misp-circl-feed/feeds/circl/misp/5d6532ef-05a0-4a1b-a2ee-4c86950d210f.json

1305 lines
No EOL
42 KiB
JSON

{
"Event": {
"analysis": "1",
"date": "2019-08-27",
"extends_uuid": "",
"info": "OSINT - Mirai - Loligang bot",
"publish_timestamp": "1566914231",
"published": true,
"threat_level_id": "3",
"timestamp": "1566913593",
"uuid": "5d6532ef-05a0-4a1b-a2ee-4c86950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#0071c3",
"name": "osint:lifetime=\"perpetual\""
},
{
"colour": "#0087e8",
"name": "osint:certainty=\"50\""
},
{
"colour": "#ffffff",
"name": "tlp:white"
},
{
"colour": "#0088cc",
"name": "misp-galaxy:botnet=\"Mirai\""
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913384",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-2484-4ccc-a411-4d15950d210f",
"value": "93130f4edabb095aaa584dd76c03fcec701e7bf7e9772c1ccfb140f049d6cfff"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-4d30-4ed7-9f4d-443c950d210f",
"value": "fc231bb098cf67c9c56df59ba43e128388cc04e76b72b2d2ee5f1e02a6537699"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-2f5c-4fda-b306-4cba950d210f",
"value": "feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-1b00-48fe-b664-45a8950d210f",
"value": "84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-842c-4de7-853c-46b9950d210f",
"value": "b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-d99c-4174-86ce-4133950d210f",
"value": "cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-89e0-4dc7-8017-42bf950d210f",
"value": "53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-cb98-4f5c-a3f6-4442950d210f",
"value": "2439ffb7966e7d4521ff55f1c7df438a1d51cc21693edf82e46ff39dde2ef7d7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-7af0-4175-98a3-4910950d210f",
"value": "e1f10b070c575eae46cc89ae9638d58c348d754e24beacb0d1b0a2e613335c60"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-fe40-4c9a-afa6-42ee950d210f",
"value": "b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "5d653369-3ff0-4e98-8d91-4893950d210f",
"value": "7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-444c-42f6-bdb6-47bd950d210f",
"value": "ftp://165.22.153.245/loligang.mpsl"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-d6dc-44e8-8212-419b950d210f",
"value": "ftp://165.22.153.245/loligang.arm7"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-33a4-4992-9f35-4fc0950d210f",
"value": "ftp://165.22.153.245/loligang.arm6"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-3ea4-4507-95b5-4053950d210f",
"value": "ftp://165.22.153.245/loligang.arm5"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-8374-4c32-92ed-4778950d210f",
"value": "ftp://165.22.153.245/loligang.spc"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-6444-4580-abb1-45eb950d210f",
"value": "ftp://165.22.153.245/loligang.arm"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-8e44-449f-8c7d-41d6950d210f",
"value": "ftp://165.22.153.245/loligang.m68k"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-e2dc-4499-93af-48a9950d210f",
"value": "ftp://165.22.153.245/loligang.mips"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-673c-484f-8131-47fd950d210f",
"value": "ftp://165.22.153.245/loligang.ppc"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-d878-4c31-95fd-4887950d210f",
"value": "ftp://165.22.153.245/loligang.x86"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "url",
"uuid": "5d653369-2754-4c2f-8ce3-409f950d210f",
"value": "ftp://165.22.153.245/loligang.sh4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-e660-4365-8bef-4ff8950d210f",
"value": "4d6b2efa2bba2bb86c26aa827f0cc531"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-ae30-4d8e-82af-489d950d210f",
"value": "9e00aa8e675a88db881b1d4909745d2f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-3848-4ffa-a320-4c6b950d210f",
"value": "657bcdd6be43d48b3a664ae7f8b047a6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-4258-4ae6-807b-40bf950d210f",
"value": "ae006853961580175c88b1b91c126620"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-dc38-429c-9d34-489e950d210f",
"value": "7d2dcfdad728c946d2d97405c618f2c9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-07b8-4229-bfaf-417e950d210f",
"value": "a8672298a8b6ce167d8bebff1252bc6a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-ecc4-4624-a9e8-4b52950d210f",
"value": "9b66bc34acbf90fa299109dbf2195194"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-979c-467f-8941-46d1950d210f",
"value": "001c1a6c30eb5a93d0b8dbddeb873b32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-e0a8-4747-ac7a-4a03950d210f",
"value": "2afaf4d7344b34d0ba11d61ec6978dcd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-0e5c-4b87-a090-4a72950d210f",
"value": "0420409b6b89b1eb141192902d7b7704"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5d653369-bdc0-4c2b-adbd-452c950d210f",
"value": "8b04de9e996f11bf1e047760cd758ebb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-26dc-4b39-988d-4dc3950d210f",
"value": "ab4b298e59b01cc0a37edd7fa9be7dadb08e35a8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-0f7c-43ef-acc9-42a5950d210f",
"value": "3b2d1af776ea516411099c20bf02dfa095002dc0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-a990-4bd8-bc6a-407e950d210f",
"value": "6922753a6c844350e4b2440bc70eb27ef91cdc7c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-6a58-4df5-a91c-4d1d950d210f",
"value": "b6ab78139561b22c909266e1b906b882255cf4d1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-5550-4e1b-9154-4750950d210f",
"value": "3302347dbff47ad6271c8e402f2bce18a0df1983"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-3340-4137-9cf2-4f77950d210f",
"value": "4c06370189b9154b44a6a975a05a0a3bbb6c5382"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-5fc8-4684-a863-420a950d210f",
"value": "3252d21dc0cb2817673f92d1b00e13f6f9542b1e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-6a40-4817-9779-489c950d210f",
"value": "1893faeab933826ac3a85bab919a9ba0b734d2f1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-bf78-4d93-8474-4f5c950d210f",
"value": "488734ad3fa96f647ac1f23fb97649c36b1b87a0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-26c4-43a8-a291-4f8e950d210f",
"value": "6835affc0e893edb626b609198ceb4ba457acdc4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "5d653369-4310-4699-8e3d-4b4e950d210f",
"value": "567caadc5b269770a5c401869a18471dfa344d44"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913385",
"to_ids": true,
"type": "ip-dst",
"uuid": "5d653369-4a44-4eb2-89f6-4683950d210f",
"value": "165.22.153.245"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1566913404",
"to_ids": false,
"type": "link",
"uuid": "5d65337c-f0f4-4c18-9c06-4235950d210f",
"value": "https://otx.alienvault.com/pulse/5d652c579d3ca47ab1d8aff4"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913527",
"uuid": "0817c131-b50c-45a1-a1a3-a3072f5e21c6",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0817c131-b50c-45a1-a1a3-a3072f5e21c6",
"referenced_uuid": "f0889f07-a335-4483-b790-bbd8384cd71c",
"relationship_type": "analysed-with",
"timestamp": "1566913529",
"uuid": "5d6533f9-dd08-4fad-91f9-43dc950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "5a5e9f88-3aa0-4ff3-af24-753502a35def",
"value": "657bcdd6be43d48b3a664ae7f8b047a6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "e3d8465e-7889-4282-83bb-1449799d0a28",
"value": "b6ab78139561b22c909266e1b906b882255cf4d1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "bbe9b907-e971-4948-a762-a4a749f130e4",
"value": "b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913527",
"uuid": "f0889f07-a335-4483-b790-bbd8384cd71c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "c0b4c7ef-9a55-45e1-af49-078072c675e8",
"value": "2019-08-27T13:10:59"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "b9451c41-a02e-4843-be13-99d1d18c757f",
"value": "https://www.virustotal.com/file/b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87/analysis/1566911459/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "9f7c1fab-cf70-4703-ac64-9c0ef70a5790",
"value": "21/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913527",
"uuid": "b16a7b3b-2836-4d8f-9b96-53ca98c1d7f0",
"ObjectReference": [
{
"comment": "",
"object_uuid": "b16a7b3b-2836-4d8f-9b96-53ca98c1d7f0",
"referenced_uuid": "6cb3e0a7-3216-4eb8-98c6-06e79a5f2995",
"relationship_type": "analysed-with",
"timestamp": "1566913529",
"uuid": "5d6533f9-c528-4c19-96c5-4649950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "0d95d4d6-7bf4-445c-a356-24f62925cf89",
"value": "9b66bc34acbf90fa299109dbf2195194"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "cb793a7b-dbbb-4cae-beac-705a3e67aaee",
"value": "3252d21dc0cb2817673f92d1b00e13f6f9542b1e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "c321d9e5-7eaf-4eb3-9061-3355c3d7864a",
"value": "84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913528",
"uuid": "6cb3e0a7-3216-4eb8-98c6-06e79a5f2995",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "e884b15b-2e8e-449d-9a40-4bb70c26f386",
"value": "2019-08-27T13:10:57"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "a28a7598-8070-4145-bb6f-110a3b2268b2",
"value": "https://www.virustotal.com/file/84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe/analysis/1566911457/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "bd3af045-5bcd-488d-b08b-62c08cad8201",
"value": "24/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913528",
"uuid": "79e1f030-379c-4127-aa04-b3603f1a3824",
"ObjectReference": [
{
"comment": "",
"object_uuid": "79e1f030-379c-4127-aa04-b3603f1a3824",
"referenced_uuid": "254ac2d2-ddbf-46d3-b400-3636b8595f92",
"relationship_type": "analysed-with",
"timestamp": "1566913529",
"uuid": "5d6533f9-9a8c-4ca5-bd38-413b950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "85e00401-d240-4c72-979b-e22ce1bf32f7",
"value": "001c1a6c30eb5a93d0b8dbddeb873b32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "b1bdfd6a-0fbc-4150-b057-5c031b2e681b",
"value": "6835affc0e893edb626b609198ceb4ba457acdc4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "ddb9a38e-279b-47c9-89a4-337ed8d6c7be",
"value": "feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913528",
"uuid": "254ac2d2-ddbf-46d3-b400-3636b8595f92",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "44eca0fc-84c9-4341-b7cd-bc060f188eb9",
"value": "2019-08-26T13:58:32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "0b7e65b1-e6b0-4103-9bbb-ad81cb091c89",
"value": "https://www.virustotal.com/file/feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c/analysis/1566827912/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "fe764259-0dbe-4934-b8a0-8e1a279399f0",
"value": "24/55"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913528",
"uuid": "23c7e1ee-00f6-45ae-a4a9-f08888078fc2",
"ObjectReference": [
{
"comment": "",
"object_uuid": "23c7e1ee-00f6-45ae-a4a9-f08888078fc2",
"referenced_uuid": "af3d2aae-9c33-4cac-8b18-5338ae1450c2",
"relationship_type": "analysed-with",
"timestamp": "1566913529",
"uuid": "5d6533f9-ea70-46fd-9597-4bf8950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "9a15cd0c-e3fe-426d-9e8e-d92d5d28c24e",
"value": "0420409b6b89b1eb141192902d7b7704"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "37b7bd2a-cd0b-4acb-b670-5dccb1a8ed82",
"value": "488734ad3fa96f647ac1f23fb97649c36b1b87a0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "81279429-75a8-4a94-8500-2203df37d767",
"value": "cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913528",
"uuid": "af3d2aae-9c33-4cac-8b18-5338ae1450c2",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "787556d0-4b2f-44e7-aaf9-3075ea47e7da",
"value": "2019-08-26T13:58:32"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "76d8279d-e5fe-49c9-a228-e13b2a44dd05",
"value": "https://www.virustotal.com/file/cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba/analysis/1566827912/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "c0066020-5fc6-4e58-bf3c-77f210d7c98b",
"value": "24/55"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913528",
"uuid": "e04e0d05-85fc-44a7-87f7-32746aada35a",
"ObjectReference": [
{
"comment": "",
"object_uuid": "e04e0d05-85fc-44a7-87f7-32746aada35a",
"referenced_uuid": "a9480e09-5437-40db-94c9-5dfbe5bc98c9",
"relationship_type": "analysed-with",
"timestamp": "1566913530",
"uuid": "5d6533fa-0c8c-46ab-904b-4564950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "a85692b6-83c8-4ec3-abf1-ef3a74b4201c",
"value": "2afaf4d7344b34d0ba11d61ec6978dcd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "b81dac9f-2936-4e2c-b060-41372cbaafd3",
"value": "1893faeab933826ac3a85bab919a9ba0b734d2f1"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "52dd53c5-14bf-404f-a397-c92474bce253",
"value": "53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913528",
"uuid": "a9480e09-5437-40db-94c9-5dfbe5bc98c9",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "7e6cef86-122e-47ce-bfb5-c96dcd8be92c",
"value": "2019-08-27T13:10:57"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "ffb82c5b-f099-4a08-8a75-e90a5c087550",
"value": "https://www.virustotal.com/file/53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582/analysis/1566911457/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "458d1e5e-abfe-48db-a852-e8f566228319",
"value": "34/57"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913529",
"uuid": "4022a205-9ae8-4e3e-b1f0-5e8e3cbe33f3",
"ObjectReference": [
{
"comment": "",
"object_uuid": "4022a205-9ae8-4e3e-b1f0-5e8e3cbe33f3",
"referenced_uuid": "1c5d190e-a3c9-44e2-9225-7204e2439319",
"relationship_type": "analysed-with",
"timestamp": "1566913530",
"uuid": "5d6533fa-070c-4a9e-97de-49a2950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "e1b728ec-5c2f-47c5-b45e-e3971a7d1769",
"value": "7d2dcfdad728c946d2d97405c618f2c9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "74339533-ac15-46ed-bd65-c30300dc7dc7",
"value": "6922753a6c844350e4b2440bc70eb27ef91cdc7c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "29065d54-d7cc-4a2d-90be-e00d1f975b8a",
"value": "b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913529",
"uuid": "1c5d190e-a3c9-44e2-9225-7204e2439319",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "35a02550-3a30-4aff-ade1-e029f71962de",
"value": "2019-08-27T09:30:02"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "93016d9b-6885-4799-b4f4-3232438c2995",
"value": "https://www.virustotal.com/file/b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6/analysis/1566898202/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "27537950-34df-48e2-96fb-5f51e4d1a0b5",
"value": "28/56"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "17",
"timestamp": "1566913529",
"uuid": "70b72a57-ea6e-46e7-83ad-31298af63206",
"ObjectReference": [
{
"comment": "",
"object_uuid": "70b72a57-ea6e-46e7-83ad-31298af63206",
"referenced_uuid": "9fa18b29-a098-494a-8c9f-aba9ce301f9a",
"relationship_type": "analysed-with",
"timestamp": "1566913530",
"uuid": "5d6533fa-7e90-4aea-bb7c-432c950d210f"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1566913385",
"to_ids": true,
"type": "md5",
"uuid": "83448b6f-d619-495f-8d0c-adb36078fb3c",
"value": "ae006853961580175c88b1b91c126620"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha1",
"uuid": "221d83b2-2cbc-4dc7-8e5e-a864bce5fc08",
"value": "ab4b298e59b01cc0a37edd7fa9be7dadb08e35a8"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1566913385",
"to_ids": true,
"type": "sha256",
"uuid": "a73b08f6-149f-43b5-a36c-ff90591cb86f",
"value": "7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d"
}
]
},
{
"comment": "",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "2",
"timestamp": "1566913529",
"uuid": "9fa18b29-a098-494a-8c9f-aba9ce301f9a",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "last-submission",
"timestamp": "1566913385",
"to_ids": false,
"type": "datetime",
"uuid": "674ff6df-7692-41e8-85ce-2dcbc25a9013",
"value": "2019-08-26T10:57:13"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "permalink",
"timestamp": "1566913385",
"to_ids": false,
"type": "link",
"uuid": "154ee7cb-c514-4b31-8b03-8512a25207a4",
"value": "https://www.virustotal.com/file/7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d/analysis/1566817033/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1566913385",
"to_ids": false,
"type": "text",
"uuid": "2c118fa2-b70f-4f30-86bf-69013711a34e",
"value": "20/57"
}
]
}
]
}
}