2920 lines
No EOL
91 KiB
JSON
2920 lines
No EOL
91 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "2",
|
|
"date": "2017-06-07",
|
|
"extends_uuid": "",
|
|
"info": "Stantinko investigation",
|
|
"publish_timestamp": "1500641836",
|
|
"published": true,
|
|
"threat_level_id": "1",
|
|
"timestamp": "1500641829",
|
|
"uuid": "59387629-3d68-430c-ae55-15f50a016219",
|
|
"Orgc": {
|
|
"name": "ESET",
|
|
"uuid": "55f6ea5e-51ac-4344-bc8c-4170950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#a9b7b8",
|
|
"local": false,
|
|
"name": "Stantinko",
|
|
"relationship_type": ""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872490",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5938762a-20f0-435b-bb00-19d30a016219",
|
|
"value": "b14af8814fe0398ffa8f5b0d76141b576e5cce27"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872491",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5938762b-4ac0-4f2c-ac35-15f40a016219",
|
|
"value": "fbdbabc6c3e274b99bdfdab79e53b29eccf114ef"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872491",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5938762b-a338-4ffe-a659-12090a016219",
|
|
"value": "526b86ca02cceaf5d23c467c1d1f81dd0a36e4b9"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872492",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5938762c-c5ec-4eee-a9e6-120c0a016219",
|
|
"value": "e79acfbf8d339507373b892700b27b3b795e424f"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872492",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5938762c-db54-429c-b450-1a120a016219",
|
|
"value": "c55918adc6d2e74809777b306e361ea01a35fc05"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872493",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762d-154c-462f-a260-19d10a016219",
|
|
"value": "wsaudio.com|178.20.157.189"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872493",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762d-5904-48d8-8e07-15f50a016219",
|
|
"value": "wsaudio.com|204.155.30.72"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872494",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762e-ba14-423c-81c4-19d20a016219",
|
|
"value": "wsaudio.com|217.12.203.18"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872494",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762e-f31c-4729-a027-12080a016219",
|
|
"value": "wsaudio.com|178.20.157.187"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872495",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762f-1870-4571-9585-120b0a016219",
|
|
"value": "wsaudio.com|185.86.76.113"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872495",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938762f-14c4-4322-be63-120c0a016219",
|
|
"value": "clients2.ultimate-discounter.com|95.46.98.137"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872496",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387630-e040-45e0-a8a7-12090a016219",
|
|
"value": "ghosterystore.com|178.20.159.56"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872496",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387630-f4bc-4d89-813c-1a120a016219",
|
|
"value": "ghosterystore.com|95.46.98.12"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872497",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387631-9280-48c4-ac30-15f40a016219",
|
|
"value": "robothemes.net|178.20.159.77"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872497",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387631-1c08-4023-bef7-12080a016219",
|
|
"value": "robothemes.net|80.87.202.246"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872498",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387632-ffd0-4f9a-8c20-19d10a016219",
|
|
"value": "robothemes.net|185.48.239.11"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872498",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387632-1600-40ea-9b70-19d20a016219",
|
|
"value": "clients3.ultimate-discounter.com|37.97.245.128"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872499",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387633-a0cc-48da-a0ad-19d30a016219",
|
|
"value": "upd-discounter.com|178.20.159.56"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872499",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387633-c0b4-46dc-b2be-15f50a016219",
|
|
"value": "ultimate-discounter.org|62.109.0.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872500",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387634-8948-4504-aa43-120b0a016219",
|
|
"value": "ultimate-discounter.org|185.28.22.66"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872501",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387635-b108-4acf-a24f-120c0a016219",
|
|
"value": "udiscount.net|62.109.0.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872501",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387635-4440-4a60-bde6-12090a016219",
|
|
"value": "vp9codec.com|136.144.141.253"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872502",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387636-ed00-437f-95a0-1a120a016219",
|
|
"value": "vp9codec.com|107.174.224.254"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872502",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387636-b2a0-4161-b45b-15f40a016219",
|
|
"value": "vp9codec.com|185.47.62.128"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872503",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387637-443c-4b5c-916b-12080a016219",
|
|
"value": "clients1.ultimate-discounter.com|62.109.0.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872503",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387637-7e00-46a6-b098-19d10a016219",
|
|
"value": "hdr-group.org|210.16.101.206"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872504",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387638-a64c-4b83-8cf2-19d20a016219",
|
|
"value": "hdr-group.org|144.217.240.28"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872504",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387638-b268-438f-9179-19d30a016219",
|
|
"value": "hdr-group.org|88.99.154.39"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872505",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387639-01f0-4075-8633-15f50a016219",
|
|
"value": "icloudsrv.com|178.20.157.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872505",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "59387639-17ec-40c9-970c-120b0a016219",
|
|
"value": "icloudsrv.com|85.17.194.202"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872506",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763a-9558-4142-b535-120c0a016219",
|
|
"value": "icloudsrv.com|178.20.159.89"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872506",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763a-99a8-4405-b1fd-12090a016219",
|
|
"value": "update.ultimate-discounter.com|178.20.159.56"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872507",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763b-f210-49b1-a931-1a120a016219",
|
|
"value": "udiscounter.org|178.20.159.56"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872508",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763c-c00c-4916-9272-15f40a016219",
|
|
"value": "biosysltd.com|185.118.164.190"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872508",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763c-e680-4a4b-ad6b-12080a016219",
|
|
"value": "biosysltd.com|185.125.218.74"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872509",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763d-ad10-4bb3-ab03-19d10a016219",
|
|
"value": "biosysltd.com|95.213.235.197"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872509",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763d-2b98-45ad-92f6-19d20a016219",
|
|
"value": "biosysltd.com|82.146.59.86"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872510",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "5938763e-5cac-4a91-9f62-19d30a016219",
|
|
"value": "biosysltd.com|185.127.24.151"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872510",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5938763e-6478-4a58-adaf-120c0a016219",
|
|
"value": "wadgeotrust.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872511",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5938763f-2ba8-4c05-b24f-15f50a016219",
|
|
"value": "wsslupdate.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872511",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "5938763f-2460-4df4-9cab-12090a016219",
|
|
"value": "wsslupd.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872512",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387640-f2e8-44de-9698-12080a016219",
|
|
"value": "kbdmai.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872512",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387640-251c-4aa3-a78d-120b0a016219",
|
|
"value": "ksober.in"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872513",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387641-c0b8-424d-b844-15f40a016219",
|
|
"value": "mserrep.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872513",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387641-0ae4-4e58-a23c-19d10a016219",
|
|
"value": "wupdateservice.us"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872514",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387642-a32c-4b1b-83f1-19d20a016219",
|
|
"value": "d3dupdate.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872514",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59387642-7d3c-4c88-9375-19d30a016219",
|
|
"value": "dhtservice.com"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872515",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387643-4618-4279-b58e-120b0a016219",
|
|
"value": "Global\\BitStreamSvc"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872516",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387644-4d6c-45fd-bdd6-12090a016219",
|
|
"value": "Global\\D3DAdapter_ServiceEvent"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872516",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387644-dfac-4d98-9909-12080a016219",
|
|
"value": "Global\\Intel_hctrl32"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872517",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387645-75a4-4940-a7f2-120c0a016219",
|
|
"value": "Global\\KBDMAIServiceEvent"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872517",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387645-45e0-47c7-861b-1a120a016219",
|
|
"value": "Global\\Kbdmai_ServiceEvent"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872518",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387646-6488-49b4-96bc-15f50a016219",
|
|
"value": "Global\\OptimizeSataDevices"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872518",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387646-d168-4193-b0ad-19d20a016219",
|
|
"value": "Global\\ServiceLibEvent"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872519",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387647-332c-48d3-a50d-19d30a016219",
|
|
"value": "Global\\ThemeControl"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872519",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387647-1c20-4aef-8bd0-120b0a016219",
|
|
"value": "Global\\WBiosrvp"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872520",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387648-71b4-42c0-a073-12080a016219",
|
|
"value": "Global\\Wlan_Manager_Initialize"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872520",
|
|
"to_ids": false,
|
|
"type": "mutex",
|
|
"uuid": "59387648-06e8-4079-88c5-12090a016219",
|
|
"value": "Global\\Wsaudio_Initialize"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872521",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "59387649-2b80-499a-b2eb-15f40a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\BitStreamSvc\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872521",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "59387649-8428-4477-9082-19d10a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\Bonjoiur Host Controller\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872522",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764a-7558-4515-9f18-15f50a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\Coupons Browser Update Service\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872522",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764a-d4bc-44ac-86e6-1a120a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\d3dadapter\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872523",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764b-e45c-4a68-b4e0-120c0a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\Ghostery Storage Server\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872523",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764b-6644-4ede-b10d-120b0a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\ihctrl32\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872524",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764c-6ea4-42e6-9b3b-12080a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\ir16_32\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872524",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764d-7a44-488e-bf0f-15f40a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\KBDMAI\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872525",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764d-c6bc-4e99-91d4-19d10a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\optsatadc\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872526",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764e-dc60-41ff-958e-15f50a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\services\\themctrl\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872526",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764e-b940-43ee-b10e-12090a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\wbiosrvp\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872527",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764f-587c-48b1-90a1-19d30a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\wlanmgr\\"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872527",
|
|
"to_ids": true,
|
|
"type": "regkey",
|
|
"uuid": "5938764f-10dc-439f-b0ab-19d20a016219",
|
|
"value": "HKLM\\SYSTEM\\CurrentControlSet\\Services\\wsaudio\\"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872528",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59387650-0134-4c70-b3e3-120b0a016219",
|
|
"value": "93.188.161.17"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872528",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59387650-8fe0-4914-a114-12080a016219",
|
|
"value": "107.181.174.28"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872529",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59387651-f56c-4a29-a298-15f40a016219",
|
|
"value": "185.28.22.22"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872529",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59387651-532c-4011-9a2c-19d10a016219",
|
|
"value": "195.226.218.234"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872530",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387652-9268-4f56-ace9-12090a016219",
|
|
"value": "D:\\work\\brut\\cms\\facebook\\facebookbot\\Release\\facebookbot.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872530",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387652-eca0-4662-95b8-120c0a016219",
|
|
"value": "D:\\work\\service\\plugins\\Release\\get_hdd_serial_number.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872531",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387653-66dc-4a40-8ae8-19d30a016219",
|
|
"value": "D:\\work\\service\\plugins\\Release\\remove_plugins_installer.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872531",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387653-e838-4c20-a890-15f50a016219",
|
|
"value": "D:\\work\\service\\plugins\\Release\\remove_zaxar.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872532",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387654-6db8-4c07-9269-19d20a016219",
|
|
"value": "D:\\work\\service\\plugins\\Release\\reset_safesurfing_flag.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872532",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387654-3864-444f-b909-12080a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\bstreamsvc.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872533",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387655-f1fc-443a-af30-15f40a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\bstreamsvc_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872534",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387656-9008-45a1-b7b8-19d10a016219",
|
|
"value": "D:\\work\\service\\service\\Release DRTIPROV\\ir16_32.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872534",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387656-d250-4af7-b994-120c0a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\first_service.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872535",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387657-f7cc-46ed-b0bc-19d30a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\first_service_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872535",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387657-cff8-40b5-a906-120b0a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\ihctrl32.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872536",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387658-c1d8-4e62-b26d-1a120a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\ihctrl32_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872536",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387658-8374-4d67-9a79-19d20a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\ir16_32.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872537",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387659-def4-4811-84e4-12090a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\optsatadc.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872537",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "59387659-232c-443b-84d0-15f40a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\optsatadc_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872538",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765a-f970-442d-ade8-19d10a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\themctrl.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872538",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765a-84f0-4957-80d2-12080a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\themctrl_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872539",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765b-c024-43d7-aadb-120c0a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\wbiosrvp_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872539",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765b-6fb8-4e01-a018-15f50a016219",
|
|
"value": "D:\\work\\service\\service\\Release\\wsaudio_setup.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872540",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765c-8670-4d6b-868d-12090a016219",
|
|
"value": "D:\\work\\ultdr\\udsetup\\Release\\udsetup_winapi_morphed.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872540",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765c-920c-45d6-a70c-15f40a016219",
|
|
"value": "Z:\\source\\service\\Release\\ir16_32.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872541",
|
|
"to_ids": false,
|
|
"type": "pdb",
|
|
"uuid": "5938765d-3100-4884-8a2e-19d10a016219",
|
|
"value": "Z:\\source\\service\\Release\\setup_serv.pdb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872541",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938765d-dfdc-46b9-a1e7-1a120a016219",
|
|
"value": "md_Films-174131.exe|8e3d8606ed916152b8f70d5e38026569bb7a20c4"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872542",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938765e-abd4-47ce-99ef-19d30a016219",
|
|
"value": "kbdmai.dll|0fa4a2c2f41056e071097bf9db5312e820e3512a"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872543",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938765f-c2e4-47ba-a940-120b0a016219",
|
|
"value": "kbdmai.dll|199da0c38eb00e495d864d95f078912eeb35639a"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872543",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938765f-1860-4473-bc9e-19d20a016219",
|
|
"value": "kbdmai.dll|5287ce5827ffeec6957f1f6dc769d25482479ee3"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872544",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387660-9ff4-4a35-a75f-120c0a016219",
|
|
"value": "kbdmai.dll|da4634bd5b96519697d06d9a8f18b735302a65ea"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872544",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387660-9b9c-49c1-8888-12080a016219",
|
|
"value": "yasetup.exe|d1f774d54bcc176ac33900085b27f62a1732b9b7"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872545",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387661-0c3c-4405-9d6c-15f50a016219",
|
|
"value": "npapihelper.dll|1accd83d48f041ff362c2b8f2dcf96d6f1583168"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872545",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387661-c19c-411a-bc63-12090a016219",
|
|
"value": "udservice.exe|0a7c1817a49e9c258df7b3cfc416bc16a8d28c0b"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872546",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387662-d3a4-4c23-8cf8-19d10a016219",
|
|
"value": "udservice.exe|352e05dc607af2ee7cd3bd3ffcc546d3d29f786e"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872546",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387662-54e0-43ac-b7be-19d30a016219",
|
|
"value": "Word 2016.exe|2e9f4c6bd233799aa2afec9c440c737ae4114dde"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872547",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387663-52c8-4c83-86cb-1a120a016219",
|
|
"value": "safe_surfing_x86_32.nexe|340622c8d335cde73eeaa96f461440edcb7d4c52"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872547",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387663-73a8-4928-9aa6-15f40a016219",
|
|
"value": "themctrl.dll|03a5849e0dbe89e0727c8c37f4259623c9c131e3"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872548",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387664-9b80-4c16-b078-12080a016219",
|
|
"value": "themctrl.dll|544ed609f59c6fb2c96a566631293109172375f9"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872548",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387664-513c-457c-93eb-19d20a016219",
|
|
"value": "themctrl.dll|6004089b1678104252e02e272443a993106c912b"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872549",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387665-8380-427c-8f67-120b0a016219",
|
|
"value": "themctrl.dll|6b0fc0f7bcf63db2778634644f5819e6247ad524"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872549",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387665-45e8-40b5-b77a-12090a016219",
|
|
"value": "themctrl.dll|6db4be7100b317fd9cbc136dc95c4017f6d56612"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872550",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387666-79d8-4f61-a087-19d10a016219",
|
|
"value": "themctrl.dll|f09352158b443fa3db0567ef4147d94d37dbdd09"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872551",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387667-e2c4-47fc-be6c-19d30a016219",
|
|
"value": "themctrl.dll|f3846aef680eaa1931f75977b2add060d2bd3167"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872551",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387667-5a70-46f1-8fd3-15f40a016219",
|
|
"value": "d3dadapter.dll|11354e648e41529972e6696631e035cf8bf0c537"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872552",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387668-f53c-42ae-af8c-15f50a016219",
|
|
"value": "d3dadapter.dll|1817b2b958fe7fce0d0383b8d304bd55a6feceb2"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872552",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387668-6584-40de-9f0c-1a120a016219",
|
|
"value": "d3dadapter.dll|1baf0a6e8c9ddbdfff825686c2ba7e846fb65aec"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872553",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387669-dbb0-4d65-8c0a-12080a016219",
|
|
"value": "d3dadapter.dll|272aeca0b66ed1dea435059481c8ee7045e44e23"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872553",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387669-5b5c-4e23-89a9-19d20a016219",
|
|
"value": "d3dadapter.dll|31883581fe416a454a00b223357ecaf6e4353497"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872554",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766a-393c-452d-86d0-19d10a016219",
|
|
"value": "d3dadapter.dll|31e119c3d252c2ae1c18e554dcf47ed359a67ad2"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872554",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766a-5af0-48e7-976c-12090a016219",
|
|
"value": "d3dadapter.dll|36e11c5bfa3c05094b3fbba39697533f63b299db"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872555",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766b-5df0-4c9d-b995-120b0a016219",
|
|
"value": "d3dadapter.dll|52d9d26ef37a3b42a0d68e4383b73fd4d2b10018"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872555",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766b-9ca0-4324-910c-120c0a016219",
|
|
"value": "d3dadapter.dll|56696ca2e4c85541909391e086e7d934601656d8"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872556",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766c-c47c-46e7-a758-19d20a016219",
|
|
"value": "d3dadapter.dll|587659a8ab5617594f8064ef16caad082a773c7a"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872556",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766c-3380-4137-adbe-15f40a016219",
|
|
"value": "d3dadapter.dll|84d9f7f46810b1add636b07c4068517ad1b3fd07"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872557",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766d-adb4-4daa-817d-12080a016219",
|
|
"value": "d3dadapter.dll|8843f69f530a712568567a2d53da01889ff9acb9"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872557",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766d-fe5c-40ad-ad9b-15f50a016219",
|
|
"value": "d3dadapter.dll|957c69e52e2a3a16838051598a7b2e5ba3d54836"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872558",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766e-2c14-42ff-8178-1a120a016219",
|
|
"value": "d3dadapter.dll|acaf69efc397031a7ca14e8e4b6e2d9e9de28892"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872558",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766e-b2d4-47ea-a3b4-19d30a016219",
|
|
"value": "d3dadapter.dll|d2770182ce996454aa8eafa5c96629accf05a06a"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872559",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938766f-5fc4-44a4-a1c3-19d20a016219",
|
|
"value": "d3dadapter.dll|d6a59f6dd9e39ee26059c43d2e097a823770e161"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872560",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387670-f6fc-4d85-a8e1-120c0a016219",
|
|
"value": "d3dadapter.dll|f9dc53a63d721d0936be8c04331e341ac2558162"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872560",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387670-bb54-40f7-9098-15f40a016219",
|
|
"value": "first_service_setup.dll|0146f1042b360c8080d4d05ff523c3b80ac88069"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872561",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387671-dbb8-461d-bee6-19d10a016219",
|
|
"value": "first_service_setup.dll|ef3aff545c48f658c021dc3e5f574aed50be726e"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872561",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387671-d18c-4f5e-9773-120b0a016219",
|
|
"value": "all_Films_4922.exe|a5c3076f4e38a9e497f120558db669fdd139e702"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872562",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387672-c67c-4581-86d4-12090a016219",
|
|
"value": "facebook_bot.dll|d643f426b9faf032ff5af7d070d2e5115b3c2e46"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872562",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387672-36d0-4fc8-8484-12080a016219",
|
|
"value": "fdclient.dll|0876f8d54f152b1aba741004635c53a835007226"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872563",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387673-3af8-4616-826d-19d20a016219",
|
|
"value": "fdclient.dll|51196dd8d364947b17acfa3efcfc1afa86cd44c3"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872563",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387673-ca30-4100-b403-1a120a016219",
|
|
"value": "fdclient.dll|886749473a29b887e8f8a79a7c3fb620d30bcb01"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872564",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387674-7ee8-4f4f-8c9e-15f50a016219",
|
|
"value": "fdclient.dll|96b3a1fdfe1aa113b7791c15a57cfbbd360cc223"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872564",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387674-5b24-4075-9633-120c0a016219",
|
|
"value": "fdclient.dll|b35da904e72868361954a27e87521ee4e0fd0ac6"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872565",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387675-8494-4466-8c67-19d30a016219",
|
|
"value": "fdclient.dll|b705f104de0e8e43da9ac13ba5f42dd3da21037b"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872565",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387675-33b0-43a7-9610-15f40a016219",
|
|
"value": "fdclient.dll|d06de631aaa7a7bc1fffa12054111bec2a7d838d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872566",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387676-ec74-43f4-8a1e-19d10a016219",
|
|
"value": "safe_surfing_arm.nexe |49603fec4dfa0ac5af3300039522855920d84530"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872567",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387677-0f34-4de1-afb5-120b0a016219",
|
|
"value": "ihctrl32_setup.dll|c9c2d2239c5371dcd6a36ae66380b615578e5b04"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872567",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387677-e248-41a6-aaf8-12090a016219",
|
|
"value": "create_certificate.dll|729b6f4d97f76dce0f474d7d9f5e15fdd01e4998"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872568",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387678-8d5c-44dd-a3f3-12080a016219",
|
|
"value": "Project_tracks_forced.exe|d274fd9c8afc8fb2dae8e81e4f6cc41592c385df"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872568",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387678-9ed4-44fb-8ad7-19d20a016219",
|
|
"value": "s4y_Films-174132.exe|30139fb0b37472d02fe5ecb62f211ccfe727fd6d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872569",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387679-783c-4abe-b9c6-1a120a016219",
|
|
"value": "udsetup.exe|52f44d45563944cf7735bcb6f0c448c3e9f19d04"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872569",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387679-5018-439b-9fde-15f50a016219",
|
|
"value": "bstreamsvc.dll|1d50cf65d326545b02c3eaef99faeaaa5629ae94"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872570",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767a-567c-4323-96bc-120c0a016219",
|
|
"value": "bstreamsvc.dll|c7a04f5a7a09d9674b2ca50edad882e050785169"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872570",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767a-3070-4f07-9567-19d30a016219",
|
|
"value": "bstreamsvc.dll|eae094fda8d431cb8cdefc9687c8b4cb1b7e2a22"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872571",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767b-4940-4055-8cf7-15f40a016219",
|
|
"value": "bstreamsvc_setup.dll|b8aa1b3dec9b4b16b6a4bc274c093eed09e2bc4c"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872571",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767b-7a6c-48d0-8a0d-120b0a016219",
|
|
"value": "wsaudio.dll|138addb8845c5f1999e2ccadb3bb7fc57d8acce8"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872572",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767c-a3c0-48e1-bcc0-19d10a016219",
|
|
"value": "wsaudio.dll|2a9a15ed58cd54142e149db48511b8fd4efb1e89"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872572",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767c-ca58-4ebb-8aaf-12080a016219",
|
|
"value": "wsaudio.dll|5b54776d3c0085596ed7ff695a90b299b575dafb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872573",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767d-3e54-49de-9a44-19d20a016219",
|
|
"value": "wsaudio.dll|758fe5df8edac61101af35aa1f4440dbec617f25"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872574",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767e-7bd8-45a8-bee0-1a120a016219",
|
|
"value": "wsaudio.dll|8bba63fd06fc0948579a0f780ec4c0916f265d29"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872574",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767e-945c-4d56-8c87-15f50a016219",
|
|
"value": "wsaudio.dll|b84598b0329dde4b93fc32be2abac020f7b1e7d8"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872575",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767f-f500-4977-85ef-120c0a016219",
|
|
"value": "biosysrt.dll|3a543e3cfe380ae404759fcce4b3e25de52246c9"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872575",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938767f-d7ec-495b-8c47-19d30a016219",
|
|
"value": "bhctrl32.exe|125cede073fc3578c9d4c92a858b92c6d551bb0e"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872576",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387680-322c-4585-8e73-15f40a016219",
|
|
"value": "bhctrl32.exe|a2956b05909e48f82f6fc9a690a64d4f0b2a61c8"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872576",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387680-d504-48f2-84f0-120b0a016219",
|
|
"value": "bhctrl32.exe|d40cac5db9a23b372e606039dce080bcfb9830cc"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872577",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387681-26ac-4fe8-8af6-12080a016219",
|
|
"value": "bhctrl32.exe|fe25d078dfd99091c3ef189567728bd087750fae"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872577",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387681-0e74-4793-8a1d-12090a016219",
|
|
"value": "ihctrl32.dll|032b324368b3854f4ec96be74e067d146b43f856"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872578",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387682-0130-4bd7-92d4-19d20a016219",
|
|
"value": "ihctrl32.dll|0b64f28dd56d4869ed7ecaea81d0f7e6dcbefa36"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872578",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387682-c644-4168-b578-19d10a016219",
|
|
"value": "ihctrl32.dll|4fd7a5f602e4645eb8f21baa127edeb9c76ccb50"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872579",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387683-0604-4321-9018-120c0a016219",
|
|
"value": "ihctrl32.dll|728718d1ad01b07fcd31c0a4fa2c975b98db29f1"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872579",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387683-a344-4d08-a1f6-1a120a016219",
|
|
"value": "ihctrl32.dll|742ea38f09ff53626194d8b411e290b09f93eda4"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872580",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387684-cd28-440d-88ad-19d30a016219",
|
|
"value": "ihctrl32.dll|80c4a4fd10409742c10b4399ad7c31afea726a8d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872581",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387685-66fc-4271-bc45-15f40a016219",
|
|
"value": "ihctrl32.dll|b6cfda9777eef218e36a1a082c175cb6121cdb48"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872581",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387685-7c80-4720-a2ff-120b0a016219",
|
|
"value": "ihctrl32.dll|bc126956059188e2155113d2f77d5ff632b9d420"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872582",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387686-a804-446c-8d74-12080a016219",
|
|
"value": "ihctrl32.dll|cb89f13d6efbb8eba87ab3fe3ac92a0aa738ad2d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872582",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387686-6968-423b-ad0e-19d20a016219",
|
|
"value": "ihctrl32.dll|d00c953fd7d6cb686036bb264d52f38c2cecea76"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872583",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387687-c2e0-413f-b7c9-19d10a016219",
|
|
"value": "ihctrl32.dll|f74ed6dfb1719924197459d7e5cfdf00568b86fb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872583",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387687-9074-4ec8-a655-120c0a016219",
|
|
"value": "ir16_32.dll|8ef4e038e14e2c853dd304df78c3cf09176adb65"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872584",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387688-27ec-4a7c-947c-15f50a016219",
|
|
"value": "ir16_32.dll|962aa58834b2d071d3f8c68e893d3fdc2fee32f3"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872584",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387688-4274-43fe-b700-12090a016219",
|
|
"value": "ir16_32.dll|9f79f982f8eef45d5a1fc3120c5dea2d8ec618a0"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872585",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387689-d1f8-402c-8c8d-120b0a016219",
|
|
"value": "ir16_32.dll|b85e4652910d413d19718b819736b44133fdb332"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872585",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387689-216c-4943-b8b0-19d20a016219",
|
|
"value": "ir16_32.dll|c269c83b3d18c01daf9c296a198323889d339b9f"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872586",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768a-7b74-40b0-b528-19d30a016219",
|
|
"value": "ir16_32.dll|c9f1232dc368a828f576d6f9e8922c0df27a33db"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872586",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768a-23a4-4b11-bb1b-15f40a016219",
|
|
"value": "ir16_32.dll|e8d9f9a6bec99be13ffdf3d2f5ef74ef634eb508"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872587",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768b-5e54-4a93-b9a8-12080a016219",
|
|
"value": "optsatadc_setup.dll|326406a85486418b0df5878b38a2436f11082411"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872587",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768b-429c-41a1-8f46-19d10a016219",
|
|
"value": "clearcache.dll|899a71baabfcf47f5fe31a651271d038c2619edf"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872588",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768c-814c-4a4f-ae1a-120c0a016219",
|
|
"value": "9183_Hello_Amigo_track.exe|7167649eb03569c2643bcf2c2f2164ea0d803a8d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872589",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768d-26dc-4d44-b650-15f50a016219",
|
|
"value": "search_parser.dll|2e726a679d32d6a29ecc7a9215409defa3085150"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872589",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768d-8a6c-4d6e-9513-1a120a016219",
|
|
"value": "s4m_Films-174133.exe|40863793206684a021abb1e24d524fddf8410ab6"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872590",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768e-3158-473a-a251-19d30a016219",
|
|
"value": "APIHelper.dll|84a055d8e4bdf1f140c4dca3d2d7738027e07115"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872590",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768e-e060-4999-a9a4-12080a016219",
|
|
"value": "get_hdd.dll|f90bbf5444f42b383b26350231dfda002911801a"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872591",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768f-0940-4783-be22-15f40a016219",
|
|
"value": "vp9core.dll|c897a193a13a60cc98aaad9cb9e18aecb68797de"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872591",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938768f-09ec-4b7a-a027-12090a016219",
|
|
"value": "vp9core.dll|ff9181c441aaa9108bc35b45b989b2725ad4bbf9"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872592",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387690-c208-4ca9-9726-120b0a016219",
|
|
"value": "remove_plugins_installer.dll|ad4e55cf03f9c24abe2c533ee33facd7c70a2eda"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872592",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387690-8b44-4a35-86d8-19d20a016219",
|
|
"value": "radmin.dll|bfc7c0383cd87382575543c89e99eb41898f59eb"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872593",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387691-6100-4ffc-874f-19d10a016219",
|
|
"value": "KBDMAI_ExtInstaller.dll|343e52b0d30775305951252101526eaedc8a0d01"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872593",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387691-a1e8-49cf-9a84-120c0a016219",
|
|
"value": "KBDMAI_ExtInstaller.dll|d212f66683f29b5a88afe2b6b9450dae3dd73eb4"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872594",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387692-b3f8-45d7-90e2-15f50a016219",
|
|
"value": "wbiosrvp.dll|420a98f44832c11d4e56037f1f267207830ba03b"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872594",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387692-7814-4ed9-ab0a-12080a016219",
|
|
"value": "wbiosrvp.dll|8750e5e2647c6a9dab1e0ae60cc42246da2186b2"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872595",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387693-8214-44bc-be87-12090a016219",
|
|
"value": "wbiosrvp.dll|f613948ce8f5358b9940ee22e9fcfc26f171637d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872596",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387694-2104-4ada-bb65-15f40a016219",
|
|
"value": "zaxar.dll|c05d2646029df48e262061def69dd8a55bf40f75"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872596",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387694-9ad4-425c-87c9-120b0a016219",
|
|
"value": "wlanmgr.dll|10e2b8a796766a6f83278799be16b1bf47544f2b"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872597",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387695-17a8-4662-a095-15f50a016219",
|
|
"value": "wlanmgr.dll|12553394ae9c099d9079df19f0680cbe5cd780d4"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872597",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387695-bd1c-423e-bdd2-1a120a016219",
|
|
"value": "wlanmgr.dll|1c8d54f0db1136fa067f88a0ad8f0a8225854e72"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872598",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387696-7b40-4ae8-82dd-19d20a016219",
|
|
"value": "wlanmgr.dll|3af1739a03b3a70705e44049b008df34290ce3bd"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872598",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387696-c090-44ee-9f11-12090a016219",
|
|
"value": "wlanmgr.dll|6141110309ef5c08dec5746dbfb25b6302c6d887"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872599",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387697-4b64-4fe0-acb6-19d10a016219",
|
|
"value": "wlanmgr.dll|6fae5e3bb8910fccf89208e3377c8aad802d9bf8"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872599",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387697-f334-40bc-b331-15f40a016219",
|
|
"value": "wlanmgr.dll|7743bcab7a2d77f83197f31a01c754c73be46eaa"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872600",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387698-72c4-4550-93b3-19d30a016219",
|
|
"value": "reset_safesurfing_flag.dll|a9c96e00c1d1b7aaee01c30719c5068bbe196b20"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872600",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387698-be94-4d90-b678-120b0a016219",
|
|
"value": "safe_surfing_x86_64.nexe|43a108a22925282d9ac02b8752eacf796b532c1e"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872601",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387699-fbd8-4310-9518-15f50a016219",
|
|
"value": "20_search_top.exe|06eb77205e4822a4369e9c7b43f4554248dd6ffa"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872601",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "59387699-386c-42f0-b7f7-120c0a016219",
|
|
"value": "wsaudio_setup.dll|cd47c020bf420964be329a3f2bc7fee83bd2face"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872602",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769a-2fbc-471d-a17c-19d20a016219",
|
|
"value": "brutplugin.dll|5fa986f18bdda5c6ad4c2f2cf9608752ac797377"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872602",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769a-1990-4d9a-b377-12080a016219",
|
|
"value": "APIHelper_64.dll|bcbc28219d47097fbce312da450b84079689a0bf"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872603",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769b-437c-432a-b03c-1a120a016219",
|
|
"value": "certificate.dll|db83be912a25d99f501212fed8fa45672d362e67"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872604",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769c-19fc-4f53-a2b2-120b0a016219",
|
|
"value": "optsatadc.dll|3b2d848030289f8f569c80193dd940fa3ae396c2"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872604",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769c-d6b8-474d-87f6-15f40a016219",
|
|
"value": "optsatadc.dll|4d3a703db690e975540d6d29cdab2f75fbbcb61c"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872605",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769d-fca8-4c39-900f-15f50a016219",
|
|
"value": "optsatadc.dll|ade31cc1161c06a968b68c15e4ce249ae82bc35d"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872605",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769d-7bdc-4628-9b73-19d30a016219",
|
|
"value": "optsatadc.dll|be756ba78f52061ae745fc3d01d97300f06f70f6"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1496872606",
|
|
"to_ids": true,
|
|
"type": "filename|sha1",
|
|
"uuid": "5938769e-22f0-46ce-86fa-12090a016219",
|
|
"value": "ghstore.exe|e2f2532632a0acbc6367716f82f7b62d64b896b5"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311285",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "596ceef5-62d4-4e69-b44b-021a0a016219",
|
|
"value": "hdr-group.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311307",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef0b-bea0-40f4-9e25-021a0a016219",
|
|
"value": "teddysave.me|91.206.30.108"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311311",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef0f-ae44-4e15-938a-021b0a016219",
|
|
"value": "icloudsrv.info|85.17.194.202"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311312",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef10-e138-412f-81f0-7b520a016219",
|
|
"value": "icloudsrv.info|178.20.157.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311313",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef11-3064-4ad0-941b-7b550a016219",
|
|
"value": "icloudsrv.info|178.20.159.89"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311314",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef12-c668-4f42-9a4e-7b540a016219",
|
|
"value": "icloudsrv.net|85.17.194.202"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311314",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef12-39b4-4d45-ad1f-02190a016219",
|
|
"value": "icloudsrv.net|178.20.157.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311315",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef13-8c0c-47b9-b4f3-021a0a016219",
|
|
"value": "icloudsrv.net|178.20.159.89"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311317",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef15-2564-4bcd-ae37-021c0a016219",
|
|
"value": "tmrobo.com|89.108.124.228"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311318",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef16-cacc-4da7-a81a-7b510a016219",
|
|
"value": "teddy-protection.com|91.206.30.109"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311325",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef1d-7964-4279-bbba-021a0a016219",
|
|
"value": "icloudsrv.org|178.20.157.227"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311325",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef1d-89bc-49cf-8844-021c0a016219",
|
|
"value": "icloudsrv.org|178.20.159.89"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311332",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef24-3e80-4341-998e-7b520a016219",
|
|
"value": "biosysltd.org|185.125.218.74"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311333",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef25-07e0-4e3f-a173-02160a016219",
|
|
"value": "biosysltd.org|185.118.164.190"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311334",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef26-b168-4788-a265-7b540a016219",
|
|
"value": "biosysltd.org|185.127.24.151"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311335",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef27-beb4-4168-ac46-7b550a016219",
|
|
"value": "biosysltd.org|95.213.235.197"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311335",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef27-8818-42ff-a0dc-02190a016219",
|
|
"value": "biosysltd.org|82.146.59.86"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311336",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef28-788c-45a6-9ce6-7b530a016219",
|
|
"value": "safesurfing.me|185.28.22.69"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311337",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef29-0c58-4eec-8f3f-021a0a016219",
|
|
"value": "nvccupdate.com|93.188.161.17"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311339",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef2b-5294-419d-95a1-021c0a016219",
|
|
"value": "apihelper.org|178.20.157.140"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311346",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef33-1480-4122-9ebf-021b0a016219",
|
|
"value": "wannaupdate.com|178.20.159.56"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311347",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef33-6074-4466-bf16-7b530a016219",
|
|
"value": "hdr-group.info|80.82.67.154"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311348",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef34-eae4-40aa-9961-7b510a016219",
|
|
"value": "hdr-group.info|88.99.154.39"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311348",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef34-2e68-4b83-ac02-021c0a016219",
|
|
"value": "hdr-group.info|144.217.240.28"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311349",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef35-22f0-46a7-a449-02190a016219",
|
|
"value": "hdr-group.info|149.56.201.76"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311350",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef36-0034-4132-b099-7b550a016219",
|
|
"value": "wsaudio.org|185.86.76.113"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311351",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef37-4724-4a2e-9ddb-7b520a016219",
|
|
"value": "wsaudio.org|178.20.157.189"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311351",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef37-69b0-4250-8427-7b540a016219",
|
|
"value": "wsaudio.org|204.155.30.72"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311352",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef38-5e64-430d-a165-7b550a016219",
|
|
"value": "wsaudio.org|178.20.157.187"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311353",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef39-5a0c-43e7-8a9e-02160a016219",
|
|
"value": "wsaudio.org|217.12.203.18"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311354",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3a-0218-4b8e-9c72-021a0a016219",
|
|
"value": "judgebear.pro|18.220.21.112"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311354",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3a-5630-4e8e-8e31-7b530a016219",
|
|
"value": "vp9codec.net|185.47.62.128"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311355",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3b-8414-4cd9-a2a2-02190a016219",
|
|
"value": "vp9codec.net|104.237.4.37"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311356",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3c-afa0-4f0f-be04-7b520a016219",
|
|
"value": "vp9codec.net|136.144.141.253"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311357",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3d-39c4-4986-9c54-021b0a016219",
|
|
"value": "wsaudio.net|178.20.157.189"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311358",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3e-4928-4523-ba04-021c0a016219",
|
|
"value": "wsaudio.net|217.12.203.18"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311358",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3e-5960-4397-bdfe-7b540a016219",
|
|
"value": "wsaudio.net|185.86.76.113"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311359",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef3f-94a4-4e50-bd0f-7b550a016219",
|
|
"value": "wsaudio.net|178.20.157.187"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311360",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef40-a7bc-4b7f-b21e-02160a016219",
|
|
"value": "wsaudio.net|204.155.30.72"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311361",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef41-d76c-46c5-948d-021a0a016219",
|
|
"value": "rdsbase.com|13.58.249.138"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311364",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef44-1af8-4cda-9f75-021a0a016219",
|
|
"value": "superbear.pro|13.58.23.11"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311365",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef45-f504-48fe-978f-7b510a016219",
|
|
"value": "tmrobo.org|80.87.202.246"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311365",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef45-b024-4166-b8c9-7b550a016219",
|
|
"value": "tmrobo.org|89.108.124.228"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311366",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef46-b740-481d-aeb8-02160a016219",
|
|
"value": "tmrobo.org|178.20.159.77"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1500311367",
|
|
"to_ids": true,
|
|
"type": "domain|ip",
|
|
"uuid": "596cef47-28e0-4168-a97e-7b540a016219",
|
|
"value": "tmrobo.org|185.48.239.11"
|
|
}
|
|
]
|
|
}
|
|
} |