1375 lines
No EOL
49 KiB
JSON
1375 lines
No EOL
49 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "2",
|
|
"date": "2017-08-23",
|
|
"extends_uuid": "",
|
|
"info": "OSINT - Votiro Labs exposed a new hacking campaign targeting Vietnamese organisations using weaponized Word documents",
|
|
"publish_timestamp": "1504871101",
|
|
"published": true,
|
|
"threat_level_id": "3",
|
|
"timestamp": "1504870956",
|
|
"uuid": "59b23be2-f440-4083-85d5-4e35950d210f",
|
|
"Orgc": {
|
|
"name": "CIRCL",
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#004646",
|
|
"local": "0",
|
|
"name": "type:OSINT",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#ffffff",
|
|
"local": "0",
|
|
"name": "tlp:white",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#00223b",
|
|
"local": "0",
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
"relationship_type": ""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b23c1c-ab7c-4add-8969-46f3950d210f",
|
|
"value": "https://www.votiro.com/single-post/2017/08/23/Votiro-Labs-exposed-a-new-hacking-campaign-targeting-Vietnamese-organisations-using-a-weaponized-Word-documents",
|
|
"Tag": [
|
|
{
|
|
"colour": "#00223b",
|
|
"local": "0",
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
"relationship_type": ""
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": false,
|
|
"type": "comment",
|
|
"uuid": "59b23c2a-9474-463b-8006-4e80950d210f",
|
|
"value": "Over the last few weeks, we collaborated with ClearSky and uncovered several indicators that were researched and found to be related to a new hacking campaign targeting large Vietnamese organisations. This campaign was found to be connected to the same party which previously targeted Vietnam Airlines and some other high profile targets possibly led by the Chinese 1937CN group. In this post we will review the research results of Votiro Labs and ClearSky, the weaponized documents and campaign infrastructure.",
|
|
"Tag": [
|
|
{
|
|
"colour": "#00223b",
|
|
"local": "0",
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
"relationship_type": ""
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23cc0-d194-41aa-b82e-4fe5950d210f",
|
|
"value": "2017_08_03_Th\u00c3\u00b4ng b\u00c3\u00a1o t\u00e1\u00bb\u2022 ch\u00e1\u00bb\u00a9c thi \u00c4\u2018\u00e1\u00ba\u00a5u m\u00c3\u00b4n Tennis v\u00c3\u00a0 b\u00c3\u00b3ng b\u00c3\u00a0n gi\u00e1\u00ba\u00a3i C\u00c4\u0090TTTT.doc|58c4d4e0aaefe4c5493243c877bbbe74"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23cc0-42e0-4478-ac9e-41ae950d210f",
|
|
"value": "517_CV-DU 10.8 sao gui CV 950-CV-BTCTW 18.5 sao g\u00e1\u00bb\u00adi v\u00c4\u0192n b\u00e1\u00ba\u00a3n x\u00c3\u00a1c \u00c4\u2018\u00e1\u00bb\u2039nh t\u00c6\u00b0\u00c6\u00a1ng \u00c4\u2018\u00c6\u00b0\u00c6\u00a1ng tr\u00c3\u00acnh \u00c4\u2018\u00e1\u00bb\u2122 cao c\u00e1\u00ba\u00a5p l\u00c3\u00bd lu\u00e1\u00ba\u00adn ch\u00c3\u00adnh tr\u00e1\u00bb\u2039.doc|b147314203f74fdda266805cf6f84876"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23cc0-eb50-4ea4-9e20-48d8950d210f",
|
|
"value": "Goopdate.dll|c3e9c9e99ed1b1116aaa9f93a36824ff"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b23ce7-0250-47c5-808e-475c950d210f",
|
|
"value": "https://www.virustotal.com/en/file/9cebae97a067cd7c2be50d7fd8afe5e9cf935c11914a1ab5ff59e91c1e7e5fc4/analysis/"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-16a4-4ad7-8b42-4426950d210f",
|
|
"value": "hanoi.danang.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-f6f8-4296-bef9-469c950d210f",
|
|
"value": "dalat.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename",
|
|
"uuid": "59b23d33-2590-4f0d-af24-4c89950d210f",
|
|
"value": "hanoi.dulichovietnam.net\u00d7\u201c"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-da18-447d-9a6a-4d5c950d210f",
|
|
"value": "danang.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-f7f4-4253-9cda-4f4e950d210f",
|
|
"value": "dalat.hanoi.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-99fc-4437-9681-4dc2950d210f",
|
|
"value": "hanoi.hanoi.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-0468-4ef9-bb77-490f950d210f",
|
|
"value": "danang.danang.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-d5a4-4540-a35f-4145950d210f",
|
|
"value": "danang.dalat.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-80a8-4743-8f36-47f8950d210f",
|
|
"value": "danang.hanoi.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-2f94-486f-810b-4f94950d210f",
|
|
"value": "dalat.dalat.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23d33-9f9c-458e-bd02-40c8950d210f",
|
|
"value": "hanoi.dalat.dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "dulichovietnam.net subdomain",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59b23d33-8874-482d-ba15-42ad950d210f",
|
|
"value": "dulichovietnam.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23daf-d7b0-4780-9824-4f09950d210f",
|
|
"value": "209.58.179.202"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23db0-3ae8-449a-ad09-4755950d210f",
|
|
"value": "209.58.176.46"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23db0-361c-4b3d-b79f-44b5950d210f",
|
|
"value": "188.42.254.112"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23db0-8298-4fad-b3a0-455a950d210f",
|
|
"value": "66.154.125.145"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23db0-f87c-463e-8e92-4142950d210f",
|
|
"value": "176.223.165.165"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "59b23db0-2e50-4c4b-be11-449b950d210f",
|
|
"value": "60.251.29.40"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-a6b0-4af8-bc8f-42e1950d210f",
|
|
"value": "anh.phimhainhat.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-76b0-45b6-8bea-413d950d210f",
|
|
"value": "data.dcsvn.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-c388-48b7-8b7d-4431950d210f",
|
|
"value": "data.phimnoi.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-516c-48b3-9a7a-4364950d210f",
|
|
"value": "dav.thanhnlen.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-4264-46bc-a7c3-4f25950d210f",
|
|
"value": "home.phimnoi.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-704c-48b0-8f60-4d80950d210f",
|
|
"value": "home.vietnamplos.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-51a4-47ce-bae3-4bb7950d210f",
|
|
"value": "login.phimhainhat.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-b254-48bf-ad72-4028950d210f",
|
|
"value": "login.phimnoi.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-8af0-44cf-81af-4f24950d210f",
|
|
"value": "my.phimhainhat.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-2570-4f52-8905-4528950d210f",
|
|
"value": "news.phapluats.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-83c8-4e79-8a9c-41ea950d210f",
|
|
"value": "news.vietnannet.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "59b23dbd-3298-4bf1-b083-4a9f950d210f",
|
|
"value": "vietnam.phimhainhat.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "59b23dd3-90f8-407d-ad0f-4ee2950d210f",
|
|
"value": "dcsvn.org"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2c-b950-4e65-87c1-4c8b950d210f",
|
|
"value": "17_CV-DU 10.8 sao gui CV 950-CV-BTCTW 18.5 sao g\u00e1\u00bb\u00adi v\u00c4\u0192n b\u00e1\u00ba\u00a3n x\u00c3\u00a1c \u00c4\u2018\u00e1\u00bb\u2039nh t\u00c6\u00b0\u00c6\u00a1ng \u00c4\u2018\u00c6\u00b0\u00c6\u00a1ng tr\u00c3\u00acnh \u00c4\u2018\u00e1\u00bb\u2122 cao c\u00e1\u00ba\u00a5p l\u00c3\u00bd lu\u00e1\u00ba\u00adn ch\u00c3\u00adnh tr\u00e1\u00bb\u2039.doc|b147314203f74fdda266805cf6f84876"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-c0b8-4fa9-bb9c-4b47950d210f",
|
|
"value": "2017_08_03_Thng bo t chc thi u mn Tennis v bng bn gii CTTTT.doc|58c4d4e0aaefe4c5493243c877bbbe74"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-6360-49ba-8f4d-40f3950d210f",
|
|
"value": "Kim Jong Un lm Bc Kinh mt n, mt ng .doc|3975c3ae679aff3e0d0db5622b6c31a5"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-6358-4119-a390-4a8a950d210f",
|
|
"value": "KS_ATTT_2017.doc|a64264e872f551b0b0140603293c24c7"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-d888-4146-a8bd-4f3e950d210f",
|
|
"value": "nhatdoinhatlo(TOAN VAN).doc|4965b96bef1353006008d55e178e72b0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-d240-42bb-8c43-48ec950d210f",
|
|
"value": "K hoch kim tra kho st Quyt nh 221 - BBT.doc|2cb51010abee4dee8aec5e16f2982e8f"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-207c-4334-83ad-40de950d210f",
|
|
"value": "XY DNG PHONG CCH NGI CNG AN NHN DN.doc, BC.doc|b5e473936d325b79d463e9f46602254b"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-3eec-457a-affd-4a73950d210f",
|
|
"value": "Biu mu kim tra, gim st- nm 2017(s dng ti cc chi b).doc|e58c41231eeba4952c03038d585ecca3"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-8ad0-4ca6-ab40-4cb0950d210f",
|
|
"value": "Tai Liu Phong Chng DBHB.doc|9fab515721ce1123e065497e6c854fd3"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-0e90-4e06-9ec1-417d950d210f",
|
|
"value": "m bo an ton APEC 2017.doc|0f1d8c43863231a3fe86c62894aa48e4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-982c-43a4-858d-4e83950d210f",
|
|
"value": "Gii thiu cng ty Huawei.doc|cd718baf0ec7284769c8f65dadde8bae"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-89f0-49b0-9161-4fe4950d210f",
|
|
"value": "Gioi Thieu Alibaba Group in VN Dec 2016.doc|7a618059557654214a1ba2370a48b887"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-1dd8-427d-850d-4bef950d210f",
|
|
"value": "De tai cuong quoc bien TQ.doc|6b44a8f4dcd0802a2cb6275d97362fb2"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-d5f0-4df2-8add-4e02950d210f",
|
|
"value": "Bo co cho cuc gp tng b th thng 1 nm 2017.doc|7a95abdf426144aa5305f1a59247f9aa"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-9b50-48ac-ae5c-4bb2950d210f",
|
|
"value": "Yu cu gi bi v bnh chn bi vit hay.doc|850172afad42dcfeb87af969f65759a6"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-0214-41cb-b9f3-44c1950d210f",
|
|
"value": "Chuyn giao quyn i din ch s hu vn nh nc v SCIC.doc|e27e1759081284db15da140132bbd79f"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-b87c-4856-a19c-473c950d210f",
|
|
"value": "Gop y phieu ghi y kien.doc|e27026fdaa4c118b9dac9592a0ea2003"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-1c78-4200-b9c8-4ec5950d210f",
|
|
"value": "K hoch tng lng, ngh Tt nm 2017.doc|4e78b1b95056c188753a8f79b2a41f0f"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-a20c-4827-8553-4b48950d210f",
|
|
"value": "Danh sch ngi Vit ti h s Panama.doc|f1a8aadb10a3c5c192b6d06d9699c276"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870950",
|
|
"to_ids": true,
|
|
"type": "filename|md5",
|
|
"uuid": "59b23f2d-2564-41dd-b2b7-49fc950d210f",
|
|
"value": "danh sch ban CT.doc|46c522cba5ce9d837f983206441bbd5b"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 46c522cba5ce9d837f983206441bbd5b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-1bd0-4a00-9eb7-4e3a02de0b81",
|
|
"value": "c5042912272a2977577ee41c5d5d747cbc39b68df4dfe44fbf79c6184ab11896"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 46c522cba5ce9d837f983206441bbd5b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-64fc-42f7-8dd9-48d702de0b81",
|
|
"value": "7c2ac162878f05e5c49f2c4d9cc34ad945803d7d"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 46c522cba5ce9d837f983206441bbd5b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-3894-4a03-b7c1-49f902de0b81",
|
|
"value": "https://www.virustotal.com/file/c5042912272a2977577ee41c5d5d747cbc39b68df4dfe44fbf79c6184ab11896/analysis/1503607934/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: f1a8aadb10a3c5c192b6d06d9699c276",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-c578-4a2e-a9ee-4c6c02de0b81",
|
|
"value": "52638a6f90084dc547c8b701bb0cbf7b7e7bb0bf3fecdb1809e37e45b4af8c37"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: f1a8aadb10a3c5c192b6d06d9699c276",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-bd24-40d1-97a3-44f102de0b81",
|
|
"value": "9b5be449e9191c079a78cef33c1f6cd2802b9895"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: f1a8aadb10a3c5c192b6d06d9699c276",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-d85c-4929-92e8-41ec02de0b81",
|
|
"value": "https://www.virustotal.com/file/52638a6f90084dc547c8b701bb0cbf7b7e7bb0bf3fecdb1809e37e45b4af8c37/analysis/1503607934/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 4e78b1b95056c188753a8f79b2a41f0f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-49a8-4e88-87cf-4acc02de0b81",
|
|
"value": "9eee7f6ab649d60485eaaf042a4830ba19a8fc6731b3c2b58f7ac94dc7f5d150"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 4e78b1b95056c188753a8f79b2a41f0f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-c7d8-4de1-8e6a-440202de0b81",
|
|
"value": "95ee6071cf8dde4861e68e28d05acf444491e66e"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 4e78b1b95056c188753a8f79b2a41f0f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-ca2c-4ff9-b544-4fd602de0b81",
|
|
"value": "https://www.virustotal.com/file/9eee7f6ab649d60485eaaf042a4830ba19a8fc6731b3c2b58f7ac94dc7f5d150/analysis/1503607934/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e27026fdaa4c118b9dac9592a0ea2003",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-489c-49df-9311-417502de0b81",
|
|
"value": "54285d3db6cee82ee40f512ff123661b158e2f621e08707320619413f1b69cec"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e27026fdaa4c118b9dac9592a0ea2003",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-b640-4636-aff3-413e02de0b81",
|
|
"value": "ab479fbd7e25b32f4e04b262816a5886be3f5cd7"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: e27026fdaa4c118b9dac9592a0ea2003",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-88d0-403f-a374-4c0f02de0b81",
|
|
"value": "https://www.virustotal.com/file/54285d3db6cee82ee40f512ff123661b158e2f621e08707320619413f1b69cec/analysis/1503607933/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e27e1759081284db15da140132bbd79f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-2dac-4768-97cc-4d7802de0b81",
|
|
"value": "4d1d2b2df13c47cd0dddfee035191ec31a87e9e1e203290da47aa5d945c158d0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e27e1759081284db15da140132bbd79f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-77e8-4ca0-8f2f-4a1c02de0b81",
|
|
"value": "b5b9bcebb4fd64572b96714a16dae67d80d2dc19"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: e27e1759081284db15da140132bbd79f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-3ec0-432d-b0cf-418602de0b81",
|
|
"value": "https://www.virustotal.com/file/4d1d2b2df13c47cd0dddfee035191ec31a87e9e1e203290da47aa5d945c158d0/analysis/1503607933/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 850172afad42dcfeb87af969f65759a6",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-7768-4ca9-9b7c-48c002de0b81",
|
|
"value": "f830b1331f1f49dea56fc1198115b779bc8e24d883e3fb2caa080e80601d0211"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 850172afad42dcfeb87af969f65759a6",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-83c8-4ad8-adfa-4eec02de0b81",
|
|
"value": "93e5aa15d65b39bd4ba1c52d9d5e47df35a56015"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 850172afad42dcfeb87af969f65759a6",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-7b10-41f9-a474-4fa702de0b81",
|
|
"value": "https://www.virustotal.com/file/f830b1331f1f49dea56fc1198115b779bc8e24d883e3fb2caa080e80601d0211/analysis/1503607933/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 7a95abdf426144aa5305f1a59247f9aa",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-c7a4-4116-a5c1-4a7a02de0b81",
|
|
"value": "efb14d8b1f30b4e9969cffb289929ed84b8e9208ce832d5945ad59ea4d8f3ae3"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 7a95abdf426144aa5305f1a59247f9aa",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-b5b0-41da-bccb-450c02de0b81",
|
|
"value": "c31b516aaadf2bc5c82f339ba9979c45c3256217"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 7a95abdf426144aa5305f1a59247f9aa",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-51f4-4740-b91f-487d02de0b81",
|
|
"value": "https://www.virustotal.com/file/efb14d8b1f30b4e9969cffb289929ed84b8e9208ce832d5945ad59ea4d8f3ae3/analysis/1503607932/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 6b44a8f4dcd0802a2cb6275d97362fb2",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-d790-4e24-9d0f-498102de0b81",
|
|
"value": "e8181f199706e0f1c2158b1a0d16d2a899a1e5caf012554fbd9a7a6faca0dff6"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 6b44a8f4dcd0802a2cb6275d97362fb2",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-2e70-4d38-baf7-4f8202de0b81",
|
|
"value": "3613b7e444986f07c38116d2e610b54c85863ffe"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 6b44a8f4dcd0802a2cb6275d97362fb2",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-87e8-491e-b205-4cad02de0b81",
|
|
"value": "https://www.virustotal.com/file/e8181f199706e0f1c2158b1a0d16d2a899a1e5caf012554fbd9a7a6faca0dff6/analysis/1503607932/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 7a618059557654214a1ba2370a48b887",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-4728-4062-942d-4bca02de0b81",
|
|
"value": "862e8a52d07df75f75a21785999bc2a2ad4b6816cadb0bb853dba0415903726c"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 7a618059557654214a1ba2370a48b887",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-b2d8-4694-90d6-4fbe02de0b81",
|
|
"value": "8614940ee0d7ae2cc11eaccb6eafe380b598c409"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 7a618059557654214a1ba2370a48b887",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-b768-469b-aaca-4aac02de0b81",
|
|
"value": "https://www.virustotal.com/file/862e8a52d07df75f75a21785999bc2a2ad4b6816cadb0bb853dba0415903726c/analysis/1494033988/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: cd718baf0ec7284769c8f65dadde8bae",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-0c0c-4ac0-9351-409402de0b81",
|
|
"value": "1e072e0153fe964a3699b6f8f183d70a33774199af0ff1f971a5f1dc0008bcba"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: cd718baf0ec7284769c8f65dadde8bae",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-790c-41f5-8b37-430a02de0b81",
|
|
"value": "d0df24da6237009c8c10ba6a9b77d82fb30a8eeb"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: cd718baf0ec7284769c8f65dadde8bae",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-487c-43b5-be94-4bcb02de0b81",
|
|
"value": "https://www.virustotal.com/file/1e072e0153fe964a3699b6f8f183d70a33774199af0ff1f971a5f1dc0008bcba/analysis/1503607932/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 0f1d8c43863231a3fe86c62894aa48e4",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-ebec-453b-b977-489502de0b81",
|
|
"value": "099627735a52b6998d820fa89adfb110d30dd586b3bafff55be2a4fce6f7d5ee"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 0f1d8c43863231a3fe86c62894aa48e4",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-4b1c-41de-a994-4c9302de0b81",
|
|
"value": "79d6b55f271f1d38ec3d9074295afa9b41f2154d"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 0f1d8c43863231a3fe86c62894aa48e4",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-8ae8-406a-b60b-449a02de0b81",
|
|
"value": "https://www.virustotal.com/file/099627735a52b6998d820fa89adfb110d30dd586b3bafff55be2a4fce6f7d5ee/analysis/1492670051/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 9fab515721ce1123e065497e6c854fd3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-91f4-4f14-bffa-461402de0b81",
|
|
"value": "2c531ed13fb12dbd649dcfbf56a41a7e530040943b69322c7f15cec4ddab78df"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 9fab515721ce1123e065497e6c854fd3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-5d7c-45ac-ad95-458602de0b81",
|
|
"value": "d7589920f5f88ab49568b06e796059979176b6bd"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 9fab515721ce1123e065497e6c854fd3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-d698-423d-967e-4ce802de0b81",
|
|
"value": "https://www.virustotal.com/file/2c531ed13fb12dbd649dcfbf56a41a7e530040943b69322c7f15cec4ddab78df/analysis/1493601780/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e58c41231eeba4952c03038d585ecca3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-07d4-4785-a161-474b02de0b81",
|
|
"value": "9587fc6d04090991402e4ebdecc78326c982fd2535012afa5539fa1568b8f7a0"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: e58c41231eeba4952c03038d585ecca3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-13f4-495f-9729-4fb002de0b81",
|
|
"value": "2b27ca2365a67fa35e5888c472105280081edcab"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: e58c41231eeba4952c03038d585ecca3",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-7e38-45b2-a53a-4bfa02de0b81",
|
|
"value": "https://www.virustotal.com/file/9587fc6d04090991402e4ebdecc78326c982fd2535012afa5539fa1568b8f7a0/analysis/1493429244/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: b5e473936d325b79d463e9f46602254b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-bf14-4971-93b1-4c9302de0b81",
|
|
"value": "a502b4ad425feabc0d68a994628956ae235cc6be2de86446137dfcc13ec8ab6a"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: b5e473936d325b79d463e9f46602254b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-99fc-46ee-bf42-457c02de0b81",
|
|
"value": "02227ab65f98be405407273cbb291480630c090e"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: b5e473936d325b79d463e9f46602254b",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-09b8-47a3-a5b4-4a8302de0b81",
|
|
"value": "https://www.virustotal.com/file/a502b4ad425feabc0d68a994628956ae235cc6be2de86446137dfcc13ec8ab6a/analysis/1493429421/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 2cb51010abee4dee8aec5e16f2982e8f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-564c-4ffa-9632-40d302de0b81",
|
|
"value": "2718e266802959ff3930188e4796ae4661cbb79c5249691d2a8ffbbf9e2c7e2a"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 2cb51010abee4dee8aec5e16f2982e8f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-7dc4-4847-bb7a-46a402de0b81",
|
|
"value": "943b771e002a2431a160ece7afd559ad000aa679"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 2cb51010abee4dee8aec5e16f2982e8f",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-3178-480a-a988-421502de0b81",
|
|
"value": "https://www.virustotal.com/file/2718e266802959ff3930188e4796ae4661cbb79c5249691d2a8ffbbf9e2c7e2a/analysis/1494376965/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 4965b96bef1353006008d55e178e72b0",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-989c-4a09-8a50-451602de0b81",
|
|
"value": "f5c0c928eeea0ab0f5d33b91e5b81e1ea1ea04bb1abd9a0d213c67763dcbdc4c"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 4965b96bef1353006008d55e178e72b0",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-087c-4552-8b1e-4a6402de0b81",
|
|
"value": "940b7e7f2a0da6a94d991239d2116b4fea5cb0be"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 4965b96bef1353006008d55e178e72b0",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-5830-4260-801c-415f02de0b81",
|
|
"value": "https://www.virustotal.com/file/f5c0c928eeea0ab0f5d33b91e5b81e1ea1ea04bb1abd9a0d213c67763dcbdc4c/analysis/1495848754/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: a64264e872f551b0b0140603293c24c7",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-b91c-4a4e-b633-419a02de0b81",
|
|
"value": "4fe949b7834e2ed7abdda6583b9dd97c232aeb5cc403ec9d0beb576f7ca3cec8"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: a64264e872f551b0b0140603293c24c7",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-eee4-467f-89d8-4f3e02de0b81",
|
|
"value": "ffeff0b7fa768d28fd4f8f740fb5bae1f327e20b"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: a64264e872f551b0b0140603293c24c7",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-b35c-426d-8612-45aa02de0b81",
|
|
"value": "https://www.virustotal.com/file/4fe949b7834e2ed7abdda6583b9dd97c232aeb5cc403ec9d0beb576f7ca3cec8/analysis/1497498716/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 3975c3ae679aff3e0d0db5622b6c31a5",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-191c-4bca-aa92-469502de0b81",
|
|
"value": "6ebdd1bc7c99fd0a123618f008aa49f766da9d2fd239033995e34a21a82753f7"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 3975c3ae679aff3e0d0db5622b6c31a5",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-21ac-4633-9e1a-4cdb02de0b81",
|
|
"value": "2a573176724b918ba073cae197b5e08a28f80507"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 3975c3ae679aff3e0d0db5622b6c31a5",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-3d24-49fd-ad90-4db002de0b81",
|
|
"value": "https://www.virustotal.com/file/6ebdd1bc7c99fd0a123618f008aa49f766da9d2fd239033995e34a21a82753f7/analysis/1495206672/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 58c4d4e0aaefe4c5493243c877bbbe74",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-51bc-4037-a99c-465302de0b81",
|
|
"value": "f6a4bab7d5664d7802f1007daa04ae71e0e2b829cd06faa9b93a465546837eb4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: 58c4d4e0aaefe4c5493243c877bbbe74",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-c578-42ee-bf7f-44ac02de0b81",
|
|
"value": "0ef1f16d230ea2f5908948f852e81812faa66383"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: 58c4d4e0aaefe4c5493243c877bbbe74",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-1650-419b-9f6a-4d7302de0b81",
|
|
"value": "https://www.virustotal.com/file/f6a4bab7d5664d7802f1007daa04ae71e0e2b829cd06faa9b93a465546837eb4/analysis/1504774170/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: b147314203f74fdda266805cf6f84876",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-e21c-4b0a-aa16-42c402de0b81",
|
|
"value": "5bdbf536e12c9150d15ae4af2d825ff2ec432d5147b0c3404c5d24655d9ebe52"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: b147314203f74fdda266805cf6f84876",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-6624-4757-8f2e-4c1602de0b81",
|
|
"value": "71307676b576e674e0a1f02d2366b1722b02a018"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: b147314203f74fdda266805cf6f84876",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-c3c4-4814-9b0a-40ef02de0b81",
|
|
"value": "https://www.virustotal.com/file/5bdbf536e12c9150d15ae4af2d825ff2ec432d5147b0c3404c5d24655d9ebe52/analysis/1504774081/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: c3e9c9e99ed1b1116aaa9f93a36824ff",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "59b28227-0224-4874-9d84-450502de0b81",
|
|
"value": "9cebae97a067cd7c2be50d7fd8afe5e9cf935c11914a1ab5ff59e91c1e7e5fc4"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "- Xchecked via VT: c3e9c9e99ed1b1116aaa9f93a36824ff",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "59b28227-7ff0-45e2-a605-4ed802de0b81",
|
|
"value": "e37fe6d35dbe6b3a3a381e10db880a6048ef0c0d"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "- Xchecked via VT: c3e9c9e99ed1b1116aaa9f93a36824ff",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1504870951",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "59b28227-0e64-4103-8bac-42ae02de0b81",
|
|
"value": "https://www.virustotal.com/file/9cebae97a067cd7c2be50d7fd8afe5e9cf935c11914a1ab5ff59e91c1e7e5fc4/analysis/1504741754/"
|
|
}
|
|
]
|
|
}
|
|
} |