object_uuid": "e077c8e1-eee3-490d-a8e6-650a84d6da8d", "referenced_uuid": "3da85cd7-1e21-4793-afa9-f535e305f09d", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-6698-4b48-962c-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "e50cc7c8-b61c-4afb-b51d-70721c238174", "value": "80121f2435dc0f84043b7dda3152354b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "3445337e-faca-4c53-abb6-1e00c1812d4f", "value": "0a1ef9df5a309a7721c7f55ae1959cc951cc04c0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "bc09e670-aef8-45db-8683-0649f3517f2f", "value": "d885ace57e9c72d3026b994e70cbb52e68dde1df934e69084a9173c6d37f4023" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055842", "uuid": "3da85cd7-1e21-4793-afa9-f535e305f09d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "d984aefd-7786-45c3-abe3-34de9f107a68", "value": "2019-11-21T10:53:01" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "7269d431-52bf-40dd-ab0f-00ce9e767a81", "value": "https://www.virustotal.com/file/d885ace57e9c72d3026b994e70cbb52e68dde1df934e69084a9173c6d37f4023/analysis/1574333581/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "6381a9ba-4aa1-43ba-aa03-ed3d60633323", "value": "50/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055842", "uuid": "096051f1-52d6-40ff-9a26-27cc4cbd5340", "ObjectReference": [ { "comment": "", "object_uuid": "096051f1-52d6-40ff-9a26-27cc4cbd5340", "referenced_uuid": "eaf1bd61-312a-450d-a6ba-98a75c96cc4b", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-ac60-4337-ae44-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "493dbe16-7a17-4aec-830b-3036a6260506", "value": "c77333ce2cac64f607864923e26dd356" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "77093ffb-472c-48a4-bc92-d9b0db7d2560", "value": "2dffbcc7c91adaa686792e26d28e5d1703159704" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "d45220a6-1f9b-4eb7-823d-602dbbb6ca9c", "value": "d65de0d445035740cdf1cd4baf0405a8924edc0e9c3024aaa70df20cb7f28a32" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055843", "uuid": "eaf1bd61-312a-450d-a6ba-98a75c96cc4b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "2a3cdaba-bbef-4f6a-b136-e3c98c917337", "value": "2019-11-17T08:38:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "82f834ca-6df3-46b9-a696-842c0c0e31e4", "value": "https://www.virustotal.com/file/d65de0d445035740cdf1cd4baf0405a8924edc0e9c3024aaa70df20cb7f28a32/analysis/1573979934/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "1e20b630-870c-4eba-906a-8f01d3cd8ca7", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055843", "uuid": "e75a5ddc-399f-4cef-b8ef-3ba62b37f3fc", "ObjectReference": [ { "comment": "", "object_uuid": "e75a5ddc-399f-4cef-b8ef-3ba62b37f3fc", "referenced_uuid": "691f5fc6-1432-4104-b2ab-91845bef1c80", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-26a4-4625-87cc-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054848", "to_ids": true, "type": "md5", "uuid": "aca5c6ae-614a-4fcd-a257-a82b36b4dd98", "value": "351dba3b6d4ed53cc1c699adb5de5acb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054848", "to_ids": true, "type": "sha1", "uuid": "7f16f850-db95-49c3-8cf1-544758f467fb", "value": "6ed2cb63f05c7b0358a0dd2cda2b03a079661d49" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054848", "to_ids": true, "type": "sha256", "uuid": "2881dce2-50a1-463f-84a3-3d443bc10f21", "value": "51f64cb9a8e015fd8b960c82e5cceeeabe379966de4038b460e0d77bd91273ac" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055843", "uuid": "691f5fc6-1432-4104-b2ab-91845bef1c80", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054848", "to_ids": false, "type": "datetime", "uuid": "c1054c06-a75a-4bf1-9aed-493de1284aad", "value": "2019-12-05T04:55:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054848", "to_ids": false, "type": "link", "uuid": "858eead4-e7b1-4cfc-aff2-b0e6e9c01959", "value": "https://www.virustotal.com/file/51f64cb9a8e015fd8b960c82e5cceeeabe379966de4038b460e0d77bd91273ac/analysis/1575521742/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054848", "to_ids": false, "type": "text", "uuid": "6e59bc5e-50bb-4d2a-8caa-4e60fb3db0e6", "value": "56/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055843", "uuid": "6a5297e6-1764-4b15-833a-dcf2da04d712", "ObjectReference": [ { "comment": "", "object_uuid": "6a5297e6-1764-4b15-833a-dcf2da04d712", "referenced_uuid": "9c8c3b07-a837-487a-84d4-2bc1dc29af73", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-4128-4eea-ac6a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054893", "to_ids": true, "type": "md5", "uuid": "49e243b2-350e-4c2e-9db0-ac33c52a3c08", "value": "7d24f545690680c7905468139a7069f5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054893", "to_ids": true, "type": "sha1", "uuid": "495bdb53-a682-4459-b0b5-c1432c135015", "value": "998ceae0b5951b06680e380b99b16b4a4ca49d0b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054893", "to_ids": true, "type": "sha256", "uuid": "cda52dcc-f585-41f1-91ae-50fa311e0265", "value": "d2c301d3d084ae6f68000e2daed358fa538b4cf7e4f2d78ad86646c7d601fd95" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055843", "uuid": "9c8c3b07-a837-487a-84d4-2bc1dc29af73", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054893", "to_ids": false, "type": "datetime", "uuid": "d38a4d40-e669-4e2a-92de-53a3b24e588a", "value": "2019-11-26T13:21:38" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054893", "to_ids": false, "type": "link", "uuid": "8ee38e67-41b9-41e1-8a42-f7ee1342e967", "value": "https://www.virustotal.com/file/d2c301d3d084ae6f68000e2daed358fa538b4cf7e4f2d78ad86646c7d601fd95/analysis/1574774498/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054893", "to_ids": false, "type": "text", "uuid": "f3a47981-1c86-409b-88c0-ced4525164ad", "value": "57/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055843", "uuid": "0e099433-6b3b-4670-aee9-8b7df2e13945", "ObjectReference": [ { "comment": "", "object_uuid": "0e099433-6b3b-4670-aee9-8b7df2e13945", "referenced_uuid": "95dcd0fc-b65c-4d8d-810c-254cb5b8a74f", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-2cf8-493a-878f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "86da305b-2be9-410e-a83d-31fa79054b9c", "value": "75879dc703f89383b08912a50c7129d6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "cafcf9c7-e6c0-4ba7-9ba8-2746f8dd71d9", "value": "99364a4c44ed330dcbe95f634fd17a1bafbda436" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "0281a3c0-7dd6-4785-8e06-948c2abfedf6", "value": "fe59d5a474a9cd104bdd34d874e71cee88142eb467ea6c93962e23590194047a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055844", "uuid": "95dcd0fc-b65c-4d8d-810c-254cb5b8a74f", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "fc91f900-572c-4942-8fdd-7da9ddabcf44", "value": "2019-11-16T14:13:15" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "88872acc-3fcb-4e5a-94a7-f573dbdc688f", "value": "https://www.virustotal.com/file/fe59d5a474a9cd104bdd34d874e71cee88142eb467ea6c93962e23590194047a/analysis/1573913595/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "fd1792c7-caf4-41fd-bdd6-547fa61a15ba", "value": "41/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055844", "uuid": "7bc9e536-46da-4612-85ef-3ae475a779e5", "ObjectReference": [ { "comment": "", "object_uuid": "7bc9e536-46da-4612-85ef-3ae475a779e5", "referenced_uuid": "164e873a-a433-47c5-b72a-871a36a0277a", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-3c78-431c-aa6a-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "f6a39238-0dba-4582-a741-084a6aecf6c1", "value": "d0c978cccafe592d451779d347338fc3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "4c2e652c-e5ec-499f-aff4-85f29d27f69e", "value": "ed8f6c559e926da62768d56d20149279bdaa4eb2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "9e2ce232-b5df-439b-b762-431fb52b07bd", "value": "08f53891c69302e820db6ec3e54907497c50133a0b02d8151a3f0f84d4d798d0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055844", "uuid": "164e873a-a433-47c5-b72a-871a36a0277a", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "737ed95a-a5d2-409f-bb01-547b7f0b9274", "value": "2019-11-10T17:00:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "6bc0074d-41d0-4ddd-8ea2-b1f31fe46664", "value": "https://www.virustotal.com/file/08f53891c69302e820db6ec3e54907497c50133a0b02d8151a3f0f84d4d798d0/analysis/1573405223/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "aa5857c5-dea8-4872-be23-3e9c1d06aaba", "value": "32/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055844", "uuid": "a4efc00e-8725-46d8-8eea-f816f13f8217", "ObjectReference": [ { "comment": "", "object_uuid": "a4efc00e-8725-46d8-8eea-f816f13f8217", "referenced_uuid": "61f15f05-9676-4c7f-9d50-63725077ca79", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-d63c-4ef8-897f-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "907271fe-86d4-41ab-b459-59005234d11d", "value": "9d70dd53cf51cd1a1fbddeadb38d7767" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "2d2cb87a-4b40-4bd3-ab83-624398f03bba", "value": "578f4653d1be0654f13345742ef32f0c4122d3f7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "8b2fc99b-30c3-43f9-9333-78d39e17d135", "value": "56f4307bffe1f95775fea20b85fe181ea7d0b1d0713b59d1183cc37535e9402d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055844", "uuid": "61f15f05-9676-4c7f-9d50-63725077ca79", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "72e46504-61ab-413a-827b-8ee06238799b", "value": "2019-11-26T15:03:20" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "7887bdea-f0d7-41f8-be1c-0b410de48ce1", "value": "https://www.virustotal.com/file/56f4307bffe1f95775fea20b85fe181ea7d0b1d0713b59d1183cc37535e9402d/analysis/1574780600/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "dc66794e-78e6-4e06-8f6a-bf1bb8891d76", "value": "57/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055844", "uuid": "5ac70318-589c-4c88-9b83-9e3c52632fee", "ObjectReference": [ { "comment": "", "object_uuid": "5ac70318-589c-4c88-9b83-9e3c52632fee", "referenced_uuid": "cd1c5269-192d-46b2-8484-d5672a05cdd2", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-c980-4cec-9624-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "fa9eea34-6a6f-440f-9368-d11d658a889e", "value": "045b32edfccb5d82ff2230debcbb0165" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "54c8cf77-0ce4-4278-9ffc-385643cf38cd", "value": "07ea28f918fef1f234fb008aa1f726997ba7b9d7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "9553b7e5-59bd-41b1-bf0c-f4c3f16a51a3", "value": "c839355e4a53b4ec4a7cc4267efc78a9d7ddc429cb76b3aaa38a70857810d846" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055845", "uuid": "cd1c5269-192d-46b2-8484-d5672a05cdd2", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "71274237-5159-48fe-bc21-b565b3d1a13f", "value": "2019-11-09T14:01:10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "9577a5c8-392a-4175-9648-6ed35e40c448", "value": "https://www.virustotal.com/file/c839355e4a53b4ec4a7cc4267efc78a9d7ddc429cb76b3aaa38a70857810d846/analysis/1573308070/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "ede36884-8762-47f7-84f7-6526c4eda086", "value": "14/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055846", "uuid": "8e994ef7-443b-4711-a08b-5a654a62ca50", "ObjectReference": [ { "comment": "", "object_uuid": "8e994ef7-443b-4711-a08b-5a654a62ca50", "referenced_uuid": "bd08d423-1190-4b66-9395-012fc9783231", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-1fc0-4f8a-8b74-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "85914980-bf55-4cdc-82eb-c4aeebff19ef", "value": "e9bd7eb34ff4e7d583b2570ae607c2c2" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "df9e2093-be81-4ce6-a4ce-910cfe1cb4ff", "value": "9d79796a0ccf1490b97a23cb529ca48cfeb48693" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "beedfd61-b2c8-47d4-8624-b3f4ca1c20a1", "value": "35c322773997578185364bf8ec420dea5195e1e450aa0585c805115c593d62d1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055846", "uuid": "bd08d423-1190-4b66-9395-012fc9783231", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "68e34e5b-354b-4b19-b3d2-0dcf81ff4a94", "value": "2019-11-17T03:36:51" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "d2afbd49-5400-4a1d-9c59-e3b590d6a185", "value": "https://www.virustotal.com/file/35c322773997578185364bf8ec420dea5195e1e450aa0585c805115c593d62d1/analysis/1573961811/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "520a4e6f-b1fd-42bd-993d-99c238329edb", "value": "45/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055846", "uuid": "a6c70bd6-5746-4f7d-816e-13c91d9750c7", "ObjectReference": [ { "comment": "", "object_uuid": "a6c70bd6-5746-4f7d-816e-13c91d9750c7", "referenced_uuid": "af5461e7-5cb9-4010-b77e-07e856f70881", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-7a84-4fa1-86ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "83c25926-bd73-454d-8953-f0c0c81e37f1", "value": "fcfc6d7e36c86ada816eb9e046f61461" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "cc9b9eb4-4651-46b4-a0d9-4c4a6ab7be3a", "value": "cdf4e2cbf5b17645bff433c603c9fda0d3e066a7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "1d4c2acf-b774-4da7-955a-f4b0e926193e", "value": "0ba437dde133d54fe3ee1c2882320698fa2b0738d7ed8ffd53f1d76ea8897481" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055846", "uuid": "af5461e7-5cb9-4010-b77e-07e856f70881", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "a00b9882-4637-4deb-85a8-a06c199e12ea", "value": "2019-11-29T17:41:36" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "118cff82-f298-40a6-9d97-1ca16c295933", "value": "https://www.virustotal.com/file/0ba437dde133d54fe3ee1c2882320698fa2b0738d7ed8ffd53f1d76ea8897481/analysis/1575049296/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "9a62cc48-7f70-4ee2-8d96-0c35653317f1", "value": "51/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055846", "uuid": "963eab17-4976-4e37-a597-18564603f162", "ObjectReference": [ { "comment": "", "object_uuid": "963eab17-4976-4e37-a597-18564603f162", "referenced_uuid": "02d36b0e-fd99-4989-9d36-810644b59d5b", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-039c-4469-bbf3-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054844", "to_ids": true, "type": "md5", "uuid": "349f2cb7-fa75-4ba8-93b0-942d9d623954", "value": "e150ecd8ea4d9d6b59108b2f0ce7a258" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054844", "to_ids": true, "type": "sha1", "uuid": "0f53815c-cc2a-4538-bda8-157ae777ff10", "value": "8da35e1a350c6f44b981923096da970b7773e5e0" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054844", "to_ids": true, "type": "sha256", "uuid": "74afe2e2-fe7c-4bfa-9808-fc4867f76053", "value": "9544a35e1dcc645da251a6a56db8bf5232b14824c1591b2760cfcb62ee4eb127" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055846", "uuid": "02d36b0e-fd99-4989-9d36-810644b59d5b", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054844", "to_ids": false, "type": "datetime", "uuid": "f174f23c-ade1-409a-9b4c-28bb9c038869", "value": "2019-11-28T21:00:21" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054844", "to_ids": false, "type": "link", "uuid": "5770b587-9296-4447-bd50-63da973c49bb", "value": "https://www.virustotal.com/file/9544a35e1dcc645da251a6a56db8bf5232b14824c1591b2760cfcb62ee4eb127/analysis/1574974821/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054844", "to_ids": false, "type": "text", "uuid": "d64a2fbf-1f01-45ab-9f41-01c5df499579", "value": "54/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055846", "uuid": "986317b2-6bcb-4cbf-97a0-fa7112dd0685", "ObjectReference": [ { "comment": "", "object_uuid": "986317b2-6bcb-4cbf-97a0-fa7112dd0685", "referenced_uuid": "7c1083ee-e7b6-482f-9879-13ec6ee3c5c7", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-18f0-4fce-8ebd-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "ab567036-95a7-415d-a323-b17e15fcce1d", "value": "0cb675a8c1010082dac043a36cefe403" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "c517e5eb-2d43-4845-ae4d-82f4595caea5", "value": "4a93025e5be47729620aaa7f0626108ba69c94aa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "19be2ef3-025e-4c56-831c-cd7d79e93d6a", "value": "3b16a2c27a1869216641d1ae2fa122d1d62b7b2c03ccbb98b92a35c91231b561" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055846", "uuid": "7c1083ee-e7b6-482f-9879-13ec6ee3c5c7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "002c271a-3e1a-4452-8c69-55a81307de17", "value": "2019-12-04T20:33:54" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "6a274514-7bbc-4a19-82b4-59f21abe5800", "value": "https://www.virustotal.com/file/3b16a2c27a1869216641d1ae2fa122d1d62b7b2c03ccbb98b92a35c91231b561/analysis/1575491634/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "26a81c35-a3f0-45f7-9876-37dbd63c0770", "value": "51/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055847", "uuid": "f1cd008e-8200-480d-a5fb-8e173036480e", "ObjectReference": [ { "comment": "", "object_uuid": "f1cd008e-8200-480d-a5fb-8e173036480e", "referenced_uuid": "aaedd3d9-81ad-48d4-bb08-21118d6c5c92", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-bb24-4b84-a1ae-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "c47c1b9b-a7d8-468b-9b54-ae35232244f1", "value": "bb2795bfd28075b3aa25ce154906eebb" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "a684d0c7-9fad-4f89-8783-b1b2b8920eda", "value": "e1646cdb300f64772113184e8950a020464a07fa" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "084a2707-89bb-4246-9dbc-df6d3e345e28", "value": "3da8dba74d4e1965885ee13b87a34296cd0bed175cdc52f7995bce780a88d3fa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055847", "uuid": "aaedd3d9-81ad-48d4-bb08-21118d6c5c92", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "328987a6-dabc-46ac-a543-a2c748b23004", "value": "2019-11-16T23:38:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "cae6bf99-e21e-4642-b560-ff83af6c471d", "value": "https://www.virustotal.com/file/3da8dba74d4e1965885ee13b87a34296cd0bed175cdc52f7995bce780a88d3fa/analysis/1573947520/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "5ac6b192-8f5b-4ac3-8c24-f277f1a2363a", "value": "48/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055847", "uuid": "b3c485b6-9b8a-4569-ba1a-8b9d6dda76b4", "ObjectReference": [ { "comment": "", "object_uuid": "b3c485b6-9b8a-4569-ba1a-8b9d6dda76b4", "referenced_uuid": "69b65471-2062-4ad8-8af4-58686651264c", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-055c-41c2-9b34-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "5592b854-819c-4887-870b-309f3b3fb6bb", "value": "e47de8e10070b792e2157589187a8c6f" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "9a4f3def-beae-4dd6-abe2-c1dbd779946c", "value": "6db05bb248acf02c72e9f3e79948dbf4e93e27c1" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "f807dc39-6e6b-493e-ad25-bdc278284eaa", "value": "5b706dbca4b0975be310481c0a238641873bab44cd73de01d09ae00cd0061287" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055847", "uuid": "69b65471-2062-4ad8-8af4-58686651264c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "cbc503a6-b503-4e79-b093-e6840dfc3ec8", "value": "2019-11-24T16:24:27" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "7b70bef5-65b9-4cc0-aae5-f33427f54b9a", "value": "https://www.virustotal.com/file/5b706dbca4b0975be310481c0a238641873bab44cd73de01d09ae00cd0061287/analysis/1574612667/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "4215f01d-3924-4007-a342-9fa587b553e1", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055847", "uuid": "ef8cca41-43ea-487a-a1ec-12b5fefd4e8f", "ObjectReference": [ { "comment": "", "object_uuid": "ef8cca41-43ea-487a-a1ec-12b5fefd4e8f", "referenced_uuid": "039b1866-5082-48d1-ac4f-8458c388d040", "relationship_type": "analysed-with", "timestamp": "1576055902", "uuid": "5df0b45e-f620-4192-a243-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "c3408e2f-11c2-45aa-9307-dca83ecc05bf", "value": "bf5b2c87a10160ed1f793bd45ea4b930" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "8ee59497-e1f9-4533-bb57-d72d943ed5e4", "value": "8807b5c53f4c466874662c207515fefaaf3d6e7c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "17d86c03-f8ba-4a63-a09f-8e834fbf3f40", "value": "424708e82897b74f3b31cc8408949e969353177be0fa88ddfc387f050971068b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055847", "uuid": "039b1866-5082-48d1-ac4f-8458c388d040", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "6a87cd4c-5c80-4b8e-bb3f-3231a59059c3", "value": "2019-11-14T09:10:53" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "9f02e652-bc53-4150-965f-94b521750e37", "value": "https://www.virustotal.com/file/424708e82897b74f3b31cc8408949e969353177be0fa88ddfc387f050971068b/analysis/1573722653/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "9ee9be73-2120-48f2-8d4a-c24a9805a4bd", "value": "44/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055847", "uuid": "226fe583-a514-41be-bd33-7866c1179721", "ObjectReference": [ { "comment": "", "object_uuid": "226fe583-a514-41be-bd33-7866c1179721", "referenced_uuid": "0ffab07c-a846-47b1-aa43-521be8c2a596", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-dd08-474c-8859-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054847", "to_ids": true, "type": "md5", "uuid": "30a902e3-7858-402b-baae-d580ada6e437", "value": "9c681568ebdc3f38c16a7d3cce428886" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054847", "to_ids": true, "type": "sha1", "uuid": "77d305ad-28fc-4728-bca5-ff4af0e46e69", "value": "c3664bc584061b7d85b9b77961a5285698d7c350" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054847", "to_ids": true, "type": "sha256", "uuid": "900df63d-fe65-4bce-82ae-6f5b2ab46736", "value": "ffcb32513e35a6404482528b90b4eaab4bb4e3b4d2bffde5be51fe1fac0eb152" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055848", "uuid": "0ffab07c-a846-47b1-aa43-521be8c2a596", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054847", "to_ids": false, "type": "datetime", "uuid": "a2f4bb05-c1bf-4d87-8ca7-681707f8e8e9", "value": "2019-11-21T10:27:42" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054847", "to_ids": false, "type": "link", "uuid": "4c387a23-6fea-4aa0-b89b-90ffe16841da", "value": "https://www.virustotal.com/file/ffcb32513e35a6404482528b90b4eaab4bb4e3b4d2bffde5be51fe1fac0eb152/analysis/1574332062/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054847", "to_ids": false, "type": "text", "uuid": "78d15162-3f29-4786-b1a2-ee9a1d38fa93", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055848", "uuid": "50dec8fe-3cd0-4f41-a870-20a9b6db6128", "ObjectReference": [ { "comment": "", "object_uuid": "50dec8fe-3cd0-4f41-a870-20a9b6db6128", "referenced_uuid": "3c4872eb-8452-4a07-b687-9c0f6e7a095c", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-f62c-42ad-9693-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "c646734c-fd80-4b49-a2c3-61f71647ae5e", "value": "ff9d91a5501bf54c51567d38ad1226c3" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "050bc872-b42f-4d5f-b1ac-41e661ccb05e", "value": "450279b8b58911337be66d631daf8dbf221391b4" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "219b8884-7b04-4033-bfdf-d278fd53f4f2", "value": "6a1fcfdd092049a7fd75b42fb7e8e3f256806098ce884c06ca683d145a875fc5" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055848", "uuid": "3c4872eb-8452-4a07-b687-9c0f6e7a095c", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "56b868d6-bd8f-4ab4-86dc-37bed42878ce", "value": "2019-11-28T10:26:56" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "2d8aab43-dd8b-413b-9038-330649c24f1e", "value": "https://www.virustotal.com/file/6a1fcfdd092049a7fd75b42fb7e8e3f256806098ce884c06ca683d145a875fc5/analysis/1574936816/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "88d98fbf-afea-4724-a3b7-924a73cc5899", "value": "50/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055848", "uuid": "c47ca59f-8107-44e0-bede-9da7ed3e3ddd", "ObjectReference": [ { "comment": "", "object_uuid": "c47ca59f-8107-44e0-bede-9da7ed3e3ddd", "referenced_uuid": "06b80fbd-8d89-4ff3-a9c4-97c0f4799814", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-a82c-4ee6-8cdf-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054921", "to_ids": true, "type": "md5", "uuid": "49cd4ed7-3199-4fa2-addb-c8955543006b", "value": "0936ff4ec153b2c8d01db48fa2078391" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054921", "to_ids": true, "type": "sha1", "uuid": "557f91bd-bdac-4232-bb56-c999f6043261", "value": "51cf005b9976da113b5617d0beed9329ff85f45a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054921", "to_ids": true, "type": "sha256", "uuid": "89a3eb86-ca6b-42ba-8599-3d248c13b789", "value": "9f0ab599f89caa081c5f65e1666092da42759d27a6e272508ee2d3b416659e7b" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055848", "uuid": "06b80fbd-8d89-4ff3-a9c4-97c0f4799814", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054921", "to_ids": false, "type": "datetime", "uuid": "41889e7a-67a1-43aa-8f18-bcdf27416f20", "value": "2019-11-13T11:23:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054921", "to_ids": false, "type": "link", "uuid": "ce0183f2-50b1-4fe7-bd44-213704e4f586", "value": "https://www.virustotal.com/file/9f0ab599f89caa081c5f65e1666092da42759d27a6e272508ee2d3b416659e7b/analysis/1573644232/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054921", "to_ids": false, "type": "text", "uuid": "e5d708d0-2d47-4060-bdc7-c9bc26befbc6", "value": "45/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055848", "uuid": "793a3327-6441-4b54-a2d6-60235d929428", "ObjectReference": [ { "comment": "", "object_uuid": "793a3327-6441-4b54-a2d6-60235d929428", "referenced_uuid": "8485114a-e92b-40bc-a589-7c4820cce159", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-b658-4c2b-9ac7-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054924", "to_ids": true, "type": "md5", "uuid": "e59158a9-ac59-4956-b45f-2e26b0209f20", "value": "78af5eab9d316c71f4e08f56e6bac7e5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054924", "to_ids": true, "type": "sha1", "uuid": "6a2251cf-e1c6-437e-9efe-4d1c49c7455a", "value": "afa41963a34fbb7f37c296b4f6f07375e02d62a5" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054924", "to_ids": true, "type": "sha256", "uuid": "ad69117d-e0a2-4ce6-8206-4afdca31da46", "value": "d49247bd53a156dd0c9f89240ae41dcda9b393ed204f5656735cd2079dd2653f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055849", "uuid": "8485114a-e92b-40bc-a589-7c4820cce159", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054924", "to_ids": false, "type": "datetime", "uuid": "17f0d662-bfd9-41b5-8b83-7ce900251bb7", "value": "2019-11-07T22:00:52" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054924", "to_ids": false, "type": "link", "uuid": "451a3e0d-5af7-4008-8b07-fc5713dc7018", "value": "https://www.virustotal.com/file/d49247bd53a156dd0c9f89240ae41dcda9b393ed204f5656735cd2079dd2653f/analysis/1573164052/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054924", "to_ids": false, "type": "text", "uuid": "28ebd0cf-203e-46ed-b925-eafd7f57cdb6", "value": "8/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055849", "uuid": "5807ca57-bc74-4766-ba66-c3799022d537", "ObjectReference": [ { "comment": "", "object_uuid": "5807ca57-bc74-4766-ba66-c3799022d537", "referenced_uuid": "5103ca8a-800c-49b0-9213-441f504a0ef9", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-6f9c-4f7d-b13d-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054915", "to_ids": true, "type": "md5", "uuid": "fcd9877f-de3d-4257-a9a6-91781ea51c8f", "value": "b911896f9c216e4fa9dee35132f23316" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054915", "to_ids": true, "type": "sha1", "uuid": "addd7f93-5f8e-4d70-b97a-8f7883ba3692", "value": "8202177f28fce9dd1bc9a966b26181863b1f777e" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054915", "to_ids": true, "type": "sha256", "uuid": "5db5348c-9130-4c85-a6a5-203e0b4abf83", "value": "4926cd1eda6ef5314a1eaa49d2a9ddaf9ea1894cb97bc29a57ad28bff70c4b07" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055849", "uuid": "5103ca8a-800c-49b0-9213-441f504a0ef9", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054915", "to_ids": false, "type": "datetime", "uuid": "36305cb4-7dbf-499d-a507-dd54ea9d13ae", "value": "2019-11-10T14:15:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054915", "to_ids": false, "type": "link", "uuid": "f27137ee-fc31-4da5-9e15-e39572ae358d", "value": "https://www.virustotal.com/file/4926cd1eda6ef5314a1eaa49d2a9ddaf9ea1894cb97bc29a57ad28bff70c4b07/analysis/1573395346/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054915", "to_ids": false, "type": "text", "uuid": "7b4b6afd-3faa-47d0-83a5-068b2e9961dc", "value": "39/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055849", "uuid": "4eaa3b4f-092f-47d3-82c1-737f44a09d84", "ObjectReference": [ { "comment": "", "object_uuid": "4eaa3b4f-092f-47d3-82c1-737f44a09d84", "referenced_uuid": "fef1241e-6180-442e-a04f-37882c440f94", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-4054-4f6e-909b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054845", "to_ids": true, "type": "md5", "uuid": "746f796b-67b2-46fa-879c-7735416af06a", "value": "eb0cab67609c1fe01c3d5286f241ec12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054845", "to_ids": true, "type": "sha1", "uuid": "4afac5da-44ef-4eee-be67-fb4550be17db", "value": "900ba9c45ed24585fd7e05736daca114146f9cc7" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054845", "to_ids": true, "type": "sha256", "uuid": "68aa97ea-d26b-4efb-a53b-07c736c2ec19", "value": "34c389cd507f99a380deb6ccabe2c6cead6f25e5fe78e710acdf8707a60a57ec" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055850", "uuid": "fef1241e-6180-442e-a04f-37882c440f94", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054845", "to_ids": false, "type": "datetime", "uuid": "b16c58e8-3672-4636-839a-49d83dcabc42", "value": "2019-11-21T10:20:46" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054845", "to_ids": false, "type": "link", "uuid": "a80f6b64-ed29-435a-9ef9-77d47af7d7c7", "value": "https://www.virustotal.com/file/34c389cd507f99a380deb6ccabe2c6cead6f25e5fe78e710acdf8707a60a57ec/analysis/1574331646/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054845", "to_ids": false, "type": "text", "uuid": "2d3c5a86-3f28-44c0-9f84-641fe84dbc98", "value": "45/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055850", "uuid": "f19f7fe6-911c-4772-b318-3fc134181a04", "ObjectReference": [ { "comment": "", "object_uuid": "f19f7fe6-911c-4772-b318-3fc134181a04", "referenced_uuid": "d4381004-4cb5-4eb5-ace2-c1e4a08fbfb7", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-e5d4-42f8-9c16-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054916", "to_ids": true, "type": "md5", "uuid": "3b860db4-87d0-4711-b271-21147b5a3dd3", "value": "4cc268755f774668b17cfed152bbf98a" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054916", "to_ids": true, "type": "sha1", "uuid": "daddc265-98ce-4545-9cd0-f7b16e54a6bf", "value": "376d412b8c522d69eba82fa538634665699b2e16" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054916", "to_ids": true, "type": "sha256", "uuid": "f3248915-97e0-45d1-b0e0-23a172d239a8", "value": "edea204fcd030a0b00c8951b1fa6dd0397129067f893b2da490f32d4e8a7f2dc" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055850", "uuid": "d4381004-4cb5-4eb5-ace2-c1e4a08fbfb7", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054916", "to_ids": false, "type": "datetime", "uuid": "34604817-62ae-4bee-bafb-91cc678f841d", "value": "2019-11-17T09:13:03" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054916", "to_ids": false, "type": "link", "uuid": "450cbfc6-6834-4449-a6c8-1276754c49a9", "value": "https://www.virustotal.com/file/edea204fcd030a0b00c8951b1fa6dd0397129067f893b2da490f32d4e8a7f2dc/analysis/1573981983/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054916", "to_ids": false, "type": "text", "uuid": "7110b34b-71ca-41b0-ac99-ceece7adddc9", "value": "44/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055850", "uuid": "01b59dd8-4bc6-4e51-9e74-355e39d0a682", "ObjectReference": [ { "comment": "", "object_uuid": "01b59dd8-4bc6-4e51-9e74-355e39d0a682", "referenced_uuid": "4cef2bfa-e8af-4f8c-beea-1e92db05b867", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-df24-4379-bd50-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054849", "to_ids": true, "type": "md5", "uuid": "884a3eb1-24b1-4b04-8ed6-54dc318366ce", "value": "89beba9fd1efe0b1fe641780c6e34e1b" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054849", "to_ids": true, "type": "sha1", "uuid": "bd55c0fc-8c3a-4d21-bdaf-aaca7f7c39c4", "value": "e8e27525ffe6325ea439e5c357cc1eee608581fe" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054849", "to_ids": true, "type": "sha256", "uuid": "ec82ced1-977f-4694-88d3-041bf19adc27", "value": "3f819b905a4cec128b33469fe4b8eda61f969ec58247955a0b98b021e9a16a48" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055850", "uuid": "4cef2bfa-e8af-4f8c-beea-1e92db05b867", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054849", "to_ids": false, "type": "datetime", "uuid": "9a9d1254-9c03-46f5-8227-ffc3a8617696", "value": "2019-11-24T16:24:58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054849", "to_ids": false, "type": "link", "uuid": "02678b21-1ebe-4af7-8a5a-4d695a45edca", "value": "https://www.virustotal.com/file/3f819b905a4cec128b33469fe4b8eda61f969ec58247955a0b98b021e9a16a48/analysis/1574612698/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054849", "to_ids": false, "type": "text", "uuid": "74564750-1d36-4615-b118-6d54cfa26a15", "value": "52/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055852", "uuid": "dbf658d0-da2b-4e98-92c8-4fe1014d7849", "ObjectReference": [ { "comment": "", "object_uuid": "dbf658d0-da2b-4e98-92c8-4fe1014d7849", "referenced_uuid": "1d589c18-3ec3-4138-8e6e-ca6f296f1847", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-1590-4666-99ad-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054920", "to_ids": true, "type": "md5", "uuid": "08a3a77b-8953-4d26-971e-f3253234ddee", "value": "9ab9f375f7f6bf363ab94ff7c6703af6" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054920", "to_ids": true, "type": "sha1", "uuid": "985f52df-6195-444b-b09c-1b5521c53ae2", "value": "b8faf1c738e02d23f022106e96c96c571673c259" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054920", "to_ids": true, "type": "sha256", "uuid": "7c05ed3c-1adc-4ce5-87f1-6307ab2cfbfc", "value": "a0970b9addb86c5dca18c5b4e155b93b6f5a5d45106568014de8310367433d78" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055852", "uuid": "1d589c18-3ec3-4138-8e6e-ca6f296f1847", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054920", "to_ids": false, "type": "datetime", "uuid": "05343474-c038-42da-8ab0-1f36335c4380", "value": "2019-11-12T05:42:40" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054920", "to_ids": false, "type": "link", "uuid": "e829eff1-e21b-4580-804e-bb38db71b92a", "value": "https://www.virustotal.com/file/a0970b9addb86c5dca18c5b4e155b93b6f5a5d45106568014de8310367433d78/analysis/1573537360/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054920", "to_ids": false, "type": "text", "uuid": "a615581f-9bfa-46b4-8186-ae1543b0c4e6", "value": "35/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055852", "uuid": "13b44bea-1d81-49ef-8063-f34bffa7bc4e", "ObjectReference": [ { "comment": "", "object_uuid": "13b44bea-1d81-49ef-8063-f34bffa7bc4e", "referenced_uuid": "3af0974d-d8d7-458f-9b9a-4db4aa839f43", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-01c4-40e9-8554-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054913", "to_ids": true, "type": "md5", "uuid": "c43548cf-b4cf-425c-84cc-6ad006e72035", "value": "304c392be941887a569787af0baf1cea" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054913", "to_ids": true, "type": "sha1", "uuid": "5fd35e32-5515-4138-96d5-40b5814857c7", "value": "b8a016a513824f0b66dc15f3f885bdaa89c6890c" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054913", "to_ids": true, "type": "sha256", "uuid": "75786a03-8a5a-4ed7-8a29-cee5e1a0728d", "value": "bf41c236fc909089e5b4220ed35d7b2c379ba862aa469219ea0c03ed7fe02de2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055853", "uuid": "3af0974d-d8d7-458f-9b9a-4db4aa839f43", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054913", "to_ids": false, "type": "datetime", "uuid": "b6adb7db-2081-43db-a228-ab3a324381cd", "value": "2019-11-30T23:39:17" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054913", "to_ids": false, "type": "link", "uuid": "06bb6adf-f2d6-494e-aa9e-9c7fbc3520b6", "value": "https://www.virustotal.com/file/bf41c236fc909089e5b4220ed35d7b2c379ba862aa469219ea0c03ed7fe02de2/analysis/1575157157/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054913", "to_ids": false, "type": "text", "uuid": "79f93585-71ff-4a76-8c29-c0d335dc4212", "value": "48/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055853", "uuid": "1a53820f-5888-4777-9aee-8b8e0b61bed5", "ObjectReference": [ { "comment": "", "object_uuid": "1a53820f-5888-4777-9aee-8b8e0b61bed5", "referenced_uuid": "ada1ab8f-647a-4bd0-9b40-355d456990cb", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-fd34-486c-96b4-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054914", "to_ids": true, "type": "md5", "uuid": "8789c40a-49c6-4037-9e21-3aef84f20dd9", "value": "c4fcf9946d218138f3ceaafe35d33c39" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054914", "to_ids": true, "type": "sha1", "uuid": "59a7466f-4956-4bcf-84fa-d26dcf0df2ad", "value": "d94a09ee6e670661a3132bbe8de3591ea0d386bf" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054914", "to_ids": true, "type": "sha256", "uuid": "7e66dad9-bf2b-414d-8197-00c70af29030", "value": "017ac2aed0f08d650d722308b79fb8f831b9be6f43c4368b7394b44ffd4f6f09" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055853", "uuid": "ada1ab8f-647a-4bd0-9b40-355d456990cb", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054914", "to_ids": false, "type": "datetime", "uuid": "403e2254-1e09-4162-8ab9-727f14296e6a", "value": "2019-11-16T09:08:12" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054914", "to_ids": false, "type": "link", "uuid": "753bcf73-24cc-4453-9a1d-d811953341ff", "value": "https://www.virustotal.com/file/017ac2aed0f08d650d722308b79fb8f831b9be6f43c4368b7394b44ffd4f6f09/analysis/1573895292/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054914", "to_ids": false, "type": "text", "uuid": "74ab259b-667e-438d-b936-e5d5c2583073", "value": "43/69" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055853", "uuid": "1429c623-c7c9-494c-9515-6f69b26cc3af", "ObjectReference": [ { "comment": "", "object_uuid": "1429c623-c7c9-494c-9515-6f69b26cc3af", "referenced_uuid": "b4d4de39-ecb9-429c-9ef6-a9db4f14947d", "relationship_type": "analysed-with", "timestamp": "1576055903", "uuid": "5df0b45f-bcc4-4ef5-98a1-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054937", "to_ids": true, "type": "md5", "uuid": "8d8868a8-2eba-459a-88a2-bd657c2c05ba", "value": "1e98d379d8edcb7b6d4d1480c0dfff10" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054937", "to_ids": true, "type": "sha1", "uuid": "2122021c-417d-445d-8f2e-cd0e401ee318", "value": "623e6ff4c4d2589820a58bae1d8cef6fd799be58" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054937", "to_ids": true, "type": "sha256", "uuid": "23b837b2-d23f-4a24-94b8-72e87deca917", "value": "09e6f6ef125c7ce41a07b72f6bb16ca3036de4c309d864f2fe1d5eebd4a01b4d" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055853", "uuid": "b4d4de39-ecb9-429c-9ef6-a9db4f14947d", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054937", "to_ids": false, "type": "datetime", "uuid": "a7a9a55e-aeb9-4836-b374-3cc53621fc1b", "value": "2019-11-10T01:00:23" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054937", "to_ids": false, "type": "link", "uuid": "e280ee71-8b00-493a-accc-48767d05d4b0", "value": "https://www.virustotal.com/file/09e6f6ef125c7ce41a07b72f6bb16ca3036de4c309d864f2fe1d5eebd4a01b4d/analysis/1573347623/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054937", "to_ids": false, "type": "text", "uuid": "d27d950a-58c2-43f7-a080-11369a2041b4", "value": "46/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1576055853", "uuid": "45a7c66b-623c-4608-856c-f81e805d30f0", "ObjectReference": [ { "comment": "", "object_uuid": "45a7c66b-623c-4608-856c-f81e805d30f0", "referenced_uuid": "f1af9694-19f6-448e-99a8-4bbcbc9627b6", "relationship_type": "analysed-with", "timestamp": "1576055904", "uuid": "5df0b460-8ea4-4f35-af0b-7da8950d210f" } ], "Attribute": [ { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1576054922", "to_ids": true, "type": "md5", "uuid": "35c2b81a-5059-47d5-b97a-b4b0423995ce", "value": "1885973f3de1dafaad7cf7cae39e9eec" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1576054922", "to_ids": true, "type": "sha1", "uuid": "bce9fec4-8d09-4514-809f-8d9e721bcaa9", "value": "cf411e50189eb2b57eb584ae7b56341b187bc363" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1576054922", "to_ids": true, "type": "sha256", "uuid": "5646d5ba-ecbe-4a8c-9289-16869b77cb7a", "value": "80048f4537854c73c3a77a4a746e436e60c75956a3823e979658c6dad919e47f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1576055854", "uuid": "f1af9694-19f6-448e-99a8-4bbcbc9627b6", "Attribute": [ { "category": "Other", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1576054922", "to_ids": false, "type": "datetime", "uuid": "5edaf176-f98b-4ddf-984f-4e7356faccc9", "value": "2019-11-06T21:10:41" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1576054922", "to_ids": false, "type": "link", "uuid": "523910d5-06e1-4e38-8237-94247508cd30", "value": "https://www.virustotal.com/file/80048f4537854c73c3a77a4a746e436e60c75956a3823e979658c6dad919e47f/analysis/1573074641/" }, { "category": "Payload delivery", "comment": "from https://raw.githubusercontent.com/pan-unit42/iocs/master/Trickbot/trickbot_cashcore_hashes.txt", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1576054922", "to_ids": false, "type": "text", "uuid": "0e22f409-a4f9-463c-82cf-3206c66d4812", "value": "12/70" } ] } ] } }