{ "Event": { "analysis": "2", "date": "2020-06-08", "extends_uuid": "", "info": "OSINT - TA505 IoC - 2020-06-06", "publish_timestamp": "1591603212", "published": true, "threat_level_id": "2", "timestamp": "1591603181", "uuid": "5eddeee6-22ec-419b-8634-429602de0b81", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#0088cc", "local": "0", "name": "misp-galaxy:threat-actor=\"TA505\"", "relationship_type": "" }, { "colour": "#004646", "local": "0", "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0071c3", "local": "0", "name": "osint:lifetime=\"perpetual\"", "relationship_type": "" }, { "colour": "#0087e8", "local": "0", "name": "osint:certainty=\"50\"", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-7d64-4882-a6da-4ec9e387cbd9", "value": "da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-a724-4102-b43f-4bade387cbd9", "value": "ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-fa94-4b07-88f4-4bb2e387cbd9", "value": "8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-d594-4069-a104-4ca4e387cbd9", "value": "99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-f810-4a19-b4e2-4600e387cbd9", "value": "729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-7ac4-48d6-b5c7-47efe387cbd9", "value": "11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef05-09fc-4f16-ba36-4ee4e387cbd9", "value": "d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "5eddef06-8da0-4c5b-a82d-40d3e387cbd9", "value": "c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-9910-47b5-a9f0-43b3e387cbd9", "value": "fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-8c48-4fc7-a3d3-450ce387cbd9", "value": "1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-3930-4074-81ff-4306e387cbd9", "value": "68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-e588-4634-a9bb-42d7e387cbd9", "value": "f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-d5dc-4336-b683-403de387cbd9", "value": "7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-6d88-4106-b238-412be387cbd9", "value": "beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-3158-4a24-8839-41d5e387cbd9", "value": "fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "5eddef06-fc9c-4ee3-945c-42a3e387cbd9", "value": "57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-0af4-47d1-92b8-417ce387cbd9", "value": "477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-ae90-478a-a1fe-4107e387cbd9", "value": "ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-5ef8-42ee-872b-49b1e387cbd9", "value": "74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-dff8-43b1-8e0d-4c3ce387cbd9", "value": "976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-07c8-4e4b-8c1f-433be387cbd9", "value": "3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "5eddef07-26f0-49d5-b067-46e5e387cbd9", "value": "b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602952", "to_ids": true, "type": "sha256", "uuid": "5eddef08-7018-4d8f-b2ee-41eae387cbd9", "value": "4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "timestamp": "1591602952", "to_ids": true, "type": "sha256", "uuid": "5eddef08-c1b4-432b-abee-4e8de387cbd9", "value": "3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1591602969", "to_ids": false, "type": "link", "uuid": "5eddef19-98fc-41ba-8c4a-472a02de0b81", "value": "https://github.com/MalwareLab-pl/ioc/blob/master/ta505.txt" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1591603160", "to_ids": true, "type": "url", "uuid": "5eddefd8-45c0-44f9-ada9-466802de0b81", "value": "https://shr-links.com/syscap/upt64/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1591603180", "to_ids": false, "type": "ip-dst", "uuid": "5eddefec-d324-49f1-9b9d-4af302de0b81", "value": "92.38.163.14" } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603065", "uuid": "dee9331f-94e5-4b35-a3c8-c7f101c355ea", "ObjectReference": [ { "comment": "", "object_uuid": "dee9331f-94e5-4b35-a3c8-c7f101c355ea", "referenced_uuid": "6ce562e6-9c27-4a76-8849-b8eb1aa8f3f8", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-869c-4530-a73e-481c02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "52c4155c-6803-41a1-9388-b093f52120ed", "value": "76d4d9710105e77f11023127c4603202" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "9289f9f3-9110-40c0-9829-2a023577172a", "value": "5c9a006de991acb9c1eaa25ccd690a5969103613" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "f1338a81-7d2b-4162-80e1-a4bb5d998590", "value": "11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603065", "uuid": "6ce562e6-9c27-4a76-8849-b8eb1aa8f3f8", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "1fdd6331-ff4d-4297-941f-a64a53237e08", "value": "2020-06-05T15:56:50+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "14cdf452-752e-4903-bd8f-801aba33518f", "value": "https://www.virustotal.com/gui/file/11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160/detection/f-11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160-1591372610" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "2d1e2fc7-3336-44ab-afb0-25d26eaef621", "value": "23/59" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603065", "uuid": "1fe2e4e7-fb84-4231-a075-bf404e6d7a17", "ObjectReference": [ { "comment": "", "object_uuid": "1fe2e4e7-fb84-4231-a075-bf404e6d7a17", "referenced_uuid": "65ff6606-102a-44c9-b8cc-5d8fb120c488", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-6d04-4c5d-b648-4be902de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "76afe72c-d4ac-4e39-a1e6-aaaf4c292a21", "value": "7922dd7e868d11720447d92d055b5f41" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "0d194613-fb40-4a06-9831-2a3eb350d907", "value": "588fa2d1a8365c6730d5c38e60c031c22c9c7a6d" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "43dcb202-703d-4306-83e7-a8e03394b1cc", "value": "c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603065", "uuid": "65ff6606-102a-44c9-b8cc-5d8fb120c488", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "3f2e29b5-230f-4147-bdb1-9061518a1870", "value": "2020-06-05T15:41:00+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "a95580cc-f81c-47c6-af1f-88aa2cbcb411", "value": "https://www.virustotal.com/gui/file/c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1/detection/f-c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1-1591371660" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "1e197331-39b3-4198-bcee-2305ce133286", "value": "24/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603065", "uuid": "2ea7eb0c-30dc-4563-988e-90411d1b2a9b", "ObjectReference": [ { "comment": "", "object_uuid": "2ea7eb0c-30dc-4563-988e-90411d1b2a9b", "referenced_uuid": "0f66e100-c09c-4169-9721-dea1e1b88985", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-7e94-4d9b-8053-416902de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "f73fda5e-30ee-4284-a456-2be548854a30", "value": "be1c1c8e84f203611ff89262c516d3eb" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "fdd5af7b-d260-465b-a458-810d053f3634", "value": "b6ade2071fbf76d3813b203d1169298a2affeecc" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "f2e31bc0-5430-4512-a05f-30771f1e3fca", "value": "ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603066", "uuid": "0f66e100-c09c-4169-9721-dea1e1b88985", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "6833f344-e2a7-4280-b198-47a75d199857", "value": "2020-06-07T08:47:46+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "45239fbd-1a86-43df-93a9-db84c1c5e9d0", "value": "https://www.virustotal.com/gui/file/ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1/detection/f-ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1-1591519666" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "d8cf9e2f-4ca1-4f76-b51d-35fafc15fcfb", "value": "35/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603066", "uuid": "54543b80-50d7-43ec-8397-a10ac8511d08", "ObjectReference": [ { "comment": "", "object_uuid": "54543b80-50d7-43ec-8397-a10ac8511d08", "referenced_uuid": "0ce483d5-1756-4a8e-bcd4-a82ee44c7a9e", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-8d08-44a1-acf5-447f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "3a5dfc6e-f490-4043-adc7-7f820da1078a", "value": "192850f198984a57f3379aca25071fe5" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "38f11e84-b428-4e6c-b9dc-4c83dc1a88c5", "value": "a43b96ec81b6f59be3c7ea84116150f22522b6a7" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "42e717bb-6bad-418f-aae9-6244dbb1c666", "value": "f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603066", "uuid": "0ce483d5-1756-4a8e-bcd4-a82ee44c7a9e", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "1bfeae79-4f56-4d89-8527-17dd64c8b903", "value": "2020-06-07T08:47:19+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "df0d70e7-7d26-481b-a6c4-6833698f22b7", "value": "https://www.virustotal.com/gui/file/f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815/detection/f-f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815-1591519639" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "e7f7ce4a-6e98-41c0-b47f-8a4b3895d3ef", "value": "33/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603066", "uuid": "6dc37399-d3d3-464f-a2c1-8ee320d37e6a", "ObjectReference": [ { "comment": "", "object_uuid": "6dc37399-d3d3-464f-a2c1-8ee320d37e6a", "referenced_uuid": "9e193b62-9c44-4e8b-9c97-9f408bfb6f0c", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-39d0-47ac-900e-49a602de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "dce9dd83-fb65-4216-85ed-1aa5eb460a56", "value": "72734bd6dae49c29c75c3d620569b240" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "a921a2a8-0071-442c-a711-ad52ddb11954", "value": "ced97bb4810cd20ee8c34d66eabe9ebe198a4fbd" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "d2eba698-a17b-4ffa-8ecf-5b563237e04b", "value": "99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603067", "uuid": "9e193b62-9c44-4e8b-9c97-9f408bfb6f0c", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "40c8948d-6614-4976-aa32-a23371194de8", "value": "2020-06-05T16:18:04+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "356d5fdf-d9fe-4686-8a3e-a50c7271b51e", "value": "https://www.virustotal.com/gui/file/99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af/detection/f-99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af-1591373884" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "3771134e-7d5d-43c3-857c-86c5a66e4cc9", "value": "24/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603067", "uuid": "862a3bc0-848b-45a2-ac9b-3e3e4e3b912b", "ObjectReference": [ { "comment": "", "object_uuid": "862a3bc0-848b-45a2-ac9b-3e3e4e3b912b", "referenced_uuid": "ab56250c-f14d-4617-b00e-139aa46f76f0", "relationship_type": "analysed-with", "timestamp": "1591603078", "uuid": "5eddef86-dc2c-40c2-9f4b-493102de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "cec2b03e-a3d7-49da-96a9-cde9c279b657", "value": "8ba0e2bfcf76a6e29451ef6246f88027" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "6789597d-03bb-4e36-a25a-91b907f79828", "value": "ca96f20bdfbb5966735b2b2919d05201d8171eff" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "763111bc-4a37-4f39-9f3a-bc0972812215", "value": "3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603068", "uuid": "ab56250c-f14d-4617-b00e-139aa46f76f0", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "7f2df9c6-80c7-4ff5-8dda-47a8818733d5", "value": "2020-06-07T08:47:36+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "ca836505-845e-43d3-921b-c07749c2c3f7", "value": "https://www.virustotal.com/gui/file/3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb/detection/f-3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb-1591519656" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "b278da30-02c7-4f3b-bc21-62d8e66dc3b2", "value": "36/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603068", "uuid": "add66139-1066-43d1-9c3e-e3f604aee8ef", "ObjectReference": [ { "comment": "", "object_uuid": "add66139-1066-43d1-9c3e-e3f604aee8ef", "referenced_uuid": "8531a9ba-484d-4a6b-acfe-908c8345e3ae", "relationship_type": "analysed-with", "timestamp": "1591603079", "uuid": "5eddef87-fc60-4f2d-afa6-4f1f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "1405785c-73a4-4faf-a62d-9820439d2f57", "value": "8e0362dc80fe13c0516269629917a5c6" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "1c2ec47d-23d9-41aa-9ea1-a84416bf0fa4", "value": "877efed5d8335226013748d5c2c4bbb1f54c3f4c" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "0e6f52d5-1607-4bce-8ed7-7de25c20aa65", "value": "beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603068", "uuid": "8531a9ba-484d-4a6b-acfe-908c8345e3ae", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "515a5a31-88b5-45ef-9a05-013d31b4ae1f", "value": "2020-06-07T08:47:37+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "91601410-732c-47e2-9341-a36ae721a7ae", "value": "https://www.virustotal.com/gui/file/beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65/detection/f-beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65-1591519657" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "b42b001b-2d9f-4762-b043-11202a366225", "value": "36/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603069", "uuid": "13abf8d1-76f3-49cb-8f2f-60b0e36b15bb", "ObjectReference": [ { "comment": "", "object_uuid": "13abf8d1-76f3-49cb-8f2f-60b0e36b15bb", "referenced_uuid": "44854537-aa4d-4f5e-8787-ddd17e735df1", "relationship_type": "analysed-with", "timestamp": "1591603079", "uuid": "5eddef87-7a64-4d5d-ab24-4ffd02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "efecf508-f03a-40b9-bde3-8d2a27bee4e7", "value": "0371319d18d95c62224f9f00f0c5f559" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "0ffc1767-8a47-4068-95cb-d3b232828479", "value": "61ad9193b0d4d16c819e0c3a910a31503003911b" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "6928a5dc-30e3-40b9-a9b5-b214a80110cc", "value": "729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603069", "uuid": "44854537-aa4d-4f5e-8787-ddd17e735df1", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "99dd132e-72ae-4421-acaf-c0c75faa54f6", "value": "2020-06-07T14:33:48+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "9e8e65fa-f34a-40df-a77f-65da0c6be470", "value": "https://www.virustotal.com/gui/file/729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1/detection/f-729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1-1591540428" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "70b96532-6c53-44fc-8946-92662ccf3088", "value": "35/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603069", "uuid": "1c14d80d-eef5-4b0f-a9b7-c182f7f5efe7", "ObjectReference": [ { "comment": "", "object_uuid": "1c14d80d-eef5-4b0f-a9b7-c182f7f5efe7", "referenced_uuid": "d0c82af9-405c-4ee4-a72f-564fb3a00f0b", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-163c-49a5-89af-4c7f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "9b47c229-ede9-4635-94c5-3f47527a83d5", "value": "a7befa28b5b2677ed603642e68e71f14" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "c0f3c5a9-3a62-45d3-b122-a94cc6f2238d", "value": "b0e7d5bddc5be96b5d19f37acd6d8b9c0bba98d4" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "11e5f770-098c-45a3-84f8-99eb1d0f3fe2", "value": "477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603070", "uuid": "d0c82af9-405c-4ee4-a72f-564fb3a00f0b", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "9419db48-279d-47fd-975c-557af6be78d6", "value": "2020-06-07T08:47:43+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "babbf339-5a98-413c-98d3-b6820d4fb03c", "value": "https://www.virustotal.com/gui/file/477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0/detection/f-477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0-1591519663" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "45281b4e-bd25-42bc-8440-26c6161aece7", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603070", "uuid": "491b64b2-a655-439b-9349-b7918038440c", "ObjectReference": [ { "comment": "", "object_uuid": "491b64b2-a655-439b-9349-b7918038440c", "referenced_uuid": "c22bad23-ed8b-4d83-b725-3519dcee10e9", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-824c-454e-af92-455702de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602952", "to_ids": true, "type": "md5", "uuid": "94c23359-8af8-4448-8011-5b4adff04ca1", "value": "0b7efd2e4625db9aa96790b1b1ff0606" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602952", "to_ids": true, "type": "sha1", "uuid": "39d0661e-8b4d-4212-a9ce-99a6137a540c", "value": "665814a856d2cc5bb8c384abe6c8e3e86bbe457a" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602952", "to_ids": true, "type": "sha256", "uuid": "cf11b346-3876-4c6e-99be-baccca99b8c4", "value": "4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603070", "uuid": "c22bad23-ed8b-4d83-b725-3519dcee10e9", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602952", "to_ids": false, "type": "datetime", "uuid": "52ee6462-065b-447b-9108-d74c736d22e4", "value": "2020-06-07T08:47:17+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602952", "to_ids": false, "type": "link", "uuid": "c7707771-aab7-4227-995d-5ffc4a7c1e26", "value": "https://www.virustotal.com/gui/file/4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba/detection/f-4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba-1591519637" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602952", "to_ids": false, "type": "text", "uuid": "085fe616-54fb-456f-8dca-f4beb4209ed1", "value": "36/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603070", "uuid": "9805faa4-9533-433c-a902-6ab3d94b0c61", "ObjectReference": [ { "comment": "", "object_uuid": "9805faa4-9533-433c-a902-6ab3d94b0c61", "referenced_uuid": "7492e92b-1b44-4581-992f-1f8aae6a883c", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-2ad4-433e-9988-407d02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "8d27c8da-1d99-4708-bd11-338263ebeed9", "value": "e42530cdf26863a64cf3e2a36ce453a0" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "05ef8348-05a0-47d5-9eab-ff8381f5c901", "value": "9ac036fce02324247d814248545698728c6801fa" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "317afa09-8a4f-49fd-b75e-f762d7ff7256", "value": "1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603070", "uuid": "7492e92b-1b44-4581-992f-1f8aae6a883c", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "8f74f52a-bfbd-48d5-a552-7016c382f96e", "value": "2020-06-07T08:47:53+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "ab991e99-4970-47bc-ab42-a0bdd5541c39", "value": "https://www.virustotal.com/gui/file/1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09/detection/f-1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09-1591519673" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "854b42cd-7311-4dff-a3e6-75c82784757d", "value": "36/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603071", "uuid": "17527ddf-7bda-4305-9dc1-9a1d6014333c", "ObjectReference": [ { "comment": "", "object_uuid": "17527ddf-7bda-4305-9dc1-9a1d6014333c", "referenced_uuid": "b704d83d-20ec-4a74-ade0-6cb55496a9eb", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-b8c0-4f11-8fec-46e202de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "57a7db68-0b37-4cbd-ae86-7091e8ac1bb4", "value": "5ef8996aa04140bdb8b2cc06dcf9295b" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "9e8f41a1-d66e-4665-97e1-94e0dbb2efee", "value": "7c96dd8b7c2db3d73a49cf2f89d2ac2039d4cc13" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "e658b16a-dca5-4523-b41d-761a7c527535", "value": "74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603071", "uuid": "b704d83d-20ec-4a74-ade0-6cb55496a9eb", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "a896a8ed-3a1c-45fa-808f-8406c7a21237", "value": "2020-06-07T08:47:31+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "cfaba998-2eec-4a08-9e52-308dca8c1592", "value": "https://www.virustotal.com/gui/file/74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db/detection/f-74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db-1591519651" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "d0145397-3745-4bda-ba5e-188a10a91ed0", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603071", "uuid": "845d1e34-80da-4996-a2c2-53ab6156afeb", "ObjectReference": [ { "comment": "", "object_uuid": "845d1e34-80da-4996-a2c2-53ab6156afeb", "referenced_uuid": "121e7969-0ade-4d2b-aa20-065e70cad490", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-1b2c-4eef-9759-432b02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "b72f68fe-631d-4fde-b890-7866d68e1328", "value": "70bee4614d6feed54067b2326dac0d8c" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "3fa3ccf7-9a04-4c83-b278-9eb6eb4ac5e2", "value": "6226b2ef35896bbab2024a574efd0bbae60a2f95" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "369f0286-58ab-4aa9-9d22-b97be83c8408", "value": "8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603072", "uuid": "121e7969-0ade-4d2b-aa20-065e70cad490", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "ca9043e8-3334-4d51-8b43-01f35223d908", "value": "2020-06-05T17:25:24+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "05daf9e6-e7ec-4f99-aa77-bc91adb2f0d3", "value": "https://www.virustotal.com/gui/file/8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da/detection/f-8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da-1591377924" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "7d18973d-862f-42ca-b60f-f54a2711274d", "value": "27/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603072", "uuid": "503b0035-f2c9-4c2e-a76c-99abe658009e", "ObjectReference": [ { "comment": "", "object_uuid": "503b0035-f2c9-4c2e-a76c-99abe658009e", "referenced_uuid": "82718f7a-fb06-4364-8feb-aff1934fda91", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-4af4-46ac-9d8e-49ae02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "5d202b27-bd28-4082-8990-d43df9592c19", "value": "3db430270c732bd63b2fdbe9f261418c" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "8956b2be-bfed-483e-81f8-045af50dd093", "value": "018f669a416c7e70faf667bc00bdbd28589688c4" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "61c8e641-810d-4d65-a981-23683a77fd71", "value": "68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603072", "uuid": "82718f7a-fb06-4364-8feb-aff1934fda91", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "0357388c-8398-4468-8afe-0e6b8ad4cef7", "value": "2020-06-07T08:47:26+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "87c06057-44be-40a4-ad64-3a02a9f9aaf8", "value": "https://www.virustotal.com/gui/file/68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c/detection/f-68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c-1591519646" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "d1d57e65-5449-489f-b35b-8939cbbfb5a8", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603072", "uuid": "f28eb254-2198-44f2-a79b-472d19d978d8", "ObjectReference": [ { "comment": "", "object_uuid": "f28eb254-2198-44f2-a79b-472d19d978d8", "referenced_uuid": "3a4c2108-0a5f-4836-9f0d-bb44c228d818", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-2de4-4e13-be22-42ce02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "496fea06-ab3b-4089-9083-bb53379d4f84", "value": "2a00e6a23e50628c3a14bf899cd90fb3" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "4ade397e-8d5b-4041-be59-1e6a5cf90bad", "value": "915e6c4ec3a8ba5c5840818c4dfd7264d223af0d" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "66b70b37-aa74-4d26-ae12-c43908c0ee20", "value": "fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603072", "uuid": "3a4c2108-0a5f-4836-9f0d-bb44c228d818", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "b0e049e0-3fe2-48da-bbde-76fe8a49f113", "value": "2020-06-05T15:22:51+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "1055b4f0-8f6e-4db8-a050-4806b3610663", "value": "https://www.virustotal.com/gui/file/fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348/detection/f-fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348-1591370571" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "5d042d8b-6f50-4e39-9f4d-aab333ac0c02", "value": "24/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603073", "uuid": "0b36973b-ccff-4649-ad19-058d5fd6c82d", "ObjectReference": [ { "comment": "", "object_uuid": "0b36973b-ccff-4649-ad19-058d5fd6c82d", "referenced_uuid": "dbff2910-5abc-4777-a810-a30526aa06d1", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-9204-4cbf-ab26-430f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "9d0541b5-16b1-493d-843e-8f4e81ae0019", "value": "03d2595f08bf26294c85ef4a323cce6b" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "4b36f4ab-7d62-4817-a5e2-37ecdc5f8ccb", "value": "58564d5b674408cd945101fc51016f34f5cdcf0b" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "22ae4025-adda-475a-a0f1-44c870f8c1a9", "value": "ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603073", "uuid": "dbff2910-5abc-4777-a810-a30526aa06d1", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "33a45a30-5d2f-48c1-9aa8-7cbe12c7e561", "value": "2020-06-07T08:47:16+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "6252048c-cb84-4c47-bb5e-e17e3af8ebc9", "value": "https://www.virustotal.com/gui/file/ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9/detection/f-ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9-1591519636" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "1091ec45-7e5b-4e6c-8352-a27e97d7ed41", "value": "35/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603073", "uuid": "f25ad18e-4427-4664-b4f4-7420739f3b01", "ObjectReference": [ { "comment": "", "object_uuid": "f25ad18e-4427-4664-b4f4-7420739f3b01", "referenced_uuid": "a1a0d38e-fbd0-4fbd-9d72-8acb71be2318", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-f59c-4836-9e72-4a2f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "745a0b62-4381-4f36-9084-5f591e5818d2", "value": "23d54d1cbcf95f8ced8e0bfc30d297f4" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "842a3e41-eaca-4391-9c9f-0b6bfcb67cf6", "value": "29e23e8490b68c749c302650e9779e54d976ea15" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "1d6855b3-630d-4e5d-a08e-b299773c25b3", "value": "976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603073", "uuid": "a1a0d38e-fbd0-4fbd-9d72-8acb71be2318", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "92458287-b089-4e52-b42e-5115cbfabb46", "value": "2020-06-05T13:04:11+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "c6f39e52-05c1-412d-9f5d-23b6843329c0", "value": "https://www.virustotal.com/gui/file/976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec/detection/f-976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec-1591362251" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "ad786d93-1948-4923-9370-2958f4846a13", "value": "8/60" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603073", "uuid": "ff74d4fc-812b-4a6b-b37d-a1970f81236a", "ObjectReference": [ { "comment": "", "object_uuid": "ff74d4fc-812b-4a6b-b37d-a1970f81236a", "referenced_uuid": "c4497b36-95d2-4c4c-aea5-8f5e21f9b9a9", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-059c-4f97-b2cb-4f2f02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602951", "to_ids": true, "type": "md5", "uuid": "adb9de9f-3166-409f-afe7-98e42a2e4d05", "value": "095b95375b6710664b72eef48d7e3af1" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602951", "to_ids": true, "type": "sha1", "uuid": "6b544461-48c7-4a6f-b390-82d1e72fc8cb", "value": "8c0479901702cbab4e90e3c974277a38621e9fe9" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602951", "to_ids": true, "type": "sha256", "uuid": "c67dbd0e-bfd0-4079-b147-c978fe8e6f3d", "value": "b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603074", "uuid": "c4497b36-95d2-4c4c-aea5-8f5e21f9b9a9", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602951", "to_ids": false, "type": "datetime", "uuid": "a535713e-a2d3-4441-be11-fef1b74c90c5", "value": "2020-06-07T08:47:17+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602951", "to_ids": false, "type": "link", "uuid": "e8849eaa-290c-492d-a2a0-1ed7709b47b8", "value": "https://www.virustotal.com/gui/file/b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621/detection/f-b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621-1591519637" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602951", "to_ids": false, "type": "text", "uuid": "56708db8-6296-4092-9485-636bceab85db", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603074", "uuid": "5c6d098d-9a42-456a-8a8c-3d26c85f6153", "ObjectReference": [ { "comment": "", "object_uuid": "5c6d098d-9a42-456a-8a8c-3d26c85f6153", "referenced_uuid": "43c17ad3-51df-44b1-9716-ebeed4fdca80", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-8bd8-4c7e-97c9-454302de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "c6a417fb-f1eb-4bfb-91f5-99c98c402133", "value": "176b9dcdae46842e45ec7d6498c1e632" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "cfc72910-cb96-433a-8bfe-0c67443c0a0e", "value": "857a5b9974c0f14e9e6545fca74ce5752d81b8c5" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "ee87c8eb-8cf7-4399-be43-c618209531c2", "value": "d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603074", "uuid": "43c17ad3-51df-44b1-9716-ebeed4fdca80", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "47458e2b-088c-480b-8f7b-63f9839ccc29", "value": "2020-06-07T08:47:18+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "4b70e53f-ab09-40c9-93b2-115bc3ba2fd1", "value": "https://www.virustotal.com/gui/file/d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a/detection/f-d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a-1591519638" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "fcf5c120-3a86-4919-90a4-48a0c7dedaa7", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603074", "uuid": "7926acdf-7590-476e-8b14-8ecd14feb445", "ObjectReference": [ { "comment": "", "object_uuid": "7926acdf-7590-476e-8b14-8ecd14feb445", "referenced_uuid": "0ec19e42-4e5a-4ca6-886d-dbb5ba8cc309", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-8c18-4b1a-920d-493d02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602952", "to_ids": true, "type": "md5", "uuid": "4a046ace-333e-4e76-9156-cfb0f821457c", "value": "8e4c6545134b1f950f4994c3117e938a" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602952", "to_ids": true, "type": "sha1", "uuid": "f3182acb-781b-426d-9ab3-a981add216e2", "value": "7d283592694c9cfdb8f4bdde6bfccda74cf576bf" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602952", "to_ids": true, "type": "sha256", "uuid": "a5720340-354c-4600-81a1-fd18254d43a8", "value": "3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603074", "uuid": "0ec19e42-4e5a-4ca6-886d-dbb5ba8cc309", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602952", "to_ids": false, "type": "datetime", "uuid": "598fe168-f012-4539-957d-5cae40b382d1", "value": "2020-06-07T08:47:37+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602952", "to_ids": false, "type": "link", "uuid": "95c84958-d569-4e5d-8eb1-4582e919891c", "value": "https://www.virustotal.com/gui/file/3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27/detection/f-3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27-1591519657" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602952", "to_ids": false, "type": "text", "uuid": "46335177-5271-4c06-8aa2-2cca56220291", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603075", "uuid": "24536190-0343-4ec2-9728-1ff56f1a2c9d", "ObjectReference": [ { "comment": "", "object_uuid": "24536190-0343-4ec2-9728-1ff56f1a2c9d", "referenced_uuid": "1c780620-104e-4a42-ac75-837f0b290646", "relationship_type": "analysed-with", "timestamp": "1591603080", "uuid": "5eddef88-6274-41b9-a647-445002de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602949", "to_ids": true, "type": "md5", "uuid": "a680c325-1e0f-4046-8920-ba99dd0ecafb", "value": "5f827d1c77e743a1afc97a5116f6dc8d" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602949", "to_ids": true, "type": "sha1", "uuid": "fbbeb0b2-4823-494b-a8fd-2ec6b296b2ab", "value": "472ab52d68e82d8a26ebf2692dd8939b29297097" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602949", "to_ids": true, "type": "sha256", "uuid": "ed087e34-4586-4465-9245-63e9ac2f6ed6", "value": "da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603075", "uuid": "1c780620-104e-4a42-ac75-837f0b290646", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602949", "to_ids": false, "type": "datetime", "uuid": "c8cf2c1b-489d-459a-939f-826574315b65", "value": "2020-06-07T08:47:31+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602949", "to_ids": false, "type": "link", "uuid": "0a09c9b9-7608-4d51-b6dd-5387eb5be2ad", "value": "https://www.virustotal.com/gui/file/da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0/detection/f-da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0-1591519651" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602949", "to_ids": false, "type": "text", "uuid": "afe1d847-4704-48b7-83d5-672fe4fe8a7d", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603075", "uuid": "13e37bd1-ffe5-47a1-aa0b-132a24d9f2a2", "ObjectReference": [ { "comment": "", "object_uuid": "13e37bd1-ffe5-47a1-aa0b-132a24d9f2a2", "referenced_uuid": "41242f7f-0530-439c-9a3b-619ebf227d4b", "relationship_type": "analysed-with", "timestamp": "1591603081", "uuid": "5eddef89-d29c-41f4-a746-42bb02de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "fb2cb859-2ee7-46b5-a7cf-1c2a752737e0", "value": "27d945c488031ba6b3fde4969ee497b7" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "8925d4cc-635d-428b-8b6e-26fd7e7a4855", "value": "e44ec2d2ecc92399644f8b2121b5ad0d477be989" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "b9f3c4a7-e90a-44b5-97f8-ae5ccc9c4f42", "value": "57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603075", "uuid": "41242f7f-0530-439c-9a3b-619ebf227d4b", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "08c8d0c5-a165-426e-9d47-115f7ecb509c", "value": "2020-06-07T08:47:22+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "516ba4c2-9c7a-425d-b1ed-b5c1e93609f3", "value": "https://www.virustotal.com/gui/file/57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c/detection/f-57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c-1591519642" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "0fb1ef36-db6b-4d1c-a020-72253c2aef7c", "value": "35/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603076", "uuid": "4da1b519-23b0-402a-8b34-d437762fad79", "ObjectReference": [ { "comment": "", "object_uuid": "4da1b519-23b0-402a-8b34-d437762fad79", "referenced_uuid": "13c32f52-9300-41ee-a3a5-737aadb8b84c", "relationship_type": "analysed-with", "timestamp": "1591603081", "uuid": "5eddef89-a43c-4d4a-a1d2-42d702de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "2d0ef5b9-6410-48bf-bdfc-87931e643c8e", "value": "b8e872c70a524be967a7433da70cb290" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "be1161b1-1233-4f4f-87a7-697c70268978", "value": "6fa99b401074456c2c2780031f0f468645049b0e" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "4fa5dbff-5dce-415f-9d2a-ba593c96b726", "value": "fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603076", "uuid": "13c32f52-9300-41ee-a3a5-737aadb8b84c", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "70c5c217-da64-4d8b-ad32-ea765fff96e9", "value": "2020-06-07T08:47:46+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "24c19c1f-0394-4edf-bc80-4f6b742913fd", "value": "https://www.virustotal.com/gui/file/fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106/detection/f-fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106-1591519666" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "f2408b91-7234-424a-a2db-41446bc8b8bc", "value": "36/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "17", "timestamp": "1591603076", "uuid": "98449839-4254-41f0-ba02-1a917d2d76d0", "ObjectReference": [ { "comment": "", "object_uuid": "98449839-4254-41f0-ba02-1a917d2d76d0", "referenced_uuid": "f872ca96-df69-4655-8c09-8dd8cc8e0af8", "relationship_type": "analysed-with", "timestamp": "1591603081", "uuid": "5eddef89-a3f4-4045-84f6-410102de0b81" } ], "Attribute": [ { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1591602950", "to_ids": true, "type": "md5", "uuid": "4856a4d8-d3e2-4b8d-aef7-582a718d5449", "value": "e249d3d1c0832edf6420f57d74a22a6a" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1591602950", "to_ids": true, "type": "sha1", "uuid": "e1270199-d16f-4e44-bfe4-ba55e65e4aa7", "value": "46526876907d34bc399578045e1fbce8d4e90cc3" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1591602950", "to_ids": true, "type": "sha256", "uuid": "19078fde-1bb7-4726-8583-1ee0e98bd471", "value": "7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "2", "timestamp": "1591603078", "uuid": "f872ca96-df69-4655-8c09-8dd8cc8e0af8", "Attribute": [ { "category": "Other", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "last-submission", "timestamp": "1591602950", "to_ids": false, "type": "datetime", "uuid": "c24c82a6-0d66-4ac2-b0d5-fc0e8ad59b40", "value": "2020-06-07T08:47:53+00:00" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": false, "object_relation": "permalink", "timestamp": "1591602950", "to_ids": false, "type": "link", "uuid": "858539ae-143a-4f38-aba6-735c7e6ce953", "value": "https://www.virustotal.com/gui/file/7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6/detection/f-7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6-1591519673" }, { "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1591602950", "to_ids": false, "type": "text", "uuid": "5870e31f-b2b0-49ac-913e-c1ad3bf4e5c2", "value": "35/61" } ] } ] } }