{ "Event": { "analysis": "1", "date": "2017-09-29", "extends_uuid": "", "info": "M2M - Locky Affid=3/Trickbot \"mac1\" 2017-09-29 : \"Voice Message from ...\" - \"/voicemsg.html\" links", "publish_timestamp": "1506690402", "published": true, "threat_level_id": "3", "timestamp": "1506690397", "uuid": "59ce3d45-fc70-4852-bf6d-46e4950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "name": "tlp:white" }, { "colour": "#0088cc", "name": "misp-galaxy:tool=\"Trick Bot\"" }, { "colour": "#006c6c", "name": "ecsirt:malicious-code=\"ransomware\"" }, { "colour": "#0088cc", "name": "misp-galaxy:ransomware=\"Locky\"" } ], "Attribute": [ { "category": "Artifacts dropped", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "md5", "uuid": "59ce3d46-77a0-4c85-947a-4a58950d210f", "value": "28770e17d1a6bffcaac19a1074b4c2b5" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d47-2868-470e-8996-79d1950d210f", "value": "http://afslearnenglish.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d47-9f44-4138-ac64-4b17950d210f", "value": "afslearnenglish.com" }, { "category": "Network activity", "comment": "afslearnenglish.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d47-2c78-475b-890e-4313950d210f", "value": "80.93.208.248" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d47-731c-43a5-ae08-7894950d210f", "value": "http://agregate-cariera.ro/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d48-7460-4977-8dfa-44a8950d210f", "value": "agregate-cariera.ro" }, { "category": "Network activity", "comment": "agregate-cariera.ro", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d48-3d74-4c19-92f5-78e4950d210f", "value": "37.187.158.199" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d48-5510-4b3f-8dab-4167950d210f", "value": "http://agrourbis.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d48-d2a4-4c9e-aba0-7d97950d210f", "value": "agrourbis.com" }, { "category": "Network activity", "comment": "agrourbis.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d49-1128-4738-bbe4-444d950d210f", "value": "86.109.170.66" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d49-fa64-4651-b4a0-4b51950d210f", "value": "http://alucmuhendislik.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d49-0c1c-4f57-8709-4c30950d210f", "value": "alucmuhendislik.com" }, { "category": "Network activity", "comment": "alucmuhendislik.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d49-82d0-408d-be80-419b950d210f", "value": "185.85.205.9" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4a-907c-457d-88d4-4a2c950d210f", "value": "http://auto-ecolecoccinelle.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4a-f074-4a42-ba88-4a0f950d210f", "value": "auto-ecolecoccinelle.com" }, { "category": "Network activity", "comment": "auto-ecolecoccinelle.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4a-a4a8-491e-860a-7894950d210f", "value": "193.227.248.241" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4a-ba0c-4bf8-b54d-4bff950d210f", "value": "http://datenhaus.info/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4b-9264-47f6-be7b-45e3950d210f", "value": "datenhaus.info" }, { "category": "Network activity", "comment": "datenhaus.info", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4b-c184-4ff3-9bed-4697950d210f", "value": "85.214.205.231" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4b-8fe0-41fd-9e5b-1ec8950d210f", "value": "http://estudiperceptiva.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4b-af24-4e89-b175-4036950d210f", "value": "estudiperceptiva.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4c-8330-4c16-b958-4439950d210f", "value": "http://ferienwohnung-schitter.at/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4c-c328-47bc-a843-4d3f950d210f", "value": "ferienwohnung-schitter.at" }, { "category": "Network activity", "comment": "ferienwohnung-schitter.at", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4c-d56c-4fa4-aedb-4bc3950d210f", "value": "217.172.186.114" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4d-dbd8-4165-bc83-4116950d210f", "value": "http://fortcollins-accounting.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4d-57d0-47ec-94c7-7894950d210f", "value": "fortcollins-accounting.com" }, { "category": "Network activity", "comment": "fortcollins-accounting.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4d-5c88-43a5-94bd-4582950d210f", "value": "74.208.43.105" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4d-e0ec-43c4-bcd2-4594950d210f", "value": "http://hashigosha.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4e-8098-42f6-a666-49e5950d210f", "value": "hashigosha.com" }, { "category": "Network activity", "comment": "hashigosha.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4e-7f60-4b28-ba41-4d82950d210f", "value": "180.222.185.74" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4e-bb58-492b-8d35-49b3950d210f", "value": "http://ilnumeroverde.it/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4f-814c-4b1f-ae8e-45c3950d210f", "value": "ilnumeroverde.it" }, { "category": "Network activity", "comment": "ilnumeroverde.it", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d4f-ddf8-4128-9ba1-4d2f950d210f", "value": "85.235.130.50" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "url", "uuid": "59ce3d4f-bb54-4ab9-966f-419a950d210f", "value": "http://kalorsystem.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690361", "to_ids": true, "type": "hostname", "uuid": "59ce3d4f-f718-42b0-bb27-4fde950d210f", "value": "kalorsystem.com" }, { "category": "Network activity", "comment": "kalorsystem.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d50-02a0-43b1-b595-4c94950d210f", "value": "95.110.231.145" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d50-42ac-419c-bece-7894950d210f", "value": "http://louisawong.net/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d50-56d0-47f7-91e7-423d950d210f", "value": "louisawong.net" }, { "category": "Network activity", "comment": "louisawong.net", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d51-f514-4eca-ba8b-1ec8950d210f", "value": "123.242.230.63" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d52-c148-4d2a-b24a-4d54950d210f", "value": "http://maule.biz/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d52-5ce8-4a47-85e4-4466950d210f", "value": "maule.biz" }, { "category": "Network activity", "comment": "maule.biz", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d52-3264-409e-a9be-4b37950d210f", "value": "98.124.251.176" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d52-5010-47aa-8ad9-79d1950d210f", "value": "http://missinglynxsystems.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d52-67e0-41a7-8d9d-45bc950d210f", "value": "missinglynxsystems.com" }, { "category": "Network activity", "comment": "missinglynxsystems.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d53-9ba4-4945-ba62-7894950d210f", "value": "66.36.173.181" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d53-7140-45a7-86a4-4ee5950d210f", "value": "http://mobius-group.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d53-f85c-4c03-8436-4cd8950d210f", "value": "mobius-group.com" }, { "category": "Network activity", "comment": "mobius-group.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d54-cfac-464a-9dba-78e4950d210f", "value": "176.56.62.143" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d54-078c-454a-9937-4278950d210f", "value": "http://monroepoa.org/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d54-fcfc-4559-89dd-1ec8950d210f", "value": "monroepoa.org" }, { "category": "Network activity", "comment": "monroepoa.org", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d54-0080-41e7-8b09-4107950d210f", "value": "65.44.220.64" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d55-7564-437a-afd0-459c950d210f", "value": "http://monstermx.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d55-5d10-4c30-8e8e-79d1950d210f", "value": "monstermx.com" }, { "category": "Network activity", "comment": "monstermx.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d56-17f0-40d8-9b7b-4253950d210f", "value": "107.152.98.20" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d56-fdd8-4405-9339-4a66950d210f", "value": "http://mueblesamedidamalaga.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d56-45a4-4e53-8d79-4c29950d210f", "value": "mueblesamedidamalaga.com" }, { "category": "Network activity", "comment": "mueblesamedidamalaga.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d56-1f5c-41a4-b410-430b950d210f", "value": "94.127.190.141" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d56-f94c-468f-9ca1-78e4950d210f", "value": "http://norsky.pt/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d57-20a4-42f6-b0df-4945950d210f", "value": "norsky.pt" }, { "category": "Network activity", "comment": "norsky.pt", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d57-b8d0-41ea-9559-4aa0950d210f", "value": "109.71.42.24" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d58-5474-49af-95d7-4f94950d210f", "value": "http://pagosdelrey.mobi/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d58-ca7c-42fc-a3f1-457e950d210f", "value": "pagosdelrey.mobi" }, { "category": "Network activity", "comment": "pagosdelrey.mobi", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d58-97a8-478c-9d45-40dc950d210f", "value": "5.2.27.27" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d58-240c-4ad8-a077-4482950d210f", "value": "http://parquetroman.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d58-f8fc-44dd-8206-4df4950d210f", "value": "parquetroman.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d59-0df4-4475-b081-45d9950d210f", "value": "http://pinkyardflamingos.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d59-cdd0-41a6-bae1-453a950d210f", "value": "pinkyardflamingos.com" }, { "category": "Network activity", "comment": "pinkyardflamingos.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d59-c1b8-46e5-ac1e-4493950d210f", "value": "66.36.163.144" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5a-ab40-4543-8ae6-1ec8950d210f", "value": "http://profigera.pt/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5a-3e18-407f-847e-471a950d210f", "value": "profigera.pt" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5a-bea0-4a46-988f-4d7f950d210f", "value": "http://recturf.com.au/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5a-414c-4ed8-859a-79d1950d210f", "value": "recturf.com.au" }, { "category": "Network activity", "comment": "recturf.com.au", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d5b-26ec-4a13-acc3-4080950d210f", "value": "103.236.163.40" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5b-7738-4013-8d2e-483d950d210f", "value": "http://resortphotographics.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5b-7850-4f54-baa0-7894950d210f", "value": "resortphotographics.com" }, { "category": "Network activity", "comment": "resortphotographics.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d5c-5c90-4a90-88de-4679950d210f", "value": "68.171.62.61" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5c-ee44-4272-87fb-78e4950d210f", "value": "http://sgtenterprises.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5c-cc3c-4a6d-a8e9-7d97950d210f", "value": "sgtenterprises.com" }, { "category": "Network activity", "comment": "sgtenterprises.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d5d-e938-4d54-a6c2-4c59950d210f", "value": "66.36.163.197" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5d-ecfc-477f-97a3-41b1950d210f", "value": "http://shineindian.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5d-ffa8-45ad-94c2-4cee950d210f", "value": "shineindian.com" }, { "category": "Network activity", "comment": "shineindian.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d5d-cecc-4708-871a-4307950d210f", "value": "95.173.189.226" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5e-6684-485c-86f1-4d81950d210f", "value": "http://simonline.nl/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5e-4fec-4cc3-9dc0-4f01950d210f", "value": "simonline.nl" }, { "category": "Network activity", "comment": "simonline.nl", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d5f-25b4-40b6-8f8f-4c84950d210f", "value": "46.235.44.91" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d5f-c3ac-4f5c-bc73-43ac950d210f", "value": "http://somallc.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d5f-3000-4644-8d22-4fe1950d210f", "value": "somallc.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d61-7c24-4528-b490-4d71950d210f", "value": "http://sunny-voices.de/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d61-6834-4495-8065-4b41950d210f", "value": "sunny-voices.de" }, { "category": "Network activity", "comment": "sunny-voices.de", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d62-b388-4836-b116-4865950d210f", "value": "213.185.88.60" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d62-1910-4196-aada-4440950d210f", "value": "http://team-bobcat.org/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d62-fba8-4b04-a482-7894950d210f", "value": "team-bobcat.org" }, { "category": "Network activity", "comment": "team-bobcat.org", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d62-a8b4-47f1-92f0-4bbf950d210f", "value": "212.224.65.254" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d63-be88-42fe-9b6d-4f25950d210f", "value": "http://vincent-farben.de/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d63-2e78-4360-89e7-78e4950d210f", "value": "vincent-farben.de" }, { "category": "Network activity", "comment": "vincent-farben.de", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d63-9224-4794-9e7c-1ec8950d210f", "value": "81.169.241.228" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d63-6dac-4ea7-9df9-4153950d210f", "value": "http://weloveflowers.co.uk/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d63-70b0-4e8f-a7c2-4f9f950d210f", "value": "weloveflowers.co.uk" }, { "category": "Network activity", "comment": "weloveflowers.co.uk", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d64-4fe4-46fc-8684-4542950d210f", "value": "80.76.217.149" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "url", "uuid": "59ce3d64-3c34-43eb-b3a9-79d1950d210f", "value": "http://wwwa.su/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690362", "to_ids": true, "type": "hostname", "uuid": "59ce3d64-7ebc-450f-a7dd-4cb2950d210f", "value": "wwwa.su" }, { "category": "Network activity", "comment": "wwwa.su", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d64-ee44-4547-9edf-48ec950d210f", "value": "89.253.236.149" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "url", "uuid": "59ce3d65-17b0-4b2d-8564-7894950d210f", "value": "http://zik-et-dance.com/voicemsg.html" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "hostname", "uuid": "59ce3d65-a280-46cf-b7a8-49ac950d210f", "value": "zik-et-dance.com" }, { "category": "Network activity", "comment": "zik-et-dance.com", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d65-799c-452a-a008-4880950d210f", "value": "85.31.196.7" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "url", "uuid": "59ce3d65-33b4-44f8-9348-78e4950d210f", "value": "http://moroplinghaptan.info/offjsjs/*" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "hostname", "uuid": "59ce3d65-cc70-42ea-b5f2-7d97950d210f", "value": "moroplinghaptan.info" }, { "category": "Network activity", "comment": "moroplinghaptan.info", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": false, "type": "ip-dst", "uuid": "59ce3d67-e330-47b4-b7c7-42c9950d210f", "value": "49.51.133.167" }, { "category": "Artifacts dropped", "comment": "- Xchecked via VT: 28770e17d1a6bffcaac19a1074b4c2b5", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "sha256", "uuid": "59ce453b-8cf0-4048-8c89-483d02de0b81", "value": "006d0ab2844e4df90109fc769cda49fa6eb8e7e033f8e81b60c1e345fb346560" }, { "category": "Artifacts dropped", "comment": "- Xchecked via VT: 28770e17d1a6bffcaac19a1074b4c2b5", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": true, "type": "sha1", "uuid": "59ce453b-0b50-4073-a430-423a02de0b81", "value": "f78e3e65207d0756e51ef17cdadd2692dc1b85e5" }, { "category": "External analysis", "comment": "- Xchecked via VT: 28770e17d1a6bffcaac19a1074b4c2b5", "deleted": false, "disable_correlation": false, "timestamp": "1506690363", "to_ids": false, "type": "link", "uuid": "59ce453b-fc08-4ad9-ba66-45cd02de0b81", "value": "https://www.virustotal.com/file/006d0ab2844e4df90109fc769cda49fa6eb8e7e033f8e81b60c1e345fb346560/analysis/1506688460/" } ] } }