1305 lines
No EOL
42 KiB
JSON
1305 lines
No EOL
42 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "1",
|
|
"date": "2019-08-27",
|
|
"extends_uuid": "",
|
|
"info": "OSINT - Mirai - Loligang bot",
|
|
"publish_timestamp": "1566914231",
|
|
"published": true,
|
|
"threat_level_id": "3",
|
|
"timestamp": "1566913593",
|
|
"uuid": "5d6532ef-05a0-4a1b-a2ee-4c86950d210f",
|
|
"Orgc": {
|
|
"name": "CIRCL",
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#004646",
|
|
"name": "type:OSINT"
|
|
},
|
|
{
|
|
"colour": "#0071c3",
|
|
"name": "osint:lifetime=\"perpetual\""
|
|
},
|
|
{
|
|
"colour": "#0087e8",
|
|
"name": "osint:certainty=\"50\""
|
|
},
|
|
{
|
|
"colour": "#ffffff",
|
|
"name": "tlp:white"
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"name": "misp-galaxy:botnet=\"Mirai\""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913384",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-2484-4ccc-a411-4d15950d210f",
|
|
"value": "93130f4edabb095aaa584dd76c03fcec701e7bf7e9772c1ccfb140f049d6cfff"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-4d30-4ed7-9f4d-443c950d210f",
|
|
"value": "fc231bb098cf67c9c56df59ba43e128388cc04e76b72b2d2ee5f1e02a6537699"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-2f5c-4fda-b306-4cba950d210f",
|
|
"value": "feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-1b00-48fe-b664-45a8950d210f",
|
|
"value": "84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-842c-4de7-853c-46b9950d210f",
|
|
"value": "b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-d99c-4174-86ce-4133950d210f",
|
|
"value": "cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-89e0-4dc7-8017-42bf950d210f",
|
|
"value": "53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-cb98-4f5c-a3f6-4442950d210f",
|
|
"value": "2439ffb7966e7d4521ff55f1c7df438a1d51cc21693edf82e46ff39dde2ef7d7"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-7af0-4175-98a3-4910950d210f",
|
|
"value": "e1f10b070c575eae46cc89ae9638d58c348d754e24beacb0d1b0a2e613335c60"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-fe40-4c9a-afa6-42ee950d210f",
|
|
"value": "b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5d653369-3ff0-4e98-8d91-4893950d210f",
|
|
"value": "7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-444c-42f6-bdb6-47bd950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.mpsl"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-d6dc-44e8-8212-419b950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.arm7"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-33a4-4992-9f35-4fc0950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.arm6"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-3ea4-4507-95b5-4053950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.arm5"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-8374-4c32-92ed-4778950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.spc"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-6444-4580-abb1-45eb950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.arm"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-8e44-449f-8c7d-41d6950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.m68k"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-e2dc-4499-93af-48a9950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.mips"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-673c-484f-8131-47fd950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.ppc"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-d878-4c31-95fd-4887950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.x86"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "url",
|
|
"uuid": "5d653369-2754-4c2f-8ce3-409f950d210f",
|
|
"value": "ftp://165.22.153.245/loligang.sh4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-e660-4365-8bef-4ff8950d210f",
|
|
"value": "4d6b2efa2bba2bb86c26aa827f0cc531"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-ae30-4d8e-82af-489d950d210f",
|
|
"value": "9e00aa8e675a88db881b1d4909745d2f"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-3848-4ffa-a320-4c6b950d210f",
|
|
"value": "657bcdd6be43d48b3a664ae7f8b047a6"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-4258-4ae6-807b-40bf950d210f",
|
|
"value": "ae006853961580175c88b1b91c126620"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-dc38-429c-9d34-489e950d210f",
|
|
"value": "7d2dcfdad728c946d2d97405c618f2c9"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-07b8-4229-bfaf-417e950d210f",
|
|
"value": "a8672298a8b6ce167d8bebff1252bc6a"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-ecc4-4624-a9e8-4b52950d210f",
|
|
"value": "9b66bc34acbf90fa299109dbf2195194"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-979c-467f-8941-46d1950d210f",
|
|
"value": "001c1a6c30eb5a93d0b8dbddeb873b32"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-e0a8-4747-ac7a-4a03950d210f",
|
|
"value": "2afaf4d7344b34d0ba11d61ec6978dcd"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-0e5c-4b87-a090-4a72950d210f",
|
|
"value": "0420409b6b89b1eb141192902d7b7704"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5d653369-bdc0-4c2b-adbd-452c950d210f",
|
|
"value": "8b04de9e996f11bf1e047760cd758ebb"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-26dc-4b39-988d-4dc3950d210f",
|
|
"value": "ab4b298e59b01cc0a37edd7fa9be7dadb08e35a8"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-0f7c-43ef-acc9-42a5950d210f",
|
|
"value": "3b2d1af776ea516411099c20bf02dfa095002dc0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-a990-4bd8-bc6a-407e950d210f",
|
|
"value": "6922753a6c844350e4b2440bc70eb27ef91cdc7c"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-6a58-4df5-a91c-4d1d950d210f",
|
|
"value": "b6ab78139561b22c909266e1b906b882255cf4d1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-5550-4e1b-9154-4750950d210f",
|
|
"value": "3302347dbff47ad6271c8e402f2bce18a0df1983"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-3340-4137-9cf2-4f77950d210f",
|
|
"value": "4c06370189b9154b44a6a975a05a0a3bbb6c5382"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-5fc8-4684-a863-420a950d210f",
|
|
"value": "3252d21dc0cb2817673f92d1b00e13f6f9542b1e"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-6a40-4817-9779-489c950d210f",
|
|
"value": "1893faeab933826ac3a85bab919a9ba0b734d2f1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-bf78-4d93-8474-4f5c950d210f",
|
|
"value": "488734ad3fa96f647ac1f23fb97649c36b1b87a0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-26c4-43a8-a291-4f8e950d210f",
|
|
"value": "6835affc0e893edb626b609198ceb4ba457acdc4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5d653369-4310-4699-8e3d-4b4e950d210f",
|
|
"value": "567caadc5b269770a5c401869a18471dfa344d44"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "5d653369-4a44-4eb2-89f6-4683950d210f",
|
|
"value": "165.22.153.245"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1566913404",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "5d65337c-f0f4-4c18-9c06-4235950d210f",
|
|
"value": "https://otx.alienvault.com/pulse/5d652c579d3ca47ab1d8aff4"
|
|
}
|
|
],
|
|
"Object": [
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913527",
|
|
"uuid": "0817c131-b50c-45a1-a1a3-a3072f5e21c6",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "0817c131-b50c-45a1-a1a3-a3072f5e21c6",
|
|
"referenced_uuid": "f0889f07-a335-4483-b790-bbd8384cd71c",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913529",
|
|
"uuid": "5d6533f9-dd08-4fad-91f9-43dc950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "5a5e9f88-3aa0-4ff3-af24-753502a35def",
|
|
"value": "657bcdd6be43d48b3a664ae7f8b047a6"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "e3d8465e-7889-4282-83bb-1449799d0a28",
|
|
"value": "b6ab78139561b22c909266e1b906b882255cf4d1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "bbe9b907-e971-4948-a762-a4a749f130e4",
|
|
"value": "b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913527",
|
|
"uuid": "f0889f07-a335-4483-b790-bbd8384cd71c",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "c0b4c7ef-9a55-45e1-af49-078072c675e8",
|
|
"value": "2019-08-27T13:10:59"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "b9451c41-a02e-4843-be13-99d1d18c757f",
|
|
"value": "https://www.virustotal.com/file/b41756ea36db32de5aef58544c8beffb2e8def785bf80575878e4a9b4a0a6e87/analysis/1566911459/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "9f7c1fab-cf70-4703-ac64-9c0ef70a5790",
|
|
"value": "21/57"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913527",
|
|
"uuid": "b16a7b3b-2836-4d8f-9b96-53ca98c1d7f0",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "b16a7b3b-2836-4d8f-9b96-53ca98c1d7f0",
|
|
"referenced_uuid": "6cb3e0a7-3216-4eb8-98c6-06e79a5f2995",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913529",
|
|
"uuid": "5d6533f9-c528-4c19-96c5-4649950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "0d95d4d6-7bf4-445c-a356-24f62925cf89",
|
|
"value": "9b66bc34acbf90fa299109dbf2195194"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "cb793a7b-dbbb-4cae-beac-705a3e67aaee",
|
|
"value": "3252d21dc0cb2817673f92d1b00e13f6f9542b1e"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "c321d9e5-7eaf-4eb3-9061-3355c3d7864a",
|
|
"value": "84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913528",
|
|
"uuid": "6cb3e0a7-3216-4eb8-98c6-06e79a5f2995",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "e884b15b-2e8e-449d-9a40-4bb70c26f386",
|
|
"value": "2019-08-27T13:10:57"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "a28a7598-8070-4145-bb6f-110a3b2268b2",
|
|
"value": "https://www.virustotal.com/file/84cb76cd07b62e144c9acb27f1fc2773fd4a9ff19318389ab5ad8b72063673fe/analysis/1566911457/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "bd3af045-5bcd-488d-b08b-62c08cad8201",
|
|
"value": "24/57"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913528",
|
|
"uuid": "79e1f030-379c-4127-aa04-b3603f1a3824",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "79e1f030-379c-4127-aa04-b3603f1a3824",
|
|
"referenced_uuid": "254ac2d2-ddbf-46d3-b400-3636b8595f92",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913529",
|
|
"uuid": "5d6533f9-9a8c-4ca5-bd38-413b950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "85e00401-d240-4c72-979b-e22ce1bf32f7",
|
|
"value": "001c1a6c30eb5a93d0b8dbddeb873b32"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "b1bdfd6a-0fbc-4150-b057-5c031b2e681b",
|
|
"value": "6835affc0e893edb626b609198ceb4ba457acdc4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "ddb9a38e-279b-47c9-89a4-337ed8d6c7be",
|
|
"value": "feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913528",
|
|
"uuid": "254ac2d2-ddbf-46d3-b400-3636b8595f92",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "44eca0fc-84c9-4341-b7cd-bc060f188eb9",
|
|
"value": "2019-08-26T13:58:32"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "0b7e65b1-e6b0-4103-9bbb-ad81cb091c89",
|
|
"value": "https://www.virustotal.com/file/feb98eb9497c1101953d4b24782e8e90b86a9d35a880c1e644c7241ae2fae53c/analysis/1566827912/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "fe764259-0dbe-4934-b8a0-8e1a279399f0",
|
|
"value": "24/55"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913528",
|
|
"uuid": "23c7e1ee-00f6-45ae-a4a9-f08888078fc2",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "23c7e1ee-00f6-45ae-a4a9-f08888078fc2",
|
|
"referenced_uuid": "af3d2aae-9c33-4cac-8b18-5338ae1450c2",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913529",
|
|
"uuid": "5d6533f9-ea70-46fd-9597-4bf8950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "9a15cd0c-e3fe-426d-9e8e-d92d5d28c24e",
|
|
"value": "0420409b6b89b1eb141192902d7b7704"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "37b7bd2a-cd0b-4acb-b670-5dccb1a8ed82",
|
|
"value": "488734ad3fa96f647ac1f23fb97649c36b1b87a0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "81279429-75a8-4a94-8500-2203df37d767",
|
|
"value": "cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913528",
|
|
"uuid": "af3d2aae-9c33-4cac-8b18-5338ae1450c2",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "787556d0-4b2f-44e7-aaf9-3075ea47e7da",
|
|
"value": "2019-08-26T13:58:32"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "76d8279d-e5fe-49c9-a228-e13b2a44dd05",
|
|
"value": "https://www.virustotal.com/file/cda6038014ccf05520911decefb880ad439a780904f6fe8b8d85ae35a6660fba/analysis/1566827912/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "c0066020-5fc6-4e58-bf3c-77f210d7c98b",
|
|
"value": "24/55"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913528",
|
|
"uuid": "e04e0d05-85fc-44a7-87f7-32746aada35a",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "e04e0d05-85fc-44a7-87f7-32746aada35a",
|
|
"referenced_uuid": "a9480e09-5437-40db-94c9-5dfbe5bc98c9",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913530",
|
|
"uuid": "5d6533fa-0c8c-46ab-904b-4564950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "a85692b6-83c8-4ec3-abf1-ef3a74b4201c",
|
|
"value": "2afaf4d7344b34d0ba11d61ec6978dcd"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "b81dac9f-2936-4e2c-b060-41372cbaafd3",
|
|
"value": "1893faeab933826ac3a85bab919a9ba0b734d2f1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "52dd53c5-14bf-404f-a397-c92474bce253",
|
|
"value": "53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913528",
|
|
"uuid": "a9480e09-5437-40db-94c9-5dfbe5bc98c9",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "7e6cef86-122e-47ce-bfb5-c96dcd8be92c",
|
|
"value": "2019-08-27T13:10:57"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "ffb82c5b-f099-4a08-8a75-e90a5c087550",
|
|
"value": "https://www.virustotal.com/file/53a52a566fea292a64f8d10d860c1fca4398498aadb6a69ba815c4c801fd4582/analysis/1566911457/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "458d1e5e-abfe-48db-a852-e8f566228319",
|
|
"value": "34/57"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913529",
|
|
"uuid": "4022a205-9ae8-4e3e-b1f0-5e8e3cbe33f3",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "4022a205-9ae8-4e3e-b1f0-5e8e3cbe33f3",
|
|
"referenced_uuid": "1c5d190e-a3c9-44e2-9225-7204e2439319",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913530",
|
|
"uuid": "5d6533fa-070c-4a9e-97de-49a2950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "e1b728ec-5c2f-47c5-b45e-e3971a7d1769",
|
|
"value": "7d2dcfdad728c946d2d97405c618f2c9"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "74339533-ac15-46ed-bd65-c30300dc7dc7",
|
|
"value": "6922753a6c844350e4b2440bc70eb27ef91cdc7c"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "29065d54-d7cc-4a2d-90be-e00d1f975b8a",
|
|
"value": "b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913529",
|
|
"uuid": "1c5d190e-a3c9-44e2-9225-7204e2439319",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "35a02550-3a30-4aff-ade1-e029f71962de",
|
|
"value": "2019-08-27T09:30:02"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "93016d9b-6885-4799-b4f4-3232438c2995",
|
|
"value": "https://www.virustotal.com/file/b9959bd676bca236593e08baaedca1b1195cc998195bd7059c039bb5506386d6/analysis/1566898202/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "27537950-34df-48e2-96fb-5f51e4d1a0b5",
|
|
"value": "28/56"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1566913529",
|
|
"uuid": "70b72a57-ea6e-46e7-83ad-31298af63206",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "70b72a57-ea6e-46e7-83ad-31298af63206",
|
|
"referenced_uuid": "9fa18b29-a098-494a-8c9f-aba9ce301f9a",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1566913530",
|
|
"uuid": "5d6533fa-7e90-4aea-bb7c-432c950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "83448b6f-d619-495f-8d0c-adb36078fb3c",
|
|
"value": "ae006853961580175c88b1b91c126620"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "221d83b2-2cbc-4dc7-8e5e-a864bce5fc08",
|
|
"value": "ab4b298e59b01cc0a37edd7fa9be7dadb08e35a8"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1566913385",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "a73b08f6-149f-43b5-a36c-ff90591cb86f",
|
|
"value": "7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1566913529",
|
|
"uuid": "9fa18b29-a098-494a-8c9f-aba9ce301f9a",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "674ff6df-7692-41e8-85ce-2dcbc25a9013",
|
|
"value": "2019-08-26T10:57:13"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "154ee7cb-c514-4b31-8b03-8512a25207a4",
|
|
"value": "https://www.virustotal.com/file/7ed5022a3f047ff69b0e0bfa10a248c8752cd9a514d9a0163634e1eb1dc85c3d/analysis/1566817033/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1566913385",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "2c118fa2-b70f-4f30-86bf-69013711a34e",
|
|
"value": "20/57"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
} |