{ "Event": { "analysis": "0", "date": "2022-01-13", "extends_uuid": "", "info": "CYBERCOM_Malware_Alert - MuddyWater has been seen using a variety of techniques to maintain access to victim networks.", "publish_timestamp": "1642082232", "published": true, "threat_level_id": "2", "timestamp": "1642082225", "uuid": "ed46f822-41e6-4dca-a1c5-ad768306bfe9", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0071c3", "local": false, "name": "osint:lifetime=\"perpetual\"", "relationship_type": "" }, { "colour": "#0087e8", "local": false, "name": "osint:certainty=\"50\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"MuddyWater - G0069\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-intrusion-set=\"MuddyWater - G0069\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"MuddyWater\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:country=\"iran\"", "relationship_type": "" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "dc27e79d-43bc-42fd-986f-9b5420b73fc3", "value": "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "7363ccc3-6a4e-44fc-a0f8-619fa264cb8a", "value": "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "b37525af-c696-4d69-aead-e3be0aca9e2d", "value": "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "076573dc-8454-478d-89b0-ca6cf97411b8", "value": "255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "0f9cfe78-1225-45c4-ba1a-e09f556f359f", "value": "e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "418272e0-5405-47a7-91d5-a059ea41fbec", "value": "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "2315d783-9a27-439e-977d-30358f994275", "value": "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "8250e2c6-7463-45a2-ba9f-77dc3eeadbf7", "value": "b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "b97f4525-148f-4c25-ad95-ab04ddd3638c", "value": "9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "074d4b72-f0f8-4787-9638-cf0028fe2b8f", "value": "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "a759108a-98d2-45d0-8bb0-28825e63c671", "value": "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "6f2a3e83-fd7f-46cc-8ac1-b160a301253f", "value": "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "e9fc0696-04ae-406b-a0cb-dca1251d03b0", "value": "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "8edb6149-7401-4088-86ed-29427a0a2956", "value": "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "0501eade-9a37-4a03-8ce8-99bc7f201a22", "value": "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "7fe60b0e-b337-4de4-8d83-5c5d9e6cabd7", "value": "ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "54e6d8c5-541d-4fd6-bb40-30eb257795d6", "value": "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82" } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "bf4b82ac-341f-4ebc-af6d-134e6afde90b", "ObjectReference": [ { "comment": "", "object_uuid": "bf4b82ac-341f-4ebc-af6d-134e6afde90b", "referenced_uuid": "cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f", "relationship_type": "analysed-with", "timestamp": "1642082169", "uuid": "5d516719-6657-4266-8b8f-f3b7621678af" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "4b02880e-9b58-4738-bbb2-71a2e3c3fa85", "value": "a0421312705e847a1c8073001fd8499c" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "a6021696-5d5c-4e10-9289-df75f02d2520", "value": "3204447f54adeffb339ed3e00649ae428544eca3" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "4ba19f03-3508-4446-89ce-4dffdfaeb158", "value": "9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "dbd79864-48d0-4f8c-9df6-b038db7d1925", "value": "2022-01-13T12:41:30+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "f54bb404-0b1a-4321-8cdd-55cc2f9c06c8", "value": "https://www.virustotal.com/gui/file/9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7/detection/f-9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7-1642077690" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "12587aeb-8930-45f3-8ac6-fec9c82a7285", "value": "8/57" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "845692ad-8bc9-4847-9863-7a4a7946d5c7", "ObjectReference": [ { "comment": "", "object_uuid": "845692ad-8bc9-4847-9863-7a4a7946d5c7", "referenced_uuid": "ff69de23-80e4-46dc-8144-f165d4d8ac5e", "relationship_type": "analysed-with", "timestamp": "1642082169", "uuid": "433cd7ad-fee6-44f0-8881-c5eaefc3b080" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "7abf98af-5bf6-4620-b4ec-950670807002", "value": "4a022ea1fd2bf5e8c0d8b2343a230070" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "1cf0d003-cd32-418d-8927-048ab169d056", "value": "89df0feca9a447465d41ac87cb45a6f3c02c574d" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "ae84908e-e117-4655-b1e3-8dd91fb650dd", "value": "e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "ff69de23-80e4-46dc-8144-f165d4d8ac5e", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "532b79c0-ce85-4d35-ad3e-5c35f8dc2858", "value": "2022-01-13T04:17:48+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "755472d3-c174-450a-a5df-eece9c895c43", "value": "https://www.virustotal.com/gui/file/e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13/detection/f-e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13-1642047468" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "c9f6cd8b-ee18-4a3b-a6e3-f0bae3d0c164", "value": "12/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "6875f800-1889-47a9-a960-4a02c4626aa5", "ObjectReference": [ { "comment": "", "object_uuid": "6875f800-1889-47a9-a960-4a02c4626aa5", "referenced_uuid": "4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d", "relationship_type": "analysed-with", "timestamp": "1642082169", "uuid": "18c9a341-3d9b-4e8b-97d5-d824c0025baf" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "4dae8618-645e-42bb-86c0-253979a2d66d", "value": "52299ffc8373f58b62543ec754732e55" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "8698c417-45f8-4ec9-bbd8-00552a992bc2", "value": "ca97ac295b2cd57501517c0efd67b6f8a7d1fbdf" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "bad10dc1-9db6-4af2-adb3-0e89cd9af723", "value": "ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "94932aa2-ffc3-4db4-af55-9d852bea217e", "value": "2022-01-13T09:17:23+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "51425635-b388-450d-a67c-10edc7050d85", "value": "https://www.virustotal.com/gui/file/ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9/detection/f-ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9-1642065443" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "f9074c2e-e1d1-4aa9-832b-12e187c35214", "value": "0/57" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "54be5c62-37af-42f1-abed-845d03dc8b10", "ObjectReference": [ { "comment": "", "object_uuid": "54be5c62-37af-42f1-abed-845d03dc8b10", "referenced_uuid": "8bcc658f-253b-4933-bf35-231ae29169bd", "relationship_type": "analysed-with", "timestamp": "1642082169", "uuid": "3464b5de-6d66-4136-90a9-0b9e6a8f31fd" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "1e9b47ec-aa65-420c-af25-d48936eed968", "value": "37fa9e6b9be7242984a39a024cade2d5" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "0f14430c-3d49-4300-a8d6-272a8c02f77f", "value": "0211569091b96cffab6918e18ccc97f4b24d88d4" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "6cd1b693-0020-4fde-b808-7b1d9de128df", "value": "42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "8bcc658f-253b-4933-bf35-231ae29169bd", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "810778a7-cc9b-4efd-93ff-ee182af8ebbf", "value": "2022-01-13T13:07:07+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "e9ebfae1-f588-447e-b5dd-6886db000324", "value": "https://www.virustotal.com/gui/file/42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986/detection/f-42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986-1642079227" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "301cefd5-18ac-4eaa-a28e-627561f9ba7a", "value": "15/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "dabb966a-e286-4ffb-b646-62d19d1fd749", "ObjectReference": [ { "comment": "", "object_uuid": "dabb966a-e286-4ffb-b646-62d19d1fd749", "referenced_uuid": "3fe360a9-06a8-4534-8551-8d79b4460ff3", "relationship_type": "analysed-with", "timestamp": "1642082169", "uuid": "c5f46f4b-f8b6-4609-9af8-3d89ce61b6ab" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "44a1f3e4-3f12-4e6c-b916-aafc73dd3ad6", "value": "c0c2cd5cc018e575816c08b36969c4a6" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "7a816f8b-1e19-451b-a06c-3e8ca33ccc69", "value": "47a4e0d466bb20cec5d354e56a9aa3f07cec816a" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "e6c39ccf-1fba-4e97-a908-2e8b2a2b833b", "value": "b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "3fe360a9-06a8-4534-8551-8d79b4460ff3", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "cb1d4788-dcd1-44f2-af2b-bfe789458d68", "value": "2022-01-13T09:15:56+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "e711af33-4db5-420c-bd67-a0c27e96d215", "value": "https://www.virustotal.com/gui/file/b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c/detection/f-b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c-1642065356" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "62533080-84ba-40ee-ac62-319ce7f9303a", "value": "7/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "e4790ff8-5364-48dd-a3cf-34a6e33c35f7", "ObjectReference": [ { "comment": "", "object_uuid": "e4790ff8-5364-48dd-a3cf-34a6e33c35f7", "referenced_uuid": "eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "38efe424-672d-459d-bfcd-b0d8882955fc" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "d064de00-ccbc-47b0-9c37-da4407eab0ce", "value": "b6b0edf0b31bc95a042e13f3768a65c3" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "bb152bd8-97fb-446a-a958-649a3b70817c", "value": "5168a8880abe8eb2d28f10787820185fe318859e" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "7dd2c4ac-f8e5-42fa-be8e-a35760b5b88b", "value": "b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "6dd52732-ac86-42c0-b1fa-62e204a3d045", "value": "2022-01-13T07:08:21+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "82a8f036-ba82-4b07-8732-d7d227168eba", "value": "https://www.virustotal.com/gui/file/b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a/detection/f-b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a-1642057701" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "c06382b8-0ef0-4432-9b20-089b543365c4", "value": "0/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "cc1bd483-9916-4f34-85c8-f3203118e5ee", "ObjectReference": [ { "comment": "", "object_uuid": "cc1bd483-9916-4f34-85c8-f3203118e5ee", "referenced_uuid": "8f209c3f-5b2b-4f51-8dc9-17899c3c00e7", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "0ec7ef7f-34fc-4603-ad1d-f289f56b6327" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "9b676948-8369-44ab-b85e-d52aa461cba6", "value": "0431445d6d6e5802c207c8bc6a6402ea" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "81e84604-f741-4060-a217-20b86b27e581", "value": "3765c1ad8a1d936aad88255aef5d6d4ce24f94e8" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "f540c1f5-90b9-4734-a9d4-1b2fa535e166", "value": "3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "8f209c3f-5b2b-4f51-8dc9-17899c3c00e7", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "2267b90d-2227-4674-8493-eecf58c0b446", "value": "2022-01-13T13:04:20+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "827ccd61-11c9-411d-9c29-db03ecebcf2a", "value": "https://www.virustotal.com/gui/file/3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8/detection/f-3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8-1642079060" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "d7c0aa81-b795-4621-a148-f2cb42b62429", "value": "26/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "f504a81b-6b1a-47f3-8e9e-b5bae30df31d", "ObjectReference": [ { "comment": "", "object_uuid": "f504a81b-6b1a-47f3-8e9e-b5bae30df31d", "referenced_uuid": "396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "11cad524-5c04-4dff-8949-e5d57213afae" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "33fdeea5-1341-479e-9a7f-a10996223391", "value": "a65696d6b65f7159c9ffcd4119f60195" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "74407ba4-49d9-44fa-bd43-7553ca869914", "value": "570f7272412ff8257ed6868d90727a459e3b179e" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "def8794a-2587-4d8f-82df-9b0adc491c21", "value": "b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "1c8c0732-1e0a-43eb-8c3f-13ad55c90c53", "value": "2022-01-13T08:14:02+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "6d2fb689-54c3-4922-9ed5-5fa84b44f4e5", "value": "https://www.virustotal.com/gui/file/b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504/detection/f-b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504-1642061642" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "d868fce4-a491-4159-9707-cc2a430bb790", "value": "12/57" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082168", "uuid": "299673ae-0490-48be-a1cf-f6a0f3389d5f", "ObjectReference": [ { "comment": "", "object_uuid": "299673ae-0490-48be-a1cf-f6a0f3389d5f", "referenced_uuid": "72a0257a-ec8c-4950-83c6-0ecae8fe5933", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "49b37ce5-5e18-46af-a109-a97bbbc8f3ff" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "e58883b1-df8a-4689-bb89-3f1f56371cb2", "value": "51bc53a388fce06487743eadc64c4356" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "e9549b1f-c050-40b0-bc31-98a0e6776f2b", "value": "b9e6fc51fa3940fb632a68907b8513634d76e5a0" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "ac932a84-9579-4230-98bb-ed3e4482a73e", "value": "9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082168", "uuid": "72a0257a-ec8c-4950-83c6-0ecae8fe5933", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "1a8aeafa-553d-4d56-82e5-9a9215942b55", "value": "2022-01-13T12:41:47+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "5a802be0-a8ec-4a72-b333-ec7031a2f3a4", "value": "https://www.virustotal.com/gui/file/9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2/detection/f-9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2-1642077707" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "d8736b39-7035-42aa-b738-0d9c40c17e18", "value": "1/57" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "3e3a6056-fda9-44f1-bff0-b418d06c9849", "ObjectReference": [ { "comment": "", "object_uuid": "3e3a6056-fda9-44f1-bff0-b418d06c9849", "referenced_uuid": "89708647-d6e5-4c8c-8907-6eb59207df20", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "f8b9f39d-285a-4d87-a234-5517cfd01e32" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "f9efdba2-d390-4752-bcd9-0293f892d429", "value": "0ac499496fb48de0727bbef858dadbee" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "8ed732fe-ee71-40d2-af06-4b863257207a", "value": "483cd5c9dd887367793261730d59178c19fe13f3" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "059fd6f5-ba66-4296-b863-8cbabe122acf", "value": "255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "89708647-d6e5-4c8c-8907-6eb59207df20", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "58c55ff1-fde0-4fad-b294-327791aa1a48", "value": "2022-01-13T04:15:36+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "e41ba8f5-d5d4-48c6-994b-244d0e52bb64", "value": "https://www.virustotal.com/gui/file/255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a/detection/f-255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a-1642047336" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "5d9e7bf3-c0c9-48f5-a1a2-1098fad5fde9", "value": "0/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "b9c26a84-7625-44a9-b8ad-25ce88733b1a", "ObjectReference": [ { "comment": "", "object_uuid": "b9c26a84-7625-44a9-b8ad-25ce88733b1a", "referenced_uuid": "79aa754b-5175-4116-b980-fdf39533c0c4", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "2482eab9-732a-43f5-b6d6-bbe99858ddfa" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "e7071884-ccf0-4d6f-abb9-c688ba12041f", "value": "860f5c2345e8f5c268c9746337ade8b7" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "d1a3712e-1f09-4b97-b821-117887b6a63b", "value": "6c55d3acdc2d8d331f0d13024f736bc28ef5a7e1" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "f3455dbb-fd2c-424b-999f-709d71e7e0a0", "value": "9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "79aa754b-5175-4116-b980-fdf39533c0c4", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "a42e8172-c533-45bb-9429-93480bd2b922", "value": "2022-01-13T06:21:14+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "68815cb5-f218-4794-96c6-725a62d24e3c", "value": "https://www.virustotal.com/gui/file/9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051/detection/f-9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051-1642054874" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "516d4060-0566-4321-89a1-83a0c48fe74b", "value": "20/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "77408d3b-8618-407a-ba96-b6769c8c402c", "ObjectReference": [ { "comment": "", "object_uuid": "77408d3b-8618-407a-ba96-b6769c8c402c", "referenced_uuid": "ea7079f4-838d-4b42-91ae-ca7e0555856c", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "8943a589-5645-4350-9128-ef767573ecaf" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "91282ac1-2a04-42cd-96e1-53754b3c392c", "value": "d68f5417f1d4fc022067bf0313a3867d" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "7f429715-c6f0-4f06-8680-ae9576d171da", "value": "2f6dd6d11e28bf8b4d7ceec8753d15c7568fb22e" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "dd24df0a-264c-413a-8493-081be0933e22", "value": "e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "ea7079f4-838d-4b42-91ae-ca7e0555856c", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "9aa9cfc5-f9a9-485f-aa52-a0d4b8626af9", "value": "2022-01-13T12:26:10+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "6d97cb57-cd3b-4fa8-9d86-4d006b3b6f20", "value": "https://www.virustotal.com/gui/file/e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca/detection/f-e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca-1642076770" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "0de63566-fb1f-4aab-952f-9df4ea53c476", "value": "0/56" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "ecd22b18-d365-479b-be89-123c3c1091c2", "ObjectReference": [ { "comment": "", "object_uuid": "ecd22b18-d365-479b-be89-123c3c1091c2", "referenced_uuid": "2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "5115449a-0580-41d4-bcd5-92838e63551b" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "111794f4-6f41-4aa1-a291-7c5b6187c87f", "value": "6c084c8f5a61c6bec5eb5573a2d51ffb" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "4efbf8df-6cda-4f54-a57a-7e6f1f4283cc", "value": "61608ed1de56d0e4fe6af07ecba0bd0a69d825b8" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "2b3ef390-058c-40c5-bbb1-02d5f1aad959", "value": "7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "f54e82ce-5c4d-4c33-8027-cde791a82c00", "value": "2022-01-13T07:05:59+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "859c1ba8-9e46-4c8a-97d0-e11d708a1351", "value": "https://www.virustotal.com/gui/file/7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4/detection/f-7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4-1642057559" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "50488f21-2ffe-41a8-8c02-4bb8e08a5745", "value": "42/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "a7233c05-4d98-4069-9286-52bd8cc11931", "ObjectReference": [ { "comment": "", "object_uuid": "a7233c05-4d98-4069-9286-52bd8cc11931", "referenced_uuid": "67975639-a318-4d96-b0e2-fdd8b5442a0a", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "938db5b9-6e84-4eae-9812-b2ab1f5e43a2" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "67ee7235-df54-45da-99bc-1aa0376d050d", "value": "218d4151b39e4ece13d3bf5ff4d1121b" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "709f6dff-529b-4579-a2fd-f8cf45a6b502", "value": "28e799d9769bb7e936d1768d498a0d2c7a0d53fb" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "31f0fd85-3c66-4877-ba19-2769df958340", "value": "2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "67975639-a318-4d96-b0e2-fdd8b5442a0a", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "4ad9540f-582a-4120-b243-44663cbadb03", "value": "2022-01-13T08:47:01+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "7cdf243d-12d4-40c3-bad7-aec0a4a7b606", "value": "https://www.virustotal.com/gui/file/2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82/detection/f-2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82-1642063621" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "753fbc92-eacd-4898-a037-6d398a0f5790", "value": "11/54" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "49b57792-93e9-4adc-bebd-911bfc742df8", "ObjectReference": [ { "comment": "", "object_uuid": "49b57792-93e9-4adc-bebd-911bfc742df8", "referenced_uuid": "681dc734-5d4c-41bf-b184-2da2932f6add", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "3db89cd4-cbdc-4fc2-9d8c-9eddadb738d0" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "a88fdc58-3c7c-4386-8951-f56600a805ce", "value": "a27655d14b0aabec8db70ae08a623317" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "d22399e2-7c58-4175-8d09-c0a71ee272b2", "value": "8344f2c1096687ed83c2bbad0e6e549a71b0c0b1" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "e6158472-6304-4be6-a7ee-4171c3331db1", "value": "12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "681dc734-5d4c-41bf-b184-2da2932f6add", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "bd9d83c2-0731-45cc-9b2a-3b85061dbf58", "value": "2022-01-13T13:53:27+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "f3d51526-d5c2-46e4-a6c5-d9b6b2e0e07d", "value": "https://www.virustotal.com/gui/file/12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa/detection/f-12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa-1642082007" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "c7e45954-c1b6-47a9-ac67-29fa8286be4e", "value": "24/68" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "d388643a-dac1-4aa6-901f-1cf15369d346", "ObjectReference": [ { "comment": "", "object_uuid": "d388643a-dac1-4aa6-901f-1cf15369d346", "referenced_uuid": "157baa15-cb30-4e83-aefd-fd79cedc4a98", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "1d6baffd-69fd-447c-9dc0-4914e636a184" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "dec8a269-3d4c-4014-8444-69df978fc177", "value": "cec48bcdedebc962ce45b63e201c0624" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "2197cf5f-b832-47e8-a97b-b2d4bd8ef6eb", "value": "81f46998c92427032378e5dead48bdfc9128b225" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "79ca985b-93eb-4f4b-ab2d-e852f0c25637", "value": "dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "157baa15-cb30-4e83-aefd-fd79cedc4a98", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "f26d1632-f93f-4762-b5d1-f38792f256f2", "value": "2022-01-13T03:08:18+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "f49690f5-29d8-4559-8786-23f3d6785ecd", "value": "https://www.virustotal.com/gui/file/dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92/detection/f-dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92-1642043298" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "79bf7c86-d42c-4396-a719-302a7e70d8e3", "value": "35/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1642082169", "uuid": "46e303de-38b8-47bc-aac2-0cb397cc0241", "ObjectReference": [ { "comment": "", "object_uuid": "46e303de-38b8-47bc-aac2-0cb397cc0241", "referenced_uuid": "5c17d9f3-e780-4fc0-83be-1a9c2506859d", "relationship_type": "analysed-with", "timestamp": "1642082170", "uuid": "6b8c1680-20d1-4812-8b28-ef8e1f94de7b" } ], "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1642082062", "to_ids": true, "type": "md5", "uuid": "e9a1b94d-25b3-4059-9cd3-db1edd02c49a", "value": "a16f4f0c00ca43d5b20f7bc30a3f3559" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1642082062", "to_ids": true, "type": "sha1", "uuid": "37254754-367d-4697-bb42-94ef63510cd7", "value": "94e26fb2738e49bb70b445315c0d63a5d364c71b" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1642082062", "to_ids": true, "type": "sha256", "uuid": "b1d82782-7f34-4f45-a954-6ef9c505a5b7", "value": "5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f" } ] }, { "comment": "", "deleted": false, "description": "VirusTotal report", "meta-category": "misc", "name": "virustotal-report", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "template_version": "4", "timestamp": "1642082169", "uuid": "5c17d9f3-e780-4fc0-83be-1a9c2506859d", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "last-submission", "timestamp": "1642082062", "to_ids": false, "type": "datetime", "uuid": "2567c638-6844-4459-a860-5f9db3171381", "value": "2022-01-13T02:57:46+00:00" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "permalink", "timestamp": "1642082062", "to_ids": false, "type": "link", "uuid": "6c3d7d26-b448-491b-926f-da6bc3b380b1", "value": "https://www.virustotal.com/gui/file/5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f/detection/f-5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f-1642042666" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "detection-ratio", "timestamp": "1642082062", "to_ids": false, "type": "text", "uuid": "bf7889f9-c620-4a4a-a87a-86d3f1ebf06b", "value": "3/56" } ] } ] } }