adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5dc12abf-dbec-4acb-83a5-419d950d210f.json

1236 lines
No EOL
42 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "0",
"date": "2019-11-04",
"extends_uuid": "",
"info": "OSINT - Turla/Venomous Bear Implants",
"publish_timestamp": "1575970098",
"published": true,
"threat_level_id": "3",
"timestamp": "1575969968",
"uuid": "5dc12abf-dbec-4acb-83a5-419d950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
"local": false,
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
"local": false,
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#0087e8",
"local": false,
"name": "osint:certainty=\"50\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": false,
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:malpedia=\"Turla RAT\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Turla\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Turla - G0010\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:mitre-intrusion-set=\"Turla\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": false,
"name": "misp-galaxy:mitre-intrusion-set=\"Turla - G0010\"",
"relationship_type": ""
},
{
"colour": "#12e200",
"local": false,
"name": "misp-galaxy:threat-actor=\"Turla Group\"",
"relationship_type": ""
},
{
"colour": "#065100",
"local": false,
"name": "misp-galaxy:tool=\"Turla\"",
"relationship_type": ""
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Microblog post like a Twitter tweet or a post on a Facebook wall.",
"meta-category": "misc",
"name": "microblog",
"template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60",
"template_version": "8",
"timestamp": "1572940548",
"uuid": "5dc12b04-4520-4f4d-bdc4-43fa950d210f",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "post",
"timestamp": "1572940548",
"to_ids": false,
"type": "text",
"uuid": "5dc12b04-c32c-4304-a463-4b3b950d210f",
"value": "Casey Brooks\r\n@DrunkBinary\r\nTurla/Venomous Bear Implants\r\n687d7ddb080fb769b26a0c054f4cd422\r\n5b3ff56e7fe3e3a71fca4c844d1e02db\r\n535e67930dfbec1a0ae2671b63e2ef8e\r\n2d4578a2bbf5418de1fd4783e555f100\r\n198ee041e8f3eb12a19bc321f86ccb88\r\n1753424464a00c628d7166152cc30d1e\r\n6e4b7f13178ebc04304ee2b5ee646d09"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1572940549",
"to_ids": false,
"type": "link",
"uuid": "5dc12b05-07c4-4553-bf3a-45a1950d210f",
"value": "https://mobile.twitter.com/DrunkBinary/status/1191382141579476998"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1572940549",
"to_ids": false,
"type": "text",
"uuid": "5dc12b05-8388-4289-b089-439e950d210f",
"value": "Twitter"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "username",
"timestamp": "1572940549",
"to_ids": false,
"type": "text",
"uuid": "5dc12b05-603c-418d-8712-477d950d210f",
"value": "DrunkBinary"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1572940549",
"to_ids": false,
"type": "text",
"uuid": "5dc12b05-08ac-4652-9e94-44f0950d210f",
"value": "Informative"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "creation-date",
"timestamp": "1572940549",
"to_ids": false,
"type": "datetime",
"uuid": "5dc12b05-81e8-4306-b82f-4968950d210f",
"value": "2019-11-04T16:50:00"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940720",
"uuid": "c329341a-9840-40f5-a7bc-ed64a2ec7820",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940720",
"to_ids": true,
"type": "md5",
"uuid": "82548c4c-1873-4189-b96c-2a15391e224e",
"value": "687d7ddb080fb769b26a0c054f4cd422"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940720",
"uuid": "ff441ee8-3fda-4c78-800f-fa48072df42b",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940721",
"to_ids": true,
"type": "md5",
"uuid": "9d25d070-9984-4f3f-8d30-265bf28dce1d",
"value": "5b3ff56e7fe3e3a71fca4c844d1e02db"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940721",
"uuid": "896deec8-8e3c-4a6b-926e-de60c02d9c47",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940721",
"to_ids": true,
"type": "md5",
"uuid": "172902c4-e266-48b1-86b8-e39bcb1ecf77",
"value": "535e67930dfbec1a0ae2671b63e2ef8e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940721",
"uuid": "12b2a838-6f7c-4b4a-a1e6-46c033185348",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940722",
"to_ids": true,
"type": "md5",
"uuid": "7b57d9fc-06cd-45cc-bb8d-5156f2575d7b",
"value": "2d4578a2bbf5418de1fd4783e555f100"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940722",
"uuid": "77802fc2-8e23-4b3f-8c0b-e06ea8570015",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940722",
"to_ids": true,
"type": "md5",
"uuid": "c2f5f27e-7b18-40a8-b81b-145e49c55249",
"value": "198ee041e8f3eb12a19bc321f86ccb88"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940723",
"uuid": "ae94dbdf-74c8-4d41-bbe4-f92e921b960a",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940723",
"to_ids": true,
"type": "md5",
"uuid": "753cb7da-6397-4042-8f1a-4dd6f4043bf5",
"value": "1753424464a00c628d7166152cc30d1e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940723",
"uuid": "cf81da33-c913-4f1e-b78f-a8acab71f9cb",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940723",
"to_ids": true,
"type": "md5",
"uuid": "22c9a892-1b8e-4ac8-9cc9-46ccf93d5bf8",
"value": "6e4b7f13178ebc04304ee2b5ee646d09"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "16",
"timestamp": "1572940724",
"uuid": "ced4d2d6-f1fb-4722-b7b5-7791ef662199",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940724",
"to_ids": true,
"type": "md5",
"uuid": "8d6fc163-182b-4228-817d-bd0ada615ff3",
"value": "afcf3936639b706221d5f67afa75d80b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969935",
"uuid": "5942762c-c826-4076-90ff-9e4beb34430e",
"ObjectReference": [
{
"comment": "",
"object_uuid": "5942762c-c826-4076-90ff-9e4beb34430e",
"referenced_uuid": "8beecab4-010e-4450-8dac-a31df82c3279",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-b2f8-4946-961a-4bcb950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940723",
"to_ids": true,
"type": "md5",
"uuid": "170d4586-61fe-4e49-aa4c-d78f253c12ee",
"value": "6e4b7f13178ebc04304ee2b5ee646d09"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940723",
"to_ids": true,
"type": "sha1",
"uuid": "4c3a7a46-4c00-4989-a8ba-0c5fcafc3825",
"value": "663a78cb5e6f3ab54cd0d3f67bd8c9545b341d6f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940723",
"to_ids": true,
"type": "sha256",
"uuid": "076a7665-fc91-4318-b067-e6f24b226a86",
"value": "24fe571f3066045497b1d8316040734c81c71dcb1747f1d7026cda810085fad7"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969940",
"uuid": "8beecab4-010e-4450-8dac-a31df82c3279",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940723",
"to_ids": false,
"type": "datetime",
"uuid": "39464f1b-abd9-4278-8984-ed2605ebc764",
"value": "2019-10-23T13:06:09"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940723",
"to_ids": false,
"type": "link",
"uuid": "009c4163-da4a-425e-baa8-9f39a81f47c2",
"value": "https://www.virustotal.com/file/24fe571f3066045497b1d8316040734c81c71dcb1747f1d7026cda810085fad7/analysis/1571835969/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940723",
"to_ids": false,
"type": "text",
"uuid": "88b75e39-9615-4833-9bfb-912eb249492e",
"value": "43/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969942",
"uuid": "4e097b0f-e05c-400b-98d3-af0ce5432479",
"ObjectReference": [
{
"comment": "",
"object_uuid": "4e097b0f-e05c-400b-98d3-af0ce5432479",
"referenced_uuid": "8940fb6d-41a6-4268-96fa-a9a0c9d36780",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-3ca4-4567-8231-4256950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940722",
"to_ids": true,
"type": "md5",
"uuid": "e0a71561-4b90-43ec-b2dc-3735a05eb460",
"value": "198ee041e8f3eb12a19bc321f86ccb88"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940722",
"to_ids": true,
"type": "sha1",
"uuid": "1671e494-b952-41b1-8fa0-eeb0ea4f055d",
"value": "ee583451c832b07d8f2b4d6b8dd36ccb280ff421"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940722",
"to_ids": true,
"type": "sha256",
"uuid": "22ac5f4b-5a37-4aef-ba97-b0782e3c15f9",
"value": "c63f425d96365d906604b1529611eefe5524432545a7977ebe2ac8c79f90ad7e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969951",
"uuid": "8940fb6d-41a6-4268-96fa-a9a0c9d36780",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940722",
"to_ids": false,
"type": "datetime",
"uuid": "db8e2be8-5902-4322-9da5-536f77a869cc",
"value": "2019-11-12T15:05:11"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940722",
"to_ids": false,
"type": "link",
"uuid": "13f2f09d-83ec-4f87-a0c3-b2b48db6c7bf",
"value": "https://www.virustotal.com/file/c63f425d96365d906604b1529611eefe5524432545a7977ebe2ac8c79f90ad7e/analysis/1573571111/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940722",
"to_ids": false,
"type": "text",
"uuid": "cbe967c3-f348-4174-b1f9-d56f84af11cf",
"value": "47/70"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969962",
"uuid": "ba9b7334-d60e-48dd-a675-8f99e0291e0a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "ba9b7334-d60e-48dd-a675-8f99e0291e0a",
"referenced_uuid": "a82564a5-e84b-4697-83a4-d70c3ff8b320",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-f00c-43f8-a9c7-4c75950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940721",
"to_ids": true,
"type": "md5",
"uuid": "03bd6b47-1f7e-4cd6-8b2b-8d1a741873c0",
"value": "535e67930dfbec1a0ae2671b63e2ef8e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940721",
"to_ids": true,
"type": "sha1",
"uuid": "624b71d1-99f0-48b0-8d5a-c26bd7fcf511",
"value": "3b203f328048b837030b6f0ff595968486cc1b44"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940721",
"to_ids": true,
"type": "sha256",
"uuid": "4f29ad09-4b21-4802-b256-d5628075960c",
"value": "db9902cb42f6dc9f1c02bd3413ab3969d345eb6b0660bd8356a0c328f1ec0c07"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969965",
"uuid": "a82564a5-e84b-4697-83a4-d70c3ff8b320",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940721",
"to_ids": false,
"type": "datetime",
"uuid": "9687daad-0e1b-4197-ac07-af6faedc2130",
"value": "2019-10-23T13:07:53"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940721",
"to_ids": false,
"type": "link",
"uuid": "47135dc2-701d-433d-9930-d692cf6bdb9d",
"value": "https://www.virustotal.com/file/db9902cb42f6dc9f1c02bd3413ab3969d345eb6b0660bd8356a0c328f1ec0c07/analysis/1571836073/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940721",
"to_ids": false,
"type": "text",
"uuid": "5f598518-92a3-4dda-b5fa-852e10d79a01",
"value": "42/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969966",
"uuid": "0755c767-324a-4687-b231-d565cfaf10ec",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0755c767-324a-4687-b231-d565cfaf10ec",
"referenced_uuid": "4ece2478-f095-4408-85c8-23dc011fadcc",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-0710-42e1-98da-406f950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940724",
"to_ids": true,
"type": "md5",
"uuid": "09a3ae11-f2f0-499d-8449-b95add20816d",
"value": "afcf3936639b706221d5f67afa75d80b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940724",
"to_ids": true,
"type": "sha1",
"uuid": "95a7a731-a747-4ab3-bf5a-4afbc577143b",
"value": "d98643af5619781280b4418d224a07c36d462a84"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940724",
"to_ids": true,
"type": "sha256",
"uuid": "b4e9bfc9-96c1-4d88-b6d2-45212b364f73",
"value": "43eb5196379c3394f60014335871457b19a6784dd1de5fd490042a3801a9fa89"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969966",
"uuid": "4ece2478-f095-4408-85c8-23dc011fadcc",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940724",
"to_ids": false,
"type": "datetime",
"uuid": "859a70c4-0b4d-4fa1-86dc-1a23c2409f73",
"value": "2019-10-23T13:05:51"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940724",
"to_ids": false,
"type": "link",
"uuid": "c88401f1-1d62-4b5a-960b-4ba03e10518d",
"value": "https://www.virustotal.com/file/43eb5196379c3394f60014335871457b19a6784dd1de5fd490042a3801a9fa89/analysis/1571835951/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940724",
"to_ids": false,
"type": "text",
"uuid": "e5c2c08c-79ef-47a5-9ee3-55d93a159361",
"value": "46/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969966",
"uuid": "75b7df34-d401-46d9-99f1-e6ef1e4f9cc2",
"ObjectReference": [
{
"comment": "",
"object_uuid": "75b7df34-d401-46d9-99f1-e6ef1e4f9cc2",
"referenced_uuid": "dcf6461e-eabe-4050-b75a-183f1fca9199",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-0388-4ed2-8ce7-43a8950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940723",
"to_ids": true,
"type": "md5",
"uuid": "ef59ad5f-2b10-44ad-9fa6-92f09254d305",
"value": "1753424464a00c628d7166152cc30d1e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940723",
"to_ids": true,
"type": "sha1",
"uuid": "77bafed9-e044-4544-b0f2-91668d660c4d",
"value": "05071cf5da3040d6cbdfd9413a79029e605ac364"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940723",
"to_ids": true,
"type": "sha256",
"uuid": "18acd26b-6034-496f-a19e-2805e10591f6",
"value": "7bd3ff9ba43020688acaa05ce4e0a8f92f53d9d9264053255a5937cbd7a5465e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969966",
"uuid": "dcf6461e-eabe-4050-b75a-183f1fca9199",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940723",
"to_ids": false,
"type": "datetime",
"uuid": "202ca9e6-3d55-4e52-ab2f-5c0164d2d9fa",
"value": "2019-10-23T13:06:27"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940723",
"to_ids": false,
"type": "link",
"uuid": "dff115c3-2d30-4f79-a525-27fbdb3054d1",
"value": "https://www.virustotal.com/file/7bd3ff9ba43020688acaa05ce4e0a8f92f53d9d9264053255a5937cbd7a5465e/analysis/1571835987/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940723",
"to_ids": false,
"type": "text",
"uuid": "f0645ffb-2291-48ef-a6d7-4d0233af89eb",
"value": "45/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969967",
"uuid": "529f959d-3e86-4c0a-8a74-617284841a81",
"ObjectReference": [
{
"comment": "",
"object_uuid": "529f959d-3e86-4c0a-8a74-617284841a81",
"referenced_uuid": "7e6ffeb9-c041-45ab-bd40-12f1827d706a",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-2434-46fd-b7fb-42bd950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940722",
"to_ids": true,
"type": "md5",
"uuid": "1c16736a-63a9-44b1-b569-6cd2ea869d16",
"value": "2d4578a2bbf5418de1fd4783e555f100"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940722",
"to_ids": true,
"type": "sha1",
"uuid": "cdc58544-717a-4086-9979-6b609af45bc1",
"value": "6c24db5a4d30a8287c36d21c16c0d45050a975c4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940722",
"to_ids": true,
"type": "sha256",
"uuid": "7eed7f8d-f844-4954-8ebc-cd79e60ad6b0",
"value": "5f56627cf168fcf5ffc3f5bcb9bf7f968f8428d53d8b2e00c1622c2da67965cf"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969967",
"uuid": "7e6ffeb9-c041-45ab-bd40-12f1827d706a",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940722",
"to_ids": false,
"type": "datetime",
"uuid": "97bbdbe3-56cc-435b-8365-4e34e19147c8",
"value": "2019-10-23T13:07:36"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940722",
"to_ids": false,
"type": "link",
"uuid": "19a18bf2-de93-48e2-a6b9-4333cbeaaef5",
"value": "https://www.virustotal.com/file/5f56627cf168fcf5ffc3f5bcb9bf7f968f8428d53d8b2e00c1622c2da67965cf/analysis/1571836056/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940722",
"to_ids": false,
"type": "text",
"uuid": "f11e5be1-6cfb-4e2a-a983-5e176a12b585",
"value": "44/69"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969967",
"uuid": "21d50aa1-ce06-4e01-b17b-650b0a4259fb",
"ObjectReference": [
{
"comment": "",
"object_uuid": "21d50aa1-ce06-4e01-b17b-650b0a4259fb",
"referenced_uuid": "624f5fe8-f2a2-45e4-bdc6-9f84e0d9ae7b",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-3dd8-4d2b-81c6-45d1950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940721",
"to_ids": true,
"type": "md5",
"uuid": "0b8e187d-b5b0-4cbc-9a87-c10129c9e17d",
"value": "5b3ff56e7fe3e3a71fca4c844d1e02db"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940721",
"to_ids": true,
"type": "sha1",
"uuid": "a9cf95fb-9a9e-4224-a55e-0673e486ed9e",
"value": "1b8e06751ecc87826bd258d5182ab33c1e20c8f7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940721",
"to_ids": true,
"type": "sha256",
"uuid": "fc0439fe-2650-469c-b36a-4905a9c537c5",
"value": "ba9a2b8573282e9f449e53142542acd2e854206b67db12058a4195cfbd692f79"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969967",
"uuid": "624f5fe8-f2a2-45e4-bdc6-9f84e0d9ae7b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940721",
"to_ids": false,
"type": "datetime",
"uuid": "4812d651-6871-44c6-951f-e5d047e26e46",
"value": "2019-10-23T13:41:54"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940721",
"to_ids": false,
"type": "link",
"uuid": "26a72c15-240b-4d2a-ae5a-9dfad7d14c3e",
"value": "https://www.virustotal.com/file/ba9a2b8573282e9f449e53142542acd2e854206b67db12058a4195cfbd692f79/analysis/1571838114/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940721",
"to_ids": false,
"type": "text",
"uuid": "30609a1d-5955-4c9c-a353-6794ebad86b4",
"value": "43/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1575969967",
"uuid": "62c2c068-3e13-4646-a264-2498ecdc21dc",
"ObjectReference": [
{
"comment": "",
"object_uuid": "62c2c068-3e13-4646-a264-2498ecdc21dc",
"referenced_uuid": "00429de3-12c5-4a51-a22a-ebfb1c3cd3eb",
"relationship_type": "analysed-with",
"timestamp": "1575969968",
"uuid": "5def64b0-5738-4160-8084-4331950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1572940720",
"to_ids": true,
"type": "md5",
"uuid": "f4be489c-5bf7-4029-862a-79a4d7625a86",
"value": "687d7ddb080fb769b26a0c054f4cd422"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1572940720",
"to_ids": true,
"type": "sha1",
"uuid": "aeedab12-9d5a-4f42-9c29-33a122f6e053",
"value": "3227e0b8181f05e393be41d633b08da07fadf194"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1572940720",
"to_ids": true,
"type": "sha256",
"uuid": "8dfe3233-8e90-4e56-93f6-7105bcc6a512",
"value": "66893ab83a7d4e298720da28cd2ea4a860371ae938cdd86035ce920b933c9d85"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1575969968",
"uuid": "00429de3-12c5-4a51-a22a-ebfb1c3cd3eb",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1572940720",
"to_ids": false,
"type": "datetime",
"uuid": "93ec40f8-6f63-41ff-a27e-1891c57b456b",
"value": "2019-11-14T08:28:17"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1572940720",
"to_ids": false,
"type": "link",
"uuid": "eda19702-19eb-4e5a-9c8d-31de2e456e05",
"value": "https://www.virustotal.com/file/66893ab83a7d4e298720da28cd2ea4a860371ae938cdd86035ce920b933c9d85/analysis/1573720097/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1572940720",
"to_ids": false,
"type": "text",
"uuid": "6c063632-74a2-4192-8570-2501e90ac8ab",
"value": "47/70"
}
]
}
]
}
}
Reference in a new issue View git blame Copy permalink