adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a38ca48-6680-437d-9e0f-483c950d210f.json

1138 lines
No EOL
38 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2017-12-12",
"extends_uuid": "",
"info": "OSINT - Still stealing",
"publish_timestamp": "1514467958",
"published": true,
"threat_level_id": "3",
"timestamp": "1513738857",
"uuid": "5a38ca48-6680-437d-9e0f-483c950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
},
{
"colour": "#5f0077",
"local": false,
"name": "ms-caro-malware:malware-platform=\"AndroidOS\"",
"relationship_type": ""
},
{
"colour": "#211c1c",
"local": false,
"name": "Android Malware",
"relationship_type": ""
},
{
"colour": "#001a40",
"local": false,
"name": "ms-caro-malware-full:malware-platform=\"AndroidOS\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513676202",
"to_ids": false,
"type": "link",
"uuid": "5a38cb63-68d8-4fd2-97c3-40f9950d210f",
"value": "https://securelist.com/still-stealing/83343/",
"Tag": [
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513676202",
"to_ids": false,
"type": "comment",
"uuid": "5a38cc0e-52b4-4946-ba9c-486a950d210f",
"value": "Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over the next two years we detected several similar apps on Google Play, but in October and November 2017 we found 85 new malicious apps on Google Play that are stealing credentials for VK.com. All of them have been detected by Kaspersky Lab products as Trojan-PSW.AndroidOS.MyVk.o. We reported 72 of them to Google and they deleted these malicious apps from Google Play Store, 13 other apps were already deleted. Furthermore, we reported these apps with technical details to VK.com. One of these apps was masquerading as a game and was installed more than a million times according to Google Play Store.",
"Tag": [
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "Network activity",
"comment": "CNC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1513676202",
"to_ids": true,
"type": "domain",
"uuid": "5a38cd0d-037c-4b00-9381-4e4d950d210f",
"value": "guest-stat.com"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672685",
"uuid": "5a38cfed-baac-45bb-81c8-4bd3950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672685",
"to_ids": true,
"type": "filename",
"uuid": "5a38cfed-89f4-45c4-8e01-4198950d210f",
"value": "com.parmrp.rump"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672685",
"to_ids": true,
"type": "md5",
"uuid": "5a38cfed-0a90-4af8-b75f-4abe950d210f",
"value": "f5f8df1f35a942f9092bde9f277b7120"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672685",
"to_ids": false,
"type": "text",
"uuid": "5a38cfed-12d4-488f-aad2-4686950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672705",
"uuid": "5a38d001-0a3c-4a8c-b855-4c46950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672705",
"to_ids": true,
"type": "filename",
"uuid": "5a38d001-3ccc-41cc-a1ed-4323950d210f",
"value": "com.weeclient.clientold"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672705",
"to_ids": true,
"type": "md5",
"uuid": "5a38d001-7e70-41ae-9b98-4065950d210f",
"value": "6b55af8c4fb6968082ca2c88745043a1"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672705",
"to_ids": false,
"type": "text",
"uuid": "5a38d001-5e0c-4e58-820c-480a950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672728",
"uuid": "5a38d018-4444-41b0-b9c1-40ea950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672728",
"to_ids": true,
"type": "filename",
"uuid": "5a38d018-a8bc-4809-911b-4f3d950d210f",
"value": "com.anocat.stelth"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672728",
"to_ids": true,
"type": "md5",
"uuid": "5a38d018-8b8c-47b5-9fd2-4ac3950d210f",
"value": "c70dcf9f0441e3230f2f338467cd9cb7"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672728",
"to_ids": false,
"type": "text",
"uuid": "5a38d018-ff68-47c5-90c0-41fe950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672749",
"uuid": "5a38d02d-f844-4b81-8f7c-41e2950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672749",
"to_ids": true,
"type": "filename",
"uuid": "5a38d02d-9428-4e19-99c7-46bc950d210f",
"value": "com.xclient.old"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672749",
"to_ids": true,
"type": "md5",
"uuid": "5a38d02d-91b4-4c4e-8f6b-432f950d210f",
"value": "6d6b0b97facaa2e6d4e985fa5e3332a1"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672749",
"to_ids": false,
"type": "text",
"uuid": "5a38d02d-ad5c-4af7-89e3-4103950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672787",
"uuid": "5a38d053-0424-4550-b8ed-453c950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672787",
"to_ids": true,
"type": "filename",
"uuid": "5a38d053-0958-4cfb-b5ef-4f68950d210f",
"value": "com.yourmusicoff.yourmusickoff"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672787",
"to_ids": true,
"type": "md5",
"uuid": "5a38d053-8290-47b3-a8a4-4c02950d210f",
"value": "1a623b3784256105333962ddca50785f"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672787",
"to_ids": false,
"type": "text",
"uuid": "5a38d053-ebf4-407e-9956-4f6f950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672809",
"uuid": "5a38d069-6740-4cdf-9c24-4f87950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672809",
"to_ids": true,
"type": "filename",
"uuid": "5a38d069-9b4c-4e4c-b9b2-42f3950d210f",
"value": "com.sharp.playerru"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672809",
"to_ids": true,
"type": "md5",
"uuid": "5a38d069-b7f4-42ab-8cc7-426e950d210f",
"value": "1a7b22616c3b8223116b542d5afd5c05"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672809",
"to_ids": false,
"type": "text",
"uuid": "5a38d069-6d04-4ec7-9a72-4389950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672858",
"uuid": "5a38d09a-ed18-4fac-83d1-46e9950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672858",
"to_ids": true,
"type": "filename",
"uuid": "5a38d09a-6a1c-4abb-857f-41a0950d210f",
"value": "com.musicould.close"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672858",
"to_ids": true,
"type": "md5",
"uuid": "5a38d09a-6c98-41c8-900d-4b00950d210f",
"value": "053e2cf49a5d818663d9010344aa3329"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672858",
"to_ids": false,
"type": "text",
"uuid": "5a38d09a-0e10-419c-8963-438d950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672877",
"uuid": "5a38d0ad-7428-4f3f-ad5b-4c2a950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672878",
"to_ids": true,
"type": "filename",
"uuid": "5a38d0ae-c970-4edc-b8b1-4b20950d210f",
"value": "com.prostie.dvijenija"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672878",
"to_ids": true,
"type": "md5",
"uuid": "5a38d0ae-bdd8-4c71-ab0d-46ce950d210f",
"value": "2b39b22ef2384f0aa529705af68b1192"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672878",
"to_ids": false,
"type": "text",
"uuid": "5a38d0ae-ba60-4f2f-9020-4b9f950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672901",
"uuid": "5a38d0c5-3f94-40e2-b1f6-4349950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672902",
"to_ids": true,
"type": "filename",
"uuid": "5a38d0c6-e674-4aef-8dce-434e950d210f",
"value": "com.appoffline.musicplayer"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672902",
"to_ids": true,
"type": "md5",
"uuid": "5a38d0c6-6008-4d0c-a8e0-4218950d210f",
"value": "6974770565c5f0ffdd52fc74f1bca732"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672902",
"to_ids": false,
"type": "text",
"uuid": "5a38d0c6-1ed4-4d86-9c35-4238950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "8",
"timestamp": "1513672920",
"uuid": "5a38d0d8-5718-4156-bcd7-47d5950d210f",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1513672920",
"to_ids": true,
"type": "filename",
"uuid": "5a38d0d8-da0c-459c-9d2e-459c950d210f",
"value": "com.planeplane.paperplane"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513672920",
"to_ids": true,
"type": "md5",
"uuid": "5a38d0d8-6b20-4119-8517-4ec8950d210f",
"value": "6cbc63cbe753b2e4cb6b9a8505775389"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1513672920",
"to_ids": false,
"type": "text",
"uuid": "5a38d0d8-2110-429e-9377-41da950d210f",
"value": "Malicious"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513676205",
"uuid": "6fe67d92-616f-40d3-9109-b4f83e2a0741",
"ObjectReference": [
{
"comment": "",
"object_uuid": "6fe67d92-616f-40d3-9109-b4f83e2a0741",
"referenced_uuid": "8f183339-e8ab-4853-be97-99f409fc08d2",
"relationship_type": "analysed-with",
"timestamp": "1514467958",
"uuid": "5a38ddab-7430-4cb4-a28f-bfc302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513676202",
"to_ids": true,
"type": "sha1",
"uuid": "5a38ddaa-6d24-493d-9eb3-bfc302de0b81",
"value": "e6a359421d85dbe4a76d6f8ecbabd9342b32c3d7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513676202",
"to_ids": true,
"type": "md5",
"uuid": "5a38ddaa-737c-409f-8605-bfc302de0b81",
"value": "2b39b22ef2384f0aa529705af68b1192"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513676202",
"to_ids": true,
"type": "sha256",
"uuid": "5a38ddaa-19bc-472b-b9f4-bfc302de0b81",
"value": "05d2ac540006db560136980bcf2a2e35e64b96fd5b05667e889d9d1bf9d40f3e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513676202",
"uuid": "8f183339-e8ab-4853-be97-99f409fc08d2",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513676202",
"to_ids": false,
"type": "link",
"uuid": "5a38ddaa-2dd4-473c-8e43-bfc302de0b81",
"value": "https://www.virustotal.com/file/05d2ac540006db560136980bcf2a2e35e64b96fd5b05667e889d9d1bf9d40f3e/analysis/1513412569/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513676202",
"to_ids": false,
"type": "text",
"uuid": "5a38ddaa-3f1c-4be6-90ef-bfc302de0b81",
"value": "17/62"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513676202",
"to_ids": false,
"type": "datetime",
"uuid": "5a38ddaa-d4b4-4fe3-a251-bfc302de0b81",
"value": "2017-12-16T08:22:49"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513676205",
"uuid": "e9e3b8bd-a618-4358-b8d3-1d5ce9c415db",
"ObjectReference": [
{
"comment": "",
"object_uuid": "e9e3b8bd-a618-4358-b8d3-1d5ce9c415db",
"referenced_uuid": "b5aa1a71-dd17-424e-bb32-0826f1ff7358",
"relationship_type": "analysed-with",
"timestamp": "1514467958",
"uuid": "5a38ddab-1a74-4240-a95c-bfc302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha1",
"uuid": "5a38ddab-f658-4271-bc06-bfc302de0b81",
"value": "57e780a86937f4da1f600c4f6aec143a84b15e73"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513676203",
"to_ids": true,
"type": "md5",
"uuid": "5a38ddab-3e10-49ae-aa45-bfc302de0b81",
"value": "f5f8df1f35a942f9092bde9f277b7120"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha256",
"uuid": "5a38ddab-be90-4250-9d2c-bfc302de0b81",
"value": "76fabb56d9d69031b7fefcdd365c4a4d866d3c417976121a63e8336d29b6128d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513676203",
"uuid": "b5aa1a71-dd17-424e-bb32-0826f1ff7358",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513676203",
"to_ids": false,
"type": "link",
"uuid": "5a38ddab-6c08-46ea-b034-bfc302de0b81",
"value": "https://www.virustotal.com/file/76fabb56d9d69031b7fefcdd365c4a4d866d3c417976121a63e8336d29b6128d/analysis/1513234491/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513676203",
"to_ids": false,
"type": "text",
"uuid": "5a38ddab-e6ec-48c8-95da-bfc302de0b81",
"value": "11/63"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513676203",
"to_ids": false,
"type": "datetime",
"uuid": "5a38ddab-8b54-4e39-8197-bfc302de0b81",
"value": "2017-12-14T06:54:51"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513676206",
"uuid": "269f5f40-7ac3-45a1-b4a6-54fc9f1f2e4d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "269f5f40-7ac3-45a1-b4a6-54fc9f1f2e4d",
"referenced_uuid": "da8a4ed3-8361-4adc-8860-8416174b521f",
"relationship_type": "analysed-with",
"timestamp": "1514467958",
"uuid": "5a38ddab-1900-4370-a2bd-bfc302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha1",
"uuid": "5a38ddab-1c50-40c7-b97d-bfc302de0b81",
"value": "9647ded84a636970cdfc5b309f7b1885e7c0f15b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513676203",
"to_ids": true,
"type": "md5",
"uuid": "5a38ddab-d168-43e4-8be5-bfc302de0b81",
"value": "6974770565c5f0ffdd52fc74f1bca732"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha256",
"uuid": "5a38ddab-5414-454a-b91a-bfc302de0b81",
"value": "3834596ab1de92836c539a475b7035df8e038de9eede848bdfc266ebffae9a49"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513676203",
"uuid": "da8a4ed3-8361-4adc-8860-8416174b521f",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513676203",
"to_ids": false,
"type": "link",
"uuid": "5a38ddab-c1a8-4d8b-91c8-bfc302de0b81",
"value": "https://www.virustotal.com/file/3834596ab1de92836c539a475b7035df8e038de9eede848bdfc266ebffae9a49/analysis/1513243224/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513676203",
"to_ids": false,
"type": "text",
"uuid": "5a38ddab-eb20-4c36-bd73-bfc302de0b81",
"value": "12/61"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513676203",
"to_ids": false,
"type": "datetime",
"uuid": "5a38ddab-0fb0-408a-8be7-bfc302de0b81",
"value": "2017-12-14T09:20:24"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513676206",
"uuid": "40d9fe4a-ccfe-41d8-8126-9db4703bb82b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "40d9fe4a-ccfe-41d8-8126-9db4703bb82b",
"referenced_uuid": "0822200d-0114-42d4-b6bf-1830450707cd",
"relationship_type": "analysed-with",
"timestamp": "1514467958",
"uuid": "5a38ddab-4564-4f37-ab69-bfc302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha1",
"uuid": "5a38ddab-074c-4a3c-a0fd-bfc302de0b81",
"value": "107cd146af97cd0659eacaacb10cda054622a572"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513676203",
"to_ids": true,
"type": "md5",
"uuid": "5a38ddab-fa80-48f7-832f-bfc302de0b81",
"value": "6cbc63cbe753b2e4cb6b9a8505775389"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha256",
"uuid": "5a38ddab-fc28-4844-a840-bfc302de0b81",
"value": "e82d7b592bc5b1c8f239dfa1c98af7669e80752f81440d78387ba1feba52cd9f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513676203",
"uuid": "0822200d-0114-42d4-b6bf-1830450707cd",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513676203",
"to_ids": false,
"type": "link",
"uuid": "5a38ddab-7ac0-4228-98ca-bfc302de0b81",
"value": "https://www.virustotal.com/file/e82d7b592bc5b1c8f239dfa1c98af7669e80752f81440d78387ba1feba52cd9f/analysis/1513596988/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513676203",
"to_ids": false,
"type": "text",
"uuid": "5a38ddab-5eb8-42db-9fb2-bfc302de0b81",
"value": "5/62"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513676203",
"to_ids": false,
"type": "datetime",
"uuid": "5a38ddab-245c-44f0-984a-bfc302de0b81",
"value": "2017-12-18T11:36:28"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1513676206",
"uuid": "8a35b400-e6ca-4d87-8a83-af19c77757b4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "8a35b400-e6ca-4d87-8a83-af19c77757b4",
"referenced_uuid": "09d35a23-a69a-48df-b407-be295d123fbf",
"relationship_type": "analysed-with",
"timestamp": "1514467958",
"uuid": "5a38ddab-3644-44af-b6a2-bfc302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha1",
"uuid": "5a38ddab-5024-47e5-92e5-bfc302de0b81",
"value": "0dd50c4c97c3525be94cecb30cf4488760abbb25"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1513676203",
"to_ids": true,
"type": "md5",
"uuid": "5a38ddab-13b0-4879-ab80-bfc302de0b81",
"value": "1a7b22616c3b8223116b542d5afd5c05"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1513676203",
"to_ids": true,
"type": "sha256",
"uuid": "5a38ddab-6e28-4ff9-857c-bfc302de0b81",
"value": "d96840ea4eba1115b545324ac2df85078a9dced6d855fd94341a3aba97822d31"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1513676203",
"uuid": "09d35a23-a69a-48df-b407-be295d123fbf",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1513676203",
"to_ids": false,
"type": "link",
"uuid": "5a38ddab-e384-4904-95dd-bfc302de0b81",
"value": "https://www.virustotal.com/file/d96840ea4eba1115b545324ac2df85078a9dced6d855fd94341a3aba97822d31/analysis/1513240457/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1513676203",
"to_ids": false,
"type": "text",
"uuid": "5a38ddab-0598-45f5-8112-bfc302de0b81",
"value": "3/61"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1513676203",
"to_ids": false,
"type": "datetime",
"uuid": "5a38ddab-5e80-4ab5-9939-bfc302de0b81",
"value": "2017-12-14T08:34:17"
}
]
}
]
}
}
Reference in a new issue View git blame Copy permalink