{ "Event": { "analysis": "0", "date": "2016-07-18", "extends_uuid": "", "info": "Malspam 2016-07-18 .wsf (campaign: \"company database\")", "publish_timestamp": "1468852881", "published": true, "threat_level_id": "3", "timestamp": "1468852850", "uuid": "578cde89-5064-4b29-96c5-45e6950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#3b7500", "local": "0", "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849850", "to_ids": true, "type": "url", "uuid": "578cdeba-c690-488e-8d7a-403a950d210f", "value": "http://gv.com.my/qbnuau" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849850", "to_ids": true, "type": "hostname", "uuid": "578cdeba-e67c-4f0e-979f-4bdf950d210f", "value": "gv.com.my" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849851", "to_ids": true, "type": "ip-dst", "uuid": "578cdebb-7cb4-4c25-832c-455b950d210f", "value": "210.48.153.240" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849851", "to_ids": true, "type": "url", "uuid": "578cdebb-1b0c-47ad-8402-445a950d210f", "value": "http://dnp9.com/zpfqk2l" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849852", "to_ids": true, "type": "domain", "uuid": "578cdebc-c080-450a-b067-42d1950d210f", "value": "dnp9.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849852", "to_ids": true, "type": "ip-dst", "uuid": "578cdebc-be94-45f7-9829-458f950d210f", "value": "110.164.189.123" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849853", "to_ids": true, "type": "url", "uuid": "578cdebd-f758-4456-b174-4f83950d210f", "value": "http://cloudbws.com/m0tu07b" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849853", "to_ids": true, "type": "domain", "uuid": "578cdebd-f728-4077-8e0c-4c8b950d210f", "value": "cloudbws.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849853", "to_ids": true, "type": "ip-dst", "uuid": "578cdebd-8c1c-4444-9fdf-4f0a950d210f", "value": "192.186.201.200" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849854", "to_ids": true, "type": "url", "uuid": "578cdebe-2cd0-4571-9790-4582950d210f", "value": "http://blackdildo.net/h9kyu" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849854", "to_ids": true, "type": "domain", "uuid": "578cdebe-dbac-4bc9-89d7-4265950d210f", "value": "blackdildo.net" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849855", "to_ids": true, "type": "ip-dst", "uuid": "578cdebf-9e70-4722-ba28-418c950d210f", "value": "50.31.160.94" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849855", "to_ids": true, "type": "url", "uuid": "578cdebf-af24-4352-903a-4d78950d210f", "value": "http://vakantiehuisinauvergne.com/apyd17" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849856", "to_ids": true, "type": "domain", "uuid": "578cdec0-981c-4420-a095-4e9a950d210f", "value": "vakantiehuisinauvergne.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849856", "to_ids": true, "type": "ip-dst", "uuid": "578cdec0-759c-4d79-a1a4-4c7a950d210f", "value": "185.27.173.22" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849857", "to_ids": true, "type": "url", "uuid": "578cdec1-5ab8-4340-ae15-436d950d210f", "value": "http://wcouto.com.br/9d207v" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849857", "to_ids": true, "type": "hostname", "uuid": "578cdec1-d9cc-42ae-b475-491a950d210f", "value": "wcouto.com.br" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849857", "to_ids": true, "type": "ip-dst", "uuid": "578cdec1-7424-4940-bb77-49ba950d210f", "value": "31.170.164.47" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849858", "to_ids": true, "type": "url", "uuid": "578cdec2-8278-4c22-ba25-44f2950d210f", "value": "http://anchortron.com/hiqsij" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849858", "to_ids": true, "type": "domain", "uuid": "578cdec2-1a74-4568-990d-497e950d210f", "value": "anchortron.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849859", "to_ids": true, "type": "ip-dst", "uuid": "578cdec3-a928-4899-9293-4012950d210f", "value": "192.186.209.130" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849859", "to_ids": true, "type": "url", "uuid": "578cdec3-e520-4a3a-be4e-4676950d210f", "value": "http://travoxsb.com/qmi5u0n" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849860", "to_ids": true, "type": "domain", "uuid": "578cdec4-fa18-4e1c-95ff-4073950d210f", "value": "travoxsb.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468849860", "to_ids": true, "type": "ip-dst", "uuid": "578cdec4-e6f0-47c5-9251-4d63950d210f", "value": "110.4.45.235" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1468850061", "to_ids": false, "type": "user-agent", "uuid": "578cdf8d-5574-4992-a875-4231950d210f", "value": "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1468850083", "to_ids": false, "type": "email-subject", "uuid": "578cdfa3-a058-4435-9e68-4629950d210f", "value": "company database" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851314", "to_ids": true, "type": "url", "uuid": "578ce472-b0a4-44e4-b143-41b8950d210f", "value": "http://deanstum.com/z9opr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851315", "to_ids": true, "type": "domain", "uuid": "578ce473-eef8-4595-a83e-42b7950d210f", "value": "deanstum.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851315", "to_ids": true, "type": "ip-dst", "uuid": "578ce473-da54-408e-9292-4d5e950d210f", "value": "192.186.229.69" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851316", "to_ids": true, "type": "url", "uuid": "578ce474-6560-4f09-8a42-4efc950d210f", "value": "http://gruposoluciomatica.com.br/ryi81" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851316", "to_ids": true, "type": "hostname", "uuid": "578ce474-f32c-4f2c-b3ae-42d4950d210f", "value": "gruposoluciomatica.com.br" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851317", "to_ids": true, "type": "ip-dst", "uuid": "578ce475-03c0-4256-a403-4e8e950d210f", "value": "187.17.98.182" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851317", "to_ids": true, "type": "url", "uuid": "578ce475-0c20-4fac-bd46-4010950d210f", "value": "http://serviceautoiasi.com/4tbvsfcz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851318", "to_ids": true, "type": "domain", "uuid": "578ce476-f1d8-4e41-b306-45ef950d210f", "value": "serviceautoiasi.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851318", "to_ids": true, "type": "ip-dst", "uuid": "578ce476-91c8-4a99-9d71-4723950d210f", "value": "85.9.56.193" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851319", "to_ids": true, "type": "url", "uuid": "578ce477-8f64-41c0-88e3-4196950d210f", "value": "http://trans-free.ru/2hx1l" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851319", "to_ids": true, "type": "domain", "uuid": "578ce477-893c-4460-8176-47f6950d210f", "value": "trans-free.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851320", "to_ids": true, "type": "ip-dst", "uuid": "578ce478-bf7c-4e76-83b0-475e950d210f", "value": "77.222.62.144" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851320", "to_ids": true, "type": "url", "uuid": "578ce478-55f8-4d9d-af31-4982950d210f", "value": "http://s2mgmt.com/do40lc" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851321", "to_ids": true, "type": "domain", "uuid": "578ce479-02cc-4d2c-aeb9-40b0950d210f", "value": "s2mgmt.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468851321", "to_ids": true, "type": "ip-dst", "uuid": "578ce479-ea2c-4056-93b8-4f87950d210f", "value": "45.33.23.200" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852845", "to_ids": true, "type": "url", "uuid": "578cea6d-4700-4ecf-ab61-49e6950d210f", "value": "http://benavidezhoy.com/8zrg48k" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852847", "to_ids": true, "type": "domain", "uuid": "578cea6f-b6e8-4640-ae92-43d8950d210f", "value": "benavidezhoy.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852847", "to_ids": true, "type": "ip-dst", "uuid": "578cea6f-db94-4c9a-9258-43c3950d210f", "value": "69.16.243.28" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852848", "to_ids": true, "type": "url", "uuid": "578cea70-e7ec-40e4-bc7b-401a950d210f", "value": "http://aquatixbottle.com/ygyngc" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852848", "to_ids": true, "type": "domain", "uuid": "578cea70-0c38-4eeb-b007-4b78950d210f", "value": "aquatixbottle.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852848", "to_ids": true, "type": "ip-dst", "uuid": "578cea70-963c-4c2f-85da-463e950d210f", "value": "192.186.212.231" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852849", "to_ids": true, "type": "url", "uuid": "578cea71-b670-421f-b78e-4d51950d210f", "value": "http://davisdoherty.co.nz/g0vi70" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852849", "to_ids": true, "type": "hostname", "uuid": "578cea71-f2d8-41c5-8fe2-42c4950d210f", "value": "davisdoherty.co.nz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468852850", "to_ids": true, "type": "ip-dst", "uuid": "578cea72-df10-43ba-9101-4ce5950d210f", "value": "60.234.42.102" } ] } }