adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5b9f39b4-f618-494f-ad3e-030d950d210f.json

865 lines
No EOL
29 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2018-09-17",
"extends_uuid": "",
"info": "OSINT - Dangerous Invoices and Dangerous Infrastructure",
"publish_timestamp": "1537162073",
"published": true,
"threat_level_id": "3",
"timestamp": "1537162058",
"uuid": "5b9f39b4-f618-494f-ad3e-030d950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#00223b",
"local": false,
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
},
{
"colour": "#0026eb",
"local": false,
"name": "estimative-language:confidence-in-analytic-judgment=\"moderate\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161664",
"to_ids": false,
"type": "link",
"uuid": "5b9f39c0-4670-40cd-9d22-030d950d210f",
"value": "https://garwarner.blogspot.com/2018/09/dangerous-invoices-and-dangerous.html"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161690",
"to_ids": false,
"type": "text",
"uuid": "5b9f39da-599c-4f46-aefe-38dd950d210f",
"value": "My friends at Cofense published their finding last week that Microsoft Office macros are still the number one way that malware is being delivered via email, accounting for 45% of all malware delivery mechanisms they have recently studied. Anyone with a spam collection can quickly reach that same conclusion. A couple such campaigns even showed up in my personal email this week."
},
{
"category": "Payload delivery",
"comment": "Invoice.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161782",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3a36-188c-4de2-93a8-38dd950d210f",
"value": "1261b8382cfa2b905f0f52a3aef49ce4"
},
{
"category": "Payload delivery",
"comment": "Invoice.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161783",
"to_ids": true,
"type": "sha1",
"uuid": "5b9f3a37-eea0-4d2c-8bff-38dd950d210f",
"value": "e80c07f700cf817a1eca1f8186f820492f8a2fbc"
},
{
"category": "Payload delivery",
"comment": "Order.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161784",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3a38-2828-40bf-83ee-38dd950d210f",
"value": "57b430ea422d1f33fef19f02fb85c7f0"
},
{
"category": "Payload delivery",
"comment": "Order.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161784",
"to_ids": true,
"type": "sha1",
"uuid": "5b9f3a38-6d14-4c06-89a9-38dd950d210f",
"value": "60a64400207fd9835899189aa0c3cbca027fe8cf"
},
{
"category": "Payload delivery",
"comment": "xox.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161785",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3a39-c504-4bc1-98c4-38dd950d210f",
"value": "0fa8876252c632b64afad8fd7fa6344f"
},
{
"category": "Payload delivery",
"comment": "xox.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161785",
"to_ids": true,
"type": "sha1",
"uuid": "5b9f3a39-644c-487a-b7a8-38dd950d210f",
"value": "ab372d169743758bb81abaa4bc303d5303f6d913"
},
{
"category": "Payload delivery",
"comment": "ogo.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161786",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3a3a-a7f4-4390-9f37-38dd950d210f",
"value": "f321b38b171a3cbc1eff4a41ac5bbe47"
},
{
"category": "Payload delivery",
"comment": "ogo.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161786",
"to_ids": true,
"type": "sha1",
"uuid": "5b9f3a3a-d1bc-47fa-9b90-38dd950d210f",
"value": "da61f88e2e95a23e58d96cf845c523fd10023cb7"
},
{
"category": "Network activity",
"comment": "Payload delivery",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161838",
"to_ids": true,
"type": "domain",
"uuid": "5b9f3a6e-bfec-4d60-861c-4719950d210f",
"value": "rollboat.tk"
},
{
"category": "Network activity",
"comment": "rollboat.tk: Enriched via the dns module",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161858",
"to_ids": false,
"type": "ip-src",
"uuid": "5b9f3a82-435c-4cdd-9fd3-4685950d210f",
"value": "89.40.14.229"
},
{
"category": "Payload delivery",
"comment": "kc.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161894",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3aa6-a274-4e40-b424-030e950d210f",
"value": "02b6f049f4d8246ee982d8c34a160311"
},
{
"category": "Payload delivery",
"comment": "kc.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161923",
"to_ids": true,
"type": "md5",
"uuid": "5b9f3ac3-3b24-4b5d-81d9-389a950d210f",
"value": "736de7cd6a9c76bd7df49e6b3df6000e"
},
{
"category": "Payload delivery",
"comment": "kc.exe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161924",
"to_ids": true,
"type": "sha1",
"uuid": "5b9f3ac4-a598-44eb-a781-389a950d210f",
"value": "1315994222d45410c8508cf614378e35c4f56c94"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1537161952",
"to_ids": true,
"type": "url",
"uuid": "5b9f3ae0-18c8-4bc4-add5-389a950d210f",
"value": "rollboat.tk/new"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161982",
"uuid": "89ea32c5-8ed1-4a5d-b6eb-81b304692175",
"ObjectReference": [
{
"comment": "",
"object_uuid": "89ea32c5-8ed1-4a5d-b6eb-81b304692175",
"referenced_uuid": "d61a6111-686f-48d9-aa71-670e4ad3af92",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-64a4-4df1-a126-4a0502de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161979",
"to_ids": true,
"type": "md5",
"uuid": "b6a3c65d-f4d8-4b7f-a594-734aa3c0c17f",
"value": "0fa8876252c632b64afad8fd7fa6344f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161980",
"to_ids": true,
"type": "sha1",
"uuid": "cfeb7b54-29a3-4853-9f22-cae5bac60f40",
"value": "ab372d169743758bb81abaa4bc303d5303f6d913"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161980",
"to_ids": true,
"type": "sha256",
"uuid": "da75db08-da13-4730-bc9c-54975efd58a8",
"value": "aff30dd46fdbfa278e95e5958d1dd7ff0e525e5e4d3dc2b214a6ed267f27184f"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161980",
"uuid": "d61a6111-686f-48d9-aa71-670e4ad3af92",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161981",
"to_ids": false,
"type": "datetime",
"uuid": "3197363d-d391-4900-bee2-e2878d91c00c",
"value": "2018-09-17T01:18:34"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161981",
"to_ids": false,
"type": "link",
"uuid": "c1c04a0a-af3e-450c-8b7c-400d1dcffd7b",
"value": "https://www.virustotal.com/file/aff30dd46fdbfa278e95e5958d1dd7ff0e525e5e4d3dc2b214a6ed267f27184f/analysis/1537147114/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161981",
"to_ids": false,
"type": "text",
"uuid": "f921dfe5-7e4b-4602-b3b6-360716995d38",
"value": "21/66"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161984",
"uuid": "41249430-fd98-43d4-8b38-f483450a56e4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "41249430-fd98-43d4-8b38-f483450a56e4",
"referenced_uuid": "600366d9-9b77-418e-afcb-d68d3e6c4f5a",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-6e48-4723-8aec-4a8202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161982",
"to_ids": true,
"type": "md5",
"uuid": "ff4e412b-bcb3-432d-91b3-1f555300e868",
"value": "f321b38b171a3cbc1eff4a41ac5bbe47"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161982",
"to_ids": true,
"type": "sha1",
"uuid": "0d823d6b-dced-43a6-8213-070f70b3ac13",
"value": "da61f88e2e95a23e58d96cf845c523fd10023cb7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161982",
"to_ids": true,
"type": "sha256",
"uuid": "e00a6698-815d-46d2-a610-3867944e3880",
"value": "107e57389903e3ea717845570a9e68174cfff86f70ebfa5f0023236eb1fb3d46"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161983",
"uuid": "600366d9-9b77-418e-afcb-d68d3e6c4f5a",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161983",
"to_ids": false,
"type": "datetime",
"uuid": "7c08ff39-894e-4007-925d-6085cfb8d259",
"value": "2018-09-13T00:29:32"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161983",
"to_ids": false,
"type": "link",
"uuid": "0430321e-799d-4c3f-80ba-02bf62f9d100",
"value": "https://www.virustotal.com/file/107e57389903e3ea717845570a9e68174cfff86f70ebfa5f0023236eb1fb3d46/analysis/1536798572/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161984",
"to_ids": false,
"type": "text",
"uuid": "fe44287a-28d0-4274-8318-00baac491602",
"value": "44/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161987",
"uuid": "04e56925-da33-4e08-b9a0-9779b75b573d",
"ObjectReference": [
{
"comment": "",
"object_uuid": "04e56925-da33-4e08-b9a0-9779b75b573d",
"referenced_uuid": "4d83c4be-5177-4d47-93b9-b31795bbe3af",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-e5ec-4d03-b853-458202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161984",
"to_ids": true,
"type": "md5",
"uuid": "af8cf634-a911-4bb9-8497-b5c3721d561b",
"value": "736de7cd6a9c76bd7df49e6b3df6000e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161984",
"to_ids": true,
"type": "sha1",
"uuid": "b63da49a-fc60-4970-b049-eace4cf6bb25",
"value": "1315994222d45410c8508cf614378e35c4f56c94"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161985",
"to_ids": true,
"type": "sha256",
"uuid": "831dfe37-8602-4c89-873b-7e387b220482",
"value": "4a274d49ff47697d3098cf73a05e3c7ccb323f2a57b5865fa2f924a22f13f9d0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161985",
"uuid": "4d83c4be-5177-4d47-93b9-b31795bbe3af",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161985",
"to_ids": false,
"type": "datetime",
"uuid": "85d9ef1c-07e5-47f1-8792-3717ef47f092",
"value": "2018-09-13T12:10:02"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161986",
"to_ids": false,
"type": "link",
"uuid": "48a52550-d950-4b6e-b2db-cadf09a55bf9",
"value": "https://www.virustotal.com/file/4a274d49ff47697d3098cf73a05e3c7ccb323f2a57b5865fa2f924a22f13f9d0/analysis/1536840602/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161986",
"to_ids": false,
"type": "text",
"uuid": "bef3c88a-01eb-43d2-b1e8-1531de455a0b",
"value": "29/59"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161989",
"uuid": "b74ed736-91e3-4f21-a403-56d5e9b898e6",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b74ed736-91e3-4f21-a403-56d5e9b898e6",
"referenced_uuid": "5b126f66-2005-4273-b502-1ece9c0c273e",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-884c-4316-a0c2-4cbe02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161986",
"to_ids": true,
"type": "md5",
"uuid": "d6f540e7-d2ec-4ee0-9182-158c9a0a26ae",
"value": "57b430ea422d1f33fef19f02fb85c7f0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161987",
"to_ids": true,
"type": "sha1",
"uuid": "f3aa03ed-8adf-4e16-9bc4-56d1d098ca22",
"value": "60a64400207fd9835899189aa0c3cbca027fe8cf"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161987",
"to_ids": true,
"type": "sha256",
"uuid": "0c5940e2-7ce9-4007-b2cf-8051bda70307",
"value": "1c1e473d385b1c258f15d344ac5856fe88df88b1c477d9d8300e2981bb762525"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161988",
"uuid": "5b126f66-2005-4273-b502-1ece9c0c273e",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161988",
"to_ids": false,
"type": "datetime",
"uuid": "1558c0de-5432-4951-85c8-e1c34c691cf0",
"value": "2018-09-13T06:39:02"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161988",
"to_ids": false,
"type": "link",
"uuid": "1dfde30c-fe74-49b7-b8aa-86d6aba5b50b",
"value": "https://www.virustotal.com/file/1c1e473d385b1c258f15d344ac5856fe88df88b1c477d9d8300e2981bb762525/analysis/1536820742/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161988",
"to_ids": false,
"type": "text",
"uuid": "109de2e8-534c-41f5-8d3c-c6d86203b18b",
"value": "34/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161991",
"uuid": "e377a0f7-f82e-4ee3-90d0-8404af82b73a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "e377a0f7-f82e-4ee3-90d0-8404af82b73a",
"referenced_uuid": "2301b7c2-06a6-4778-a34f-919a1896a278",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-d008-44e3-8e28-4fb002de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161989",
"to_ids": true,
"type": "md5",
"uuid": "5bafad05-7021-4db6-b2c9-02252b9b340d",
"value": "02b6f049f4d8246ee982d8c34a160311"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161989",
"to_ids": true,
"type": "sha1",
"uuid": "f6d6f2c0-5fb3-4c81-a9ad-8cb4c8d67710",
"value": "088ed5abd0edda72a846ddcec24fceeafe394188"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161989",
"to_ids": true,
"type": "sha256",
"uuid": "9dfbe219-3507-45f2-8b1d-7718aaaf9062",
"value": "a7aae83573aa9a682ce9733468882e841564f41ec4aa004cb795b98fd4834d15"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161990",
"uuid": "2301b7c2-06a6-4778-a34f-919a1896a278",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161990",
"to_ids": false,
"type": "datetime",
"uuid": "b9f4be59-77d6-4f98-beb7-396b3e59bc3a",
"value": "2018-09-16T00:10:47"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161990",
"to_ids": false,
"type": "link",
"uuid": "830a2370-da92-408f-822b-5654b57782e4",
"value": "https://www.virustotal.com/file/a7aae83573aa9a682ce9733468882e841564f41ec4aa004cb795b98fd4834d15/analysis/1537056647/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161991",
"to_ids": false,
"type": "text",
"uuid": "a37788dd-7086-4358-8478-e216fc028a08",
"value": "33/59"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "11",
"timestamp": "1537161994",
"uuid": "d32dd9f0-12c0-44c0-8e3e-4cf0bc236a2c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "d32dd9f0-12c0-44c0-8e3e-4cf0bc236a2c",
"referenced_uuid": "260c7a64-d633-49a2-84de-1dcdabaf419c",
"relationship_type": "analysed-with",
"timestamp": "1537161993",
"uuid": "5b9f3b09-7df8-454d-ba87-4b0d02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1537161991",
"to_ids": true,
"type": "md5",
"uuid": "6ceb6cb6-b818-4dc1-9973-0e5e73793ba5",
"value": "1261b8382cfa2b905f0f52a3aef49ce4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1537161991",
"to_ids": true,
"type": "sha1",
"uuid": "20c18d85-a690-4b0e-81f0-a748e3f7202a",
"value": "e80c07f700cf817a1eca1f8186f820492f8a2fbc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1537161992",
"to_ids": true,
"type": "sha256",
"uuid": "380141dd-e58c-49fb-a06d-41c46f88f323",
"value": "7b75837021f0271da96082239bd1ab650a5391919da7decc93ca03a7ae51899d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1537161992",
"uuid": "260c7a64-d633-49a2-84de-1dcdabaf419c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1537161992",
"to_ids": false,
"type": "datetime",
"uuid": "279db2a1-f030-41a7-90a5-815bc730f887",
"value": "2018-09-17T01:11:37"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1537161993",
"to_ids": false,
"type": "link",
"uuid": "365e4a3a-871b-48df-8f58-501ce05f45cb",
"value": "https://www.virustotal.com/file/7b75837021f0271da96082239bd1ab650a5391919da7decc93ca03a7ae51899d/analysis/1537146697/"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1537161993",
"to_ids": false,
"type": "text",
"uuid": "1231e817-ea81-4f5f-b239-bc07aec47332",
"value": "14/67"
}
]
}
]
}
}
Reference in a new issue View git blame Copy permalink