2631 lines
No EOL
87 KiB
JSON
2631 lines
No EOL
87 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "0",
|
|
"date": "2019-12-12",
|
|
"extends_uuid": "",
|
|
"info": "OSINT - GALLIUM: Targeting global telecom",
|
|
"publish_timestamp": "1576485275",
|
|
"published": true,
|
|
"threat_level_id": "1",
|
|
"timestamp": "1576484865",
|
|
"uuid": "5df37253-ecc0-40ff-9ab9-4c44950d210f",
|
|
"Orgc": {
|
|
"name": "CIRCL",
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:malpedia=\"HTran\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"HTRAN\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"HTRAN - S0040\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"HTRAN\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"HTRAN - S0040\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0b8900",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"Htran\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:malpedia=\"MimiKatz\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"Mimikatz\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"Mimikatz - S0002\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"Mimikatz\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"Mimikatz - S0002\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#064800",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"Mimikatz\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"PsExec\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"PsExec - S0029\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"PsExec\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"PsExec - S0029\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"PsExec\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"Windows Credential Editor\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-tool=\"Windows Credential Editor - S0005\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"Windows Credential Editor\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-tool=\"Windows Credential Editor - S0005\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"Windows Credential Editor\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#004646",
|
|
"local": false,
|
|
"name": "type:OSINT",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0071c3",
|
|
"local": false,
|
|
"name": "osint:lifetime=\"perpetual\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#ffffff",
|
|
"local": false,
|
|
"name": "tlp:white",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#00223b",
|
|
"local": false,
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-malware=\"China Chopper\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-malware=\"China Chopper - S0020\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-malware=\"China Chopper\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-malware=\"China Chopper - S0020\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"China Chopper\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:malpedia=\"Poison Ivy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-malware=\"PoisonIvy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-enterprise-attack-malware=\"PoisonIvy - S0012\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-malware=\"PoisonIvy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:mitre-malware=\"PoisonIvy - S0012\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:rat=\"PoisonIvy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#043600",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"Poison Ivy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"poisonivy\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:microsoft-activity-group=\"GALLIUM\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"Netcat\"",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#0088cc",
|
|
"local": false,
|
|
"name": "misp-galaxy:tool=\"NBTScan\"",
|
|
"relationship_type": ""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576235704",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "5df372b8-5b40-478d-a93d-4cf1950d210f",
|
|
"value": "https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239029",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fb5-e9a4-4ed8-9abe-4850950d210f",
|
|
"value": "asyspy256.ddns.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239034",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fba-2648-4954-980c-444a950d210f",
|
|
"value": "hotkillmail9sddcc.ddns.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239040",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fc0-7bf4-4030-bf71-4e71950d210f",
|
|
"value": "rosaf112.ddns.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239046",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fc6-d1d4-4b40-a7ac-46e3950d210f",
|
|
"value": "cvdfhjh1231.myftp.biz"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239046",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fc6-48d8-4b0d-af0b-4814950d210f",
|
|
"value": "sz2016rose.ddns.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239047",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fc7-46b0-42c1-8578-4923950d210f",
|
|
"value": "dffwescwer4325.myftp.biz"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576239047",
|
|
"to_ids": true,
|
|
"type": "hostname",
|
|
"uuid": "5df37fc7-7f30-479f-8358-43f4950d210f",
|
|
"value": "cvdfhjh1231.ddns.net"
|
|
},
|
|
{
|
|
"category": "Antivirus detection",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576241825",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "5df38aa1-7a6c-4df4-bbfa-4ca0950d210f",
|
|
"value": "TrojanDropper:Win32/BlackMould.A!dha\r\nTrojan:Win32/BlackMould.B!dha\r\nTrojan:Win32/QuarkBandit.A!dha\r\nTrojan:Win32/Sidelod.A!dha"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1576245716",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "5df399d4-fa1c-48d7-bca2-48b4950d210f",
|
|
"value": "https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/GalliumIOCs.yaml"
|
|
}
|
|
],
|
|
"Object": [
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241869",
|
|
"uuid": "1ab9b5d3-f394-4a58-b890-e4ec2f6c7f58",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241870",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "e5a03a77-09fa-4a95-9ef8-69dbd0041a97",
|
|
"value": "9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241870",
|
|
"uuid": "9c77c3fa-73df-450c-b5b3-ce88e70e25c6",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241870",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "760a1300-5b9b-4df9-93fe-9d2fa905d50a",
|
|
"value": "7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241870",
|
|
"uuid": "6841f72d-d8d2-4cea-bff0-ecd5e746cb44",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241871",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "9248e543-4985-4cfb-9e41-a865346af781",
|
|
"value": "657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241871",
|
|
"uuid": "0d9e0fdd-9a73-472b-9de0-3eb7b1a3ce73",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241871",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "c99aacb9-7f8f-42f9-a4a3-261506d8d7e9",
|
|
"value": "2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241871",
|
|
"uuid": "81b35f61-e33f-4ce5-9264-a42e4061dc89",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241872",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "e8d99491-3a18-4b37-9001-6abeedb2c1df",
|
|
"value": "52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241872",
|
|
"uuid": "34fb3676-5716-43dd-8a1c-8b180f793c25",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241872",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "2c35065a-802f-41f7-8dd1-de8198329246",
|
|
"value": "a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241872",
|
|
"uuid": "10f1f733-c7ee-41a9-bfc7-de76c69a386e",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241873",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "b12ce1d2-19b4-4fba-844f-8d1c7387e14a",
|
|
"value": "5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241873",
|
|
"uuid": "55309c26-5c02-464f-939a-d71ccd33e1a2",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241873",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "f81c6481-b695-4f21-ad38-2008f875c92a",
|
|
"value": "6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241874",
|
|
"uuid": "52ea1550-80eb-4398-9011-e294c4b04153",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241874",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5979cd05-152c-4bad-aae5-41f3f4961b90",
|
|
"value": "3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241874",
|
|
"uuid": "fd50853a-5080-4c08-875a-13b25c64f6fb",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241874",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "9f7599c9-44c7-4150-9218-1620a8b73acc",
|
|
"value": "1922a419f57afb351b58330ed456143cc8de8b3ebcbd236d26a219b03b3464d7"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241874",
|
|
"uuid": "473b147e-5cd4-4acb-ae0d-03cbe777e19a",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241875",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "cb9e2f4a-a701-4815-9b86-5ec293f315fe",
|
|
"value": "fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241875",
|
|
"uuid": "c609fe42-cc46-4ff3-bda8-83175257560a",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241876",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "ac202668-4fdf-45be-9d2d-00ec78793f63",
|
|
"value": "7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241876",
|
|
"uuid": "826b488e-d80e-46eb-81d0-a2d7f255c391",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241876",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5ec4d19d-1b78-41da-a5e6-2657e797930f",
|
|
"value": "178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241876",
|
|
"uuid": "5ae707a9-1413-40e1-9bfb-0ab797935daf",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241877",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "4d668582-02d7-4928-a036-987fe1d257a0",
|
|
"value": "51f70956fa8c487784fd21ab795f6ba2199b5c2d346acdeef1de0318a4c729d9"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241892",
|
|
"uuid": "2ff483f1-bfd4-4bc0-834a-6090bd524eb7",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241892",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "cda847c2-c378-4146-958f-e0e3d5a46e1b",
|
|
"value": "889bca95f1a69e94aaade1e959ed0d3620531dc0fc563be9a8decf41899b4d79"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241892",
|
|
"uuid": "887e619e-e714-4276-88ab-5bee4ce7e1bf",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241892",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "8205aab5-4e4b-4178-b10b-fd2cb6f36cb9",
|
|
"value": "332ddaa00e2eb862742cb8d7e24ce52a5d38ffb22f6c8bd51162bd35e84d7ddf"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241893",
|
|
"uuid": "9714d7cb-273f-451a-bbe2-46a44d787eb5",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241893",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "96b46989-a9c0-414a-a678-2cfd20bb5c85",
|
|
"value": "44bcf82fa536318622798504e8369e9dcdb32686b95fcb44579f0b4efa79df08"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241893",
|
|
"uuid": "9a81a9ad-91c8-415b-9a7d-a24f2cd80fc7",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241894",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "1f287fbd-bf51-4ef0-9f34-63e54bad6d37",
|
|
"value": "63552772fdd8c947712a2cff00dfe25c7a34133716784b6d486227384f8cf3ef"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576241894",
|
|
"uuid": "af74e22f-def9-4891-a20e-3ba3717f3023",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576241894",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "e86f5228-f629-488d-8361-7cff088abb19",
|
|
"value": "056744a3c371b5938d63c396fe094afce8fb153796a65afa5103e1bffd7ca070"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245070",
|
|
"uuid": "2fb968c9-e5e3-4b24-8b1d-efd3ada12b7b",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245071",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "8bd78513-30e4-4ebc-9c6d-1444994ae708",
|
|
"value": "53a44c2396d15c3a03723fa5e5db54cafd527635"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245074",
|
|
"uuid": "da89646f-07af-4568-9b31-2c65c6b02730",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245074",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "6c97860d-50a1-4f0c-b3a6-b7299a56694f",
|
|
"value": "9c5e496921e3bc882dc40694f1dcc3746a75db19"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245075",
|
|
"uuid": "6e35ecff-22ac-425f-a762-9be0777ba592",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "de09f119-2306-4823-b7dd-75f03d5c8a7f",
|
|
"value": "aeb573accfd95758550cf30bf04f389a92922844"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245075",
|
|
"uuid": "996a2bc0-ccfe-498c-8c90-76cc314ce0d2",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "27cfcd8e-8cd2-4c9f-ad3d-690218f1f62f",
|
|
"value": "79ef78a797403a4ed1a616c68e07fff868a8650a"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245075",
|
|
"uuid": "bbac27c8-bbc2-4b2f-a6eb-14a3a2a8372f",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "d0984abb-1e78-43fa-87b0-aa07fff07d2c",
|
|
"value": "4f6f38b4cec35e895d91c052b1f5a83d665c2196"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245076",
|
|
"uuid": "f263f4bd-a56e-4765-ab3d-a0119f26e56e",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "b62edd47-a083-4722-987c-8037272199ea",
|
|
"value": "1e8c2cac2e4ce7cbd33c3858eb2e24531cb8a84d"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245076",
|
|
"uuid": "08f20998-85ef-4436-babb-88289b5eb454",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "0e48bdd8-0c80-4d25-8639-0787facd85b8",
|
|
"value": "e841a63e47361a572db9a7334af459ddca11347a"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245077",
|
|
"uuid": "3d8a573b-fb90-4313-ba6d-947ba1898b88",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245077",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "4f360c68-7b2c-4ce9-85d4-d7d23bfcd820",
|
|
"value": "c28f606df28a9bc8df75a4d5e5837fc5522dd34d"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245077",
|
|
"uuid": "227aa6db-279d-4d22-913b-c1c913c53bca",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "70b7b7cb-04c0-4cd0-989b-02e052750ae8",
|
|
"value": "2e94b305d6812a9f96e6781c888e48c7fb157b6b"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245078",
|
|
"uuid": "05335725-d07e-4334-a7b2-1955bc6986af",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "fc638752-ce07-4756-9037-656f5c62236e",
|
|
"value": "dd44133716b8a241957b912fa6a02efde3ce3025"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245078",
|
|
"uuid": "f853a427-6331-46ab-b63c-3af015ff2e9c",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "efe0bb4f-f180-42f9-808b-7a2bd1c6e12f",
|
|
"value": "8793bf166cb89eb55f0593404e4e933ab605e803"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245079",
|
|
"uuid": "18187a32-3e83-48fb-b46f-0a1f393cee30",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245079",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "d3fed224-0481-4017-bf30-9c8335735eae",
|
|
"value": "a39b57032dbb2335499a51e13470a7cd5d86b138"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245080",
|
|
"uuid": "8866af47-785b-49c3-8434-6e9e9645bce9",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245080",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "657ad32f-d7d4-485f-8bc4-c895f295b73c",
|
|
"value": "41cc2b15c662bc001c0eb92f6cc222934f0beeea"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245080",
|
|
"uuid": "ec7c6a1d-bcdb-4b78-b97d-dc882cd85149",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245080",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "245bfce4-f103-4553-abb2-dccdac256700",
|
|
"value": "d209430d6af54792371174e70e27dd11d3def7a7"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245080",
|
|
"uuid": "a53cd17d-fea7-4aa3-a253-49d0fd227668",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245081",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "8dfad927-e2e2-48cd-b8b3-20cda013d50f",
|
|
"value": "1c6452026c56efd2c94cea7e0f671eb55515edb0"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245093",
|
|
"uuid": "453c9095-c7d4-4f7b-8e18-5592705bb6cc",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245094",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "e73d6c4b-75be-4ae4-a79d-942616e03d3e",
|
|
"value": "c6b41d3afdcdcaf9f442bbe772f5da871801fd5a"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245094",
|
|
"uuid": "97b788de-edb1-441f-87eb-77692b92d705",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245094",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "035c7537-c3c3-4ab6-ad46-5f603df55692",
|
|
"value": "4923d460e22fbbf165bbbaba168e5a46b8157d9f"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245094",
|
|
"uuid": "e2f4d2bb-d70b-4c5e-9993-9770649645ea",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245095",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "9ff149f3-a750-442a-bf3b-15448d118ea3",
|
|
"value": "f201504bd96e81d0d350c3a8332593ee1c9e09de"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "16",
|
|
"timestamp": "1576245095",
|
|
"uuid": "656bff64-0ad2-4a70-889b-ef9a0a41f8a5",
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245095",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "83f9f04c-ce2a-4236-8aa8-e1f10f49a377",
|
|
"value": "ddd2db1127632a2a52943a2fe516a2e7d05d70d2"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245452",
|
|
"uuid": "693e7281-40be-4cb3-8d42-f1b88c69afd9",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "693e7281-40be-4cb3-8d42-f1b88c69afd9",
|
|
"referenced_uuid": "5792ac9e-9214-4610-b440-f5afaa5d1539",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245456",
|
|
"uuid": "5df398d0-4094-4986-8e78-4b37950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245077",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "62df7f72-c453-4bd1-b205-31b4dcc7bb8a",
|
|
"value": "96f56b9aff235a11ed946b50344edabd"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245077",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "be18f81e-464c-40b4-9c71-5f3a3f5ff8ae",
|
|
"value": "c28f606df28a9bc8df75a4d5e5837fc5522dd34d"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245077",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "06733997-b17a-43fe-8098-b6cabd9b9f1f",
|
|
"value": "6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245452",
|
|
"uuid": "5792ac9e-9214-4610-b440-f5afaa5d1539",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245077",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "d91da7de-b335-49e1-9593-9b2f71a3d378",
|
|
"value": "2019-12-13T05:17:42"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245077",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "4aebae14-d216-4f01-86cf-bfe16625140c",
|
|
"value": "https://www.virustotal.com/file/6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883/analysis/1576214262/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245077",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "b863ee68-dc5a-4623-9a84-17475c017e36",
|
|
"value": "34/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245452",
|
|
"uuid": "70155b79-cdd0-440e-bedd-0386e13c85eb",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "70155b79-cdd0-440e-bedd-0386e13c85eb",
|
|
"referenced_uuid": "ce794ae7-39c0-4845-8bf8-38b89a365563",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-1d10-437f-8122-4749950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "859f80ba-4d4e-4dae-85c9-dc6cfa350ca2",
|
|
"value": "c990e02f274127e7be060f40c9c79e8b"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "983b45be-148d-4fda-a258-70c096e36fca",
|
|
"value": "1e8c2cac2e4ce7cbd33c3858eb2e24531cb8a84d"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "aced5885-08df-4b3c-be17-bccf1e46533c",
|
|
"value": "a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245453",
|
|
"uuid": "ce794ae7-39c0-4845-8bf8-38b89a365563",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "e64cc1e0-3a43-4c86-8aea-73d544222bb7",
|
|
"value": "2019-12-13T08:46:40"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "a1309c7b-f004-4c14-bbb2-b620d7abb255",
|
|
"value": "https://www.virustotal.com/file/a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3/analysis/1576226800/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "6ff64900-8e27-4c01-8e22-47c02f4b4b0c",
|
|
"value": "20/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245453",
|
|
"uuid": "102841b3-7248-485e-b1a8-9cc72ed1efbb",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "102841b3-7248-485e-b1a8-9cc72ed1efbb",
|
|
"referenced_uuid": "33bc1e10-c0af-465f-96e8-cf37ab9202bf",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-98d8-4976-9b21-4577950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245071",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "587d30af-a66a-442c-b227-5e3fc8c24b85",
|
|
"value": "3586f78ad5596f68536dfd75df54db1e"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245071",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "6737c848-326d-4a72-8bcb-c82d06e4bf1e",
|
|
"value": "53a44c2396d15c3a03723fa5e5db54cafd527635"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245071",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "c27a65ef-3b9b-490b-a31e-280e5875b2e5",
|
|
"value": "9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245453",
|
|
"uuid": "33bc1e10-c0af-465f-96e8-cf37ab9202bf",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245071",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "34ae0591-d663-4bf6-8b97-619c6facf553",
|
|
"value": "2019-12-13T11:02:11"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245071",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "feff165f-3940-4e94-bf82-c1226cd73755",
|
|
"value": "https://www.virustotal.com/file/9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd/analysis/1576234931/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245071",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "083a323a-4de3-4a03-bd8a-675014dcf4f2",
|
|
"value": "18/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245453",
|
|
"uuid": "b6b3ac5a-b33a-422f-93c1-17a9ea2530b1",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "b6b3ac5a-b33a-422f-93c1-17a9ea2530b1",
|
|
"referenced_uuid": "3d5fb681-223c-43f5-95ca-1fd0a5901117",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-b4d0-4683-8e30-4023950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "592d4d38-5341-4116-8b7e-c56307e8504c",
|
|
"value": "723a98a3b0f9db7e15533848abe1fdfb"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "27e63aea-1242-44ce-924d-2d75b3b4d165",
|
|
"value": "aeb573accfd95758550cf30bf04f389a92922844"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "c6b0b18e-ecf3-4975-9b9d-e84116762faf",
|
|
"value": "657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245453",
|
|
"uuid": "3d5fb681-223c-43f5-95ca-1fd0a5901117",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "e07c14a6-4666-40b2-b3f6-7026967aa5da",
|
|
"value": "2019-12-13T05:07:33"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "eafe9e21-8c9d-4faa-bcfd-cada8479116b",
|
|
"value": "https://www.virustotal.com/file/657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5/analysis/1576213653/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "eeb1e6dc-a639-41e8-96f8-6e45e582a02f",
|
|
"value": "28/69"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245453",
|
|
"uuid": "978422c6-1b76-46fe-8ee6-09cf6b05a382",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "978422c6-1b76-46fe-8ee6-09cf6b05a382",
|
|
"referenced_uuid": "5cf9c477-54ee-4314-8618-94b32a714bd2",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-86b0-4904-bdf1-446b950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "9464855e-ea1d-4812-8412-d036ae32c35a",
|
|
"value": "55053850260a402fba7661a0c7920457"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "72538fa1-7868-4062-8274-36d5bff160b1",
|
|
"value": "4f6f38b4cec35e895d91c052b1f5a83d665c2196"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "3d375d55-7435-4b86-9ba8-cb8157c30e90",
|
|
"value": "52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245453",
|
|
"uuid": "5cf9c477-54ee-4314-8618-94b32a714bd2",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "09c31cff-f211-4f0c-81a7-0b92fc02d931",
|
|
"value": "2019-12-13T05:13:03"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "02adb680-af12-432e-83c0-4e3bc1eeeb17",
|
|
"value": "https://www.virustotal.com/file/52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77/analysis/1576213983/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "67e13421-5ecb-4dd3-b55f-b912a978fb42",
|
|
"value": "19/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245454",
|
|
"uuid": "db7f46ee-b12d-4740-b7f4-2a6a75d4d220",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "db7f46ee-b12d-4740-b7f4-2a6a75d4d220",
|
|
"referenced_uuid": "cd155fb0-ffa7-4c2d-9abe-9da8b19e38a9",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-ec80-4a78-948b-4bd4950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "a52f93a3-0b6f-41fb-a310-26600147f263",
|
|
"value": "7824babea1ebfc326648659cb69544f3"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "5834b075-f88f-41ae-8aab-28207b7ef272",
|
|
"value": "2e94b305d6812a9f96e6781c888e48c7fb157b6b"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "794655d9-2865-48cb-b258-28e7e94e53a7",
|
|
"value": "3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245454",
|
|
"uuid": "cd155fb0-ffa7-4c2d-9abe-9da8b19e38a9",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "b42cf5fe-00da-4f57-bbc8-6a980ad19874",
|
|
"value": "2019-12-13T05:16:05"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "e250b83b-9623-47d4-a980-f036c0d1724e",
|
|
"value": "https://www.virustotal.com/file/3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e/analysis/1576214165/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "4e1fff20-4041-45b9-a25a-42faccf6e274",
|
|
"value": "27/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245454",
|
|
"uuid": "39743303-990f-4a10-ab79-e6d47f402ed7",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "39743303-990f-4a10-ab79-e6d47f402ed7",
|
|
"referenced_uuid": "b72db847-00e8-40b7-98f4-4f75dfb66774",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-5aa8-47fa-93bb-4146950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245074",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "536b67d9-df7c-4221-8d8d-319e50eae9a2",
|
|
"value": "2e834d8dde313e992997cbda050a15f1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245074",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "74c01d32-acca-4649-96a1-c35f2f3e88e5",
|
|
"value": "9c5e496921e3bc882dc40694f1dcc3746a75db19"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245074",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "9760d81f-122b-4171-ab91-2e707e1578f5",
|
|
"value": "7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245454",
|
|
"uuid": "b72db847-00e8-40b7-98f4-4f75dfb66774",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245074",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "985d4c3a-1472-4c08-9f3b-c85db8f3eb43",
|
|
"value": "2019-12-13T05:06:11"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245074",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "809bee2f-38d3-46fa-967f-ad880079bf1f",
|
|
"value": "https://www.virustotal.com/file/7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b/analysis/1576213571/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245074",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "abccc32d-fad9-443d-bc3e-a0208d8bdf8d",
|
|
"value": "27/69"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245454",
|
|
"uuid": "0437445d-8bc7-47a2-96a6-4f86ad3906bc",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "0437445d-8bc7-47a2-96a6-4f86ad3906bc",
|
|
"referenced_uuid": "bbc49ff1-0987-4ad0-8546-454088138ebd",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-1520-4667-9e6f-4f11950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "e05b9b05-949e-456c-9d9c-03f37814f823",
|
|
"value": "07de7a95efb47958b6f61e91e396f8e1"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "c18fa678-7d9f-439e-a16b-ceda68abf8e1",
|
|
"value": "8793bf166cb89eb55f0593404e4e933ab605e803"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245078",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "3bff00fc-988e-41b4-90a7-8e02c4f1544c",
|
|
"value": "fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245454",
|
|
"uuid": "bbc49ff1-0987-4ad0-8546-454088138ebd",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "3ba1c6dc-bc42-4ec7-aec3-4d2513c454aa",
|
|
"value": "2019-12-13T05:21:00"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "9929cdda-8240-4fcb-8e10-e11bbc49b53f",
|
|
"value": "https://www.virustotal.com/file/fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1/analysis/1576214460/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245078",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "5b3b1dbd-56bc-4055-bd17-7c2614059c01",
|
|
"value": "34/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245454",
|
|
"uuid": "53bc836d-94d5-4620-b23a-ce3bf3cc4b2e",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "53bc836d-94d5-4620-b23a-ce3bf3cc4b2e",
|
|
"referenced_uuid": "34935b31-c353-4fff-bbf8-6138b7a1509a",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-2c8c-4390-b1d4-4280950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245080",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "cdc659a9-2eb7-46a0-8c01-43d18c3d3a21",
|
|
"value": "a2d9b9d9e2207168206ea47644325cfc"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245080",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "bfe30749-a05c-4683-b14e-cca1a9cacb0e",
|
|
"value": "41cc2b15c662bc001c0eb92f6cc222934f0beeea"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245080",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "6f260146-705b-44de-af69-bfc9da29a417",
|
|
"value": "178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245455",
|
|
"uuid": "34935b31-c353-4fff-bbf8-6138b7a1509a",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245080",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "bee7bb03-3869-47f8-92e1-92caf4de588c",
|
|
"value": "2019-12-13T05:20:05"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245080",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "0546eeff-6ac3-4e73-95c8-a7367eebeef3",
|
|
"value": "https://www.virustotal.com/file/178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945/analysis/1576214405/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245080",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "92b72726-f2f8-4031-bee1-3cebda095f1d",
|
|
"value": "37/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245455",
|
|
"uuid": "cdcde630-7eb0-4b15-ac5b-de2ce5429c42",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "cdcde630-7eb0-4b15-ac5b-de2ce5429c42",
|
|
"referenced_uuid": "e7833a09-cac6-42ca-8b1a-945a7bfec0f6",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-1a00-4d07-8d65-4a04950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245079",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "df71b6e2-5a7b-4295-a99e-25b48f805b4c",
|
|
"value": "c1836091070bf23af23e9eaf62d45380"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245079",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "f23d3207-9e19-49b2-82a1-72ae1865b168",
|
|
"value": "a39b57032dbb2335499a51e13470a7cd5d86b138"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245079",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "5ac713c5-a511-466e-889f-a182823e108f",
|
|
"value": "7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245455",
|
|
"uuid": "e7833a09-cac6-42ca-8b1a-945a7bfec0f6",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245079",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "25f4e334-dfa0-4571-82cd-632e8f09bc97",
|
|
"value": "2019-12-13T05:19:25"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245079",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "874c5a63-8f12-4c6b-a7d4-7d5e96f0bdec",
|
|
"value": "https://www.virustotal.com/file/7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c/analysis/1576214365/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245079",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "460c13d4-ec16-4513-b28f-de1554c90499",
|
|
"value": "31/70"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245455",
|
|
"uuid": "57ef2d67-fc65-4c12-ab9f-10ea2a89f9e0",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "57ef2d67-fc65-4c12-ab9f-10ea2a89f9e0",
|
|
"referenced_uuid": "0cc004d1-66e1-471f-af25-5ed9301bc765",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-3d88-4147-863d-43ec950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "303930f5-e6ec-412d-aa4f-3af7435658ac",
|
|
"value": "9a97ddbb141d01ce0b1b994399cfb7dc"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "162453bc-3399-4bd1-859d-f4d4f5ea35de",
|
|
"value": "e841a63e47361a572db9a7334af459ddca11347a"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245076",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "4112c335-522f-480f-9777-414f61d3e8d3",
|
|
"value": "5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245455",
|
|
"uuid": "0cc004d1-66e1-471f-af25-5ed9301bc765",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "1470140e-a854-4eff-876f-296372ed2b6f",
|
|
"value": "2019-12-13T05:13:50"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "eb72bc03-9c83-4050-ade5-242671cf68a4",
|
|
"value": "https://www.virustotal.com/file/5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022/analysis/1576214030/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245076",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "aee60370-6aa3-49fc-b8fe-f370a4b083aa",
|
|
"value": "48/69"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "File object describing a file with meta-information",
|
|
"meta-category": "file",
|
|
"name": "file",
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
"template_version": "17",
|
|
"timestamp": "1576245455",
|
|
"uuid": "98de906b-cea2-4397-b05f-17ca7375d016",
|
|
"ObjectReference": [
|
|
{
|
|
"comment": "",
|
|
"object_uuid": "98de906b-cea2-4397-b05f-17ca7375d016",
|
|
"referenced_uuid": "59638fcb-5d31-4187-8809-1ea84b8f6941",
|
|
"relationship_type": "analysed-with",
|
|
"timestamp": "1576245457",
|
|
"uuid": "5df398d1-daf8-4925-b89d-4a05950d210f"
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "md5",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "e38efe91-50f3-4f77-8e03-c563a97a9af1",
|
|
"value": "fee9bc26f55c2049e1b64616a442dc7b"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha1",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "fdb1a47c-a4e9-4856-8997-9e2e0fd41e34",
|
|
"value": "79ef78a797403a4ed1a616c68e07fff868a8650a"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "sha256",
|
|
"timestamp": "1576245075",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "b4624b83-ee87-47e9-94ed-001d86226014",
|
|
"value": "2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"comment": "",
|
|
"deleted": false,
|
|
"description": "VirusTotal report",
|
|
"meta-category": "misc",
|
|
"name": "virustotal-report",
|
|
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
|
|
"template_version": "2",
|
|
"timestamp": "1576245456",
|
|
"uuid": "59638fcb-5d31-4187-8809-1ea84b8f6941",
|
|
"Attribute": [
|
|
{
|
|
"category": "Other",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "last-submission",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "datetime",
|
|
"uuid": "274253ce-2484-430a-b650-d496e365efb7",
|
|
"value": "2018-11-20T16:14:01"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"object_relation": "permalink",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "edcc66d8-48c3-4d2b-9728-87b7904e6e5b",
|
|
"value": "https://www.virustotal.com/file/2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29/analysis/1542730441/"
|
|
},
|
|
{
|
|
"category": "Payload delivery",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": true,
|
|
"object_relation": "detection-ratio",
|
|
"timestamp": "1576245075",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "73195f2e-781b-4453-8169-7acff91432c6",
|
|
"value": "33/65"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
} |