{ "Event": { "analysis": "0", "date": "2016-08-16", "extends_uuid": "", "info": "Malspam 2016-08-16 (.wsf in .zip) - campaign: 'Blank 2'", "publish_timestamp": "1471419206", "published": true, "threat_level_id": "3", "timestamp": "1471357948", "uuid": "57b320b4-4e08-44aa-89b9-428a950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#3b7500", "local": "0", "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357163", "to_ids": true, "type": "ip-dst", "uuid": "57b320eb-a110-404f-87c2-49b7950d210f", "value": "192.151.153.26" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357163", "to_ids": true, "type": "ip-dst", "uuid": "57b320eb-a83c-4af8-8afe-4b99950d210f", "value": "213.205.40.169" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357164", "to_ids": true, "type": "ip-dst", "uuid": "57b320ec-1ef8-4bf6-8951-47e9950d210f", "value": "77.244.243.38" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357165", "to_ids": true, "type": "ip-dst", "uuid": "57b320ed-e7f4-488e-aba6-4546950d210f", "value": "95.211.144.65" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357165", "to_ids": true, "type": "url", "uuid": "57b320ed-9208-4808-a284-439f950d210f", "value": "http://sp2.cba.pl/nJHbj0266b?hIeYfAIU=RlvjEYkyO" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357166", "to_ids": true, "type": "url", "uuid": "57b320ee-8a14-4a2e-a912-42ad950d210f", "value": "http://www.ferienhaus-mesa.at/nJHbj0266b?bVNhynB=AiGSHMqkUH" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357166", "to_ids": true, "type": "url", "uuid": "57b320ee-c080-4dc9-ab8d-4f1c950d210f", "value": "http://www.gcs-crostolo.it/nJHbj0266b?mfnIPUUMI=lYOSxK" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357166", "to_ids": true, "type": "url", "uuid": "57b320ee-74d4-4cd4-9769-4afd950d210f", "value": "http://www.lefaos.50webs.com/nJHbj0266b?EYywKnoMCqD=YlCTTo" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357167", "to_ids": true, "type": "url", "uuid": "57b320ef-4a38-4a70-912d-4037950d210f", "value": "http://www.mediatoponline.it/nJHbj0266b?hzFFUHptoGJ=fWxaDgf" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357167", "to_ids": true, "type": "hostname", "uuid": "57b320ef-94dc-4c75-92ae-420e950d210f", "value": "sp2.cba.pl" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357168", "to_ids": true, "type": "hostname", "uuid": "57b320f0-0650-4552-945f-4bbe950d210f", "value": "www.ferienhaus-mesa.at" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357168", "to_ids": true, "type": "hostname", "uuid": "57b320f0-9fc0-47fc-90eb-4c48950d210f", "value": "www.gcs-crostolo.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357169", "to_ids": true, "type": "hostname", "uuid": "57b320f1-99bc-49c0-a775-4875950d210f", "value": "www.lefaos.50webs.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357169", "to_ids": true, "type": "hostname", "uuid": "57b320f1-1a64-42de-a759-47b3950d210f", "value": "www.mediatoponline.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357713", "to_ids": true, "type": "ip-dst", "uuid": "57b32311-4068-4190-8f07-468c950d210f", "value": "112.140.42.29" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357714", "to_ids": true, "type": "ip-dst", "uuid": "57b32312-7224-44b5-a7a9-49a8950d210f", "value": "212.72.183.216" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357714", "to_ids": true, "type": "ip-dst", "uuid": "57b32312-aad8-4237-b937-4107950d210f", "value": "92.38.227.7" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357714", "to_ids": true, "type": "hostname", "uuid": "57b32312-2620-43cf-9c27-47a1950d210f", "value": "hoshiomi.yu-nagi.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357715", "to_ids": true, "type": "url", "uuid": "57b32313-ebb8-4d84-9f83-4189950d210f", "value": "http://hoshiomi.yu-nagi.com/nJHbj0266b?hIeYfAIU=RlvjEYkyO" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357715", "to_ids": true, "type": "url", "uuid": "57b32313-1b4c-4d93-868d-4c65950d210f", "value": "http://hoshiomi.yu-nagi.com/nJHbj0266b?hzFFUHptoGJ=fWxaDgf" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357715", "to_ids": true, "type": "url", "uuid": "57b32313-15bc-4a0f-9871-4cff950d210f", "value": "http://muznavolge.ru/nJHbj0266b?mfnIPUUMI=lYOSxK" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357716", "to_ids": true, "type": "url", "uuid": "57b32314-fc90-41f5-ba01-4017950d210f", "value": "http://www.gianlucaboezio.it./nJHbj0266b?bVNhynB=AiGSHMqkUH" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357716", "to_ids": true, "type": "url", "uuid": "57b32314-a5bc-4458-bfd8-423c950d210f", "value": "http://www.greatidea.de/nJHbj0266b?hzFFUHptoGJ=fWxaDgf" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357716", "to_ids": true, "type": "domain", "uuid": "57b32314-8c18-42b5-803b-4cb9950d210f", "value": "muznavolge.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357716", "to_ids": true, "type": "hostname", "uuid": "57b32314-c348-409d-b5b1-4689950d210f", "value": "www.gianlucaboezio.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1471357717", "to_ids": true, "type": "hostname", "uuid": "57b32315-ae0c-4549-a954-4ec2950d210f", "value": "www.greatidea.de" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1471357756", "to_ids": false, "type": "email-subject", "uuid": "57b3233c-85c4-4f4e-afe4-44e5950d210f", "value": "Blank 2" } ] } }