misp-circl-feed/feeds/circl/misp/576afc2a-6fd8-4b0d-949b-347902de0b81.json

704 lines
No EOL
26 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2016-06-22",
"extends_uuid": "",
"info": "OSINT - The Curious Case of an Unknown Trojan Targeting German-Speaking Users",
"publish_timestamp": "1466629390",
"published": true,
"threat_level_id": "3",
"timestamp": "1466629362",
"uuid": "576afc2a-6fd8-4b0d-949b-347902de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Payload installation",
"comment": "Last week, an unidentified malware was discovered",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629206",
"to_ids": true,
"type": "sha256",
"uuid": "576afc56-f90c-4bbe-90aa-ed0e02de0b81",
"value": "171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629242",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7a-3970-48c8-a823-34a202de0b81",
"value": "72faed0bc66afe1f42bd7e75b7ea26e0596effac65f67c0ac367a84ec4858891"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629242",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7a-0fd4-475c-b0bf-34a202de0b81",
"value": "5d759710686db2c5b81c7125aacf70e252de61ab360d95e46cee8a9011c5693f"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629243",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7b-1880-4d7e-834e-34a202de0b81",
"value": "c16281c83378a597cbc4b01410f997e45b89c5d06efada8000ff79c3a24d63ca"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629243",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7b-3464-4907-bfd4-34a202de0b81",
"value": "171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629244",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7c-7f58-4fb5-91e4-34a202de0b81",
"value": "5afee15a022fcdb12cc791dd02db0ec6beb2e9152b312b2251f2b8ecfe62e03c"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629244",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7c-d25c-4c02-b088-34a202de0b81",
"value": "103c6f425cfcd5eb935136f8c4ce51b9556974545bc6b7947039405164d46b0d"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr):",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629244",
"to_ids": true,
"type": "sha256",
"uuid": "576afc7c-f4a0-4cde-9d62-34a202de0b81",
"value": "cec73c7b54c290b297a713e0eb07c7c2d822cc67ed61b9981256464273d63892"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629285",
"to_ids": true,
"type": "domain",
"uuid": "576afca5-8050-4ee0-82d1-347602de0b81",
"value": "yberprojects22017.info"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629285",
"to_ids": true,
"type": "domain",
"uuid": "576afca5-92f4-416a-be70-347602de0b81",
"value": "masterhost8981.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629286",
"to_ids": true,
"type": "domain",
"uuid": "576afca6-e670-4045-b465-347602de0b81",
"value": "nov15mailmarketing.in"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629286",
"to_ids": true,
"type": "domain",
"uuid": "576afca6-543c-4bd0-a13c-347602de0b81",
"value": "auspostresponse22.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629286",
"to_ids": true,
"type": "domain",
"uuid": "576afca6-ea50-4e69-ac50-347602de0b81",
"value": "goodwinn8.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629287",
"to_ids": true,
"type": "domain",
"uuid": "576afca7-1d94-4d40-af6f-347602de0b81",
"value": "mastehost12312.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629287",
"to_ids": true,
"type": "domain",
"uuid": "576afca7-1f08-4086-a1e7-347602de0b81",
"value": "masterhost1333.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629288",
"to_ids": true,
"type": "hostname",
"uuid": "576afca8-bd38-4746-8f03-347602de0b81",
"value": "marketingmas.in.net"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629288",
"to_ids": true,
"type": "domain",
"uuid": "576afca8-8abc-4d03-9542-347602de0b81",
"value": "remembermetoday4.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629288",
"to_ids": true,
"type": "domain",
"uuid": "576afca8-15cc-4be9-9768-347602de0b81",
"value": "startupproject33676.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629289",
"to_ids": true,
"type": "domain",
"uuid": "576afca9-c414-465b-8269-347602de0b81",
"value": "bestbrowser-2015.biz"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629289",
"to_ids": true,
"type": "domain",
"uuid": "576afca9-5638-41b5-a53e-347602de0b81",
"value": "marketing5050.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629289",
"to_ids": true,
"type": "domain",
"uuid": "576afca9-082c-49df-aa2a-347602de0b81",
"value": "marketingking878.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629289",
"to_ids": true,
"type": "domain",
"uuid": "576afca9-8b10-4c3c-a30e-347602de0b81",
"value": "yidckntbrmhuuhmq.com"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629289",
"to_ids": true,
"type": "domain",
"uuid": "576afca9-83e8-4a0b-b3ae-347602de0b81",
"value": "resdomactivationa.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-f518-426f-91fb-347602de0b81",
"value": "ukcompanymarketing.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-1b54-4285-8824-347602de0b81",
"value": "goodvin77787.in"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-f148-45a5-a2c1-347602de0b81",
"value": "jajajakala8212.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-7720-4615-9de9-347602de0b81",
"value": "masterhost122133.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-e120-4c03-b763-347602de0b81",
"value": "masterj.in"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629290",
"to_ids": true,
"type": "domain",
"uuid": "576afcaa-2794-480b-ab84-347602de0b81",
"value": "lalalababla.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-e95c-4f8f-b0b8-347602de0b81",
"value": "responder201922.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-5154-4bf9-826b-347602de0b81",
"value": "cyberprojects2727.info"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-15c8-4001-8012-347602de0b81",
"value": "super-sexy-girl2015.net"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-23c4-4361-a6f4-347602de0b81",
"value": "jxsraxhlccokkrob.com"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-d818-4a28-9b77-347602de0b81",
"value": "mastehost88832.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629291",
"to_ids": true,
"type": "domain",
"uuid": "576afcab-124c-40d1-ac8d-347602de0b81",
"value": "masterlin888.pw"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629292",
"to_ids": true,
"type": "domain",
"uuid": "576afcac-0850-435b-b55d-347602de0b81",
"value": "mamba777.in"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629292",
"to_ids": true,
"type": "domain",
"uuid": "576afcac-61e8-4080-8bc2-347602de0b81",
"value": "copolsox.us"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629292",
"to_ids": true,
"type": "domain",
"uuid": "576afcac-b624-4ed2-9682-347602de0b81",
"value": "10cyberprojects2016.asia"
},
{
"category": "Network activity",
"comment": "Domains registered by sir777alex@outlook.com:",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629292",
"to_ids": true,
"type": "domain",
"uuid": "576afcac-2d98-498e-a580-347602de0b81",
"value": "startupproject336.asia"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629329",
"to_ids": false,
"type": "link",
"uuid": "576afcd1-2ef8-447b-ac63-3cc102de0b81",
"value": "https://blog.fortinet.com/2016/06/21/the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users"
},
{
"category": "Payload installation",
"comment": "Last week, an unidentified malware was discovered - Xchecked via VT: 171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629362",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf2-595c-452c-9b4c-4f0502de0b81",
"value": "9fbbca0a32f609aea6c8b3794429fea6b1cef1f7"
},
{
"category": "Payload installation",
"comment": "Last week, an unidentified malware was discovered - Xchecked via VT: 171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629362",
"to_ids": true,
"type": "md5",
"uuid": "576afcf2-131c-4140-9e0c-4bf302de0b81",
"value": "2e624f044f4cd086e3d49ef8b78a5cb6"
},
{
"category": "External analysis",
"comment": "Last week, an unidentified malware was discovered - Xchecked via VT: 171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629362",
"to_ids": false,
"type": "link",
"uuid": "576afcf2-8650-4b94-9554-4f9f02de0b81",
"value": "https://www.virustotal.com/file/171693ab13668c6004a1e08b83c9877a55f150aaa6d8a624c3f8ffc712b22f0b/analysis/1466577042/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: cec73c7b54c290b297a713e0eb07c7c2d822cc67ed61b9981256464273d63892",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629362",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf2-8440-4dbf-bad6-4bd002de0b81",
"value": "b8001fb6144f491226306194a08254d04f854cc7"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: cec73c7b54c290b297a713e0eb07c7c2d822cc67ed61b9981256464273d63892",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": true,
"type": "md5",
"uuid": "576afcf3-d39c-41ee-b8cd-486802de0b81",
"value": "9ab0746d527beb6bf141580eb7e39b9f"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: cec73c7b54c290b297a713e0eb07c7c2d822cc67ed61b9981256464273d63892",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": false,
"type": "link",
"uuid": "576afcf3-9e90-4fcd-b365-4f4602de0b81",
"value": "https://www.virustotal.com/file/cec73c7b54c290b297a713e0eb07c7c2d822cc67ed61b9981256464273d63892/analysis/1465950050/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 103c6f425cfcd5eb935136f8c4ce51b9556974545bc6b7947039405164d46b0d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf3-bc34-4747-87df-459e02de0b81",
"value": "88261bc52f2bd5a18ff29963b4f5300d66b794d4"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 103c6f425cfcd5eb935136f8c4ce51b9556974545bc6b7947039405164d46b0d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": true,
"type": "md5",
"uuid": "576afcf3-8ce4-4fdf-aa4f-4edf02de0b81",
"value": "ddf0134ee920b0b9930f7d7aa2d1e038"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 103c6f425cfcd5eb935136f8c4ce51b9556974545bc6b7947039405164d46b0d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": false,
"type": "link",
"uuid": "576afcf3-ff68-41c5-97cf-4d8402de0b81",
"value": "https://www.virustotal.com/file/103c6f425cfcd5eb935136f8c4ce51b9556974545bc6b7947039405164d46b0d/analysis/1466578390/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5afee15a022fcdb12cc791dd02db0ec6beb2e9152b312b2251f2b8ecfe62e03c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629363",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf3-22d0-401d-a0f5-411a02de0b81",
"value": "349f5250384621b0e0e29a02947c2bf263234eb4"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5afee15a022fcdb12cc791dd02db0ec6beb2e9152b312b2251f2b8ecfe62e03c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629364",
"to_ids": true,
"type": "md5",
"uuid": "576afcf4-36c0-4221-9b96-450502de0b81",
"value": "04c5b2382eecf78729e3c7f28d18cb88"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5afee15a022fcdb12cc791dd02db0ec6beb2e9152b312b2251f2b8ecfe62e03c",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629364",
"to_ids": false,
"type": "link",
"uuid": "576afcf4-b404-48a7-ba05-4cff02de0b81",
"value": "https://www.virustotal.com/file/5afee15a022fcdb12cc791dd02db0ec6beb2e9152b312b2251f2b8ecfe62e03c/analysis/1465147301/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: c16281c83378a597cbc4b01410f997e45b89c5d06efada8000ff79c3a24d63ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629364",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf4-7ed8-4ab3-9fb6-4a3702de0b81",
"value": "aad3a9a14d91f4c371dab192e976b28772a9f5b7"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: c16281c83378a597cbc4b01410f997e45b89c5d06efada8000ff79c3a24d63ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629364",
"to_ids": true,
"type": "md5",
"uuid": "576afcf4-8298-42fa-a794-44cf02de0b81",
"value": "533fc5d5a9d7c0e06de13af3af0662ba"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: c16281c83378a597cbc4b01410f997e45b89c5d06efada8000ff79c3a24d63ca",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629364",
"to_ids": false,
"type": "link",
"uuid": "576afcf4-8984-46db-b974-43aa02de0b81",
"value": "https://www.virustotal.com/file/c16281c83378a597cbc4b01410f997e45b89c5d06efada8000ff79c3a24d63ca/analysis/1459406571/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5d759710686db2c5b81c7125aacf70e252de61ab360d95e46cee8a9011c5693f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf5-b9bc-4e4a-aa0a-431902de0b81",
"value": "e77be9eaa91ff9429c2837a8291c9ae4a58a76b6"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5d759710686db2c5b81c7125aacf70e252de61ab360d95e46cee8a9011c5693f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": true,
"type": "md5",
"uuid": "576afcf5-53f4-4669-b311-4e8202de0b81",
"value": "a4232d262ebfafc8570c034f428e64cb"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 5d759710686db2c5b81c7125aacf70e252de61ab360d95e46cee8a9011c5693f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": false,
"type": "link",
"uuid": "576afcf5-813c-45cd-950d-412202de0b81",
"value": "https://www.virustotal.com/file/5d759710686db2c5b81c7125aacf70e252de61ab360d95e46cee8a9011c5693f/analysis/1464162631/"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 72faed0bc66afe1f42bd7e75b7ea26e0596effac65f67c0ac367a84ec4858891",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": true,
"type": "sha1",
"uuid": "576afcf5-2350-4ba0-a4c5-453f02de0b81",
"value": "343878c85ff1b66e27e0d1d193fe8fde81bf1db1"
},
{
"category": "Payload delivery",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 72faed0bc66afe1f42bd7e75b7ea26e0596effac65f67c0ac367a84ec4858891",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": true,
"type": "md5",
"uuid": "576afcf5-dd9c-4b6f-b8ed-41b102de0b81",
"value": "d79c3cce5d103f387955c34a0e429f58"
},
{
"category": "External analysis",
"comment": "DELoader SHA-256 hashes (all detected as W32/DELoader.A!tr): - Xchecked via VT: 72faed0bc66afe1f42bd7e75b7ea26e0596effac65f67c0ac367a84ec4858891",
"deleted": false,
"disable_correlation": false,
"timestamp": "1466629365",
"to_ids": false,
"type": "link",
"uuid": "576afcf5-289c-4baf-8453-49a402de0b81",
"value": "https://www.virustotal.com/file/72faed0bc66afe1f42bd7e75b7ea26e0596effac65f67c0ac367a84ec4858891/analysis/1466153872/"
}
]
}
}