adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5784f9df-02ac-4e17-92bc-7e4502de0b81.json

693 lines
No EOL
35 KiB
JSON
Raw Blame History

{
"Event": {
"analysis": "2",
"date": "2016-07-12",
"extends_uuid": "",
"info": "OSINT - NetTraveler APT Targets Russian, European Interests",
"publish_timestamp": "1468333038",
"published": true,
"threat_level_id": "2",
"timestamp": "1468332991",
"uuid": "5784f9df-02ac-4e17-92bc-7e4502de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#004646",
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332586",
"to_ids": false,
"type": "link",
"uuid": "5784fa2a-8458-4a0c-a95c-810502de0b81",
"value": "https://www.proofpoint.com/us/threat-insight/post/nettraveler-apt-targets-russian-european-interests"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332600",
"to_ids": false,
"type": "comment",
"uuid": "5784fa38-74cc-477f-bd43-7e5002de0b81",
"value": "Throughout 2016, Proofpoint researchers tracked a cyber-espionage campaign targeting victims in Russia and neighboring countries. The actor utilizes spear phishing campaigns to deliver NetTraveler, also known as TravNet. First observed as early as 2004, NetTraveler is a Trojan used widely in targeted attacks. We believe that this attacker operates out of China. In addition to Russia, targeted regions include neighboring countries such as Mongolia, Belarus, and other European countries. The spear-phishing campaigns we detected use links to RAR-compressed executables and Microsoft Word attachments that exploit the CVE-2012-0158 vulnerability.\r\n\r\nThis particular APT is targeting organizations that include weapons manufacturers, human rights activists, and pro-democracy groups, among others."
},
{
"category": "Network activity",
"comment": "NetTraveler C&C and payload hosting site",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332665",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa79-d184-473b-a5ae-810902de0b81",
"value": "www.interfaxru.com"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C and payload hosting site",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332665",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa79-21b8-4987-be1e-810902de0b81",
"value": "www.info-spb.com"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332666",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa7a-60b8-45c9-a1e5-810902de0b81",
"value": "www.tassnews.net"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332666",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa7a-84a0-4486-ac75-810902de0b81",
"value": "www.riaru.net"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332666",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa7a-a708-4990-b0b2-810902de0b81",
"value": "www.voennovosti.com"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332666",
"to_ids": true,
"type": "hostname",
"uuid": "5784fa7a-cda4-48c9-979b-810902de0b81",
"value": "www.mogoogle.com"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332666",
"to_ids": true,
"type": "ip-dst",
"uuid": "5784fa7a-9d6c-445a-b764-810902de0b81",
"value": "103.231.184.164"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332667",
"to_ids": true,
"type": "ip-dst",
"uuid": "5784fa7b-5d80-4866-a6ab-810902de0b81",
"value": "103.231.184.163"
},
{
"category": "Network activity",
"comment": "NetTraveler C&C",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332667",
"to_ids": true,
"type": "ip-dst",
"uuid": "5784fa7b-ea18-4c8e-a69c-810902de0b81",
"value": "98.126.38.107"
},
{
"category": "Network activity",
"comment": "NetTraveler payload URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332720",
"to_ids": true,
"type": "url",
"uuid": "5784fab0-412c-417b-be07-4f2802de0b81",
"value": "http://www.interfaxru.com/html/rostechnologii/20160420.rar"
},
{
"category": "Network activity",
"comment": "NetTraveler payload URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332720",
"to_ids": true,
"type": "url",
"uuid": "5784fab0-dda0-445d-ae25-465902de0b81",
"value": "http://www.info-spb.com/analiz/voennye_kommentaria/n148584.rar"
},
{
"category": "Network activity",
"comment": "NetTraveler payload URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332720",
"to_ids": true,
"type": "url",
"uuid": "5784fab0-4e48-4ce6-812d-472602de0b81",
"value": "http://www.info-spb.com//worldnews/almaz-antey/no.15.02.2016.rar"
},
{
"category": "Network activity",
"comment": "NetTraveler payload URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332721",
"to_ids": true,
"type": "url",
"uuid": "5784fab1-fd54-4eb4-88e7-4d2802de0b81",
"value": "http://www.info-spb.com/worldnews/mfa/ua/2016-02-16.zip"
},
{
"category": "Network activity",
"comment": "NetTraveler payload URL",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332721",
"to_ids": true,
"type": "url",
"uuid": "5784fab1-b3f8-4eef-ba14-4c9d02de0b81",
"value": "http://www.info-spb.com/worldnews/mfa/uz/03.02.2016.rar"
},
{
"category": "Payload delivery",
"comment": "20160420.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332941",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8d-2db8-494b-ba32-810b02de0b81",
"value": "5afcaca6f6dd6fb3bad26585f30870f71462c59e251cc76b0df5851ac2aa17de"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u02dc\u00d0\u00bd\u00d1\u201e\u00d0\u00be\u00d1\u20ac\u00d0\u00bc\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00be \u00d0\u00bf\u00d0\u00b5\u00d1\u20ac\u00d0\u00b5\u00d1\u2021\u00d0\u00bd\u00d0\u00b5 \u00d0\u00b7\u00d0\u00be\u00d0\u00bd \u00d0\u00b4\u00d0\u00b5\u00d1\u008f\u00d1\u201a\u00d0\u00b5\u00d0\u00bb\u00d1\u0152\u00d0\u00bd\u00d0\u00be\u00d1\u0081\u00d1\u201a\u00d0\u00b8 \u00d1\u0081\u00d0\u00b5\u00d1\u201a\u00d0\u00b5\u00d0\u00b2\u00d0\u00be\u00d0\u00b9 \u00d0\u00be\u00d1\u20ac\u00d0\u00b3\u00d0\u00b0\u00d0\u00bd\u00d0\u00b8\u00d0\u00b7\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d0\u00b8 \u00d0\u00b2 2016 \u00d0\u00b3.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332941",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8d-1060-456c-8e3f-810b02de0b81",
"value": "67c994ad328cd3d8b954366b2baa5e643b31ed42280548eebbd0c30c53f9e37d"
},
{
"category": "Payload delivery",
"comment": "20160330.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332941",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8d-dd64-4930-b8b6-810b02de0b81",
"value": "f3997f8269e4177342aec8816c28cfebaef17a86f22eef15d90b4f9e5b15d8e6"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a1\u00d0\u00be\u00d0\u00b2\u00d0\u00bc\u00d0\u00b5\u00d1\u0081\u00d1\u201a\u00d0\u00bd\u00d0\u00be\u00d0\u00b5 \u00d0\u00b0\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac\u00d0\u00b8\u00d1\u0081\u00d1\u201a\u00d0\u00b8\u00d1\u2021\u00d0\u00b5\u00d1\u0081\u00d0\u00ba\u00d0\u00be\u00d0\u00b5 \u00d1\u0192\u00d1\u2021\u00d0\u00b5\u00d0\u00bd\u00d0\u00b8\u00d0\u00b5 \u00c2\u00ab\u00d0\u0090\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac-2016\u00c2\u00bb.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332942",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8e-2738-4a94-8c2d-810b02de0b81",
"value": "69527b0471c2effab2d21106556ace6bd501daf7758b2ebbf3b2780d6399ecbf"
},
{
"category": "Payload delivery",
"comment": "13_11.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332942",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8e-f0c8-4566-a390-810b02de0b81",
"value": "8e3e5b12f0964e73e4057610ce7a6aa25607c94536762128dabebf9ccfa667d4"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d0\u00bd\u00d1\u2039\u00d0\u00b9 \u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d0\u00b0\u00d0\u00ba\u00d1\u201a\u00d0\u00be\u00d1\u20ac Sputnik\u00e2\u20ac\u201c\u00d0\u00a2\u00d1\u0192\u00d1\u20ac\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00b2 \u00d1\u0081\u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d1\u0192 \u00d0\u00b2\u00d0\u00b5\u00d1\u20ac\u00d0\u00bd\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u008f \u00d0\u00b2 \u00d0\u0153\u00d0\u00be\u00d1\u0081\u00d0\u00ba\u00d0\u00b2\u00d1\u0192.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332942",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8e-d22c-457f-9847-810b02de0b81",
"value": "1bcafa596c597868a179fe3d783b8c5bcd1b487d891b99cb90e76e8abd55a599"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a2\u00d0\u00b5\u00d0\u00ba\u00d1\u0081\u00d1\u201a \u00d0\u00bf\u00d1\u20ac\u00d0\u00b8\u00d0\u00b2\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b8\u00d1\u008f \u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d1\u2039 \u00d0\u00b3\u00d0\u00be\u00d1\u0081\u00d1\u0192\u00d0\u00b4\u00d0\u00b0\u00d1\u20ac\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b0.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332942",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8e-da98-44f7-881c-810b02de0b81",
"value": "409bb7f9faf4b7dc168f71084edb695707f22a83a2e79b810a0b4a27966d78f1"
},
{
"category": "Payload delivery",
"comment": "n148584.rar",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332942",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8e-ca60-4b4d-9e2a-810b02de0b81",
"value": "3adacca54c6fe4bb905e233e48dffd8f6d03078d3d2d309d40e2e67a04a70db1"
},
{
"category": "Payload delivery",
"comment": "20160623.doc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332943",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8f-bc08-4eaa-afff-810b02de0b81",
"value": "80ba8997067025dd830d49d09c57c0dcb1e2f303fa0e093069bd9cff29420692"
},
{
"category": "Payload delivery",
"comment": "20160607.doc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332943",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8f-9bb8-47b7-9915-810b02de0b81",
"value": "60386112fc4b0ddb833fc9a877a9a4f0fe76828ebab4457637b0827106b269fe"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u0178\u00d0\u203a\u00d0\u0090\u00d0\u009d \u00d0\u00a0\u00d0\u2022\u00d0\u0090\u00d0\u203a\u00d0\u02dc\u00d0\u2014\u00d0\u0090\u00d0\u00a6\u00d0\u02dc\u00d0\u02dc \u00d0\u0178\u00d0\u00a0\u00d0\u017e\u00d0\u2022\u00d0\u0161\u00d0\u00a2\u00d0\u0090.doc",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332943",
"to_ids": true,
"type": "sha256",
"uuid": "5784fb8f-701c-4f5b-b8c5-810b02de0b81",
"value": "b3a5c562e3531fb8be476af4947eaa793a77cc61715284bfb9c380b7048da44a"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u0178\u00d0\u203a\u00d0\u0090\u00d0\u009d \u00d0\u00a0\u00d0\u2022\u00d0\u0090\u00d0\u203a\u00d0\u02dc\u00d0\u2014\u00d0\u0090\u00d0\u00a6\u00d0\u02dc\u00d0\u02dc \u00d0\u0178\u00d0\u00a0\u00d0\u017e\u00d0\u2022\u00d0\u0161\u00d0\u00a2\u00d0\u0090.doc - Xchecked via VT: b3a5c562e3531fb8be476af4947eaa793a77cc61715284bfb9c380b7048da44a",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332991",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbbf-7edc-492c-9f2b-897902de0b81",
"value": "c64ac1fed412c4abaf7b65342441db01a53d497e"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u0178\u00d0\u203a\u00d0\u0090\u00d0\u009d \u00d0\u00a0\u00d0\u2022\u00d0\u0090\u00d0\u203a\u00d0\u02dc\u00d0\u2014\u00d0\u0090\u00d0\u00a6\u00d0\u02dc\u00d0\u02dc \u00d0\u0178\u00d0\u00a0\u00d0\u017e\u00d0\u2022\u00d0\u0161\u00d0\u00a2\u00d0\u0090.doc - Xchecked via VT: b3a5c562e3531fb8be476af4947eaa793a77cc61715284bfb9c380b7048da44a",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332991",
"to_ids": true,
"type": "md5",
"uuid": "5784fbbf-6c38-4ec2-a5d0-897902de0b81",
"value": "e7f1589362f77d770063922b068e47aa"
},
{
"category": "External analysis",
"comment": "\u00d0\u0178\u00d0\u203a\u00d0\u0090\u00d0\u009d \u00d0\u00a0\u00d0\u2022\u00d0\u0090\u00d0\u203a\u00d0\u02dc\u00d0\u2014\u00d0\u0090\u00d0\u00a6\u00d0\u02dc\u00d0\u02dc \u00d0\u0178\u00d0\u00a0\u00d0\u017e\u00d0\u2022\u00d0\u0161\u00d0\u00a2\u00d0\u0090.doc - Xchecked via VT: b3a5c562e3531fb8be476af4947eaa793a77cc61715284bfb9c380b7048da44a",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332991",
"to_ids": false,
"type": "link",
"uuid": "5784fbbf-51b0-4f31-a3af-897902de0b81",
"value": "https://www.virustotal.com/file/b3a5c562e3531fb8be476af4947eaa793a77cc61715284bfb9c380b7048da44a/analysis/1453440894/"
},
{
"category": "Payload delivery",
"comment": "20160607.doc - Xchecked via VT: 60386112fc4b0ddb833fc9a877a9a4f0fe76828ebab4457637b0827106b269fe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332991",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbbf-9694-43fd-8d94-897902de0b81",
"value": "65335358fab48ab899c29dc488a47aeb97ce607c"
},
{
"category": "Payload delivery",
"comment": "20160607.doc - Xchecked via VT: 60386112fc4b0ddb833fc9a877a9a4f0fe76828ebab4457637b0827106b269fe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332992",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc0-3ef8-4c30-854a-897902de0b81",
"value": "aa5a1cd27c964bc229156a521fbd6a4b"
},
{
"category": "External analysis",
"comment": "20160607.doc - Xchecked via VT: 60386112fc4b0ddb833fc9a877a9a4f0fe76828ebab4457637b0827106b269fe",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332992",
"to_ids": false,
"type": "link",
"uuid": "5784fbc0-5880-40f8-99d8-897902de0b81",
"value": "https://www.virustotal.com/file/60386112fc4b0ddb833fc9a877a9a4f0fe76828ebab4457637b0827106b269fe/analysis/1468011599/"
},
{
"category": "Payload delivery",
"comment": "20160623.doc - Xchecked via VT: 80ba8997067025dd830d49d09c57c0dcb1e2f303fa0e093069bd9cff29420692",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332992",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc0-961c-4588-89ba-897902de0b81",
"value": "a617e7da200fff238fcb0e61409ef18e6888f189"
},
{
"category": "Payload delivery",
"comment": "20160623.doc - Xchecked via VT: 80ba8997067025dd830d49d09c57c0dcb1e2f303fa0e093069bd9cff29420692",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332992",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc0-d858-4ebf-a529-897902de0b81",
"value": "45782441c73fa949495ffafdb8f9bb62"
},
{
"category": "External analysis",
"comment": "20160623.doc - Xchecked via VT: 80ba8997067025dd830d49d09c57c0dcb1e2f303fa0e093069bd9cff29420692",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332992",
"to_ids": false,
"type": "link",
"uuid": "5784fbc0-a28c-48a2-b05a-897902de0b81",
"value": "https://www.virustotal.com/file/80ba8997067025dd830d49d09c57c0dcb1e2f303fa0e093069bd9cff29420692/analysis/1468011596/"
},
{
"category": "Payload delivery",
"comment": "n148584.rar - Xchecked via VT: 3adacca54c6fe4bb905e233e48dffd8f6d03078d3d2d309d40e2e67a04a70db1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332993",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc1-d30c-4ceb-8366-897902de0b81",
"value": "68507a30c659d2b3f165b9450b6776c58c8f3a23"
},
{
"category": "Payload delivery",
"comment": "n148584.rar - Xchecked via VT: 3adacca54c6fe4bb905e233e48dffd8f6d03078d3d2d309d40e2e67a04a70db1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332993",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc1-1264-47ad-950a-897902de0b81",
"value": "31413f6a097a9e07722d122ecdb62f79"
},
{
"category": "External analysis",
"comment": "n148584.rar - Xchecked via VT: 3adacca54c6fe4bb905e233e48dffd8f6d03078d3d2d309d40e2e67a04a70db1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332993",
"to_ids": false,
"type": "link",
"uuid": "5784fbc1-7b7c-4c2f-94cb-897902de0b81",
"value": "https://www.virustotal.com/file/3adacca54c6fe4bb905e233e48dffd8f6d03078d3d2d309d40e2e67a04a70db1/analysis/1468011596/"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a2\u00d0\u00b5\u00d0\u00ba\u00d1\u0081\u00d1\u201a \u00d0\u00bf\u00d1\u20ac\u00d0\u00b8\u00d0\u00b2\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b8\u00d1\u008f \u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d1\u2039 \u00d0\u00b3\u00d0\u00be\u00d1\u0081\u00d1\u0192\u00d0\u00b4\u00d0\u00b0\u00d1\u20ac\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b0.rar - Xchecked via VT: 409bb7f9faf4b7dc168f71084edb695707f22a83a2e79b810a0b4a27966d78f1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332993",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc1-5c88-4863-a24a-897902de0b81",
"value": "135e0e646a8ca2aa08283f85690d0fae654c085f"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a2\u00d0\u00b5\u00d0\u00ba\u00d1\u0081\u00d1\u201a \u00d0\u00bf\u00d1\u20ac\u00d0\u00b8\u00d0\u00b2\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b8\u00d1\u008f \u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d1\u2039 \u00d0\u00b3\u00d0\u00be\u00d1\u0081\u00d1\u0192\u00d0\u00b4\u00d0\u00b0\u00d1\u20ac\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b0.rar - Xchecked via VT: 409bb7f9faf4b7dc168f71084edb695707f22a83a2e79b810a0b4a27966d78f1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332993",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc1-5928-4195-840d-897902de0b81",
"value": "a4571b830569d85c0f7d07297219bde9"
},
{
"category": "External analysis",
"comment": "\u00d0\u00a2\u00d0\u00b5\u00d0\u00ba\u00d1\u0081\u00d1\u201a \u00d0\u00bf\u00d1\u20ac\u00d0\u00b8\u00d0\u00b2\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b8\u00d1\u008f \u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d1\u2039 \u00d0\u00b3\u00d0\u00be\u00d1\u0081\u00d1\u0192\u00d0\u00b4\u00d0\u00b0\u00d1\u20ac\u00d1\u0081\u00d1\u201a\u00d0\u00b2\u00d0\u00b0.rar - Xchecked via VT: 409bb7f9faf4b7dc168f71084edb695707f22a83a2e79b810a0b4a27966d78f1",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332994",
"to_ids": false,
"type": "link",
"uuid": "5784fbc2-2194-4940-aa90-897902de0b81",
"value": "https://www.virustotal.com/file/409bb7f9faf4b7dc168f71084edb695707f22a83a2e79b810a0b4a27966d78f1/analysis/1457504808/"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d0\u00bd\u00d1\u2039\u00d0\u00b9 \u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d0\u00b0\u00d0\u00ba\u00d1\u201a\u00d0\u00be\u00d1\u20ac Sputnik\u00e2\u20ac\u201c\u00d0\u00a2\u00d1\u0192\u00d1\u20ac\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00b2 \u00d1\u0081\u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d1\u0192 \u00d0\u00b2\u00d0\u00b5\u00d1\u20ac\u00d0\u00bd\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u008f \u00d0\u00b2 \u00d0\u0153\u00d0\u00be\u00d1\u0081\u00d0\u00ba\u00d0\u00b2\u00d1\u0192.rar - Xchecked via VT: 1bcafa596c597868a179fe3d783b8c5bcd1b487d891b99cb90e76e8abd55a599",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332994",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc2-07c4-46d6-b2bd-897902de0b81",
"value": "a047912dfb7c811d9f0c72d662eb081206fad322"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d0\u00bd\u00d1\u2039\u00d0\u00b9 \u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d0\u00b0\u00d0\u00ba\u00d1\u201a\u00d0\u00be\u00d1\u20ac Sputnik\u00e2\u20ac\u201c\u00d0\u00a2\u00d1\u0192\u00d1\u20ac\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00b2 \u00d1\u0081\u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d1\u0192 \u00d0\u00b2\u00d0\u00b5\u00d1\u20ac\u00d0\u00bd\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u008f \u00d0\u00b2 \u00d0\u0153\u00d0\u00be\u00d1\u0081\u00d0\u00ba\u00d0\u00b2\u00d1\u0192.rar - Xchecked via VT: 1bcafa596c597868a179fe3d783b8c5bcd1b487d891b99cb90e76e8abd55a599",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332994",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc2-4718-443f-bc6e-897902de0b81",
"value": "af8a9d91f30566b2ed77617a045761ba"
},
{
"category": "External analysis",
"comment": "\u00d0\u201c\u00d0\u00bb\u00d0\u00b0\u00d0\u00b2\u00d0\u00bd\u00d1\u2039\u00d0\u00b9 \u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d0\u00b0\u00d0\u00ba\u00d1\u201a\u00d0\u00be\u00d1\u20ac Sputnik\u00e2\u20ac\u201c\u00d0\u00a2\u00d1\u0192\u00d1\u20ac\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00b2 \u00d1\u0081\u00d1\u20ac\u00d0\u00b5\u00d0\u00b4\u00d1\u0192 \u00d0\u00b2\u00d0\u00b5\u00d1\u20ac\u00d0\u00bd\u00d0\u00b5\u00d1\u201a\u00d1\u0081\u00d1\u008f \u00d0\u00b2 \u00d0\u0153\u00d0\u00be\u00d1\u0081\u00d0\u00ba\u00d0\u00b2\u00d1\u0192.rar - Xchecked via VT: 1bcafa596c597868a179fe3d783b8c5bcd1b487d891b99cb90e76e8abd55a599",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332994",
"to_ids": false,
"type": "link",
"uuid": "5784fbc2-fb6c-4d07-b42f-897902de0b81",
"value": "https://www.virustotal.com/file/1bcafa596c597868a179fe3d783b8c5bcd1b487d891b99cb90e76e8abd55a599/analysis/1468011597/"
},
{
"category": "Payload delivery",
"comment": "13_11.rar - Xchecked via VT: 8e3e5b12f0964e73e4057610ce7a6aa25607c94536762128dabebf9ccfa667d4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332995",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc3-5210-4c19-b102-897902de0b81",
"value": "6a5082d6b5eb17b832be4a71284a4e1efc7054e1"
},
{
"category": "Payload delivery",
"comment": "13_11.rar - Xchecked via VT: 8e3e5b12f0964e73e4057610ce7a6aa25607c94536762128dabebf9ccfa667d4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332995",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc3-319c-4095-9990-897902de0b81",
"value": "024baaaa8247f1d06a6f803a2226efc4"
},
{
"category": "External analysis",
"comment": "13_11.rar - Xchecked via VT: 8e3e5b12f0964e73e4057610ce7a6aa25607c94536762128dabebf9ccfa667d4",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332995",
"to_ids": false,
"type": "link",
"uuid": "5784fbc3-e1a4-475f-89b7-897902de0b81",
"value": "https://www.virustotal.com/file/8e3e5b12f0964e73e4057610ce7a6aa25607c94536762128dabebf9ccfa667d4/analysis/1468011598/"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a1\u00d0\u00be\u00d0\u00b2\u00d0\u00bc\u00d0\u00b5\u00d1\u0081\u00d1\u201a\u00d0\u00bd\u00d0\u00be\u00d0\u00b5 \u00d0\u00b0\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac\u00d0\u00b8\u00d1\u0081\u00d1\u201a\u00d0\u00b8\u00d1\u2021\u00d0\u00b5\u00d1\u0081\u00d0\u00ba\u00d0\u00be\u00d0\u00b5 \u00d1\u0192\u00d1\u2021\u00d0\u00b5\u00d0\u00bd\u00d0\u00b8\u00d0\u00b5 \u00c2\u00ab\u00d0\u0090\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac-2016\u00c2\u00bb.rar - Xchecked via VT: 69527b0471c2effab2d21106556ace6bd501daf7758b2ebbf3b2780d6399ecbf",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332995",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc3-4c24-43c1-b5d5-897902de0b81",
"value": "24cd712a744b4b290341417fe2fcde0bdbacd18a"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u00a1\u00d0\u00be\u00d0\u00b2\u00d0\u00bc\u00d0\u00b5\u00d1\u0081\u00d1\u201a\u00d0\u00bd\u00d0\u00be\u00d0\u00b5 \u00d0\u00b0\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac\u00d0\u00b8\u00d1\u0081\u00d1\u201a\u00d0\u00b8\u00d1\u2021\u00d0\u00b5\u00d1\u0081\u00d0\u00ba\u00d0\u00be\u00d0\u00b5 \u00d1\u0192\u00d1\u2021\u00d0\u00b5\u00d0\u00bd\u00d0\u00b8\u00d0\u00b5 \u00c2\u00ab\u00d0\u0090\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac-2016\u00c2\u00bb.rar - Xchecked via VT: 69527b0471c2effab2d21106556ace6bd501daf7758b2ebbf3b2780d6399ecbf",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332995",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc3-4960-474d-b472-897902de0b81",
"value": "a93c47161adc1645e2018e5d03cbd104"
},
{
"category": "External analysis",
"comment": "\u00d0\u00a1\u00d0\u00be\u00d0\u00b2\u00d0\u00bc\u00d0\u00b5\u00d1\u0081\u00d1\u201a\u00d0\u00bd\u00d0\u00be\u00d0\u00b5 \u00d0\u00b0\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac\u00d0\u00b8\u00d1\u0081\u00d1\u201a\u00d0\u00b8\u00d1\u2021\u00d0\u00b5\u00d1\u0081\u00d0\u00ba\u00d0\u00be\u00d0\u00b5 \u00d1\u0192\u00d1\u2021\u00d0\u00b5\u00d0\u00bd\u00d0\u00b8\u00d0\u00b5 \u00c2\u00ab\u00d0\u0090\u00d0\u00bd\u00d1\u201a\u00d0\u00b8\u00d1\u201a\u00d0\u00b5\u00d1\u20ac\u00d1\u20ac\u00d0\u00be\u00d1\u20ac-2016\u00c2\u00bb.rar - Xchecked via VT: 69527b0471c2effab2d21106556ace6bd501daf7758b2ebbf3b2780d6399ecbf",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332996",
"to_ids": false,
"type": "link",
"uuid": "5784fbc4-fbc0-4c27-8494-897902de0b81",
"value": "https://www.virustotal.com/file/69527b0471c2effab2d21106556ace6bd501daf7758b2ebbf3b2780d6399ecbf/analysis/1468011598/"
},
{
"category": "Payload delivery",
"comment": "20160330.rar - Xchecked via VT: f3997f8269e4177342aec8816c28cfebaef17a86f22eef15d90b4f9e5b15d8e6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332996",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc4-b124-4199-ae5f-897902de0b81",
"value": "5cb432180a440b67f0493654514e8378014baad9"
},
{
"category": "Payload delivery",
"comment": "20160330.rar - Xchecked via VT: f3997f8269e4177342aec8816c28cfebaef17a86f22eef15d90b4f9e5b15d8e6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332996",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc4-3b24-448e-9ad8-897902de0b81",
"value": "1b3cafb71e8e1ccd13bcbe79e3d5c05c"
},
{
"category": "External analysis",
"comment": "20160330.rar - Xchecked via VT: f3997f8269e4177342aec8816c28cfebaef17a86f22eef15d90b4f9e5b15d8e6",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332996",
"to_ids": false,
"type": "link",
"uuid": "5784fbc4-88d8-4785-816b-897902de0b81",
"value": "https://www.virustotal.com/file/f3997f8269e4177342aec8816c28cfebaef17a86f22eef15d90b4f9e5b15d8e6/analysis/1468011597/"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u02dc\u00d0\u00bd\u00d1\u201e\u00d0\u00be\u00d1\u20ac\u00d0\u00bc\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00be \u00d0\u00bf\u00d0\u00b5\u00d1\u20ac\u00d0\u00b5\u00d1\u2021\u00d0\u00bd\u00d0\u00b5 \u00d0\u00b7\u00d0\u00be\u00d0\u00bd \u00d0\u00b4\u00d0\u00b5\u00d1\u008f\u00d1\u201a\u00d0\u00b5\u00d0\u00bb\u00d1\u0152\u00d0\u00bd\u00d0\u00be\u00d1\u0081\u00d1\u201a\u00d0\u00b8 \u00d1\u0081\u00d0\u00b5\u00d1\u201a\u00d0\u00b5\u00d0\u00b2\u00d0\u00be\u00d0\u00b9 \u00d0\u00be\u00d1\u20ac\u00d0\u00b3\u00d0\u00b0\u00d0\u00bd\u00d0\u00b8\u00d0\u00b7\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d0\u00b8 \u00d0\u00b2 2016 \u00d0\u00b3.rar - Xchecked via VT: 67c994ad328cd3d8b954366b2baa5e643b31ed42280548eebbd0c30c53f9e37d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332997",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc5-f5b8-4f27-91bd-897902de0b81",
"value": "13df492660de3497d11808e1160463437c20c7c4"
},
{
"category": "Payload delivery",
"comment": "\u00d0\u02dc\u00d0\u00bd\u00d1\u201e\u00d0\u00be\u00d1\u20ac\u00d0\u00bc\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00be \u00d0\u00bf\u00d0\u00b5\u00d1\u20ac\u00d0\u00b5\u00d1\u2021\u00d0\u00bd\u00d0\u00b5 \u00d0\u00b7\u00d0\u00be\u00d0\u00bd \u00d0\u00b4\u00d0\u00b5\u00d1\u008f\u00d1\u201a\u00d0\u00b5\u00d0\u00bb\u00d1\u0152\u00d0\u00bd\u00d0\u00be\u00d1\u0081\u00d1\u201a\u00d0\u00b8 \u00d1\u0081\u00d0\u00b5\u00d1\u201a\u00d0\u00b5\u00d0\u00b2\u00d0\u00be\u00d0\u00b9 \u00d0\u00be\u00d1\u20ac\u00d0\u00b3\u00d0\u00b0\u00d0\u00bd\u00d0\u00b8\u00d0\u00b7\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d0\u00b8 \u00d0\u00b2 2016 \u00d0\u00b3.rar - Xchecked via VT: 67c994ad328cd3d8b954366b2baa5e643b31ed42280548eebbd0c30c53f9e37d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332997",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc5-f5a8-4fa8-ab4e-897902de0b81",
"value": "a6777d7632039897a4a7abebb887cba0"
},
{
"category": "External analysis",
"comment": "\u00d0\u02dc\u00d0\u00bd\u00d1\u201e\u00d0\u00be\u00d1\u20ac\u00d0\u00bc\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d1\u008f \u00d0\u00be \u00d0\u00bf\u00d0\u00b5\u00d1\u20ac\u00d0\u00b5\u00d1\u2021\u00d0\u00bd\u00d0\u00b5 \u00d0\u00b7\u00d0\u00be\u00d0\u00bd \u00d0\u00b4\u00d0\u00b5\u00d1\u008f\u00d1\u201a\u00d0\u00b5\u00d0\u00bb\u00d1\u0152\u00d0\u00bd\u00d0\u00be\u00d1\u0081\u00d1\u201a\u00d0\u00b8 \u00d1\u0081\u00d0\u00b5\u00d1\u201a\u00d0\u00b5\u00d0\u00b2\u00d0\u00be\u00d0\u00b9 \u00d0\u00be\u00d1\u20ac\u00d0\u00b3\u00d0\u00b0\u00d0\u00bd\u00d0\u00b8\u00d0\u00b7\u00d0\u00b0\u00d1\u2020\u00d0\u00b8\u00d0\u00b8 \u00d0\u00b2 2016 \u00d0\u00b3.rar - Xchecked via VT: 67c994ad328cd3d8b954366b2baa5e643b31ed42280548eebbd0c30c53f9e37d",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332997",
"to_ids": false,
"type": "link",
"uuid": "5784fbc5-f4fc-485d-8226-897902de0b81",
"value": "https://www.virustotal.com/file/67c994ad328cd3d8b954366b2baa5e643b31ed42280548eebbd0c30c53f9e37d/analysis/1467988434/"
},
{
"category": "Payload delivery",
"comment": "20160420.rar - Xchecked via VT: 5afcaca6f6dd6fb3bad26585f30870f71462c59e251cc76b0df5851ac2aa17de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332997",
"to_ids": true,
"type": "sha1",
"uuid": "5784fbc5-bd04-447a-a61d-897902de0b81",
"value": "d8137dce31b5e05d8a855fcd1217a1853c05794d"
},
{
"category": "Payload delivery",
"comment": "20160420.rar - Xchecked via VT: 5afcaca6f6dd6fb3bad26585f30870f71462c59e251cc76b0df5851ac2aa17de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332997",
"to_ids": true,
"type": "md5",
"uuid": "5784fbc5-572c-41b3-88f3-897902de0b81",
"value": "3de759a545bc530f0ca846a141201597"
},
{
"category": "External analysis",
"comment": "20160420.rar - Xchecked via VT: 5afcaca6f6dd6fb3bad26585f30870f71462c59e251cc76b0df5851ac2aa17de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468332998",
"to_ids": false,
"type": "link",
"uuid": "5784fbc6-c44c-42ed-8ce6-897902de0b81",
"value": "https://www.virustotal.com/file/5afcaca6f6dd6fb3bad26585f30870f71462c59e251cc76b0df5851ac2aa17de/analysis/1468011596/"
}
]
}
}
Reference in a new issue View git blame Copy permalink