{ "Event": { "analysis": "2", "date": "2016-08-18", "extends_uuid": "", "info": "OSINT Shark Ransomware: Ransomware as a service", "publish_timestamp": "1473432735", "published": true, "threat_level_id": "3", "timestamp": "1471522796", "uuid": "57b5a6a6-334c-4a50-9e23-45b0950d210f", "Orgc": { "name": "CthulhuSPRL.be", "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f" }, "Tag": [ { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "OSINT", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1471522497", "to_ids": false, "type": "link", "uuid": "57b5a6c1-f550-487b-b784-47c0950d210f", "value": "https://www.hybrid-analysis.com/sample/08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623?environmentId=100" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1471522546", "to_ids": false, "type": "link", "uuid": "57b5a6f2-8328-47c9-8b24-4bcb950d210f", "value": "https://otx.alienvault.com/pulse/57b2f34f89ca9f013545f722/" }, { "category": "Network activity", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522788", "to_ids": false, "type": "domain", "uuid": "57b5a789-27b8-41dd-82f0-4068950d210f", "value": "system.io" }, { "category": "Network activity", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522697", "to_ids": true, "type": "domain", "uuid": "57b5a789-bde4-4bdf-8b42-4072950d210f", "value": "1729studios.com" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522697", "to_ids": true, "type": "filename", "uuid": "57b5a789-c50c-41eb-a4d0-4705950d210f", "value": "shark.properties" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522718", "to_ids": false, "type": "filename", "uuid": "57b5a78a-87ec-4202-940f-45bc950d210f", "value": "myapplication.app" }, { "category": "Network activity", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522796", "to_ids": false, "type": "domain", "uuid": "57b5a78a-16d4-4125-ba00-49b1950d210f", "value": "system.net" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522698", "to_ids": true, "type": "md5", "uuid": "57b5a78a-8b2c-49bc-b0fa-4f23950d210f", "value": "72269ea7cc6281139e4d155e7c57dc67" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522698", "to_ids": true, "type": "md5", "uuid": "57b5a78a-71b0-4aef-8247-4860950d210f", "value": "f34d5f2d4577ed6d9ceec516c1f5a744" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522698", "to_ids": true, "type": "md5", "uuid": "57b5a78a-1520-4f41-9dd4-4f64950d210f", "value": "dec07b3163dfca1d155ae21254c663f6" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522699", "to_ids": true, "type": "md5", "uuid": "57b5a78b-1df4-45a0-8ef7-4159950d210f", "value": "cf12f2c0e54cd8ba93511fba008380a6" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522699", "to_ids": true, "type": "md5", "uuid": "57b5a78b-9cb4-4318-87f3-4a4c950d210f", "value": "74d992a686d753eebecd22de7b5c0dea" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522699", "to_ids": true, "type": "md5", "uuid": "57b5a78b-97c8-4379-ba61-40c4950d210f", "value": "72de10b7f7cd75217e4c4ec7a79ca44f" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522699", "to_ids": true, "type": "md5", "uuid": "57b5a78b-3758-4df2-a8ea-41ff950d210f", "value": "0a7670cfd2c824366ad67400c5e74636" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522699", "to_ids": true, "type": "md5", "uuid": "57b5a78b-39e0-4d08-b4d9-415a950d210f", "value": "49edace716a872ec654af76a7c46fbff" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522700", "to_ids": true, "type": "md5", "uuid": "57b5a78c-f514-40f1-8f5f-4506950d210f", "value": "51e2934144ba15628ba5a31be2dae7dc" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522700", "to_ids": true, "type": "md5", "uuid": "57b5a78c-321c-463c-b40f-4461950d210f", "value": "347bb967065efeccdc0c16311b88f379" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522700", "to_ids": true, "type": "md5", "uuid": "57b5a78c-8d80-4c3e-bd43-4cd3950d210f", "value": "e40da7a49f8c3f0108e7c835b342f382" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522700", "to_ids": true, "type": "md5", "uuid": "57b5a78c-1504-4b91-bd3f-4307950d210f", "value": "b9f7adbc90a2bcbe8eb9e6e8d2bb975b" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522700", "to_ids": true, "type": "md5", "uuid": "57b5a78c-7468-458f-9034-4be3950d210f", "value": "39262c4acb361ecd06d812d2e8bea628" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-fcd0-4305-bec8-4119950d210f", "value": "9c354f5c9f53fbf2a57c8dc695f89ffe" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-c078-4681-b27d-45e4950d210f", "value": "070399bfc77f0ff0da23c2d8699c0095" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-f1a4-46f6-8ca0-49ad950d210f", "value": "4309269ad51911d65b6ad62ba61218a9" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-d8a0-4f2d-ba3e-455e950d210f", "value": "625557075843d93b867802c222d63da2" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-0138-405e-a28a-491d950d210f", "value": "4dbe1d1edf767ef5dd3069508f2d1a91" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522701", "to_ids": true, "type": "md5", "uuid": "57b5a78d-25f8-4f7d-a717-4af7950d210f", "value": "22ae167d586450ad3a9b9a9ee43ebc86" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-572c-408c-afe0-400e950d210f", "value": "f9ac686ff83b3df8eeeefb9caf7745ccc37bdbd0" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-3d74-4e43-be6f-4526950d210f", "value": "7d7f4414ccef168adf6bf40753b5becd78375931" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-562c-41b6-89e4-41f6950d210f", "value": "b347ae931ad8370c71af18484c55216e99d4bf94" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-a34c-47e1-b74e-453a950d210f", "value": "64869ac67f01de6c8fa86928f293ae17e5f939bf" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-0498-49f3-b6d2-4d60950d210f", "value": "637162cc59a3a1e25956fa5fa8f60d2e1c52eac6" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522702", "to_ids": true, "type": "sha1", "uuid": "57b5a78e-30a8-4186-a2fe-4f82950d210f", "value": "8ad5c9987e6f190bd6f5416e2de44ccd641d8cda" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522703", "to_ids": true, "type": "sha1", "uuid": "57b5a78f-6918-4b45-97bf-4337950d210f", "value": "0b0a9534cef684c93c2fc591e55ceaf831e2275d" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522703", "to_ids": true, "type": "sha1", "uuid": "57b5a78f-0098-4e0a-9a0f-4e66950d210f", "value": "dd5783bcf1e9002bc00ad5b83a95ed6e4ebb4ad5" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522703", "to_ids": true, "type": "sha1", "uuid": "57b5a78f-5390-4494-b598-461a950d210f", "value": "109f1caed645bb78b3ea2b94c0697c740733031c" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522703", "to_ids": true, "type": "sha1", "uuid": "57b5a78f-4530-4b3f-ae2a-4e0b950d210f", "value": "a377d1b1c0538833035211f4083d00fecc414dab" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522703", "to_ids": true, "type": "sha1", "uuid": "57b5a78f-006c-4e5c-a737-4435950d210f", "value": "706b3f9d9e678fd4846cae1fd4c0ea037b560e30" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522704", "to_ids": true, "type": "sha1", "uuid": "57b5a790-5248-4acc-9191-4dce950d210f", "value": "fee449ee0e3965a5246f000e87fde2a065fd89d4" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522704", "to_ids": true, "type": "sha256", "uuid": "57b5a790-0070-41e3-96da-452d950d210f", "value": "35104f21cc385fd8f07e162d05bad1aa1d940d1fb08b796993e811639d65b69a" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522704", "to_ids": true, "type": "sha256", "uuid": "57b5a790-19a0-4370-be4f-4fc1950d210f", "value": "b3e5ec26cf605a36756438776508c3a076e90dc3f8d7ebc3c83d33c62c7c153b" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522704", "to_ids": true, "type": "sha256", "uuid": "57b5a790-6488-404c-a264-4648950d210f", "value": "7a3d78d44c4c43d9d839da67f101390be3c4cb675dfc633b9ca85b647883cf88" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522704", "to_ids": true, "type": "sha256", "uuid": "57b5a790-1650-4f11-bb68-4b5e950d210f", "value": "cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522705", "to_ids": true, "type": "sha256", "uuid": "57b5a791-b72c-4477-9484-4ee4950d210f", "value": "c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522705", "to_ids": true, "type": "sha256", "uuid": "57b5a791-9260-4275-9427-45fc950d210f", "value": "7410386118f1dd7aed244dcd392664e7f2b00ea4bca8aa3052474970fe6c8395" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522705", "to_ids": true, "type": "sha256", "uuid": "57b5a791-4318-4009-aa18-4358950d210f", "value": "5568728ca42a1d8462f60daf7108a55d81b46b58277656425a81a6663644e11e" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522705", "to_ids": true, "type": "sha256", "uuid": "57b5a791-d94c-4adf-8f3c-42f9950d210f", "value": "8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522705", "to_ids": true, "type": "sha256", "uuid": "57b5a791-f6c0-4141-9381-4bce950d210f", "value": "08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522706", "to_ids": true, "type": "sha256", "uuid": "57b5a792-0e30-44f8-8e2e-4029950d210f", "value": "a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522706", "to_ids": true, "type": "sha256", "uuid": "57b5a792-9ec8-4d93-a9ed-41c4950d210f", "value": "5a77195969ded56df2c9a62c8c0345a4de336a58c517059f2edfd939d8ca34c4" }, { "category": "Payload delivery", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522706", "to_ids": true, "type": "sha256", "uuid": "57b5a792-27a8-4ca7-8b1d-4d1b950d210f", "value": "dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763" }, { "category": "Network activity", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522706", "to_ids": false, "type": "hostname", "uuid": "57b5a792-e858-44d7-906f-4363950d210f", "value": "www.ip-api.com" }, { "category": "Network activity", "comment": "Imported via the Freetext Import Tool", "deleted": false, "disable_correlation": false, "timestamp": "1471522706", "to_ids": false, "type": "hostname", "uuid": "57b5a792-b3f8-4b79-945f-40a9950d210f", "value": "outgoing.ip-api.com" }, { "category": "Payload delivery", "comment": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)", "deleted": false, "disable_correlation": false, "timestamp": "1471522948", "to_ids": true, "type": "md5", "uuid": "57b5a884-7fd0-451b-8255-4d5f950d210f", "value": "3376a873bb4d0e8394eb02467069d170" }, { "category": "Payload delivery", "comment": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)", "deleted": false, "disable_correlation": false, "timestamp": "1471522951", "to_ids": true, "type": "md5", "uuid": "57b5a887-a9a8-4409-aea6-440d950d210f", "value": "6534f7c9e450bd7c700e8eea2b8fdc80" }, { "category": "Payload delivery", "comment": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)", "deleted": false, "disable_correlation": false, "timestamp": "1471522955", "to_ids": true, "type": "md5", "uuid": "57b5a88b-59a8-4ce9-bf1a-4959950d210f", "value": "e9b5cf97da4147122eda58acfd364dc4" }, { "category": "Payload delivery", "comment": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)", "deleted": false, "disable_correlation": false, "timestamp": "1471522958", "to_ids": true, "type": "md5", "uuid": "57b5a88e-cb28-479a-bf30-48a4950d210f", "value": "ec43971547c0c3fee00fe095008a053c" }, { "category": "Payload delivery", "comment": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)", "deleted": false, "disable_correlation": false, "timestamp": "1471522961", "to_ids": true, "type": "md5", "uuid": "57b5a891-aa00-4c0f-bc91-41cf950d210f", "value": "ff76d48375d9f9b21579826a13d9c9b6" }, { "category": "Payload delivery", "comment": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)", "deleted": false, "disable_correlation": false, "timestamp": "1471522949", "to_ids": true, "type": "sha1", "uuid": "57b5a885-55a4-48fd-bd72-42d4950d210f", "value": "5466c1dfc0a4f738aecfc45a3465f9219736368d" }, { "category": "Payload delivery", "comment": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)", "deleted": false, "disable_correlation": false, "timestamp": "1471522952", "to_ids": true, "type": "sha1", "uuid": "57b5a888-bde8-49a5-856c-4ff5950d210f", "value": "14eaf11792bec41b9268531010ff252a5534eb5e" }, { "category": "Payload delivery", "comment": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)", "deleted": false, "disable_correlation": false, "timestamp": "1471522956", "to_ids": true, "type": "sha1", "uuid": "57b5a88c-6198-4fc0-b518-4707950d210f", "value": "6e0a051f8ce858839d3d190c5f5d2ab462a5c73f" }, { "category": "Payload delivery", "comment": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)", "deleted": false, "disable_correlation": false, "timestamp": "1471522959", "to_ids": true, "type": "sha1", "uuid": "57b5a88f-9c2c-445e-8f74-4ba7950d210f", "value": "fdf05f8fadefdad3b83fcc735f4eeb3b5d178d7b" }, { "category": "Payload delivery", "comment": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)", "deleted": false, "disable_correlation": false, "timestamp": "1471522962", "to_ids": true, "type": "sha1", "uuid": "57b5a892-4998-43fa-a7c9-4952950d210f", "value": "0446223b9d678f7576a4a4d17992d4e6509251dc" } ] } }