{ "Event": { "analysis": "0", "date": "2016-07-13", "extends_uuid": "", "info": "Malspam 2016-07-13 .wsf campaign", "publish_timestamp": "1468418265", "published": true, "threat_level_id": "3", "timestamp": "1468417678", "uuid": "5786466b-896c-41f4-a39d-46d1950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#3a7300", "local": "0", "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417674", "to_ids": true, "type": "ip-dst", "uuid": "5786468a-2eb4-431e-80e6-4d37950d210f", "value": "104.156.51.130" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417675", "to_ids": true, "type": "ip-dst", "uuid": "5786468b-2920-4efd-8a6e-470a950d210f", "value": "107.180.50.238" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417675", "to_ids": true, "type": "ip-dst", "uuid": "5786468b-3df0-4240-b52f-48d1950d210f", "value": "169.55.8.36" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417675", "to_ids": true, "type": "ip-dst", "uuid": "5786468b-7598-4181-aafa-4ace950d210f", "value": "194.38.104.131" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417675", "to_ids": true, "type": "ip-dst", "uuid": "5786468b-450c-4901-a469-4477950d210f", "value": "203.170.86.41" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417675", "to_ids": true, "type": "domain", "uuid": "5786468b-fed0-4ed3-8a03-4e07950d210f", "value": "ampexholdings.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417676", "to_ids": true, "type": "url", "uuid": "5786468c-7144-4342-9e6c-473b950d210f", "value": "http://ampexholdings.com/cx5qn" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417676", "to_ids": true, "type": "url", "uuid": "5786468c-6c60-4884-a9fe-4064950d210f", "value": "http://lifecare-hc.com/05622" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417676", "to_ids": true, "type": "url", "uuid": "5786468c-56f0-46a8-bd80-4f6c950d210f", "value": "http://pernelkul.hu/00i1453" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417676", "to_ids": true, "type": "url", "uuid": "5786468c-7e10-4bca-a80e-4828950d210f", "value": "http://sollove.com.br/dtzbbpkz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417677", "to_ids": true, "type": "url", "uuid": "5786468d-95bc-4ef7-bdd2-41af950d210f", "value": "http://williamsbreak.com/tn7v5" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417677", "to_ids": true, "type": "domain", "uuid": "5786468d-8dcc-4f9e-b952-487a950d210f", "value": "lifecare-hc.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417677", "to_ids": true, "type": "domain", "uuid": "5786468d-c270-44b9-a4b8-4705950d210f", "value": "pernelkul.hu" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417677", "to_ids": true, "type": "hostname", "uuid": "5786468d-56ac-4aef-a43c-4294950d210f", "value": "sollove.com.br" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468417677", "to_ids": true, "type": "domain", "uuid": "5786468d-b540-4735-9ff4-4e09950d210f", "value": "williamsbreak.com" } ] } }