{ "Event": { "analysis": "0", "date": "2016-09-01", "extends_uuid": "", "info": "Malspam 2016-09-01 (.hta in .zip) - campaign: \"Voice Message from Outside Caller\"", "publish_timestamp": "1472720338", "published": true, "threat_level_id": "3", "timestamp": "1472714604", "uuid": "57c7d69f-2d14-4235-ad06-4b13950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#3a7300", "local": "0", "name": "circl:incident-classification=\"malware\"", "relationship_type": "" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714440", "to_ids": true, "type": "url", "uuid": "57c7d6c8-e150-40ec-b012-4f9f950d210f", "value": "http://www.john.edmunds.talktalk.net/cwjhfxb" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714441", "to_ids": true, "type": "hostname", "uuid": "57c7d6c9-c628-4f11-9aab-4d0f950d210f", "value": "www.john.edmunds.talktalk.net" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714441", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6c9-e9b8-47f0-9852-457f950d210f", "value": "62.24.202.31" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714441", "to_ids": true, "type": "url", "uuid": "57c7d6c9-94a4-4eea-b56c-480e950d210f", "value": "http://www.btb-bike.de/psoexes" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714441", "to_ids": true, "type": "hostname", "uuid": "57c7d6c9-04b0-4aae-adba-411f950d210f", "value": "www.btb-bike.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714441", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6c9-c22c-4af0-9166-46f7950d210f", "value": "80.150.6.143" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "url", "uuid": "57c7d6ca-e414-4904-ac76-46ed950d210f", "value": "http://foerschl.gmxhome.de/imnmicp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "hostname", "uuid": "57c7d6ca-0a30-4cec-af82-4740950d210f", "value": "foerschl.gmxhome.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6ca-1568-4604-9614-4853950d210f", "value": "82.165.62.70" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "url", "uuid": "57c7d6ca-fe30-4def-8e2d-42b5950d210f", "value": "http://m-slova.web-box.ru/mglgyor" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "hostname", "uuid": "57c7d6ca-1e30-4637-8dcb-41b1950d210f", "value": "m-slova.web-box.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714442", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6ca-46b4-49dc-92c0-44ac950d210f", "value": "46.4.89.218" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714443", "to_ids": true, "type": "url", "uuid": "57c7d6cb-649c-496f-92e9-4b5e950d210f", "value": "http://piisfashionpress.web.fc2.com/wpqeygr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714443", "to_ids": true, "type": "hostname", "uuid": "57c7d6cb-d054-4808-869a-4bc5950d210f", "value": "piisfashionpress.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714443", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cb-2b38-4cad-897f-4779950d210f", "value": "208.71.106.48" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714443", "to_ids": true, "type": "url", "uuid": "57c7d6cb-4954-485f-881f-41c7950d210f", "value": "http://www.trade-centrum.eu/ibghgdp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714443", "to_ids": true, "type": "hostname", "uuid": "57c7d6cb-ca94-4e20-99a6-499e950d210f", "value": "www.trade-centrum.eu" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714444", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cc-4de4-4a64-9de5-43dc950d210f", "value": "89.185.242.166" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714444", "to_ids": true, "type": "url", "uuid": "57c7d6cc-cb60-4a81-aa15-4406950d210f", "value": "http://ajedrezimprov.50webs.com/yfotxbo" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714444", "to_ids": true, "type": "hostname", "uuid": "57c7d6cc-965c-4006-8f2e-4da4950d210f", "value": "ajedrezimprov.50webs.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714444", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cc-fed8-4087-a538-4194950d210f", "value": "162.210.101.93" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714444", "to_ids": true, "type": "url", "uuid": "57c7d6cc-7604-47c2-b5cb-413d950d210f", "value": "http://yggithuq.utawebhost.at/opdcrhh" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714445", "to_ids": true, "type": "hostname", "uuid": "57c7d6cd-e8f0-4add-8170-4663950d210f", "value": "yggithuq.utawebhost.at" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714445", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cd-ec24-45e1-98cc-469a950d210f", "value": "195.248.63.109" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714445", "to_ids": true, "type": "url", "uuid": "57c7d6cd-9df0-491d-8c14-40a2950d210f", "value": "http://pennylanecupcakes.com.au/lfigasv" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714445", "to_ids": true, "type": "hostname", "uuid": "57c7d6cd-b22c-4204-930e-4812950d210f", "value": "pennylanecupcakes.com.au" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714445", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cd-cd60-4924-858f-4509950d210f", "value": "64.37.52.172" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714446", "to_ids": true, "type": "url", "uuid": "57c7d6ce-d67c-496a-bccb-422d950d210f", "value": "http://fingermousedesign.co.uk/ctkvyio" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714446", "to_ids": true, "type": "hostname", "uuid": "57c7d6ce-c6f8-4c3e-986a-4c28950d210f", "value": "fingermousedesign.co.uk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714446", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6ce-d02c-4bd4-9988-4b40950d210f", "value": "94.136.40.103" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714446", "to_ids": true, "type": "url", "uuid": "57c7d6ce-969c-40fe-bc73-41c1950d210f", "value": "http://209.41.183.242/adjxlax" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714446", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6ce-fd74-4a52-b7cf-4bcc950d210f", "value": "209.41.183.242" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714447", "to_ids": true, "type": "url", "uuid": "57c7d6cf-2000-44f6-91f3-45dd950d210f", "value": "http://www.erretisnc.it/mucyerv" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714447", "to_ids": true, "type": "hostname", "uuid": "57c7d6cf-bd38-48f0-a7ae-4294950d210f", "value": "www.erretisnc.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714447", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6cf-46e4-4006-8a9f-4eff950d210f", "value": "213.205.40.169" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714447", "to_ids": true, "type": "url", "uuid": "57c7d6cf-b620-4fe7-aea3-4f97950d210f", "value": "http://atomtyann.web.fc2.com/balewan" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714448", "to_ids": true, "type": "hostname", "uuid": "57c7d6d0-b4f4-47b9-9d89-490f950d210f", "value": "atomtyann.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714448", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d0-f074-4a40-9e2d-442e950d210f", "value": "208.71.106.49" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714448", "to_ids": true, "type": "url", "uuid": "57c7d6d0-7b2c-4e02-b02b-403a950d210f", "value": "http://www.dietmar-bernhard.de/rthvkws" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714448", "to_ids": true, "type": "hostname", "uuid": "57c7d6d0-a0a0-45b7-9ace-40ad950d210f", "value": "www.dietmar-bernhard.de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714448", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d0-1a04-491a-a798-4abc950d210f", "value": "212.40.179.91" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714449", "to_ids": true, "type": "url", "uuid": "57c7d6d1-31a0-4aae-98b8-4582950d210f", "value": "http://www.en4x4.net/mtbtlvu" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714449", "to_ids": true, "type": "hostname", "uuid": "57c7d6d1-6d14-4fe7-aafa-4a71950d210f", "value": "www.en4x4.net" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714449", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d1-df18-40ca-926d-4969950d210f", "value": "195.238.0.64" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714449", "to_ids": true, "type": "url", "uuid": "57c7d6d1-ead0-480e-881f-486c950d210f", "value": "http://news.oboyle.ro/wexunjy" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714449", "to_ids": true, "type": "hostname", "uuid": "57c7d6d1-6684-427d-ab4f-4d87950d210f", "value": "news.oboyle.ro" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714450", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d2-6320-4b23-9d33-4e86950d210f", "value": "89.238.218.190" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714450", "to_ids": true, "type": "url", "uuid": "57c7d6d2-558c-49c4-bd07-4787950d210f", "value": "http://portadeenrolar.ind.br/jtfinwo" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714450", "to_ids": true, "type": "hostname", "uuid": "57c7d6d2-a85c-453f-a999-415f950d210f", "value": "portadeenrolar.ind.br" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714450", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d2-bf44-4ec1-8d64-44ea950d210f", "value": "186.202.126.199" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714450", "to_ids": true, "type": "url", "uuid": "57c7d6d2-a598-45bd-b345-440b950d210f", "value": "http://matsumotokoichi.web.fc2.com/kwylrmn" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714451", "to_ids": true, "type": "hostname", "uuid": "57c7d6d3-514c-4705-84da-4145950d210f", "value": "matsumotokoichi.web.fc2.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714451", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d3-76ec-42b8-8b93-42bc950d210f", "value": "208.71.106.61" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714451", "to_ids": true, "type": "url", "uuid": "57c7d6d3-1060-41c6-8424-4a7d950d210f", "value": "http://unimet.tmhandel.com/eeeunkr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714451", "to_ids": true, "type": "hostname", "uuid": "57c7d6d3-cb04-4755-ae89-49b5950d210f", "value": "unimet.tmhandel.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714451", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d3-5150-494e-bde2-4841950d210f", "value": "213.185.87.30" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714452", "to_ids": true, "type": "url", "uuid": "57c7d6d4-5b80-4e17-b261-446c950d210f", "value": "http://josemedina.com/lqusgkq" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714452", "to_ids": true, "type": "domain", "uuid": "57c7d6d4-f31c-45fc-826f-4de7950d210f", "value": "josemedina.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714452", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d4-8670-4a28-bf21-4695950d210f", "value": "216.110.144.242" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714452", "to_ids": true, "type": "url", "uuid": "57c7d6d4-fd00-43ed-9be4-4b98950d210f", "value": "http://www.rioual.com/bddoxvg" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714453", "to_ids": true, "type": "hostname", "uuid": "57c7d6d5-b5cc-4245-be7d-46d3950d210f", "value": "www.rioual.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714453", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d5-0154-4b01-af25-4ea5950d210f", "value": "213.186.33.19" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714453", "to_ids": true, "type": "url", "uuid": "57c7d6d5-0828-4d8b-8a82-4ea5950d210f", "value": "http://www.primaria-adamclisi.go.ro/ueeldwe" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714453", "to_ids": true, "type": "hostname", "uuid": "57c7d6d5-1db0-43c2-93cf-4bf0950d210f", "value": "www.primaria-adamclisi.go.ro" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714453", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d5-4a28-46ca-8b26-426f950d210f", "value": "81.196.20.134" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "url", "uuid": "57c7d6d6-c600-4582-8ab4-466b950d210f", "value": "http://zse2.pl/clxcvja" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "domain", "uuid": "57c7d6d6-f13c-425d-a310-4af0950d210f", "value": "zse2.pl" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d6-82d8-4677-bfda-449d950d210f", "value": "93.157.100.25" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "url", "uuid": "57c7d6d6-2a10-404b-ad98-42eb950d210f", "value": "http://hotcarshhhs6632.com/js/76g78uf4sw" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "domain", "uuid": "57c7d6d6-69cc-412f-914b-49fb950d210f", "value": "hotcarshhhs6632.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1472714454", "to_ids": true, "type": "ip-dst", "uuid": "57c7d6d7-83dc-42ee-87da-452c950d210f", "value": "23.95.106.193" } ] } }