misp-circl-feed/feeds/circl/misp/570b9eee-6f60-41d4-bd1b-40d2950d210f.json

{
  "Event": {
    "analysis": "2",
    "date": "2016-04-11",
    "extends_uuid": "",
    "info": "OSINT - Mobile Devices Used to Execute DNS Malware Against Home Routers",
    "publish_timestamp": "1460379554",
    "published": true,
    "threat_level_id": "3",
    "timestamp": "1460379519",
    "uuid": "570b9eee-6f60-41d4-bd1b-40d2950d210f",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      },
      {
        "colour": "#004646",
        "local": false,
        "name": "type:OSINT",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379401",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f09-912c-4f67-992c-42b2950d210f",
        "value": "http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-devices-used-to-execute-dns-malware-against-home-routers/"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379422",
        "to_ids": false,
        "type": "comment",
        "uuid": "570b9f1e-1a40-4b3e-813c-4315950d210f",
        "value": "Attacks against home routers have been going around for years\u00e2\u20ac\u201dfrom malware that rigs routers to DNS rebinding attacks and backdoors, among others.  Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims\u00e2\u20ac\u2122 online credentials, such as passwords and PINs.\r\n\r\nWe recently came across an attack that proves how the Internet of Things (IoT) can be an entry point for cybercriminal activities. In this attack, which has been going on since December 2015, it requires users to access malicious websites hosting the JavaScript via their mobile devices. Accessing these sites via mobile devices enable the JavaScript to download another JavaScript with DNS changing routines.\r\n\r\nDetected as JS_JITON, this JavaScript can be downloaded whether users are accessing compromised websites via their computers or mobile devices. However, the infection chain differs depending on the medium employed by users. For instance, JS_JITON downloads JS_JITONDNS that only infects mobile devices and triggers the DNS changing routine. JITON only exploits the vulnerability if the affected users have ZTE modems."
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379446",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f36-ef00-4f0b-aec6-d938950d210f",
        "value": "http://lib.tongjii.us/tj.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379447",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f37-8c00-4a1c-8415-d938950d210f",
        "value": "http://lib.tongjii.us/tongji.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379447",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f37-6840-4611-a633-d938950d210f",
        "value": "http://cn.tongjii.us/show.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379447",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f37-e1f8-4474-8c30-d938950d210f",
        "value": "http://cn.tongjii.us/show1.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379448",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f38-5558-4947-b2d5-d938950d210f",
        "value": "http://dns.tongjj.info/dns/dlink.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379448",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f38-aee0-42e9-9a88-d938950d210f",
        "value": "http://dns.tongjj.info/dns/tplink.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379448",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f38-8f60-4a1d-8b16-d938950d210f",
        "value": "http://dns.tongjj.info/dns/zte.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379449",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f39-8b04-4aa3-b9a0-d938950d210f",
        "value": "http://dns.tongjj.info/dns/china/dlink.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379449",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f39-953c-409c-9bc3-d938950d210f",
        "value": "http://dns.tongjj.info/dns/china/tplink.js"
      },
      {
        "category": "Network activity",
        "comment": "Malicious website",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379449",
        "to_ids": true,
        "type": "url",
        "uuid": "570b9f39-8084-4bc7-adfc-d938950d210f",
        "value": "http://dns.tongjj.info/dns/china/zte.js"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379482",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5a-f32c-4ae7-bda8-d939950d210f",
        "value": "4b75a94613b7bf238948104092fe9fd4107fbf97"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379482",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5a-d290-435e-a054-d939950d210f",
        "value": "da19d2b503932bfb7b0ccf6c40b9f0b0d19282fb"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379482",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5a-ed88-4967-a6c2-d939950d210f",
        "value": "f7d9dbc1c198de25512cb15f3c19827a2b2188df"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379483",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5b-662c-49af-85ee-d939950d210f",
        "value": "545c71b9988d6df27eae31e8738f28da7caae534"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379483",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5b-b6d4-4c0b-955c-d939950d210f",
        "value": "67c28c29ebef9a57657e84dce83d458225447ae9"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379484",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5c-8fec-4f80-b521-d939950d210f",
        "value": "1f6e45204a28d9da16777d772eddf7e8d10e588a"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379484",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5c-2500-4dec-a17a-d939950d210f",
        "value": "331441f69ceae4d9f3a78f4b4b46bdc64c11bd4a"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379484",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5c-6c64-4872-b332-d939950d210f",
        "value": "2f48f1c75f0984d722395b47cd10af9c15ea142f"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379485",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5d-9294-4f3e-b1d9-d939950d210f",
        "value": "b6c423ff0c91fa65b63a37a136ca6bbe29fce34d"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379485",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5d-b8f8-40de-93f5-d939950d210f",
        "value": "9d37dcf8f87479545adf78d44ca97464491fe39a"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379485",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5d-3ed0-457d-931c-d939950d210f",
        "value": "af3ececf550f9486d90fca6f7bb7c735318d50cd"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379486",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5e-8240-4939-b922-d939950d210f",
        "value": "ce034e437b20dce84e75a90ed2b3a58532ebcbb9"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379486",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5e-e41c-4513-a445-d939950d210f",
        "value": "acb1f8caa3d2babe37ea21014e0c79ce6c18f8a2"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379486",
        "to_ids": true,
        "type": "sha1",
        "uuid": "570b9f5e-7690-4f7e-a442-d939950d210f",
        "value": "b62ea64db9643fe0a4331f724d234e19c149cabf"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: acb1f8caa3d2babe37ea21014e0c79ce6c18f8a2",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379519",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f7f-7164-4d5c-8bc9-463302de0b81",
        "value": "295ccf30b6fd09ca858cfe749cdedfd8bb29c613452b66c9cdc24173ad213c9c"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: acb1f8caa3d2babe37ea21014e0c79ce6c18f8a2",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379519",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f7f-df40-43bf-b3f2-498802de0b81",
        "value": "22ebde4114a9b7028beab9d8673fa1e3"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379519",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f7f-e33c-4a04-a835-4cc102de0b81",
        "value": "https://www.virustotal.com/file/295ccf30b6fd09ca858cfe749cdedfd8bb29c613452b66c9cdc24173ad213c9c/analysis/1449711767/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: ce034e437b20dce84e75a90ed2b3a58532ebcbb9",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379520",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f80-ae0c-4c52-9d4c-4fab02de0b81",
        "value": "a019a303c9e54bff72fd7bfcdd9b6264b42e9c7eb6f0ae3cf332f563b20c402a"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: ce034e437b20dce84e75a90ed2b3a58532ebcbb9",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379520",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f80-a664-41c5-ac22-433702de0b81",
        "value": "8a9975c9d8895ca9b1c380624cde780a"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379521",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f81-d550-4ab5-b6ea-48b002de0b81",
        "value": "https://www.virustotal.com/file/a019a303c9e54bff72fd7bfcdd9b6264b42e9c7eb6f0ae3cf332f563b20c402a/analysis/1453586843/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: af3ececf550f9486d90fca6f7bb7c735318d50cd",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379521",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f81-74fc-4995-9012-454b02de0b81",
        "value": "b4eb873dd1c037dabe6da9e76af356575a9bd43c6b5bbdedc85e1ca4ad502c08"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: af3ececf550f9486d90fca6f7bb7c735318d50cd",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379521",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f81-9fa4-49d3-bbc4-40b402de0b81",
        "value": "01f21760ba4411cb5488f287d74e4a71"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379522",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f82-003c-41cd-8317-402202de0b81",
        "value": "https://www.virustotal.com/file/b4eb873dd1c037dabe6da9e76af356575a9bd43c6b5bbdedc85e1ca4ad502c08/analysis/1453655360/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: b6c423ff0c91fa65b63a37a136ca6bbe29fce34d",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379522",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f82-06d8-4854-99e0-429b02de0b81",
        "value": "0c6acde9da4e9109f81ddd9315a66bf9e7f13d92bdd948ef1b2c8bc391e117a6"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: b6c423ff0c91fa65b63a37a136ca6bbe29fce34d",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379522",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f82-5bac-4b60-be5d-4aa802de0b81",
        "value": "b1e77eef8a1c0509593c424ac12a52d4"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379523",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f83-9c50-46c4-a6d8-4e1a02de0b81",
        "value": "https://www.virustotal.com/file/0c6acde9da4e9109f81ddd9315a66bf9e7f13d92bdd948ef1b2c8bc391e117a6/analysis/1459939978/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 331441f69ceae4d9f3a78f4b4b46bdc64c11bd4a",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379523",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f83-d724-4ad7-b398-418002de0b81",
        "value": "dd80bc159d3f4a8130a499952a124bd0c8192c371ef62b789496c809894a822a"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 331441f69ceae4d9f3a78f4b4b46bdc64c11bd4a",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379523",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f83-faa0-45f9-89b8-430102de0b81",
        "value": "5afcb17b3e53745b6fa987ca46bfde30"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379524",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f84-7ce4-4691-8548-45aa02de0b81",
        "value": "https://www.virustotal.com/file/dd80bc159d3f4a8130a499952a124bd0c8192c371ef62b789496c809894a822a/analysis/1456446825/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 1f6e45204a28d9da16777d772eddf7e8d10e588a",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379524",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f84-6d80-49dc-a0d8-4b5002de0b81",
        "value": "e05255556781f8c5700604c4c0c631d6c5c6a195ee734e01fb220297030e3b8b"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 1f6e45204a28d9da16777d772eddf7e8d10e588a",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379524",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f84-d638-4a5f-8acf-438c02de0b81",
        "value": "cc94092aa34f8a15abacd5912ad65def"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379525",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f85-468c-486c-8789-482c02de0b81",
        "value": "https://www.virustotal.com/file/e05255556781f8c5700604c4c0c631d6c5c6a195ee734e01fb220297030e3b8b/analysis/1452839571/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 67c28c29ebef9a57657e84dce83d458225447ae9",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379525",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f85-c8c4-4377-b8ff-4d6a02de0b81",
        "value": "d17376cf4cb292b91b3b207caef7166aa92219d13b421771f8a56bb588aea74f"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 67c28c29ebef9a57657e84dce83d458225447ae9",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379525",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f85-01bc-4752-91c3-440802de0b81",
        "value": "99fa606bb886163b675c9e76e6389c69"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379526",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f86-6328-472b-889f-478002de0b81",
        "value": "https://www.virustotal.com/file/d17376cf4cb292b91b3b207caef7166aa92219d13b421771f8a56bb588aea74f/analysis/1451909306/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 545c71b9988d6df27eae31e8738f28da7caae534",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379526",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f86-5744-4fc4-822f-4abb02de0b81",
        "value": "0fbdba6c3e06dbf3255ec85b086a252a65b2411c26e0f09d7fb29b6775d48fc5"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 545c71b9988d6df27eae31e8738f28da7caae534",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379526",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f86-2978-4f5e-8946-473002de0b81",
        "value": "12ffd1585304d593bd63cfaf16d2de7d"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379527",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f87-d4ec-4faf-954f-442302de0b81",
        "value": "https://www.virustotal.com/file/0fbdba6c3e06dbf3255ec85b086a252a65b2411c26e0f09d7fb29b6775d48fc5/analysis/1458349418/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: f7d9dbc1c198de25512cb15f3c19827a2b2188df",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379527",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f87-93b0-40c1-bc6f-41b102de0b81",
        "value": "cf8f91b07ce83247aadc58eded46a59b51a939c4083e47b100a511a377057763"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: f7d9dbc1c198de25512cb15f3c19827a2b2188df",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379528",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f88-4d60-490a-b807-449402de0b81",
        "value": "09a34b286a748573fa16d66957432df0"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379528",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f88-a514-4043-8ffa-476c02de0b81",
        "value": "https://www.virustotal.com/file/cf8f91b07ce83247aadc58eded46a59b51a939c4083e47b100a511a377057763/analysis/1457939144/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: da19d2b503932bfb7b0ccf6c40b9f0b0d19282fb",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379528",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f88-0fb0-4695-8961-4ac802de0b81",
        "value": "59ec2b49759dd09f18e6a99dd9424f56223bef43b624f37979e02bd21c976722"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: da19d2b503932bfb7b0ccf6c40b9f0b0d19282fb",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379529",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f89-568c-4380-ab31-475602de0b81",
        "value": "e3234a0a314ab9037281a61532d9f385"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379529",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f89-5e98-4637-af9b-424002de0b81",
        "value": "https://www.virustotal.com/file/59ec2b49759dd09f18e6a99dd9424f56223bef43b624f37979e02bd21c976722/analysis/1458825711/"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 4b75a94613b7bf238948104092fe9fd4107fbf97",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379529",
        "to_ids": true,
        "type": "sha256",
        "uuid": "570b9f89-a130-4255-b1c1-490d02de0b81",
        "value": "a1aabff6b63746df8c0c022ab54645a2945d1fcabfbbb047a0ab3d322fd15c66"
      },
      {
        "category": "Payload delivery",
        "comment": "JS_JITON sample - Xchecked via VT: 4b75a94613b7bf238948104092fe9fd4107fbf97",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379530",
        "to_ids": true,
        "type": "md5",
        "uuid": "570b9f8a-2704-4f00-8969-4fca02de0b81",
        "value": "cc1a14c0183b22881f7fe3d7ce247ba3"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1460379530",
        "to_ids": false,
        "type": "link",
        "uuid": "570b9f8a-dec4-49f9-9cc1-4f0502de0b81",
        "value": "https://www.virustotal.com/file/a1aabff6b63746df8c0c022ab54645a2945d1fcabfbbb047a0ab3d322fd15c66/analysis/1459487002/"
      }
    ]
  }
}