{ "Event": { "analysis": "2", "date": "2016-03-28", "extends_uuid": "", "info": "Locky of the day (20160328) - affid=3", "publish_timestamp": "1459257689", "published": true, "threat_level_id": "3", "timestamp": "1459175372", "uuid": "56f93f55-e6d0-45c9-8109-74ad02de0b81", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "name": "tlp:white" }, { "colour": "#004646", "name": "type:OSINT" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175281", "to_ids": true, "type": "sha256", "uuid": "56f93f71-1e1c-4f57-974a-3f2b02de0b81", "value": "61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e" }, { "category": "Payload delivery", "comment": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e", "deleted": false, "disable_correlation": false, "timestamp": "1459175291", "to_ids": true, "type": "sha1", "uuid": "56f93f7b-edc4-4d27-bd7c-3f2c02de0b81", "value": "76f27ed591f0270e73dbb0853e71f80a5b32218e" }, { "category": "Payload delivery", "comment": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e", "deleted": false, "disable_correlation": false, "timestamp": "1459175291", "to_ids": true, "type": "md5", "uuid": "56f93f7b-44ac-4975-84f3-3f2c02de0b81", "value": "1f1e3688f85070dd1e9a766d03b6817e" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175291", "to_ids": false, "type": "link", "uuid": "56f93f7b-2fa0-4325-aa27-3f2c02de0b81", "value": "https://www.virustotal.com/file/61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e/analysis/1459171638/" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175313", "to_ids": true, "type": "ip-dst", "uuid": "56f93f91-ad50-4798-90bc-3f2702de0b81", "value": "92.63.87.134" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175313", "to_ids": true, "type": "ip-dst", "uuid": "56f93f91-e500-4b6f-967b-3f2702de0b81", "value": "176.31.47.100" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175313", "to_ids": true, "type": "ip-dst", "uuid": "56f93f91-4e5c-4bfd-8669-3f2702de0b81", "value": "185.117.72.94" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175314", "to_ids": true, "type": "ip-dst", "uuid": "56f93f92-db3c-4944-be9f-3f2702de0b81", "value": "84.19.170.249" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175314", "to_ids": true, "type": "ip-dst", "uuid": "56f93f92-3bc0-40a4-98e3-3f2702de0b81", "value": "83.217.8.127" }, { "category": "Network activity", "comment": "C&C", "deleted": false, "disable_correlation": false, "timestamp": "1459175314", "to_ids": true, "type": "ip-dst", "uuid": "56f93f92-cc08-4a78-a453-3f2702de0b81", "value": "91.200.14.73" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175359", "to_ids": true, "type": "url", "uuid": "56f93fb3-7fc0-429c-aa4a-3f5d02de0b81", "value": "http://comprecaldas.com/js/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175372", "to_ids": true, "type": "url", "uuid": "56f93fcc-4c84-46a6-9079-3f2f02de0b81", "value": "http://comprecaldas.com/js/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175373", "to_ids": true, "type": "url", "uuid": "56f93fcd-ad84-461c-80b2-3f2f02de0b81", "value": "http://distrazur.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175373", "to_ids": true, "type": "url", "uuid": "56f93fcd-d728-410b-b440-3f2f02de0b81", "value": "http://dragonex.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175373", "to_ids": true, "type": "url", "uuid": "56f93fcd-6f38-4be3-9645-3f2f02de0b81", "value": "http://homedesire.co.uk/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175374", "to_ids": true, "type": "url", "uuid": "56f93fce-b880-4a0e-8755-3f2f02de0b81", "value": "http://lascelta.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175374", "to_ids": true, "type": "url", "uuid": "56f93fce-84d4-4104-a05f-3f2f02de0b81", "value": "http://orkneyhampers.co.uk/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175374", "to_ids": true, "type": "url", "uuid": "56f93fce-a728-4eca-9081-3f2f02de0b81", "value": "http://pockettypewriter.co.uk/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175375", "to_ids": true, "type": "url", "uuid": "56f93fcf-beac-4828-a54d-3f2f02de0b81", "value": "http://sandbox.bottlestore.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175375", "to_ids": true, "type": "url", "uuid": "56f93fcf-afe8-4514-8bf4-3f2f02de0b81", "value": "http://scorpena.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175375", "to_ids": true, "type": "url", "uuid": "56f93fcf-f130-485e-886d-3f2f02de0b81", "value": "http://store.brugomug.co.uk/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459175375", "to_ids": true, "type": "url", "uuid": "56f93fcf-0b84-4b10-a9ea-3f2f02de0b81", "value": "http://wholesale.undercovermama.com/765f46vb.exe" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252857", "to_ids": true, "type": "domain", "uuid": "56fa6e79-f934-4337-8091-43d4950d210f", "value": "comprecaldas.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252858", "to_ids": true, "type": "domain", "uuid": "56fa6e7a-22b4-4a5e-a88b-42c4950d210f", "value": "distrazur.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252858", "to_ids": true, "type": "domain", "uuid": "56fa6e7a-6234-4245-aded-4f2f950d210f", "value": "homedesire.co.uk" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252858", "to_ids": true, "type": "domain", "uuid": "56fa6e7a-e6dc-47de-bba3-41be950d210f", "value": "dragonex.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252859", "to_ids": true, "type": "domain", "uuid": "56fa6e7b-f358-4891-9f38-4253950d210f", "value": "orkneyhampers.co.uk" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252859", "to_ids": true, "type": "domain", "uuid": "56fa6e7b-ed70-4c4c-903f-49ac950d210f", "value": "lascelta.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252859", "to_ids": true, "type": "domain", "uuid": "56fa6e7b-86bc-4b96-bf6c-4616950d210f", "value": "wholesale.undercovermama.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252859", "to_ids": true, "type": "domain", "uuid": "56fa6e7b-5fd4-4a72-9b79-481b950d210f", "value": "pockettypewriter.co.uk" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252860", "to_ids": true, "type": "domain", "uuid": "56fa6e7c-89c4-4b7c-9350-4509950d210f", "value": "scorpena.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252860", "to_ids": true, "type": "domain", "uuid": "56fa6e7c-d424-41c5-bbf4-446a950d210f", "value": "sandbox.bottlestore.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1459252860", "to_ids": true, "type": "domain", "uuid": "56fa6e7c-e9b0-4beb-a611-412b950d210f", "value": "store.brugomug.co.uk" } ] } }