misp-circl-feed/feeds/circl/misp/5ad8687b-0e10-4a8b-a157-46a5950d210f.json

2219 lines
No EOL
81 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2018-04-18",
"extends_uuid": "",
"info": "OSINT - Minecraft & CS:GO Ransomware Strive For Media Attention",
"publish_timestamp": "1524216297",
"published": true,
"threat_level_id": "3",
"timestamp": "1524216268",
"uuid": "5ad8687b-0e10-4a8b-a157-46a5950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#2c4f00",
"name": "malware_classification:malware-category=\"Ransomware\""
},
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:ransomware=\"CSGO Ransomware\""
},
{
"colour": "#0088cc",
"name": "misp-galaxy:ransomware=\"MC Ransomware\""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524213986",
"to_ids": false,
"type": "comment",
"uuid": "5ad868b9-05a0-409f-aaf2-4110950d210f",
"value": "When ransomware developers achieve huge media buzz like we saw with the PUBG Ransomware, it is not surprising to see other developers creating copycats. This is the case with two new in-development ransomware programs, if we can even call them that, for both Minecraft and Counter-Strike: Global Offensive (CS: GO).",
"Tag": [
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524213986",
"to_ids": false,
"type": "link",
"uuid": "5ad868ce-8c0c-4b3d-916f-4b3a950d210f",
"value": "https://www.bleepingcomputer.com/news/security/minecraft-and-cs-go-ransomware-strive-for-media-attention/",
"Tag": [
{
"colour": "#00223b",
"name": "osint:source-type=\"blog-post\""
}
]
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133731",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f63-f1fc-4a32-83a0-4dca950d210f",
"value": "2d1eb5797b8fbcbea8462b470da343ba95d545808d83f71b8763e1daf7648b14"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133731",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f63-2108-48fe-b9e7-43f9950d210f",
"value": "92311f839fbc21568323a3ec53c9c16d6febcf593c301c3263e453c62c1a4913"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133732",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f64-b564-4c00-85cc-4dfd950d210f",
"value": "6cdacbc0c3a6c2aca98210bd16b76d2bf2740c8c67606f62203592f290fac76e"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133732",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f64-fc44-4b3b-a336-4cbe950d210f",
"value": "1c565d978f3fe2b259af7d06cdb3651afee200a580a04b2b6fb856a4d986306b"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133732",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f64-23f0-4c89-968d-4a5d950d210f",
"value": "2b9a684946c626f525f96b45c00514d6523821fa5031fc2042ef21d0069ebdbb"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133733",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f65-6368-4e41-b1fc-48fe950d210f",
"value": "066231686b4634081736ef2f51e83cc69cc01db203967a88f7ff7d9fa84984f8"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133733",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f65-1b08-43a9-9ca7-4f38950d210f",
"value": "68eadde62a0c5baa44484194f62fc80ec5e27b8581f3219fecc0ccb92c4c4d75"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133734",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f66-3284-4cc5-80b6-4439950d210f",
"value": "3b02d16e71307f5b80d45ba04610be6c12e7a523ccb704f8a2478a213a15e86b"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133734",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f66-91dc-4309-9120-4b38950d210f",
"value": "e5d8e5e967ca27c012e15f8a675feddeaa189176cb0e237f99fdbbb9a4bad6c3"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133734",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f66-3e08-4f0f-936e-4a5a950d210f",
"value": "72d103eb07d8d8b9fb4a1cbb12b20716936b97574d688631956dc7becabbd784"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524133735",
"to_ids": true,
"type": "sha256",
"uuid": "5ad86f67-396c-4119-bcb2-410e950d210f",
"value": "1ec96281a57a01a6415662f44a9b96a2f00488beae12c5c730cfa96b63abd42c"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141727",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88e9f-33b0-4b74-aac2-43f5950d210f",
"value": "8bc877003404b1bd51bc1d614c5c3f27151633b06c43c5fba73f61ef7fc88dfa"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141728",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea0-3314-4010-9ec5-4d11950d210f",
"value": "8522f0a546fe566529f48b67c8d92d5cab82fe67471249097b3b0b095fe1a154"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141728",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea0-9b64-4f3e-a6fa-45f1950d210f",
"value": "7d8929ef41ecfa871779c8a41028d3339023472b6845263d1324703551675668"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141729",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea1-54b4-4f10-b8d6-40ff950d210f",
"value": "e8b3dc551d14fc9ed2da1405b34cec5ba17abf7b1bd60266501cd6c903163050"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141729",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea1-eabc-4645-b601-4004950d210f",
"value": "40b851137f18e50c182c3a303ac97005a75edc6e470434e14535255c7a34aec6"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141729",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea1-e2e0-469f-97c0-459c950d210f",
"value": "658708957da960774321d1272443f78992de56ce66a739a990944267200465e9"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"timestamp": "1524141730",
"to_ids": true,
"type": "sha256",
"uuid": "5ad88ea2-ccf4-408d-9165-4764950d210f",
"value": "7119237f48aadb9a87389b2252fbd28fa69384a91a49c8d14f3900311ce84d1b"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524213990",
"uuid": "5c068f51-98b0-41b5-9283-405ee2b3b925",
"ObjectReference": [
{
"comment": "",
"object_uuid": "5c068f51-98b0-41b5-9283-405ee2b3b925",
"referenced_uuid": "c6a6aeb5-b99d-45f8-8fb0-d976fbb1f042",
"relationship_type": "analysed-with",
"timestamp": "1524214029",
"uuid": "5ad9a90d-b2c0-4c0a-b1e6-433202de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213987",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8e3-0b80-4190-be3d-469c02de0b81",
"value": "8c8f54175f37f008d0aa8e7a8b8003b4"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524213987",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8e3-bb20-4a4c-b5f0-4f3f02de0b81",
"value": "6bde9f61d89a15336d26adb29208ba3b550c7377"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524213988",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8e4-f4bc-47e7-a2fc-410602de0b81",
"value": "3b02d16e71307f5b80d45ba04610be6c12e7a523ccb704f8a2478a213a15e86b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524213988",
"uuid": "c6a6aeb5-b99d-45f8-8fb0-d976fbb1f042",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524213988",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8e4-bcd0-4509-9bd1-4fe402de0b81",
"value": "2018-04-20T04:18:27"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524213989",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8e5-3eb8-4899-a7fb-4da302de0b81",
"value": "https://www.virustotal.com/file/3b02d16e71307f5b80d45ba04610be6c12e7a523ccb704f8a2478a213a15e86b/analysis/1524197907/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:45:41 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524213989",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8e5-2164-418c-8f7b-481e02de0b81",
"value": "23/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524213992",
"uuid": "10c705b3-d4f3-452c-93dc-5bc59442a998",
"ObjectReference": [
{
"comment": "",
"object_uuid": "10c705b3-d4f3-452c-93dc-5bc59442a998",
"referenced_uuid": "aac961aa-0223-4b62-b4c8-73897daae8ca",
"relationship_type": "analysed-with",
"timestamp": "1524214029",
"uuid": "5ad9a90d-696c-4462-ba98-41ad02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213989",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8e5-72a4-4db5-8378-41fe02de0b81",
"value": "9689a763ceee30174d657a51584c469f"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524213990",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8e6-ad1c-4e70-89eb-470102de0b81",
"value": "f127f9a99015bec0a369f31fe18e7e1f0d17c18d"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524213990",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8e6-0a48-4074-89b4-412002de0b81",
"value": "92311f839fbc21568323a3ec53c9c16d6febcf593c301c3263e453c62c1a4913"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524213990",
"uuid": "aac961aa-0223-4b62-b4c8-73897daae8ca",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524213991",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8e7-6678-459a-8c91-4a1602de0b81",
"value": "2018-04-20T04:11:30"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524213991",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8e7-53e4-40d6-a90e-4bd702de0b81",
"value": "https://www.virustotal.com/file/92311f839fbc21568323a3ec53c9c16d6febcf593c301c3263e453c62c1a4913/analysis/1524197490/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524213992",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8e8-24e4-45b6-adaf-4bec02de0b81",
"value": "25/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524213995",
"uuid": "60f76829-9936-4142-a59e-7b34e7a9b589",
"ObjectReference": [
{
"comment": "",
"object_uuid": "60f76829-9936-4142-a59e-7b34e7a9b589",
"referenced_uuid": "3bcf1646-118a-4a10-887e-8f67b74b13a9",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-e7ac-4f12-a678-44d602de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213992",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8e8-4244-4210-8c4f-422202de0b81",
"value": "66abec932921f330810c38a5e4cf744d"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524213992",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8e8-8440-412c-a4a0-452c02de0b81",
"value": "d5a8eee6e7cac0ba883bbd0bccb2addc7c3a74dc"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524213993",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8e9-7508-4f8e-b8f7-43af02de0b81",
"value": "8bc877003404b1bd51bc1d614c5c3f27151633b06c43c5fba73f61ef7fc88dfa"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524213993",
"uuid": "3bcf1646-118a-4a10-887e-8f67b74b13a9",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524213993",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8e9-3b48-416b-8d62-409002de0b81",
"value": "2018-04-19T14:56:36"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524213994",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8ea-8ac8-4499-be0a-45dc02de0b81",
"value": "https://www.virustotal.com/file/8bc877003404b1bd51bc1d614c5c3f27151633b06c43c5fba73f61ef7fc88dfa/analysis/1524149796/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:33 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524213994",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8ea-b7c0-404e-ac05-42e502de0b81",
"value": "20/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524213997",
"uuid": "d8193b44-4c37-42dc-a781-38911be1f9b4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "d8193b44-4c37-42dc-a781-38911be1f9b4",
"referenced_uuid": "eae89772-f98c-4e8e-9553-2810722a1a8a",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-5658-4672-b514-418802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213995",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8eb-cd1c-4c3e-82b3-414c02de0b81",
"value": "d7d4f252aee7133627a5520371eaf24f"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524213995",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8eb-a178-45e8-81ac-4c0502de0b81",
"value": "a87a6abef722681462a583b80a9d623720ed1ede"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524213995",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8eb-61e4-4ce2-b6c8-4efa02de0b81",
"value": "066231686b4634081736ef2f51e83cc69cc01db203967a88f7ff7d9fa84984f8"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524213996",
"uuid": "eae89772-f98c-4e8e-9553-2810722a1a8a",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524213996",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8ec-7d58-4ae4-8164-4ac702de0b81",
"value": "2018-04-20T04:15:33"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524213996",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8ec-f830-498b-81b7-47cb02de0b81",
"value": "https://www.virustotal.com/file/066231686b4634081736ef2f51e83cc69cc01db203967a88f7ff7d9fa84984f8/analysis/1524197733/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:44:49 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524213997",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8ed-63ec-4ae5-affc-4c1d02de0b81",
"value": "29/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214000",
"uuid": "b3620101-dede-4da2-b764-631cba764181",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b3620101-dede-4da2-b764-631cba764181",
"referenced_uuid": "4d6c4637-3d9c-405b-beb1-224b76f66a2b",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-1434-4dde-873d-4bcc02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213997",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8ed-4098-40e4-ae70-475102de0b81",
"value": "31bc3110a85a06cd3ec5cc752a3226d8"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524213997",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8ed-2a00-4cb8-821b-41a002de0b81",
"value": "0bbd726919081b5ba30e64735545148c4f07244c"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524213998",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8ee-3774-42fb-b607-446502de0b81",
"value": "e8b3dc551d14fc9ed2da1405b34cec5ba17abf7b1bd60266501cd6c903163050"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524213998",
"uuid": "4d6c4637-3d9c-405b-beb1-224b76f66a2b",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524213998",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8ee-daec-4190-9c10-43f202de0b81",
"value": "2018-04-19T14:43:52"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524213999",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8ef-f724-4707-af84-482102de0b81",
"value": "https://www.virustotal.com/file/e8b3dc551d14fc9ed2da1405b34cec5ba17abf7b1bd60266501cd6c903163050/analysis/1524149032/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:00 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524213999",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8ef-e044-4363-acf4-4b2d02de0b81",
"value": "17/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214002",
"uuid": "dfffc826-de9b-49f9-9226-6713fc609e9c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "dfffc826-de9b-49f9-9226-6713fc609e9c",
"referenced_uuid": "1c78eb45-dc62-4133-b6f6-48ce4d413310",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-455c-438a-b672-499302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524213999",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8ef-f7ec-4bbb-af29-403e02de0b81",
"value": "7e40e941425e40ae464d6b7cc7f0d88b"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214000",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8f0-c248-4582-b189-4c5402de0b81",
"value": "0f6ed7985d84f0dd7f1b1ed911a52e9867544394"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214000",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8f0-69e4-4b36-bd80-4c0502de0b81",
"value": "7d8929ef41ecfa871779c8a41028d3339023472b6845263d1324703551675668"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214000",
"uuid": "1c78eb45-dc62-4133-b6f6-48ce4d413310",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214000",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8f0-998c-49cb-ac8d-41ed02de0b81",
"value": "2018-04-19T14:37:29"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214001",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8f1-67a0-42b2-a814-4dc402de0b81",
"value": "https://www.virustotal.com/file/7d8929ef41ecfa871779c8a41028d3339023472b6845263d1324703551675668/analysis/1524148649/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:35:01 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214001",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8f1-8b74-4cca-9a34-48d702de0b81",
"value": "19/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214004",
"uuid": "a1304fbf-effe-4dba-8079-d36e83309bbe",
"ObjectReference": [
{
"comment": "",
"object_uuid": "a1304fbf-effe-4dba-8079-d36e83309bbe",
"referenced_uuid": "2282c2a4-c392-4bb5-812b-37f190a31d74",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-3c5c-465a-a1d3-4cc502de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214001",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8f1-9c84-4fcd-9163-4df002de0b81",
"value": "19504eb1c5d21d896d7e217f66031b7b"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214002",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8f2-3378-4256-add5-4eaf02de0b81",
"value": "90cb4ef44cfd9b381e4260724d8ec5129ea5d603"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214002",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8f2-a8d4-4aff-871f-4eca02de0b81",
"value": "8522f0a546fe566529f48b67c8d92d5cab82fe67471249097b3b0b095fe1a154"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214003",
"uuid": "2282c2a4-c392-4bb5-812b-37f190a31d74",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214003",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8f3-1f68-4b59-bf46-499c02de0b81",
"value": "2018-04-19T15:37:10"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214003",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8f3-700c-4cf0-b692-497302de0b81",
"value": "https://www.virustotal.com/file/8522f0a546fe566529f48b67c8d92d5cab82fe67471249097b3b0b095fe1a154/analysis/1524152230/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:45:23 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214004",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8f4-6a88-4db2-899c-4beb02de0b81",
"value": "21/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214007",
"uuid": "567b469c-842b-40fb-920c-7b00907d152c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "567b469c-842b-40fb-920c-7b00907d152c",
"referenced_uuid": "d2f06703-93c5-403b-9ed3-343697e0afce",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-0540-452a-b991-4b8302de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214004",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8f4-72a0-4d62-89a3-45d702de0b81",
"value": "c6450b034f94c70126bf5d135133234f"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214004",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8f4-208c-4f58-823c-417402de0b81",
"value": "a82f870563600f1e62cb793a9189318d5edd6c15"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214004",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8f4-7708-4c4d-90c5-4e7102de0b81",
"value": "7119237f48aadb9a87389b2252fbd28fa69384a91a49c8d14f3900311ce84d1b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214005",
"uuid": "d2f06703-93c5-403b-9ed3-343697e0afce",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214005",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8f5-25c0-45b4-aa44-455702de0b81",
"value": "2018-04-20T06:01:59"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214005",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8f5-c280-4878-8ea4-4afe02de0b81",
"value": "https://www.virustotal.com/file/7119237f48aadb9a87389b2252fbd28fa69384a91a49c8d14f3900311ce84d1b/analysis/1524204119/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:23:28 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214006",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8f6-5c8c-4c49-8fa3-4da502de0b81",
"value": "26/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214009",
"uuid": "621aa925-21c5-4af2-9662-34e39af166e1",
"ObjectReference": [
{
"comment": "",
"object_uuid": "621aa925-21c5-4af2-9662-34e39af166e1",
"referenced_uuid": "d2dd4055-f2d0-41d0-8fc2-5908a2c57440",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-ccfc-4c2e-ac73-477002de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214006",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8f6-bfe0-49b3-a53b-4f4702de0b81",
"value": "f72d5d5106d60376963dc7fcbb29e1e8"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214006",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8f6-deb8-47f4-8a37-419802de0b81",
"value": "8adb72ed65ffdb6994a08d52802be84e8362aa6a"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214007",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8f7-9b8c-48e6-ab91-4e9b02de0b81",
"value": "68eadde62a0c5baa44484194f62fc80ec5e27b8581f3219fecc0ccb92c4c4d75"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214008",
"uuid": "d2dd4055-f2d0-41d0-8fc2-5908a2c57440",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214008",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8f8-3ee8-4450-9e33-4a8502de0b81",
"value": "2018-04-20T04:18:15"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214008",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8f8-0644-49f0-bf1c-425f02de0b81",
"value": "https://www.virustotal.com/file/68eadde62a0c5baa44484194f62fc80ec5e27b8581f3219fecc0ccb92c4c4d75/analysis/1524197895/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:46:00 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214008",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8f8-354c-4681-8fd8-4fea02de0b81",
"value": "25/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214011",
"uuid": "ab8e7b4d-6a43-4541-9137-1047487442c4",
"ObjectReference": [
{
"comment": "",
"object_uuid": "ab8e7b4d-6a43-4541-9137-1047487442c4",
"referenced_uuid": "eddeea42-18be-42e6-af0c-56e837e340d6",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-c29c-40ce-a38c-4f8102de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214009",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8f9-0768-45bc-838e-4a9802de0b81",
"value": "36a341d6a7b9be36066762f3532df573"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214009",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8f9-670c-4b35-b7d0-474002de0b81",
"value": "88e266b976c0212dae3c2c577f14df1b883f53c4"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214009",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8f9-fe38-4aa4-8cb8-4e5202de0b81",
"value": "6cdacbc0c3a6c2aca98210bd16b76d2bf2740c8c67606f62203592f290fac76e"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214010",
"uuid": "eddeea42-18be-42e6-af0c-56e837e340d6",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214010",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8fa-7b14-48c6-acdd-4bb502de0b81",
"value": "2018-04-20T04:12:50"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214010",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8fa-de50-4181-8f24-425c02de0b81",
"value": "https://www.virustotal.com/file/6cdacbc0c3a6c2aca98210bd16b76d2bf2740c8c67606f62203592f290fac76e/analysis/1524197570/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:09 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214011",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8fb-2254-4291-9e9e-442b02de0b81",
"value": "23/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214014",
"uuid": "d0f56c1f-46a2-4785-a6b9-036af2137965",
"ObjectReference": [
{
"comment": "",
"object_uuid": "d0f56c1f-46a2-4785-a6b9-036af2137965",
"referenced_uuid": "65dfb489-e7b8-46ec-bdfc-bc81ae647ecf",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-f1c0-4404-86de-467002de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214011",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8fb-bbb0-4efb-adf2-4d2302de0b81",
"value": "79a4eb4f496a236aae76d711b73ab2d8"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214011",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8fb-aeec-4f56-b8ba-442f02de0b81",
"value": "6afbe3826c9721a4a352cfd980d2942731d41787"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214012",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8fc-f08c-4cf3-9313-4bac02de0b81",
"value": "1ec96281a57a01a6415662f44a9b96a2f00488beae12c5c730cfa96b63abd42c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214012",
"uuid": "65dfb489-e7b8-46ec-bdfc-bc81ae647ecf",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214012",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8fc-c7d4-4430-94c8-4b4202de0b81",
"value": "2018-04-20T06:01:55"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214012",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8fc-1074-4724-a060-422602de0b81",
"value": "https://www.virustotal.com/file/1ec96281a57a01a6415662f44a9b96a2f00488beae12c5c730cfa96b63abd42c/analysis/1524204115/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:18 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214013",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8fd-17a0-4e66-bc2f-4f5302de0b81",
"value": "27/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214016",
"uuid": "125e1526-6c4a-4132-89fc-43f804dc2b3c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "125e1526-6c4a-4132-89fc-43f804dc2b3c",
"referenced_uuid": "92328dc6-bc9c-448d-9e18-360245039d36",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-59c4-480a-ad02-4a3b02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214013",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8fd-7be8-4d15-86a1-49e102de0b81",
"value": "c83bebaf7f005a84a05d4a9be7baecf9"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214013",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a8fd-d8c8-4ddb-9a72-47e102de0b81",
"value": "170197b724a867f51ad9138cdbfea9728e916d7d"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214014",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a8fe-b4b4-4892-9783-4c0102de0b81",
"value": "658708957da960774321d1272443f78992de56ce66a739a990944267200465e9"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214014",
"uuid": "92328dc6-bc9c-448d-9e18-360245039d36",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214014",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a8fe-21a4-4412-9c69-44f202de0b81",
"value": "2018-04-19T14:32:16"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214015",
"to_ids": false,
"type": "link",
"uuid": "5ad9a8ff-c534-4cba-961f-4db502de0b81",
"value": "https://www.virustotal.com/file/658708957da960774321d1272443f78992de56ce66a739a990944267200465e9/analysis/1524148336/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:29:15 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214015",
"to_ids": false,
"type": "text",
"uuid": "5ad9a8ff-ad30-448f-a04c-4f7702de0b81",
"value": "18/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214018",
"uuid": "f06d18a5-283a-4569-b155-745555ccf928",
"ObjectReference": [
{
"comment": "",
"object_uuid": "f06d18a5-283a-4569-b155-745555ccf928",
"referenced_uuid": "c97f4a7d-0f77-4bea-b158-7c109a9393e2",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-6eb0-4a4c-aa09-492802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214015",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a8ff-03b0-43bc-809a-488f02de0b81",
"value": "4753075e5c1f696327c9bc357827613f"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214016",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a900-960c-4e01-8b50-4e9102de0b81",
"value": "db9984145d65cf30cd105897bced5e444995da7d"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214016",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a900-d3e0-4c03-8441-49a402de0b81",
"value": "2b9a684946c626f525f96b45c00514d6523821fa5031fc2042ef21d0069ebdbb"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214016",
"uuid": "c97f4a7d-0f77-4bea-b158-7c109a9393e2",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214017",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a901-afc4-4461-8c60-47f302de0b81",
"value": "2018-04-20T04:14:41"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214017",
"to_ids": false,
"type": "link",
"uuid": "5ad9a901-fcac-48af-9490-452902de0b81",
"value": "https://www.virustotal.com/file/2b9a684946c626f525f96b45c00514d6523821fa5031fc2042ef21d0069ebdbb/analysis/1524197681/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:49:44 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214018",
"to_ids": false,
"type": "text",
"uuid": "5ad9a902-2e68-4253-8229-475e02de0b81",
"value": "26/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214021",
"uuid": "1a00f5cc-f1a5-454c-8516-a3766b937b2b",
"ObjectReference": [
{
"comment": "",
"object_uuid": "1a00f5cc-f1a5-454c-8516-a3766b937b2b",
"referenced_uuid": "da95275d-d7d1-462d-8980-33f697b19bbe",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-1664-4409-ad19-48e102de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214018",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a902-1814-4d40-89f1-469602de0b81",
"value": "11ad8a33f89c0f6488a26ae8f01a31d7"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214018",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a902-39d4-4672-babf-4ce402de0b81",
"value": "b931e3a4f21d8d96fba1e73fa148f062457e30c7"
},
{
"category": "Payload delivery",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214018",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a902-e27c-4fe7-bf2e-484b02de0b81",
"value": "40b851137f18e50c182c3a303ac97005a75edc6e470434e14535255c7a34aec6"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214019",
"uuid": "da95275d-d7d1-462d-8980-33f697b19bbe",
"Attribute": [
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214019",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a903-e380-413a-8969-4d9702de0b81",
"value": "2018-04-19T15:38:40"
},
{
"category": "External analysis",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214019",
"to_ids": false,
"type": "link",
"uuid": "5ad9a903-c12c-4e9b-8def-4f1e02de0b81",
"value": "https://www.virustotal.com/file/40b851137f18e50c182c3a303ac97005a75edc6e470434e14535255c7a34aec6/analysis/1524152320/"
},
{
"category": "Other",
"comment": "CSGO Ransomware Hashes - 2018-04-17 08:34:55 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214020",
"to_ids": false,
"type": "text",
"uuid": "5ad9a904-c0ec-4303-8d68-4f9a02de0b81",
"value": "19/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214023",
"uuid": "0aface86-1943-4c64-a734-a952a0d6036c",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0aface86-1943-4c64-a734-a952a0d6036c",
"referenced_uuid": "104199ea-ec1a-4326-b864-aff6b87aa26e",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-bb18-4ad6-ab99-47a902de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214020",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a904-0f58-462a-8ef5-45d302de0b81",
"value": "4297dec3ddaa8fdbf0f2351bc8b445bd"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214020",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a904-f160-4760-bc77-451202de0b81",
"value": "ec48566ffe54edda57ca7b32a065855bc2f87471"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214021",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a905-e028-4447-a922-4e0c02de0b81",
"value": "e5d8e5e967ca27c012e15f8a675feddeaa189176cb0e237f99fdbbb9a4bad6c3"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214021",
"uuid": "104199ea-ec1a-4326-b864-aff6b87aa26e",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214021",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a905-8ef0-4da6-a289-4ce802de0b81",
"value": "2018-04-20T04:21:02"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214022",
"to_ids": false,
"type": "link",
"uuid": "5ad9a906-6a70-4c58-9fee-4f8e02de0b81",
"value": "https://www.virustotal.com/file/e5d8e5e967ca27c012e15f8a675feddeaa189176cb0e237f99fdbbb9a4bad6c3/analysis/1524198062/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:23 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214022",
"to_ids": false,
"type": "text",
"uuid": "5ad9a906-fb84-4cc8-a79e-446202de0b81",
"value": "22/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214025",
"uuid": "a6cd51d1-09ed-4782-b4db-45f24256138e",
"ObjectReference": [
{
"comment": "",
"object_uuid": "a6cd51d1-09ed-4782-b4db-45f24256138e",
"referenced_uuid": "69ca0eea-cc1c-4a23-8300-480a977aed37",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-6288-4d12-8063-44ca02de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214022",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a906-2500-48d5-9bb5-4be802de0b81",
"value": "9f964893e51c95cb83ac2ff8287dd84e"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214023",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a907-9dbc-47e7-987e-4dfb02de0b81",
"value": "2befbde3349898e346aeab38b2c49f09b4a7ae59"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214023",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a907-bc10-4626-be43-443c02de0b81",
"value": "1c565d978f3fe2b259af7d06cdb3651afee200a580a04b2b6fb856a4d986306b"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214023",
"uuid": "69ca0eea-cc1c-4a23-8300-480a977aed37",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214024",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a908-b6d4-4c8d-ad1c-488e02de0b81",
"value": "2018-04-20T04:13:02"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214024",
"to_ids": false,
"type": "link",
"uuid": "5ad9a908-0244-4da1-a6d4-436602de0b81",
"value": "https://www.virustotal.com/file/1c565d978f3fe2b259af7d06cdb3651afee200a580a04b2b6fb856a4d986306b/analysis/1524197582/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-16 09:54:34 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214024",
"to_ids": false,
"type": "text",
"uuid": "5ad9a908-ae74-4199-9790-46d902de0b81",
"value": "26/67"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214027",
"uuid": "c4e43c42-c47a-48c2-b8f4-a0157937d9e9",
"ObjectReference": [
{
"comment": "",
"object_uuid": "c4e43c42-c47a-48c2-b8f4-a0157937d9e9",
"referenced_uuid": "c453e757-2896-4eab-9833-df10e4e7ac2c",
"relationship_type": "analysed-with",
"timestamp": "1524214030",
"uuid": "5ad9a90e-8204-44c8-bba3-437802de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214024",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a908-d964-4c2b-b35e-489a02de0b81",
"value": "cd2c72de1f36265124292031b20859df"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214025",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a909-3448-43a2-a17d-4c6702de0b81",
"value": "8f3a472cc818a054d71c7a4e2d40bbe0c112286d"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214025",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a909-4620-4402-a6be-47b402de0b81",
"value": "2d1eb5797b8fbcbea8462b470da343ba95d545808d83f71b8763e1daf7648b14"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214026",
"uuid": "c453e757-2896-4eab-9833-df10e4e7ac2c",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214026",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a90a-9024-49ce-b31c-46c002de0b81",
"value": "2018-04-20T04:11:13"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214026",
"to_ids": false,
"type": "link",
"uuid": "5ad9a90a-b280-44a4-8be3-49a802de0b81",
"value": "https://www.virustotal.com/file/2d1eb5797b8fbcbea8462b470da343ba95d545808d83f71b8763e1daf7648b14/analysis/1524197473/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 12:02:21 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214027",
"to_ids": false,
"type": "text",
"uuid": "5ad9a90b-dae0-4d09-bfc4-486902de0b81",
"value": "22/68"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "7",
"timestamp": "1524214030",
"uuid": "350c1ce9-8596-4b4c-a799-a4472dbf9bcf",
"ObjectReference": [
{
"comment": "",
"object_uuid": "350c1ce9-8596-4b4c-a799-a4472dbf9bcf",
"referenced_uuid": "5c00102e-ec27-48d2-ba97-afaa284cac9a",
"relationship_type": "analysed-with",
"timestamp": "1524214031",
"uuid": "5ad9a90f-8cc4-4876-8676-444702de0b81"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1524214027",
"to_ids": true,
"type": "md5",
"uuid": "5ad9a90b-46d0-4082-b456-45fa02de0b81",
"value": "dac78ca4ceb78391d08578c3d166da48"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1524214027",
"to_ids": true,
"type": "sha1",
"uuid": "5ad9a90b-a978-4711-8454-4c0002de0b81",
"value": "db81a47d3fa39a92987ef65c3510788b3ed140cb"
},
{
"category": "Payload delivery",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1524214028",
"to_ids": true,
"type": "sha256",
"uuid": "5ad9a90c-5738-4739-a75a-4a9502de0b81",
"value": "72d103eb07d8d8b9fb4a1cbb12b20716936b97574d688631956dc7becabbd784"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "1",
"timestamp": "1524214028",
"uuid": "5c00102e-ec27-48d2-ba97-afaa284cac9a",
"Attribute": [
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1524214029",
"to_ids": false,
"type": "datetime",
"uuid": "5ad9a90d-c554-4cbb-a1b7-44d302de0b81",
"value": "2018-04-20T04:21:19"
},
{
"category": "External analysis",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1524214029",
"to_ids": false,
"type": "link",
"uuid": "5ad9a90d-21cc-4ace-8a87-405502de0b81",
"value": "https://www.virustotal.com/file/72d103eb07d8d8b9fb4a1cbb12b20716936b97574d688631956dc7becabbd784/analysis/1524198079/"
},
{
"category": "Other",
"comment": "MC Ransomware Hashes - 2018-04-17 07:40:21 UTC",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1524214029",
"to_ids": false,
"type": "text",
"uuid": "5ad9a90d-a100-4a29-bcb4-484802de0b81",
"value": "25/67"
}
]
}
]
}
}