{ "Event": { "analysis": "0", "date": "2016-07-19", "extends_uuid": "", "info": "Malspam 2016-07-19 .wsf (campaign: \"new invoice\")", "publish_timestamp": "1468935880", "published": true, "threat_level_id": "3", "timestamp": "1468935034", "uuid": "578e2285-12cc-4a15-b078-4b74950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "name": "tlp:white" }, { "colour": "#3b7500", "name": "circl:incident-classification=\"malware\"" } ], "Attribute": [ { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933206", "to_ids": true, "type": "url", "uuid": "578e2456-0658-4de1-a00a-4120950d210f", "value": "http://westcoastswingitaly.it/jycvhfqq" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933207", "to_ids": true, "type": "domain", "uuid": "578e2457-396c-4fcb-8751-4082950d210f", "value": "westcoastswingitaly.it" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933207", "to_ids": true, "type": "ip-dst", "uuid": "578e2457-47c4-4dc4-a453-44bc950d210f", "value": "213.186.33.5" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933207", "to_ids": true, "type": "url", "uuid": "578e2457-3744-4f39-a99b-49de950d210f", "value": "http://albany.asn.au/4sb2qnf" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933208", "to_ids": true, "type": "hostname", "uuid": "578e2458-0530-43c3-82cb-4f6e950d210f", "value": "albany.asn.au" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933208", "to_ids": true, "type": "ip-dst", "uuid": "578e2458-f2c0-4022-8421-4c84950d210f", "value": "27.123.31.81" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933208", "to_ids": true, "type": "url", "uuid": "578e2458-fbf0-4c55-bab4-489b950d210f", "value": "http://alinmaagroup.com/c2baqb" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933209", "to_ids": true, "type": "domain", "uuid": "578e2459-bdf0-4b61-82d9-4c48950d210f", "value": "alinmaagroup.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933209", "to_ids": true, "type": "ip-dst", "uuid": "578e2459-4364-4892-8c15-4385950d210f", "value": "107.180.26.137" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933210", "to_ids": true, "type": "url", "uuid": "578e245a-6f10-4d7f-bba2-4f2a950d210f", "value": "http://delaemvkusnoe.ru/7lsypth" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933210", "to_ids": true, "type": "domain", "uuid": "578e245a-2838-4476-9ce7-46ce950d210f", "value": "delaemvkusnoe.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933210", "to_ids": true, "type": "ip-dst", "uuid": "578e245a-5810-4da0-acfb-42a9950d210f", "value": "195.208.1.129" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933211", "to_ids": true, "type": "url", "uuid": "578e245b-09f8-4c58-95a1-4571950d210f", "value": "http://jem-111.com/v5tq6s3" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933211", "to_ids": true, "type": "domain", "uuid": "578e245b-adfc-425c-b079-4fc7950d210f", "value": "jem-111.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933212", "to_ids": true, "type": "ip-dst", "uuid": "578e245c-4f5c-4b28-9c2e-4cb3950d210f", "value": "153.122.18.175" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933212", "to_ids": true, "type": "url", "uuid": "578e245c-7638-4a8c-a95b-4414950d210f", "value": "http://vilalusa.com/33q4i6f" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933212", "to_ids": true, "type": "domain", "uuid": "578e245c-e58c-439d-bf94-4fff950d210f", "value": "vilalusa.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933213", "to_ids": true, "type": "ip-dst", "uuid": "578e245d-ae6c-42e8-a77b-41b9950d210f", "value": "74.63.197.146" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933213", "to_ids": true, "type": "url", "uuid": "578e245d-1c58-4780-ba82-4679950d210f", "value": "http://moroem.com/n79lv" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933213", "to_ids": true, "type": "domain", "uuid": "578e245d-8fdc-4a53-b030-4c49950d210f", "value": "moroem.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933214", "to_ids": true, "type": "ip-dst", "uuid": "578e245e-8b20-4bda-bf29-4c7f950d210f", "value": "192.186.220.1" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933214", "to_ids": true, "type": "url", "uuid": "578e245e-6e94-49a5-b70c-4bbe950d210f", "value": "http://altadevelopers.com/kacgwe" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933215", "to_ids": true, "type": "domain", "uuid": "578e245f-288c-4474-a4d4-4abd950d210f", "value": "altadevelopers.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933215", "to_ids": true, "type": "ip-dst", "uuid": "578e245f-f230-4d0f-a6c8-4865950d210f", "value": "192.186.248.38" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933216", "to_ids": true, "type": "url", "uuid": "578e2460-0094-4a69-a362-4a4a950d210f", "value": "http://technobuz.com/05gwngqn" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933216", "to_ids": true, "type": "domain", "uuid": "578e2460-e67c-41e3-8e1d-429a950d210f", "value": "technobuz.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933217", "to_ids": true, "type": "ip-dst", "uuid": "578e2461-0420-41b2-ac5e-462f950d210f", "value": "23.229.142.4" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933217", "to_ids": true, "type": "url", "uuid": "578e2461-fd40-4e72-86ce-464e950d210f", "value": "http://delaemvkusnoe.ru/yr54po27" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933217", "to_ids": true, "type": "url", "uuid": "578e2461-5190-4d3a-bce6-4e71950d210f", "value": "http://hiramteran.com/qrjna81y" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933218", "to_ids": true, "type": "domain", "uuid": "578e2462-f0ac-45f6-8dc9-48a5950d210f", "value": "hiramteran.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933218", "to_ids": true, "type": "ip-dst", "uuid": "578e2462-26cc-4f13-ab49-410e950d210f", "value": "69.90.66.130" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933219", "to_ids": true, "type": "url", "uuid": "578e2463-27f8-498c-b7d1-4ffa950d210f", "value": "http://versus.uz/ah73wlnz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933219", "to_ids": true, "type": "domain", "uuid": "578e2463-ec98-44ba-9b38-4041950d210f", "value": "versus.uz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933219", "to_ids": true, "type": "ip-dst", "uuid": "578e2463-7f1c-4d58-91ff-40f4950d210f", "value": "62.209.128.113" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933220", "to_ids": true, "type": "url", "uuid": "578e2464-1a78-441f-8a26-4180950d210f", "value": "http://aerosfera.ru/xmljn" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933220", "to_ids": true, "type": "domain", "uuid": "578e2464-f808-4e19-b51c-4bdc950d210f", "value": "aerosfera.ru" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933221", "to_ids": true, "type": "ip-dst", "uuid": "578e2465-3370-45b4-8981-405f950d210f", "value": "195.208.1.141" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933221", "to_ids": true, "type": "url", "uuid": "578e2465-9e4c-4cc1-9146-4374950d210f", "value": "http://modulofm.com.br/3ap3qsi" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933221", "to_ids": true, "type": "hostname", "uuid": "578e2465-76fc-4188-bd52-474a950d210f", "value": "modulofm.com.br" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468933222", "to_ids": true, "type": "ip-dst", "uuid": "578e2466-bb88-44a1-9444-4fba950d210f", "value": "191.240.255.40" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1468934229", "to_ids": false, "type": "email-subject", "uuid": "578e2855-2318-4841-95e1-44ee950d210f", "value": "new invoice" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1468934257", "to_ids": false, "type": "user-agent", "uuid": "578e2871-fd00-4f55-a56b-43c8950d210f", "value": "User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935032", "to_ids": true, "type": "url", "uuid": "578e2b78-57b8-47be-8720-49dc950d210f", "value": "http://choogo.net/qisxmdwz" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935032", "to_ids": true, "type": "domain", "uuid": "578e2b78-d4f4-4ef4-b816-4fb3950d210f", "value": "choogo.net" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935032", "to_ids": true, "type": "ip-dst", "uuid": "578e2b78-f644-4982-86fd-466f950d210f", "value": "112.171.173.157" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935033", "to_ids": true, "type": "url", "uuid": "578e2b79-1b08-40e6-8b86-4098950d210f", "value": "http://pasadenaoffice.com/431i00cd" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935033", "to_ids": true, "type": "domain", "uuid": "578e2b79-2560-4e71-abf4-4449950d210f", "value": "pasadenaoffice.com" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935033", "to_ids": true, "type": "ip-dst", "uuid": "578e2b79-c344-48e8-bc61-40a9950d210f", "value": "69.67.54.86" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935033", "to_ids": true, "type": "url", "uuid": "578e2b79-a718-43ca-9cd6-4413950d210f", "value": "http://12-land.co.jp/gvkkx" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935033", "to_ids": true, "type": "hostname", "uuid": "578e2b79-3f58-487d-898b-49cd950d210f", "value": "12-land.co.jp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468935034", "to_ids": true, "type": "ip-dst", "uuid": "578e2b7a-9184-49b2-af13-498a950d210f", "value": "64.56.177.76" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934295", "to_ids": true, "type": "url", "uuid": "578e2897-13fc-48c9-a55d-44bf950d210f", "value": "http://accendojuris.com/dem3owmx" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934297", "to_ids": true, "type": "url", "uuid": "578e2899-8ef8-44c9-97d5-4223950d210f", "value": "http://all-rides.com/m6bobmp" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934298", "to_ids": true, "type": "url", "uuid": "578e289a-8590-41f3-be1f-430e950d210f", "value": "http://anima-centrum.sk/bkcs2" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934298", "to_ids": true, "type": "url", "uuid": "578e289a-aaa0-4e74-88d0-4826950d210f", "value": "http://bastidoresderondonia.com.br/ww55qzn" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934299", "to_ids": true, "type": "url", "uuid": "578e289b-c540-4237-8496-4fdb950d210f", "value": "http://biovinci.com.br/dl9f0m6" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934300", "to_ids": true, "type": "url", "uuid": "578e289c-56e8-4a41-a44d-461d950d210f", "value": "http://darkhollowcoffee.com/unntj" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934300", "to_ids": true, "type": "url", "uuid": "578e289c-8a68-4b26-bfb8-44b0950d210f", "value": "http://daveshearth.com/f1t14" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934301", "to_ids": true, "type": "url", "uuid": "578e289d-68a4-4963-83fc-41cc950d210f", "value": "http://dealsbro.com/ptamc" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934302", "to_ids": true, "type": "url", "uuid": "578e289e-667c-4e74-a9b3-427c950d210f", "value": "http://dev.appleleafabstracting.com/j5q4b" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934303", "to_ids": true, "type": "url", "uuid": "578e289f-f520-4938-b461-4cdb950d210f", "value": "http://dipp.lt/id4e6xcs" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934304", "to_ids": true, "type": "url", "uuid": "578e28a0-6998-4618-8583-47d2950d210f", "value": "http://econopaginas.com/33ry5u" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934304", "to_ids": true, "type": "url", "uuid": "578e28a0-7954-474f-9dab-41d0950d210f", "value": "http://ejdadim.com/tzblhuk" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934305", "to_ids": true, "type": "url", "uuid": "578e28a1-ab40-45e0-ad82-464c950d210f", "value": "http://heonybaby.synology.me/uydikuo" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934306", "to_ids": true, "type": "url", "uuid": "578e28a2-4d44-469e-bc1c-4268950d210f", "value": "http://ialri.net/wh64xsb" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934307", "to_ids": true, "type": "url", "uuid": "578e28a3-9b60-41b2-942b-47ff950d210f", "value": "http://kveldeil.no/gfk2p" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934308", "to_ids": true, "type": "url", "uuid": "578e28a4-7aac-4521-ae7e-4a44950d210f", "value": "http://litehauzz.com.ng/cxqr03" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934308", "to_ids": true, "type": "url", "uuid": "578e28a4-db6c-4f6a-82d2-4e66950d210f", "value": "http://lkfashions.com/3vkh8fcv" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934310", "to_ids": true, "type": "url", "uuid": "578e28a6-1e88-49c0-8821-4468950d210f", "value": "http://muscleinjuries.com/lqah1guh" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934310", "to_ids": true, "type": "url", "uuid": "578e28a6-58f4-46fe-9d94-4ae7950d210f", "value": "http://mylimajai.lt/fkf75fo" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934311", "to_ids": true, "type": "url", "uuid": "578e28a7-5994-422a-8da6-43e7950d210f", "value": "http://myphychoice.com/s0ksxt8e" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934311", "to_ids": true, "type": "url", "uuid": "578e28a7-0484-4b97-a948-4d6b950d210f", "value": "http://ormanstressrelief.com/lq1z62q" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934312", "to_ids": true, "type": "url", "uuid": "578e28a8-69fc-48c5-b5ac-4e81950d210f", "value": "http://ostrovokkrasoty.ru/zxaen4" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934313", "to_ids": true, "type": "url", "uuid": "578e28a9-6644-43e7-afb8-4c5e950d210f", "value": "http://right-livelihoods.org/uplwj" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934313", "to_ids": true, "type": "url", "uuid": "578e28a9-1254-463f-a271-45a9950d210f", "value": "http://scpremiumbikes.com/53mkzxat" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934314", "to_ids": true, "type": "url", "uuid": "578e28aa-5828-4330-b9af-48e2950d210f", "value": "http://sitkainvestigations.com/2wmp4g" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934315", "to_ids": true, "type": "url", "uuid": "578e28ab-ebf8-4a93-8439-412a950d210f", "value": "http://thetestserver.net/kemymr" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934316", "to_ids": true, "type": "url", "uuid": "578e28ac-76a0-4fb7-9dab-494e950d210f", "value": "http://tvernedra.ru/zkca0de" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934316", "to_ids": true, "type": "url", "uuid": "578e28ac-e028-4b6f-8cc4-4017950d210f", "value": "http://u0086064.cp.regruhosting.ru/hnmbac" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934317", "to_ids": true, "type": "url", "uuid": "578e28ad-093c-42d7-9fbc-4129950d210f", "value": "http://ultramarincentr.ru/ihreg" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934318", "to_ids": true, "type": "url", "uuid": "578e28ae-f094-4d72-ab4c-46fe950d210f", "value": "http://vidonet.es/al268615" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934319", "to_ids": true, "type": "url", "uuid": "578e28af-7a84-43b5-aa7a-4fd6950d210f", "value": "http://www.thephoneguy.talktalk.net/om8bt" }, { "category": "Network activity", "comment": "download location", "deleted": false, "disable_correlation": false, "timestamp": "1468934320", "to_ids": true, "type": "url", "uuid": "578e28b0-0828-4ccf-acfa-4723950d210f", "value": "http://zuerich-gewerbe.ch/99v85w" } ] } }