{ "Event": { "analysis": "1", "date": "2025-01-13", "extends_uuid": "", "info": "[Threat Intel] Chinese Malware Delivery Websites", "protected": false, "publish_timestamp": "1780041097", "published": true, "threat_level_id": "3", "timestamp": "1772902042", "uuid": "2d00aaa6-8c68-4ac1-8197-2c2471fe9ade", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#983d3b", "local": false, "name": "misp-galaxy:producer=\"Domaintools\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-OTX\"", "relationship_type": "" }, { "colour": "#e7d48a", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"System Owner/User Discovery - T1033\"", "relationship_type": "" }, { "colour": "#77a4ec", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Email Collection - T1114\"", "relationship_type": "" }, { "colour": "#3909cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Automated Collection - T1119\"", "relationship_type": "" }, { "colour": "#0ec9f4", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Peripheral Device Discovery - T1120\"", "relationship_type": "" }, { "colour": "#7d7034", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"System Information Discovery - T1082\"", "relationship_type": "" }, { "colour": "#ff841f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Application Layer Protocol - T1071\"", "relationship_type": "" }, { "colour": "#68f2ff", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"", "relationship_type": "" }, { "colour": "#a9bb6d", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Credentials from Password Stores - T1555\"", "relationship_type": "" }, { "colour": "#81b347", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Remote Access Software - T1219\"", "relationship_type": "" }, { "colour": "#9f6bd9", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"System Network Configuration Discovery - T1016\"", "relationship_type": "" }, { "colour": "#20f80d", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Command and Scripting Interpreter - T1059\"", "relationship_type": "" }, { "colour": "#0c0051", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"", "relationship_type": "" }, { "colour": "#1cbe6b", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Virtualization/Sandbox Evasion - T1497\"", "relationship_type": "" }, { "colour": "#3780c6", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"User Execution - T1204\"", "relationship_type": "" }, { "colour": "#62f4c1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"", "relationship_type": "" }, { "colour": "#1b95cd", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Phishing - T1566\"", "relationship_type": "" }, { "colour": "#3b33aa", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Subvert Trust Controls - T1553\"", "relationship_type": "" }, { "colour": "#356c41", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Encrypted Channel - T1573\"", "relationship_type": "" }, { "colour": "#2e58ce", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Input Capture - T1056\"", "relationship_type": "" }, { "colour": "#d82db7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Query Registry - T1012\"", "relationship_type": "" }, { "colour": "#07a4a1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data Encoding - T1132\"", "relationship_type": "" }, { "colour": "#50bcaa", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Software Discovery - T1518\"", "relationship_type": "" }, { "colour": "#52d590", "local": false, "name": "misp-galaxy:target-information=\"China\"", "relationship_type": "" }, { "colour": "#915448", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#e459c3", "local": false, "name": "misp-galaxy:target-information=\"Hong Kong\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Ghost RAT\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Lumma Stealer\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"RedLine Stealer\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Remcos\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"ValleyRAT\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#110041", "local": false, "name": "rectifyq:sub-category=\"malware-analysis\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#3a00e0", "local": false, "name": "rectifyq:action-taken=\"x\"", "relationship_type": "" }, { "colour": "#3b00e2", "local": false, "name": "rectifyq:action-taken=\"linkedin\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737117469", "to_ids": false, "type": "link", "uuid": "5b0006ab-725f-42e8-86a0-092e32f812e0", "value": "https://dti.domaintools.com/chinese-malware-delivery-websites/" }, { "category": "Other", "comment": "Description", "deleted": false, "disable_correlation": false, "timestamp": "1737117469", "to_ids": false, "type": "text", "uuid": "ff702937-f37a-48a6-8746-f00f77663751", "value": "A cluster of over 400 domains have been registered since June 2024 to host spoofed websites delivering malware to Chinese-speaking users. The sites imitate popular applications like web browsers, VPNs, messaging apps, and crypto wallets. Identified malware includes Gh0stRAT, ValleyRAT, RemKos RAT, LummaStealer, and RedLine. The domains share registration details, infrastructure, and website configurations. Lures include fake login pages and software downloads. The activity shows similarities to the previously reported APT group SilverFox, suggesting an organized hack-for-hire or state-sponsored operation targeting Chinese speakers, possibly for credential theft and system access." }, { "category": "Other", "comment": "Summary", "deleted": false, "disable_correlation": false, "timestamp": "1737117469", "to_ids": false, "type": "text", "uuid": "696bb804-8e8c-4ccc-8141-a799a1956a1d", "value": "Name: Chinese Malware Delivery Websites\nAuthor: AlienVault\nAdversary: SilverFox\nTags: [\"valleyrat\", \"remote access trojans\", \"lummastealer\", \"chinese-speaking users\", \"apt\", \"remkos rat\", \"malware delivery\", \"redline\", \"spoofed websites\", \"gh0strat\", \"credential theft\", \"farfli\", \"hack-for-hire\"]\nTgtd countries: [\"China\", \"Malaysia\", \"Hong Kong\"]\nMlwr families: [\"Gh0stRAT\", \"ValleyRAT\", \"RemKos RAT\", \"LummaStealer\", \"RedLine\", \"Farfli\"]\nAttack_ids: [\"T1033\", \"T1114\", \"T1119\", \"T1120\", \"T1082\", \"T1071\", \"T1005\", \"T1555\", \"T1219\", \"T1016\", \"T1059\", \"T1083\", \"T1497\", \"T1204\", \"T1057\", \"T1566\", \"T1553\", \"T1573\", \"T1056\", \"T1012\", \"T1132\", \"T1518\"]\nIndustries: []" }, { "category": "Attribution", "comment": "Adversary", "deleted": false, "disable_correlation": false, "timestamp": "1737117469", "to_ids": false, "type": "threat-actor", "uuid": "faded87b-81dc-49c9-86dd-8593b105de5e", "value": "SilverFox" }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197099", "to_ids": true, "type": "domain", "uuid": "df829e73-a4dc-43fa-8e43-682a7a41e779", "value": "007z.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197121", "to_ids": true, "type": "domain", "uuid": "6604a906-fc9d-4bb5-89b6-1e7a7482a842", "value": "1633.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197142", "to_ids": true, "type": "domain", "uuid": "233f35a1-c49e-4457-8d80-e8836b3e1e8b", "value": "163e.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197163", "to_ids": true, "type": "domain", "uuid": "70d0fff4-d460-4fce-9168-38b297ea8855", "value": "163i.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197185", "to_ids": true, "type": "domain", "uuid": "21465ec7-db62-41cd-a699-07815faaaaa9", "value": "16cilz.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197206", "to_ids": true, "type": "domain", "uuid": "9efbaa53-4179-422b-afa2-18385fc6cf63", "value": "1o2mp.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197227", "to_ids": true, "type": "domain", "uuid": "3db2c37f-3691-48cc-a0e3-eb5f8e952e29", "value": "2345kantup.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197248", "to_ids": true, "type": "domain", "uuid": "59198b26-247d-4025-b12d-40b74178b9d5", "value": "2345kingtuwang.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197269", "to_ids": true, "type": "domain", "uuid": "0e94a6d4-cf64-4525-b1ca-2d00e05bdbb1", "value": "2345ktws.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197290", "to_ids": true, "type": "domain", "uuid": "4985d195-950e-4b6f-ad39-3da16d788eac", "value": "360browsap.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197312", "to_ids": true, "type": "domain", "uuid": "4f1fb943-f461-40eb-aed8-c5af731358d3", "value": "360z.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197334", "to_ids": true, "type": "domain", "uuid": "3547a7d9-4379-4eb4-9d8f-d130592b85a2", "value": "6h4s3s.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197355", "to_ids": true, "type": "domain", "uuid": "3002c0e3-aa9e-4805-8315-ff42435e90ed", "value": "70ka.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197376", "to_ids": true, "type": "domain", "uuid": "be38e875-655d-4976-8d32-ef454facec9e", "value": "a1shung.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197397", "to_ids": true, "type": "domain", "uuid": "298dc611-39ec-4e11-857b-786401b93d86", "value": "adober.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197418", "to_ids": true, "type": "domain", "uuid": "23c34c0f-a417-4c9e-be89-2f24acc435bb", "value": "adspowerr.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197440", "to_ids": true, "type": "domain", "uuid": "60e1229a-1ec7-4cf5-b5ef-1408aaf843dc", "value": "aisbb.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197461", "to_ids": true, "type": "domain", "uuid": "ceb07c6c-1cf7-4aad-aa39-4ba108c63c1a", "value": "andesksr.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197483", "to_ids": true, "type": "domain", "uuid": "6bb77c31-2a64-4ddf-aba8-53404a14eb54", "value": "anydeisk.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197504", "to_ids": true, "type": "domain", "uuid": "731eb399-c655-4362-af1b-a8908dd94e4f", "value": "anydesik.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197526", "to_ids": true, "type": "domain", "uuid": "26e93f9e-0d3c-4091-be77-04296bf4a1c3", "value": "anydesik.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197547", "to_ids": true, "type": "domain", "uuid": "d02d28d7-c7df-468f-a1c3-b06cf9c247bc", "value": "anydesikq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197568", "to_ids": true, "type": "domain", "uuid": "132a59e6-74fb-4467-b479-808a8d601bd0", "value": "anydeskcn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197589", "to_ids": true, "type": "domain", "uuid": "4a5bf872-b8ca-4a28-b296-8b4ada5fb8ec", "value": "anydeskq.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197610", "to_ids": true, "type": "domain", "uuid": "8b7b6339-37e8-4c57-a999-35d59b4612dc", "value": "anydeslk.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197632", "to_ids": true, "type": "domain", "uuid": "67b18dca-2d67-44c5-80d5-7f37588602bc", "value": "avez.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197653", "to_ids": true, "type": "domain", "uuid": "900fccb2-dfd4-424c-8cb6-d3301d3ed4b8", "value": "avre.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197674", "to_ids": true, "type": "domain", "uuid": "b44838d8-2974-429b-acbe-25745e6867ac", "value": "baidu-a.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197695", "to_ids": true, "type": "domain", "uuid": "a48d9e21-256d-4148-a6d5-c567797ed4f0", "value": "baidu-a.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197716", "to_ids": true, "type": "domain", "uuid": "4a0b6928-15b5-42b9-ae04-f8629e7e38a9", "value": "baili888.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197738", "to_ids": true, "type": "domain", "uuid": "68496ca4-67e9-4074-b831-cdeb7b64cd6e", "value": "bananagun.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197759", "to_ids": true, "type": "domain", "uuid": "ce0eb9bd-d687-43df-81de-27aec577b04a", "value": "bananagunn.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197781", "to_ids": true, "type": "domain", "uuid": "6ef2a9db-2a14-432d-8500-f57c583824d0", "value": "bananaguns.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197803", "to_ids": true, "type": "domain", "uuid": "d2491f2f-116d-4c14-826b-185a0dcb5ca0", "value": "baofupay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197824", "to_ids": true, "type": "domain", "uuid": "93838bd2-3b1c-480b-b726-fff4931adbca", "value": "baofuupay.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197845", "to_ids": true, "type": "domain", "uuid": "54ba1b89-e617-4e7f-9943-e9385180a851", "value": "bitbrowcer.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197867", "to_ids": true, "type": "domain", "uuid": "8efef232-bc08-41c6-ba01-46deae60a624", "value": "bitbrowsec.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197888", "to_ids": true, "type": "domain", "uuid": "98dac119-e4b6-4144-b34c-aee172b1799d", "value": "bitbrowseq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197909", "to_ids": true, "type": "domain", "uuid": "9a6f1e70-8220-4b99-bff0-e283368a1bf1", "value": "bitbrowsers.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197930", "to_ids": true, "type": "domain", "uuid": "67c25778-1a14-45cc-bd9f-e07b7d566b08", "value": "bitbrowsez.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197951", "to_ids": true, "type": "domain", "uuid": "f52d6571-0884-4c6d-8732-28ea671cd2fa", "value": "bitbrowsri.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197973", "to_ids": true, "type": "domain", "uuid": "9ec4f74b-5f4a-4734-95f6-fb6e9ffd1689", "value": "bitbrowszer.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737197994", "to_ids": true, "type": "domain", "uuid": "08b38e16-5f7e-4d25-a6e0-73db9db0d6ef", "value": "bitbrwoser.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198015", "to_ids": true, "type": "domain", "uuid": "314cc5ac-d3c9-4a1d-9eb2-1f54983ee685", "value": "bitbrwoser.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198036", "to_ids": true, "type": "domain", "uuid": "6a4da6b2-bdd2-446f-a7f6-c54dadefd191", "value": "bitbrwwser.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198057", "to_ids": true, "type": "domain", "uuid": "ee9ee716-25de-4f6e-a60e-5396ed7d7e63", "value": "bitpiez.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198079", "to_ids": true, "type": "domain", "uuid": "fa8fc98d-4824-4b8e-8f9b-5c3a5394d6f6", "value": "bitteroser.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198100", "to_ids": true, "type": "domain", "uuid": "6a5b5fbb-a56c-429a-b7db-0515ec23fe90", "value": "b-jipay.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198121", "to_ids": true, "type": "domain", "uuid": "8bbf1e07-1d06-4529-82d6-f4d4e945e779", "value": "b-jlpay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198143", "to_ids": true, "type": "domain", "uuid": "d0f323ef-5974-4da9-8a58-df4f220dea78", "value": "bmgsn6.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198164", "to_ids": true, "type": "domain", "uuid": "f2e9842e-5c83-427c-8e79-fcf75f2703bc", "value": "bntbrowcer.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198185", "to_ids": true, "type": "domain", "uuid": "8abe2227-c7ee-46e6-9ad6-af13c415c271", "value": "bpss5vp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198207", "to_ids": true, "type": "domain", "uuid": "960463fe-f9a3-4dc7-8f60-3d492716b2b1", "value": "browseri.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198228", "to_ids": true, "type": "domain", "uuid": "67df4316-7fea-4bf8-a979-2ae24217703e", "value": "btbrowserq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198251", "to_ids": true, "type": "domain", "uuid": "9fb293c3-8d7c-4c37-989d-0c67598faea9", "value": "btxueo.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198272", "to_ids": true, "type": "domain", "uuid": "d2499e92-743b-451e-ad5e-555ca7d8b08f", "value": "cgpay.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198293", "to_ids": true, "type": "domain", "uuid": "2f2961d2-009a-4c10-aee6-157a32d55bda", "value": "chachap.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198315", "to_ids": true, "type": "domain", "uuid": "817fcb4e-c4e9-4e65-a005-9b7544003fe0", "value": "chme1.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198336", "to_ids": true, "type": "domain", "uuid": "0ef7e110-3baf-4546-a29d-122de923559d", "value": "chmole.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198357", "to_ids": true, "type": "domain", "uuid": "aa8948c7-f0e9-449e-bc72-16df7d25abca", "value": "chrmpw.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198378", "to_ids": true, "type": "domain", "uuid": "1eeb1339-05b5-446c-a80e-9dffbaee0c3d", "value": "chromexn.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198400", "to_ids": true, "type": "domain", "uuid": "2cceacc2-7ae2-4de6-ad75-a3647a0a03ad", "value": "clashcn.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198421", "to_ids": true, "type": "domain", "uuid": "ad5b9074-c991-45e5-b523-485fe6f1e038", "value": "clashcn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198442", "to_ids": true, "type": "domain", "uuid": "2d724a8c-a77d-4f0e-8ce1-d29f2c0b8ddc", "value": "clashcn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198464", "to_ids": true, "type": "domain", "uuid": "04a37c0a-51f6-4b7f-9125-2fa8b4540772", "value": "cnacn3.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198485", "to_ids": true, "type": "domain", "uuid": "84fdf60e-7066-43ef-bc92-cd8b55459d86", "value": "comprz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198506", "to_ids": true, "type": "domain", "uuid": "5ec726f3-3056-4205-95a9-bd9f76e428ff", "value": "cpgpay.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198527", "to_ids": true, "type": "domain", "uuid": "0ab94f3a-6e7a-43f5-92b3-8dc6ad4d4df0", "value": "crlg1wm.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198548", "to_ids": true, "type": "domain", "uuid": "6e398c04-c682-4464-a775-2f8a2a695716", "value": "cs-quickq.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198569", "to_ids": true, "type": "domain", "uuid": "0c4e459a-08b0-4409-b6cc-63939713d56e", "value": "deepil.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198590", "to_ids": true, "type": "domain", "uuid": "39759843-f7ad-4b48-9d29-7dbce7a8d660", "value": "deepli.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198612", "to_ids": true, "type": "domain", "uuid": "98d3cc95-880b-41fe-8e25-3789e097190d", "value": "deepll.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198633", "to_ids": true, "type": "domain", "uuid": "03b75e73-b3fe-49fe-8466-45740af33ff3", "value": "deepll.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198654", "to_ids": true, "type": "domain", "uuid": "c7558931-83f1-41e6-b084-9e0da9898bd8", "value": "deeplti.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198675", "to_ids": true, "type": "domain", "uuid": "5ad1cfc3-842a-4a05-b33c-bd45b3f37e93", "value": "deeplx.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198697", "to_ids": true, "type": "domain", "uuid": "2161a719-b758-45e5-892f-69df00421469", "value": "dexscreener.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198718", "to_ids": true, "type": "domain", "uuid": "d154902b-1b27-42dc-9181-cc15c3014264", "value": "dexscreeners.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198739", "to_ids": true, "type": "domain", "uuid": "326f3905-bf74-4612-9974-0397bc5eb594", "value": "dezscreener.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198761", "to_ids": true, "type": "domain", "uuid": "8db1d6bc-b5ee-4c1b-8c20-478bb3e319b8", "value": "dfapp188.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198783", "to_ids": true, "type": "domain", "uuid": "465cee0e-26ab-4a99-9d87-d730b4e7e377", "value": "easytran.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198805", "to_ids": true, "type": "domain", "uuid": "3979d48e-e216-4609-9ef5-cc8adffa40c3", "value": "ecprss.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198827", "to_ids": true, "type": "domain", "uuid": "3340247e-2294-45c1-8ecd-f8ce7125c533", "value": "eiyy.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198852", "to_ids": true, "type": "domain", "uuid": "88c0d6b7-b449-4832-9ec6-01a4400e2b35", "value": "enigmar.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198874", "to_ids": true, "type": "domain", "uuid": "f50e75c8-9ff4-42d1-b9d5-acc1fd3ff937", "value": "eniigme.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198897", "to_ids": true, "type": "domain", "uuid": "5ce565be-98fb-4520-a1da-b955c8592c02", "value": "eu0af6.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198922", "to_ids": true, "type": "domain", "uuid": "6d62891a-7c4c-4601-9e5f-d40841221b82", "value": "eyy350.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198944", "to_ids": true, "type": "domain", "uuid": "71cc4af4-80d3-4251-9fe8-72351f370bb0", "value": "eyyqp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198966", "to_ids": true, "type": "domain", "uuid": "49971748-1d5e-4d17-87f8-e90051ce1c6f", "value": "eyys.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737198987", "to_ids": true, "type": "domain", "uuid": "e118e082-c101-4daa-bcc0-f5ccb389c989", "value": "eyysi.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199009", "to_ids": true, "type": "domain", "uuid": "d3d3e954-013c-4ee5-a44f-151677c2ef34", "value": "eyysm.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199031", "to_ids": true, "type": "domain", "uuid": "3fa09457-1450-4f73-8d68-2a1cfc708b4d", "value": "eyyz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199052", "to_ids": true, "type": "domain", "uuid": "b4a939ed-b28a-4f8c-82ed-9f1bc651735b", "value": "f3jb5x.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199074", "to_ids": true, "type": "domain", "uuid": "26beac0f-3ed8-48c6-be7a-5055859b912c", "value": "fckjo9.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199096", "to_ids": true, "type": "domain", "uuid": "36d0e35a-6383-4137-bab2-95dbb7f1b801", "value": "firefoxz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199118", "to_ids": true, "type": "domain", "uuid": "a9fd9d33-1444-4c2c-9f39-e52d5de66a86", "value": "flashproxy.cc", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199139", "to_ids": true, "type": "domain", "uuid": "1510f3c9-7926-4ec7-9b79-4d1df144e7c1", "value": "freetalk.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199161", "to_ids": true, "type": "domain", "uuid": "83774bfe-4e11-474f-97a2-8d426db70a27", "value": "g2ks0z.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199183", "to_ids": true, "type": "domain", "uuid": "d19d9a75-81ed-4888-997f-6fa34972db44", "value": "g465cn.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199205", "to_ids": true, "type": "domain", "uuid": "3cd6cdb7-6923-4be2-af1f-6180b4166961", "value": "gckgmwc1.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199228", "to_ids": true, "type": "domain", "uuid": "9c72a3ce-bedb-4771-9466-a8817614aaba", "value": "gmaib.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199249", "to_ids": true, "type": "domain", "uuid": "417a5bfc-796d-428e-8bad-07c29a80cc9b", "value": "gmgmai.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199270", "to_ids": true, "type": "domain", "uuid": "e4b805a6-e64a-421f-ab25-2814aab9ff81", "value": "gmgmai.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199292", "to_ids": true, "type": "domain", "uuid": "6082adf3-cb0f-4c84-b75e-496f54a4d299", "value": "goe.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199315", "to_ids": true, "type": "domain", "uuid": "f8066d8d-c71c-4596-93e8-f3404feb9595", "value": "googleseso.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199337", "to_ids": true, "type": "domain", "uuid": "6c452175-cffd-4fe7-a0c7-8cb21fa62911", "value": "googlez.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199359", "to_ids": true, "type": "domain", "uuid": "e897cb76-1116-491c-aa4f-026726a5d2b9", "value": "googlre1.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199381", "to_ids": true, "type": "domain", "uuid": "3bd6a674-5b8f-4a0f-84f4-9f87adae3072", "value": "goople.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199403", "to_ids": true, "type": "domain", "uuid": "b048fd7f-e341-4bd1-b51f-c0cd6bacb69e", "value": "gotonesms.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199425", "to_ids": true, "type": "domain", "uuid": "8f5613c5-c7a5-4999-8b4e-89729e45fcf9", "value": "gotonesn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199446", "to_ids": true, "type": "domain", "uuid": "1825a27d-4354-4e41-be88-a4ff0f92dc2f", "value": "heepayx.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199468", "to_ids": true, "type": "domain", "uuid": "2fb69f91-bff6-4e74-acbe-940657850f19", "value": "hellowordx.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199494", "to_ids": true, "type": "domain", "uuid": "c9f681c7-2a08-4c89-bda6-9b4124e30bc0", "value": "hellowordx.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199518", "to_ids": true, "type": "domain", "uuid": "8facbcfa-1956-4b54-9673-9d939364eca8", "value": "hellowordz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199539", "to_ids": true, "type": "domain", "uuid": "07ecc5ce-ec23-4f07-8fd7-e8c79f822474", "value": "helloworldcz.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199564", "to_ids": true, "type": "domain", "uuid": "b6a1b828-5bd1-441b-adcf-df34814d1307", "value": "helloworldw.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199587", "to_ids": true, "type": "domain", "uuid": "a3db00a7-c87e-4111-8328-2223c57c58fb", "value": "helloworldw.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199612", "to_ids": true, "type": "domain", "uuid": "5b043650-d80b-418d-a6dd-c6f17390487c", "value": "helloworldz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199635", "to_ids": true, "type": "domain", "uuid": "cda1bebe-83cf-4c4d-b216-4177fbede27d", "value": "helloworlids.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199658", "to_ids": true, "type": "domain", "uuid": "5a3c243f-268b-4ba6-ae4c-875ddfb1cd8c", "value": "hgb4hxl070.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199681", "to_ids": true, "type": "domain", "uuid": "3df7c911-64c9-4616-b542-a0da1450b79a", "value": "huifub.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199704", "to_ids": true, "type": "domain", "uuid": "f065b5cc-9003-4812-b374-d560775b9af7", "value": "huionepay.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199726", "to_ids": true, "type": "domain", "uuid": "ece7aca0-4980-44ca-955e-404ac46482b0", "value": "huorong.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199749", "to_ids": true, "type": "domain", "uuid": "3310d5e3-b198-4bf6-bf3d-9b8060e1c8ca", "value": "huorong.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199770", "to_ids": true, "type": "domain", "uuid": "a21dac7a-fc77-4903-b75c-c267e5c804a9", "value": "huorong.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199791", "to_ids": true, "type": "domain", "uuid": "a9aa1b7c-72c8-4cfe-ad47-6409a36a315e", "value": "huoroug.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199813", "to_ids": true, "type": "domain", "uuid": "a83f3001-172c-4238-ac4f-25afef7e9c37", "value": "huorrong.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199834", "to_ids": true, "type": "domain", "uuid": "93dfd003-a8a4-4af4-b8ba-f7470aa5b628", "value": "huoswe.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199855", "to_ids": true, "type": "domain", "uuid": "75ca1b0e-9ca8-4c5a-a653-8185d3512b9a", "value": "huurongs.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199876", "to_ids": true, "type": "domain", "uuid": "d132fef1-5313-4132-8c1b-110ddb3757cf", "value": "hvr3ez.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199898", "to_ids": true, "type": "domain", "uuid": "42cad39b-d12a-4cac-9c59-cb72afdc56ad", "value": "i4app.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199919", "to_ids": true, "type": "domain", "uuid": "31cf5508-aecf-41be-bf13-f1b0359f95f3", "value": "i4b6.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199940", "to_ids": true, "type": "domain", "uuid": "5b6e4106-27a2-4aa1-ad86-a73e18052f8b", "value": "i4sa.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199961", "to_ids": true, "type": "domain", "uuid": "4e73159d-9c78-44f7-8545-a6a4e3bf373b", "value": "i4sapp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737199982", "to_ids": true, "type": "domain", "uuid": "953cf6b1-d781-41e7-aa3d-13803fae5d2f", "value": "i4sp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200003", "to_ids": true, "type": "domain", "uuid": "2611cc40-893a-4bb1-a630-9e9a4c33efab", "value": "i4toos.life", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200024", "to_ids": true, "type": "domain", "uuid": "c9eb5869-c35a-41b3-9b3e-d1d962740764", "value": "i4z.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200046", "to_ids": true, "type": "domain", "uuid": "fc74020f-ac27-48a0-a505-6a26ba06c56e", "value": "ibzeha.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200067", "to_ids": true, "type": "domain", "uuid": "2b002d5a-b2b8-4810-b3e5-0a830c0ec56c", "value": "iilne.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200088", "to_ids": true, "type": "domain", "uuid": "59a4f3ea-621b-4a95-afef-4ee3776214f9", "value": "iilne.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200109", "to_ids": true, "type": "domain", "uuid": "bb396689-db62-4c57-afe8-21db9b121cdf", "value": "iines.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200130", "to_ids": true, "type": "domain", "uuid": "485a56f1-0dd6-4217-98c1-9f6a5d7d592e", "value": "ilren.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200151", "to_ids": true, "type": "domain", "uuid": "0da84cbf-9800-42bd-81b1-235191155651", "value": "imbken.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200173", "to_ids": true, "type": "domain", "uuid": "998e1672-19c8-4cee-9d84-ff24bc9e27ab", "value": "immersivetranslate.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200194", "to_ids": true, "type": "domain", "uuid": "f7e33a1b-edb1-4eec-bda1-95f1f8446b7d", "value": "interhclp.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200216", "to_ids": true, "type": "domain", "uuid": "f08b7bb6-8bc9-4466-b381-47a4cc102d80", "value": "isdndjsq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200237", "to_ids": true, "type": "domain", "uuid": "bc077ec4-c29e-4ded-a70f-10aa682242e6", "value": "j6ahar4i.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200258", "to_ids": true, "type": "domain", "uuid": "03f47e04-67f0-44cc-a610-195026ab7e67", "value": "jdad7q.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200279", "to_ids": true, "type": "domain", "uuid": "fc9485bf-941b-4d3d-8eeb-dd21bd5c2029", "value": "jiguang.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200301", "to_ids": true, "type": "domain", "uuid": "162c746f-e9b0-4d5f-99a6-35c32f476c57", "value": "kantu2345.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200322", "to_ids": true, "type": "domain", "uuid": "78ef622c-e155-4d31-ad75-b198f5702dc9", "value": "karlospt.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200343", "to_ids": true, "type": "domain", "uuid": "a0f5870f-9f3a-4e63-8710-11f7153df0d4", "value": "karlosqp.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200365", "to_ids": true, "type": "domain", "uuid": "1657b491-967f-471f-b485-1f317a0d5d6c", "value": "karlost.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200386", "to_ids": true, "type": "domain", "uuid": "1789c52b-ef8c-4f2e-b299-109114e55d90", "value": "keuailian.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200407", "to_ids": true, "type": "domain", "uuid": "9d44e2ff-26ea-4fd3-8352-0ace1a61461b", "value": "kingtelmfng.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200428", "to_ids": true, "type": "domain", "uuid": "aa4a07fe-cfe0-401b-8bf3-256f7ef8ce25", "value": "kipkshsa.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200450", "to_ids": true, "type": "domain", "uuid": "6d0ae650-b818-4efd-b81a-b9efd3c2a40a", "value": "klxiazopai.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200472", "to_ids": true, "type": "domain", "uuid": "f45efe75-d8e9-4b02-9eb8-445fdf964195", "value": "kuaiiam.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200493", "to_ids": true, "type": "domain", "uuid": "4da87e1f-becf-426d-bae2-f164a7bcf338", "value": "kuaiilianoo.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200514", "to_ids": true, "type": "domain", "uuid": "10a8ff2c-7c4e-4c00-919f-71fbe812f7c2", "value": "kuaiiyian.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200535", "to_ids": true, "type": "domain", "uuid": "d5b52932-9473-4007-ae37-521296e857a0", "value": "kuai-lian.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200556", "to_ids": true, "type": "domain", "uuid": "31a27907-746d-495f-9d1c-173240437348", "value": "kuailian0.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200577", "to_ids": true, "type": "domain", "uuid": "d5488fe6-0188-4cb0-96b3-028bc37abbd5", "value": "kuailian8.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200599", "to_ids": true, "type": "domain", "uuid": "4744b118-d6ab-4ee3-9608-93d777c22e31", "value": "kuailiani.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200620", "to_ids": true, "type": "domain", "uuid": "c45115cd-8b1a-4bbe-a112-bc3dc426f9ad", "value": "kuailianlow.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200641", "to_ids": true, "type": "domain", "uuid": "9e32f0a2-13d2-481f-a78c-70169ee5068a", "value": "kuailiant.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200663", "to_ids": true, "type": "domain", "uuid": "effef352-6c2d-458d-bc8f-85a6d701ec6b", "value": "kuailianz.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200684", "to_ids": true, "type": "domain", "uuid": "d9542ab5-9321-4586-852b-6332f74efcce", "value": "kuailiien.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200705", "to_ids": true, "type": "domain", "uuid": "b8f7c9d0-ad7f-428d-807d-daf6ce86954f", "value": "kuailijen.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200726", "to_ids": true, "type": "domain", "uuid": "b112ef9f-3952-4194-9942-85ce560e2fc9", "value": "kuailim.buzz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200748", "to_ids": true, "type": "domain", "uuid": "00c0c10f-7e8c-4893-bfb1-bbc86aafcdfe", "value": "kuailxian.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200769", "to_ids": true, "type": "domain", "uuid": "f6b25b26-dc6d-4dd1-9d5a-66b7d81a1a5b", "value": "kuaizip.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200790", "to_ids": true, "type": "domain", "uuid": "0264cd72-9af6-42e4-9780-4b897cb95b2c", "value": "kualien.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200811", "to_ids": true, "type": "domain", "uuid": "54510603-d2f6-493c-b23f-26d8078e0f61", "value": "kueliien.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200832", "to_ids": true, "type": "domain", "uuid": "a3c8a454-e29e-48d7-9380-8bdf4050512e", "value": "kuellien.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200854", "to_ids": true, "type": "domain", "uuid": "303e4187-e9bc-4a6a-a0a2-238148bf1939", "value": "kwgiz1.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200876", "to_ids": true, "type": "domain", "uuid": "abfb2ca5-4f8f-41c3-877f-0e9b25aa3a45", "value": "lanlevp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200897", "to_ids": true, "type": "domain", "uuid": "7cde46d1-3e9e-4aab-8a47-6f261cd83ec9", "value": "lediam.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200918", "to_ids": true, "type": "domain", "uuid": "fdde889b-b8c9-4a1c-a090-869fd0bc2e0d", "value": "letrscp.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200939", "to_ids": true, "type": "domain", "uuid": "9f6d3ab6-8f44-4452-abb7-9692b484c98e", "value": "lets-alyays-connect.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200961", "to_ids": true, "type": "domain", "uuid": "8719a44b-0a30-4318-9929-1a16c8e11d5f", "value": "letsbutr.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737200982", "to_ids": true, "type": "domain", "uuid": "e5f2f5ad-9205-4451-a785-52a274a52321", "value": "letscdn.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201003", "to_ids": true, "type": "domain", "uuid": "5c4350ed-e4f7-48ec-9c3c-9bb0485d9aac", "value": "letscgn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201024", "to_ids": true, "type": "domain", "uuid": "8f728241-1337-4232-a8a9-ae8f33046a7f", "value": "letscqn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201045", "to_ids": true, "type": "domain", "uuid": "b3496e49-e198-4efb-bd95-6a0688f3e9f1", "value": "letskuail.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201067", "to_ids": true, "type": "domain", "uuid": "f5411171-6575-43ba-b18a-4dff00c47661", "value": "letspcm.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201088", "to_ids": true, "type": "domain", "uuid": "01cd67ba-06c3-4fb0-8efa-1664df45837e", "value": "letspcn.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201109", "to_ids": true, "type": "domain", "uuid": "d2248511-a658-464f-bb6a-dd564f49a0ed", "value": "letspcn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201130", "to_ids": true, "type": "domain", "uuid": "b6b772b9-6de6-450d-b364-2409ec84f493", "value": "letspqc.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201151", "to_ids": true, "type": "domain", "uuid": "22fab3da-2372-4377-ad27-92a4703af400", "value": "letspqw.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201173", "to_ids": true, "type": "domain", "uuid": "147f2b42-352d-4949-82a2-36049e1c615a", "value": "letspw.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201194", "to_ids": true, "type": "domain", "uuid": "8a424889-bf77-4d7d-b378-91e122d586e4", "value": "letsqpr.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201215", "to_ids": true, "type": "domain", "uuid": "6dc59f6c-1d38-4a2b-9410-87092ed79289", "value": "letsqpw.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201236", "to_ids": true, "type": "domain", "uuid": "286ebb98-b36a-4637-bf3c-fe0cac9b86f7", "value": "letsqpz.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201257", "to_ids": true, "type": "domain", "uuid": "5659a6a7-e29d-429b-9b9d-95fc24a22efd", "value": "letsqqp.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201279", "to_ids": true, "type": "domain", "uuid": "a3f01f73-c0dc-4124-a4d3-df82461adedc", "value": "letsrpm.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201300", "to_ids": true, "type": "domain", "uuid": "07c2ee06-9211-4925-ad15-5d401cc82544", "value": "letsrqn.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201321", "to_ids": true, "type": "domain", "uuid": "e9ab7265-fb2c-45f3-a312-5070d9b1726f", "value": "letsvpn-ui.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201342", "to_ids": true, "type": "domain", "uuid": "6e35d95c-9b89-409d-b61d-85e432db5cbe", "value": "letsvqm.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201363", "to_ids": true, "type": "domain", "uuid": "beb22e95-3b17-47c0-99f4-85f1bdb39d61", "value": "letsvqr.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201385", "to_ids": true, "type": "domain", "uuid": "2c0c09cb-50e8-4044-b338-0194fffa3058", "value": "letwvpn.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201406", "to_ids": true, "type": "domain", "uuid": "6b1eaec3-33b1-4561-a3f9-3cf2afafb653", "value": "lianlianpoy.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201428", "to_ids": true, "type": "domain", "uuid": "dacfa108-9ecd-4527-982c-8a6fa7dc689c", "value": "liien.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201449", "to_ids": true, "type": "domain", "uuid": "8e27893d-ecb1-4b67-9495-c393043c2724", "value": "liine.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201472", "to_ids": true, "type": "domain", "uuid": "63e93de6-26cb-404d-8c28-1d0738252f71", "value": "liine.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201494", "to_ids": true, "type": "domain", "uuid": "c29d7032-44b8-41fa-9dbe-dee4860c305b", "value": "llnes.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201517", "to_ids": true, "type": "domain", "uuid": "56d05c06-3f5f-4f54-bb34-d33a13e16056", "value": "lltslian.life", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201538", "to_ids": true, "type": "domain", "uuid": "5f4f71da-2358-43bb-9795-44e16d5e14cc", "value": "loubom.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201559", "to_ids": true, "type": "domain", "uuid": "7c2726a6-a2c4-458b-bc6c-fb1c145e5440", "value": "lttslian.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201581", "to_ids": true, "type": "domain", "uuid": "fcab8f25-00ef-4486-b1b4-71f3e8be2786", "value": "luoboo.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201602", "to_ids": true, "type": "domain", "uuid": "ee5833e7-b0bc-453d-b27e-2a254a58b7c5", "value": "m7neqzz.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201624", "to_ids": true, "type": "domain", "uuid": "d66d52ba-b7d8-4dd8-a431-e9995be552e2", "value": "mavishub.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201645", "to_ids": true, "type": "domain", "uuid": "d1daedf0-67f6-4345-9be9-2c3f8a1b79c8", "value": "mctuqqe4z.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201667", "to_ids": true, "type": "domain", "uuid": "3fa4d37d-2933-4613-bc45-6bc202a2cefb", "value": "me18qiyg.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201689", "to_ids": true, "type": "domain", "uuid": "cab6ecfb-4ac7-4e3f-b068-97dd4b89b619", "value": "meipai.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201711", "to_ids": true, "type": "domain", "uuid": "f86a45e8-c203-4872-b67c-a6a7ca54317d", "value": "meiqias.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201733", "to_ids": true, "type": "domain", "uuid": "ed8c0deb-953c-48ff-908e-f8225594f3c8", "value": "mesenger.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201754", "to_ids": true, "type": "domain", "uuid": "3df0e8a6-0fad-4a4a-9fe2-afdac4f8a750", "value": "messengers.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201775", "to_ids": true, "type": "domain", "uuid": "38ef6f53-4256-4b54-8332-469c754ef894", "value": "messengerz.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201796", "to_ids": true, "type": "domain", "uuid": "546ed9f0-d79d-40a7-87ea-091e427aea99", "value": "mexiko.cn", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201818", "to_ids": true, "type": "domain", "uuid": "65f88489-a319-497d-ade4-f495cd4b90c5", "value": "mi163.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201839", "to_ids": true, "type": "domain", "uuid": "0ada9be0-6e26-4620-9fe9-a7002a6ce06c", "value": "miitu.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201860", "to_ids": true, "type": "domain", "uuid": "fb6be7f8-4ca0-4b5f-8d8d-ea2c38e0706f", "value": "miluvpn.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201881", "to_ids": true, "type": "domain", "uuid": "3c948554-9b9b-4c09-9e34-d877f2193d3f", "value": "mwai1.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201902", "to_ids": true, "type": "domain", "uuid": "4943392f-5d3c-4986-86df-9f8ddbd42cd3", "value": "nexchattc.cc", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201924", "to_ids": true, "type": "domain", "uuid": "d46b594f-6fff-4465-80b4-c32eaa3a07fb", "value": "nn3cotp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201946", "to_ids": true, "type": "domain", "uuid": "43c7dc8f-d41c-48d7-a097-b2959dbc9be9", "value": "nsmnst.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201967", "to_ids": true, "type": "domain", "uuid": "08f93e7d-204c-4164-bbef-62414ab732d5", "value": "officeim.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737201988", "to_ids": true, "type": "domain", "uuid": "15530fe8-3ef6-4007-8df6-2f9ae225ab73", "value": "oggie.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202010", "to_ids": true, "type": "domain", "uuid": "50db9362-277b-44b1-b1c2-662ef35449ae", "value": "oggie.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202031", "to_ids": true, "type": "domain", "uuid": "7ad84702-ce0e-4e30-b1a8-e434a88090c7", "value": "oggie.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202052", "to_ids": true, "type": "domain", "uuid": "a08483da-35c2-434f-b6c9-4b78db95f4d4", "value": "oggiechr.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202074", "to_ids": true, "type": "domain", "uuid": "a0cc9ed2-d832-4486-9d07-3425acaa4904", "value": "ogglchomr.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202095", "to_ids": true, "type": "domain", "uuid": "77e7d073-a88f-43e3-9afa-c635a387c5fb", "value": "oggle.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202118", "to_ids": true, "type": "domain", "uuid": "05cf928e-503a-43a5-b63f-240f3f6ac04d", "value": "oggle.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202140", "to_ids": true, "type": "domain", "uuid": "32b53b3e-77fd-4d3c-a8a8-1542154a0443", "value": "oggle.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202162", "to_ids": true, "type": "domain", "uuid": "5435aef8-34e7-4c63-9eb6-40d3287d53b0", "value": "oggles.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202184", "to_ids": true, "type": "domain", "uuid": "0e25fde0-91f3-4404-b16e-0ff35a4c7298", "value": "ogglesr.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202205", "to_ids": true, "type": "domain", "uuid": "b2b6593f-6a31-4ef6-980c-f210b832ce41", "value": "oiggle.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202226", "to_ids": true, "type": "domain", "uuid": "ed19d504-f318-4035-86d1-6d83332b0671", "value": "okyi.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202247", "to_ids": true, "type": "domain", "uuid": "c43a2a67-d90a-4e7f-9467-740b07bf3911", "value": "oogchrm.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202269", "to_ids": true, "type": "domain", "uuid": "86e93197-c47d-46b1-a31c-af13023b1568", "value": "ooggie.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202290", "to_ids": true, "type": "domain", "uuid": "5d53402b-ed90-4494-b892-50e1bd64549c", "value": "ooggie.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202311", "to_ids": true, "type": "domain", "uuid": "8651c957-930f-4973-aeab-3f40e51efbcc", "value": "ooggle.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202333", "to_ids": true, "type": "domain", "uuid": "893b8d13-6b2b-4f44-a895-c53d469d4c63", "value": "ooggles.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202354", "to_ids": true, "type": "domain", "uuid": "cbadf8f9-4a4a-4fb0-b274-b8b7914217ae", "value": "oogglez.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202375", "to_ids": true, "type": "domain", "uuid": "890ca2a6-f068-4f7f-93b0-5842c29790de", "value": "oogglez.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202397", "to_ids": true, "type": "domain", "uuid": "9b32cb40-1ad5-41b7-9a8f-0364a5e4d531", "value": "oogie.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202418", "to_ids": true, "type": "domain", "uuid": "1572be73-432f-4410-8f8c-462461d80ddc", "value": "oogie.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202440", "to_ids": true, "type": "domain", "uuid": "8c909a17-4833-4cf8-8d20-9037af538f64", "value": "oogiel.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202462", "to_ids": true, "type": "domain", "uuid": "cefc9f42-6243-4e74-ae3f-a6f8e30bee5e", "value": "oogiew.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202484", "to_ids": true, "type": "domain", "uuid": "a57d964a-d6ae-4fae-8246-14e96f40bcf5", "value": "oogiie.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202506", "to_ids": true, "type": "domain", "uuid": "dd853a80-975b-4677-b229-c8d348862f32", "value": "oogles.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202529", "to_ids": true, "type": "domain", "uuid": "a0a3d2b9-67d2-4c32-931e-9327aef4011c", "value": "ooglex.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202551", "to_ids": true, "type": "domain", "uuid": "58c44a9a-6803-4acf-aeb1-011f7df14366", "value": "ooglex.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202572", "to_ids": true, "type": "domain", "uuid": "1873ffa1-3d08-4d87-bf51-b569fb1ed5df", "value": "ooglie.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202593", "to_ids": true, "type": "domain", "uuid": "923d600b-a791-40da-aab2-15619935e9e2", "value": "ooglz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202614", "to_ids": true, "type": "domain", "uuid": "88c465ae-3f4f-4608-aa20-fd99ea48cf72", "value": "ooglze.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202636", "to_ids": true, "type": "domain", "uuid": "a80bf25a-cba3-47f9-a144-3a892444c6da", "value": "ooigle.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202657", "to_ids": true, "type": "domain", "uuid": "18379ed9-c6aa-4cdd-a849-c16477914aed", "value": "oolqow.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202678", "to_ids": true, "type": "domain", "uuid": "e89de971-f27a-49ab-b924-7fc09ea653a2", "value": "opjs.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202700", "to_ids": true, "type": "domain", "uuid": "5d862599-8613-41ca-9343-7b8b4c19822f", "value": "oracl.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202721", "to_ids": true, "type": "domain", "uuid": "e71d2fad-fc7f-4edc-8308-48ed56a1aefb", "value": "orayi.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737202742", "to_ids": true, "type": "domain", "uuid": "2f415980-784c-42cf-82bb-8739497a6157", "value": "orays.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251506", "to_ids": true, "type": "domain", "uuid": "0b23ca63-4bbd-4f43-9229-c59b0a09c708", "value": "orey.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251528", "to_ids": true, "type": "domain", "uuid": "ad431604-6a4e-47a4-80ee-bfac3774d45e", "value": "oreyr.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251549", "to_ids": true, "type": "domain", "uuid": "aaec37f9-b44b-4acb-9d3a-b01a866dce12", "value": "oreyz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251570", "to_ids": true, "type": "domain", "uuid": "c45ab767-81e0-4aad-95fd-6fb51102f79a", "value": "ouggle.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251592", "to_ids": true, "type": "domain", "uuid": "f4cb0621-64ef-4c88-93b2-91adffd7d516", "value": "paga1io.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251613", "to_ids": true, "type": "domain", "uuid": "626bb8cd-1b2c-45fe-b67c-e959659c5cb3", "value": "paopaom.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251634", "to_ids": true, "type": "domain", "uuid": "464075f3-fcf3-4824-b615-0d1c950de0ac", "value": "paydocs8.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251656", "to_ids": true, "type": "domain", "uuid": "eb2da25d-e08e-40c3-a7b7-861d7f4e4e0b", "value": "pgaab.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251677", "to_ids": true, "type": "domain", "uuid": "8fbc4959-4e57-4d87-8588-eaef8d63df57", "value": "pht0j.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251698", "to_ids": true, "type": "domain", "uuid": "19ac4611-1a3d-4a25-a4ff-269ac1db60f3", "value": "potatocn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251719", "to_ids": true, "type": "domain", "uuid": "1369eb63-ac9a-4d92-8e07-b0908e437cd3", "value": "pppicd.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251741", "to_ids": true, "type": "domain", "uuid": "6635354b-6eab-48fe-a153-1ead401f5944", "value": "pqqle.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251763", "to_ids": true, "type": "domain", "uuid": "6f1aad86-09a6-4b3c-bd4b-7258e8b0ad0c", "value": "q0nmsl.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251784", "to_ids": true, "type": "domain", "uuid": "4ae1a1a6-e2f0-4c3e-a33d-9da4a4469813", "value": "qeaick.buzz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251805", "to_ids": true, "type": "domain", "uuid": "05db460d-2ec6-4218-b308-ff514d678af7", "value": "qmail.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251826", "to_ids": true, "type": "domain", "uuid": "93eba9e5-0c03-4050-8d34-fc3bf555a95f", "value": "qmails.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251848", "to_ids": true, "type": "domain", "uuid": "020936ec-75e4-412d-a8fa-432f4baab400", "value": "qqgj.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251869", "to_ids": true, "type": "domain", "uuid": "034ab506-6b76-4e43-9f85-12a9fae5b714", "value": "qqis.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251891", "to_ids": true, "type": "domain", "uuid": "506937a8-a97b-403b-8582-498bd311ca00", "value": "qqsgs.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251913", "to_ids": true, "type": "domain", "uuid": "e7591ef2-2d44-4f1a-822b-c669c047b0c0", "value": "quarki.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251935", "to_ids": true, "type": "domain", "uuid": "0ae8fd54-4e03-4d02-8783-377015764c12", "value": "quicka.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251956", "to_ids": true, "type": "domain", "uuid": "176502da-32c7-4f95-950a-ee0986a79a6f", "value": "quickiq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251978", "to_ids": true, "type": "domain", "uuid": "8156e2b1-753c-4352-99d3-f67ce8485c3b", "value": "quickq0101.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737251999", "to_ids": true, "type": "domain", "uuid": "73163354-fac0-49c9-9040-6099bf49242e", "value": "quickq2.cc", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252020", "to_ids": true, "type": "domain", "uuid": "f3248ae1-e810-4c80-806f-7d999cecf068", "value": "quickqgf.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252042", "to_ids": true, "type": "domain", "uuid": "bb39d6ca-c93e-4f04-963f-86b7e778e706", "value": "quickqgf.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252063", "to_ids": true, "type": "domain", "uuid": "09801cf1-bf7c-4e4a-93ad-110a20ae3424", "value": "quickqgw.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252085", "to_ids": true, "type": "domain", "uuid": "dc422561-c45d-42f2-9d77-e90f21fcaa58", "value": "quickqgw.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252106", "to_ids": true, "type": "domain", "uuid": "67b5f175-7dc3-40bd-babb-1e9b40e8fd82", "value": "quickqi.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252127", "to_ids": true, "type": "domain", "uuid": "53e8ab79-bab1-4361-bdfa-3516f232cd96", "value": "quickqi.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252149", "to_ids": true, "type": "domain", "uuid": "92cce9c8-e565-4782-8af1-4364e9d09bad", "value": "quickqza.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252171", "to_ids": true, "type": "domain", "uuid": "bced08ab-7dfb-4f64-b39a-211e24dfd9dd", "value": "quickqzc.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252193", "to_ids": true, "type": "domain", "uuid": "4af6204a-a00e-48bb-a477-3f783c57ccbe", "value": "quickxq.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252214", "to_ids": true, "type": "domain", "uuid": "e7dce048-eea4-45d1-8409-9b57b72470be", "value": "quiicka.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252236", "to_ids": true, "type": "domain", "uuid": "4357b202-1afa-4d98-a93a-b08547127ce9", "value": "quiickqz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252257", "to_ids": true, "type": "domain", "uuid": "fdcebb2e-ee11-45d1-8a91-7613f542aef7", "value": "quiirkq.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252278", "to_ids": true, "type": "domain", "uuid": "0f9e6db9-e413-462e-9e4c-358ae8bdd29a", "value": "quirkq.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252299", "to_ids": true, "type": "domain", "uuid": "a86bed20-e8ef-4d00-bcad-24581141f799", "value": "qwf123.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252323", "to_ids": true, "type": "domain", "uuid": "3bdc4fb8-f99c-407d-a37c-eab6832781ea", "value": "rggmo7j.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252344", "to_ids": true, "type": "domain", "uuid": "bea2a6c0-bc65-44c5-a3fc-a3ba85672fd5", "value": "salesmart.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252365", "to_ids": true, "type": "domain", "uuid": "1459c23e-4561-47e0-a4c8-11b91ab3dac1", "value": "sanderpay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252386", "to_ids": true, "type": "domain", "uuid": "0a869638-313d-4e15-b526-588617fc4e2b", "value": "sandipay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252408", "to_ids": true, "type": "domain", "uuid": "505918b2-ead7-433b-b6d2-236a2826887f", "value": "sandlpay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252429", "to_ids": true, "type": "domain", "uuid": "ff2cd059-bfe8-4f08-ac86-3df5285629ac", "value": "sandpray.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252450", "to_ids": true, "type": "domain", "uuid": "f49a19fc-0a55-40af-aa26-89be8004723f", "value": "shandpay.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252471", "to_ids": true, "type": "domain", "uuid": "82dbd8f9-4e6e-4e3c-a209-535bd6633d23", "value": "shandpey.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252493", "to_ids": true, "type": "domain", "uuid": "429e3c9c-2649-4e61-9de0-0ff7051fa747", "value": "shanghud.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252515", "to_ids": true, "type": "domain", "uuid": "422f9a92-7f6b-450f-983d-6d16f4016431", "value": "shengfuton.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252536", "to_ids": true, "type": "domain", "uuid": "d0ea2900-8d7e-4e6d-a67c-e50acc463c5a", "value": "shimoc.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252557", "to_ids": true, "type": "domain", "uuid": "6557b466-8ae5-4c89-814c-16d8fc7b8ece", "value": "signall.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252579", "to_ids": true, "type": "domain", "uuid": "eb3ee14d-b7af-4f20-b63a-bf16334563a4", "value": "signel.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252600", "to_ids": true, "type": "domain", "uuid": "ab750311-8dcd-43e2-a12c-1681b3b17a30", "value": "skyes1.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252621", "to_ids": true, "type": "domain", "uuid": "f06c7a5a-0ada-42d3-bcf3-b191c442494c", "value": "slqdgo.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252643", "to_ids": true, "type": "domain", "uuid": "16674674-c548-450c-a4a2-79071470e3cf", "value": "sms-activation.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252664", "to_ids": true, "type": "domain", "uuid": "96110f16-f457-4fcd-821d-854a794b86ff", "value": "smsactive.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252685", "to_ids": true, "type": "domain", "uuid": "88f37663-c11a-4970-b8f1-e54192ba25f9", "value": "smsnet.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252706", "to_ids": true, "type": "domain", "uuid": "7ec3741b-9e85-49fb-a99d-511cbb8b1445", "value": "snapcheat.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252728", "to_ids": true, "type": "domain", "uuid": "3fa1b5bf-8824-4a72-a466-4471e150580f", "value": "snipaste.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252749", "to_ids": true, "type": "domain", "uuid": "7e338f0b-cf11-4f34-98a1-838b0a39b064", "value": "soogoo.icu", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252770", "to_ids": true, "type": "domain", "uuid": "3d7154f0-101e-4a81-bfca-7a6ad4d9273a", "value": "soogou.store", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252792", "to_ids": true, "type": "domain", "uuid": "56a54fc3-e637-44c7-b5b8-feb39a643443", "value": "sougoo.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252813", "to_ids": true, "type": "domain", "uuid": "c8ac713c-523c-49d6-aad9-a591b631ab0f", "value": "sougous.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252834", "to_ids": true, "type": "domain", "uuid": "9493dcdd-0d7f-4a0b-a9a6-a65051fe9046", "value": "sougous.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252856", "to_ids": true, "type": "domain", "uuid": "e80e8e90-f303-4968-b7ef-4bcabddbe9ff", "value": "soulgou.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252877", "to_ids": true, "type": "domain", "uuid": "74405b4b-df7b-4c5a-a517-99395a76e5cf", "value": "steams.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252898", "to_ids": true, "type": "domain", "uuid": "78fcac33-073a-4b21-a88b-74d5d64a0919", "value": "sublitmext.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252919", "to_ids": true, "type": "domain", "uuid": "6efcab8a-2e06-4b05-ac54-650a0d66091e", "value": "subllmatxt.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252941", "to_ids": true, "type": "domain", "uuid": "bc8d6f1f-1fe5-4693-9864-6a0733907e7a", "value": "surrl9oa.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252962", "to_ids": true, "type": "domain", "uuid": "f765693e-16b3-4733-a69d-456a5143b94b", "value": "t0v0hlp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737252983", "to_ids": true, "type": "domain", "uuid": "a68fd789-a87f-4fe7-aed0-ce55cb673088", "value": "taufp6.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253004", "to_ids": true, "type": "domain", "uuid": "24e55b74-2778-4d0f-802a-d2fde7fed7e9", "value": "teamviewers.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253026", "to_ids": true, "type": "domain", "uuid": "582d824d-fa43-4b87-bd1f-6eda0ec55e3c", "value": "teiegram.ing", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253047", "to_ids": true, "type": "domain", "uuid": "8ef1428d-7341-41c7-ba06-e8bd4ae0fc5c", "value": "telagrmaxjsq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253068", "to_ids": true, "type": "domain", "uuid": "ebf28115-82b4-486e-8fdd-d1343c5b7513", "value": "teleagrmone.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253089", "to_ids": true, "type": "domain", "uuid": "afccace8-2714-4692-94db-ce6a6f1d4461", "value": "teleepcrme.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253110", "to_ids": true, "type": "domain", "uuid": "181c2fdb-b793-4730-ad5a-aa63eceb83d4", "value": "teleeqcrme.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253132", "to_ids": true, "type": "domain", "uuid": "342070e2-1a3d-4de3-9c6e-d6d7818ec04b", "value": "telegcvme.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253153", "to_ids": true, "type": "domain", "uuid": "5e6da46f-842d-4c73-a094-032965eee312", "value": "telegczem.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253175", "to_ids": true, "type": "domain", "uuid": "061b1e62-f37c-4157-a472-22bc0434f0ec", "value": "telegramn.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253196", "to_ids": true, "type": "domain", "uuid": "c8a84f99-5388-4a3e-942f-bf7112faa275", "value": "telegrcm.ing", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253218", "to_ids": true, "type": "domain", "uuid": "921d2cd3-ccf7-445d-a2af-a3f8a0dbee1e", "value": "telegrimz.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253239", "to_ids": true, "type": "domain", "uuid": "81caeaad-39c6-4c07-b645-152326fac524", "value": "telegrinxkam.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253260", "to_ids": true, "type": "domain", "uuid": "9b9e09e8-eb8a-4fac-8ff2-b7d4517fcb5e", "value": "telegrpcm.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253281", "to_ids": true, "type": "domain", "uuid": "9b91664d-f815-448d-a853-b04d49956f59", "value": "teleigpcm.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253303", "to_ids": true, "type": "domain", "uuid": "bbfece2f-37ca-43d2-9386-c623342aa2e8", "value": "teleigpcm.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253325", "to_ids": true, "type": "domain", "uuid": "73577c2a-6587-4617-b1b8-cf3275cbe11e", "value": "telepcem.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253346", "to_ids": true, "type": "domain", "uuid": "dfa2aefb-c722-494a-bb61-aea2d9195640", "value": "telepcems.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253367", "to_ids": true, "type": "domain", "uuid": "f76bf6ee-e356-4b90-9518-d59f99054da3", "value": "telepeqrm.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253388", "to_ids": true, "type": "domain", "uuid": "11402e21-e8b5-452d-934d-c069f7ff476e", "value": "telepqrm.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253409", "to_ids": true, "type": "domain", "uuid": "db36f2b7-7d51-4825-93ac-f58c6921947d", "value": "teleprzm.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253431", "to_ids": true, "type": "domain", "uuid": "b9df0969-b9e2-4310-9215-6c47e6f6298a", "value": "telepwam.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253452", "to_ids": true, "type": "domain", "uuid": "bd45ca36-d86e-4070-aa46-2a5b984a7533", "value": "teleqcam.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253474", "to_ids": true, "type": "domain", "uuid": "0ff2f527-80d5-4ea1-9d9f-1c96c96b5d7e", "value": "teleqcrmn.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253495", "to_ids": true, "type": "domain", "uuid": "a50d8de8-6344-40bd-ab82-156978c48117", "value": "teleqcrmn.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253516", "to_ids": true, "type": "domain", "uuid": "129d16ac-f14a-4982-90ea-55ad481b62f8", "value": "teleqercm.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253537", "to_ids": true, "type": "domain", "uuid": "74f3684c-d425-4785-aa0d-37573edad9fe", "value": "teleqpczm.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253561", "to_ids": true, "type": "domain", "uuid": "563d238d-5b74-4f82-9efe-f79e41354721", "value": "tgsheng.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253582", "to_ids": true, "type": "domain", "uuid": "9f21e54e-21a1-4ee9-96f8-c1ef05a1a72a", "value": "tittia.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253603", "to_ids": true, "type": "domain", "uuid": "9c2c94ac-ec48-48c4-9296-bafa00c35501", "value": "tletsvpn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253625", "to_ids": true, "type": "domain", "uuid": "ff56d0ce-9f68-4984-a2dd-0eaa95849cd2", "value": "todaskek.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253646", "to_ids": true, "type": "domain", "uuid": "8eaf31d1-c7ef-4f7a-a8ea-3ccabbc28414", "value": "todaski.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253667", "to_ids": true, "type": "domain", "uuid": "6235d7c5-650b-4619-9f88-4afdfa9b3fa3", "value": "todesik.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253688", "to_ids": true, "type": "domain", "uuid": "5124035a-f12a-4f5a-84da-70831f265486", "value": "todeskc.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253709", "to_ids": true, "type": "domain", "uuid": "7aa52c27-69ea-4c8b-8748-439f55027ccb", "value": "todeskei.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253731", "to_ids": true, "type": "domain", "uuid": "26e48b59-2b10-453e-b9b3-2227abdbddcb", "value": "todeskeq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253752", "to_ids": true, "type": "domain", "uuid": "3b317b53-0227-4975-97d5-cd5430bf2f3c", "value": "todeskiz.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253774", "to_ids": true, "type": "domain", "uuid": "a70d3bc9-6ff7-4bfe-a3a8-40c4c49808c5", "value": "todeskze.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253795", "to_ids": true, "type": "domain", "uuid": "39d4891c-8c93-4286-8d38-54f41b7b1727", "value": "todeskzis.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253816", "to_ids": true, "type": "domain", "uuid": "0499dc76-c194-4076-a741-334010a65c5a", "value": "tradingview.trade", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253838", "to_ids": true, "type": "domain", "uuid": "27e874a1-2b76-4621-9d8b-be362379744b", "value": "ttcy365.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253859", "to_ids": true, "type": "domain", "uuid": "c98cad0e-a6f6-4c00-b025-d473063f8be0", "value": "ui4.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253880", "to_ids": true, "type": "domain", "uuid": "e90b062b-3e33-45c9-8b00-299d5b82182a", "value": "uletsvpn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253902", "to_ids": true, "type": "domain", "uuid": "d4bf579a-b670-4484-961d-c24f4a4908a5", "value": "upcupe.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253923", "to_ids": true, "type": "domain", "uuid": "4a3f8011-3930-4505-84ee-f0eab4a6abf9", "value": "uphot.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253944", "to_ids": true, "type": "domain", "uuid": "3fe4502a-c674-479b-ba0c-807233f7c09f", "value": "uq7djw.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253965", "to_ids": true, "type": "domain", "uuid": "4384ec2d-f1f4-4e72-b2dd-9321876ce977", "value": "utuncloud.world", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737253987", "to_ids": true, "type": "domain", "uuid": "730b017d-479c-4d03-859e-cef2f1261c11", "value": "vb0ep.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254008", "to_ids": true, "type": "domain", "uuid": "7a36f68f-5047-46fe-acdb-1a3c0385877e", "value": "vejm60.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254029", "to_ids": true, "type": "domain", "uuid": "9cd75918-bc38-427e-867e-2e4c7846092d", "value": "viber.cc", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254051", "to_ids": true, "type": "domain", "uuid": "aed7d727-a8b2-4574-8444-4d891adb5039", "value": "viber.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254072", "to_ids": true, "type": "domain", "uuid": "a8f30598-5b61-4a7e-8ab4-ed32060069af", "value": "viberi.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254094", "to_ids": true, "type": "domain", "uuid": "e64e2301-8bf3-4401-afeb-dde5fa423fe3", "value": "vibers.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254115", "to_ids": true, "type": "domain", "uuid": "dad2db3a-e60b-44db-bc77-b9c3d13bae73", "value": "vibers.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254136", "to_ids": true, "type": "domain", "uuid": "4e3257bb-467e-4db3-9bac-f82249d9e2dd", "value": "vibers.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254158", "to_ids": true, "type": "hostname", "uuid": "306b31b2-fec6-4533-b8e0-53170af59b77", "value": "villa.yiluying.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254179", "to_ids": true, "type": "domain", "uuid": "79638a3c-0252-470f-adc5-22c3c87c28d1", "value": "visvpn.cyou", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254200", "to_ids": true, "type": "domain", "uuid": "d236831b-a1d1-4a68-81ca-518fe5a1cbb9", "value": "vletsvpn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254221", "to_ids": true, "type": "domain", "uuid": "6affbf5c-7919-4c04-ac34-6aca28799ce5", "value": "vzvlco.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254243", "to_ids": true, "type": "domain", "uuid": "3280df78-4017-4e39-add2-08456b16940c", "value": "wangr.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254264", "to_ids": true, "type": "domain", "uuid": "fc649052-b5d7-4de0-b6b8-0e52497f8783", "value": "wangwangtalk.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254285", "to_ids": true, "type": "domain", "uuid": "8db40dce-40ed-4a4c-8f9a-9596d0357fd9", "value": "wgoole.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254306", "to_ids": true, "type": "domain", "uuid": "82f9abb4-32bf-4c50-90b1-e6b234be0979", "value": "whapps.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254327", "to_ids": true, "type": "domain", "uuid": "d3f21fc2-669e-4068-b31d-3537ebb59e90", "value": "whapps.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254349", "to_ids": true, "type": "domain", "uuid": "c469f5a6-ed35-465a-9470-b1b4bdbfd6a5", "value": "whapps.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254371", "to_ids": true, "type": "domain", "uuid": "25f73cf5-aee6-4c78-ae91-b6d9e0aa16db", "value": "whatsacppy.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254392", "to_ids": true, "type": "domain", "uuid": "d048ee12-7a17-4a6f-a206-04a1fdf901d6", "value": "whhapps.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254414", "to_ids": true, "type": "domain", "uuid": "bca4db81-060c-4ef0-882e-dac75a641338", "value": "whhapps.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254435", "to_ids": true, "type": "domain", "uuid": "fd6bae5c-61aa-4a06-84c6-a9968f27c54a", "value": "whtpps.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254456", "to_ids": true, "type": "domain", "uuid": "c98164ae-df16-4cb0-befc-287d634544b6", "value": "whtpps.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254477", "to_ids": true, "type": "domain", "uuid": "f9a23a50-e2bc-4135-b217-07c55e7bef40", "value": "whtpps.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254499", "to_ids": true, "type": "domain", "uuid": "507b1193-4a6b-4165-8023-647d8ffe0591", "value": "whtsaps.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254521", "to_ids": true, "type": "domain", "uuid": "937cd9ec-e4ed-4794-838d-7c736038a5d0", "value": "whtsaps.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254542", "to_ids": true, "type": "domain", "uuid": "f137c775-c21e-42be-89a3-ead3108d019d", "value": "whtsaps.vip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254564", "to_ids": true, "type": "domain", "uuid": "41c968ef-5a78-4b4d-9a96-6ef437cf41a9", "value": "whtsaps.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254585", "to_ids": true, "type": "domain", "uuid": "e28b3e19-e1c3-4503-8276-91d3b75721ef", "value": "wiinrar.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254607", "to_ids": true, "type": "domain", "uuid": "2ca10abe-26d4-493a-b263-47939e6822e7", "value": "winrarsz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254628", "to_ids": true, "type": "domain", "uuid": "310c1654-a733-4966-873a-473b6b08925e", "value": "winzips.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254649", "to_ids": true, "type": "domain", "uuid": "4314bbab-a6e6-458a-9b1d-ff584d0f7a2e", "value": "wipses.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254670", "to_ids": true, "type": "domain", "uuid": "15b39af8-1135-4c57-aa9f-2b0969d1ba8f", "value": "wletsvpn.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254692", "to_ids": true, "type": "domain", "uuid": "dbe5f2dc-aef2-4bb0-b7e4-206bf6be2f8d", "value": "wppsi.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254713", "to_ids": true, "type": "domain", "uuid": "97e3b4fa-4300-401e-ac67-1b2f7f4226bb", "value": "wpsco.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254735", "to_ids": true, "type": "domain", "uuid": "e2358f7f-aa29-415d-8782-8068c592090f", "value": "wpsei.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254756", "to_ids": true, "type": "domain", "uuid": "2be396d9-216e-4603-a7ca-64f40274dc60", "value": "wpsie.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254777", "to_ids": true, "type": "domain", "uuid": "dc9e70b2-f3b5-4bf9-a8b0-c86f30b882f4", "value": "wpsim.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254800", "to_ids": true, "type": "domain", "uuid": "08c59b3e-f567-4c51-b703-5802d8b6b409", "value": "wpsio.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254821", "to_ids": true, "type": "domain", "uuid": "5c69096f-1a38-4d56-80ac-4a76773978ef", "value": "wpsiz.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254842", "to_ids": true, "type": "domain", "uuid": "c9f5e05c-f53e-4338-9a60-3d7b1e1eee71", "value": "wpsla.site", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254863", "to_ids": true, "type": "domain", "uuid": "41d72e65-5b1c-474f-aa4e-bac1b023c5ad", "value": "wpsma.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254885", "to_ids": true, "type": "domain", "uuid": "af3d341f-4593-4761-8cff-accd8bc978ce", "value": "wpsqm.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254906", "to_ids": true, "type": "domain", "uuid": "86cd15a1-90ad-431f-9c3e-54c72a69b6f2", "value": "wpsqr.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254927", "to_ids": true, "type": "domain", "uuid": "dd792773-0309-4372-84de-8e78bf71dfe9", "value": "wpsqx.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254948", "to_ids": true, "type": "domain", "uuid": "f280adc9-b8d0-4bc3-8188-2839c3d02fe5", "value": "wpsrc.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254969", "to_ids": true, "type": "domain", "uuid": "d0e03ec0-76bd-46e0-9259-e3eb1e87353a", "value": "wpsrc.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737254996", "to_ids": true, "type": "domain", "uuid": "2a1b4b73-7c10-4a5c-9d1b-e2270be293e5", "value": "wpsrs.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255017", "to_ids": true, "type": "domain", "uuid": "9bff9a3e-f0c6-4da4-98d3-c42853cc55b8", "value": "wpss.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255039", "to_ids": true, "type": "domain", "uuid": "eccf8f0b-f4e5-4f5e-b99d-c9338332d420", "value": "wpssq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255060", "to_ids": true, "type": "domain", "uuid": "14933033-e5bd-4b07-a34e-28f89a6a9564", "value": "wpsxi.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255082", "to_ids": true, "type": "domain", "uuid": "967f1be3-5e6f-4757-a18a-35fd8fe65e3b", "value": "wpsxm.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255103", "to_ids": true, "type": "domain", "uuid": "968c4bf2-77f4-4e97-8ca6-3d1b10406af1", "value": "wpsxz.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255125", "to_ids": true, "type": "domain", "uuid": "da378b54-38aa-4a62-98ed-daa89a30c772", "value": "wpsyz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255146", "to_ids": true, "type": "domain", "uuid": "2d96abea-d69d-4d63-a845-813183688741", "value": "wpszm.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255167", "to_ids": true, "type": "domain", "uuid": "83d3e794-9f4f-4fd8-8d40-a789da247eef", "value": "wudps.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255189", "to_ids": true, "type": "domain", "uuid": "efc04f37-e6f8-44fc-94a3-0be4f2bc3b48", "value": "wuyoujieee.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255210", "to_ids": true, "type": "domain", "uuid": "45e5f4de-55cc-4f11-bc1c-bb1b8cf16f81", "value": "wymusic.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255231", "to_ids": true, "type": "domain", "uuid": "2d9d2633-d291-4703-8654-f3c64ea27c41", "value": "wymusic.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255253", "to_ids": true, "type": "domain", "uuid": "292395da-5f19-4009-af8f-75f496d41ee4", "value": "xiaohuojians.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255274", "to_ids": true, "type": "domain", "uuid": "d9cd043b-38aa-46f6-afe5-a2e0c314af32", "value": "ximmlang.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255296", "to_ids": true, "type": "domain", "uuid": "c3063a91-151d-4861-a0f7-77dc84d52c0d", "value": "xingqiiu.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255318", "to_ids": true, "type": "domain", "uuid": "355bb898-ff5a-47d9-8ea7-f19419b105f1", "value": "xingzuan.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255339", "to_ids": true, "type": "domain", "uuid": "e488416f-b474-4a23-98fd-cdcc4ed714b8", "value": "xingzuan.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255360", "to_ids": true, "type": "domain", "uuid": "bc97d941-432d-4017-94b0-818327f34852", "value": "xingzuan.online", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255381", "to_ids": true, "type": "domain", "uuid": "8e043b58-95e8-461c-b7ff-89ab4f16e6f7", "value": "xingzuan.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255403", "to_ids": true, "type": "domain", "uuid": "78ec069d-177b-4d33-a504-8e31c305abd4", "value": "xinlang.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255424", "to_ids": true, "type": "domain", "uuid": "057c2fa7-5df2-42f7-bca7-09f289feb4ff", "value": "xinmeng.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255445", "to_ids": true, "type": "domain", "uuid": "53fde64d-f688-4956-8aa6-28db197ae7b2", "value": "xinzuan.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255467", "to_ids": true, "type": "domain", "uuid": "fef0e64a-ec2c-45f0-a932-8ddcd243e847", "value": "xmengapp.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255488", "to_ids": true, "type": "domain", "uuid": "86207834-7f19-4537-900d-988b01e2c277", "value": "xxyy.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255510", "to_ids": true, "type": "domain", "uuid": "35eb604f-f038-4557-b367-484bfd2c2a63", "value": "xzpay.work", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255531", "to_ids": true, "type": "domain", "uuid": "d6fdb1b5-9b46-4568-a53e-453182a5295b", "value": "yiiji.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255553", "to_ids": true, "type": "domain", "uuid": "70cb7612-b8f8-4385-ab69-08e86797b35f", "value": "yiijifu.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255574", "to_ids": true, "type": "domain", "uuid": "d04d1c68-5994-4b00-a0fa-4658360195aa", "value": "yijfu.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255596", "to_ids": true, "type": "domain", "uuid": "7d331979-841f-4cc8-b06f-8c1fc61908d1", "value": "yoadao.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255617", "to_ids": true, "type": "domain", "uuid": "9793222d-cb7d-4403-99d6-980b1f3b631e", "value": "yodaou.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255638", "to_ids": true, "type": "domain", "uuid": "a60cfc16-2ef2-4670-8da3-128b28fa4a7a", "value": "yoodao.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255659", "to_ids": true, "type": "domain", "uuid": "d3d3671c-b3fd-438b-b693-6cb5159b8567", "value": "yoodaoi.club", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255681", "to_ids": true, "type": "domain", "uuid": "a9bd7628-abae-44a2-b5ec-8d38c565723e", "value": "yoodaou.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255702", "to_ids": true, "type": "domain", "uuid": "e3ec0b78-d0b8-4419-bc57-dd76e65d1c0a", "value": "yoodau.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255723", "to_ids": true, "type": "domain", "uuid": "7c5c6803-0a06-4cf6-8c56-1bbb813df1ad", "value": "yoodau.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255745", "to_ids": true, "type": "domain", "uuid": "82a9983c-7d30-4173-a35f-c19eb18546af", "value": "yoodou.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255766", "to_ids": true, "type": "domain", "uuid": "b0f19802-7183-4615-8187-f6c83809861c", "value": "youdaoie.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255787", "to_ids": true, "type": "domain", "uuid": "8f761ccf-aa4d-42f5-9422-3fed3f86add9", "value": "youdaox.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255808", "to_ids": true, "type": "domain", "uuid": "fbe47e5b-6cb1-4b74-89a8-a19035dc316c", "value": "youdaoz.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255829", "to_ids": true, "type": "domain", "uuid": "2c541525-94a8-4c6b-bdad-deb47834f277", "value": "youdoau.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255851", "to_ids": true, "type": "domain", "uuid": "532ba87a-aeac-4a49-b32b-aff64d958bf5", "value": "youdoo.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255873", "to_ids": true, "type": "domain", "uuid": "ef5585b1-5b1c-4772-9e39-ac752fed4ce7", "value": "youdou.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255894", "to_ids": true, "type": "domain", "uuid": "fa4512a5-0350-48c9-ab64-caa39b2ac52a", "value": "yqdesk.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255915", "to_ids": true, "type": "domain", "uuid": "896a9ec4-3f79-4fc2-a76e-edc618ddfb22", "value": "yuanq.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255936", "to_ids": true, "type": "domain", "uuid": "ffba833e-d465-466f-a280-2482b995997e", "value": "yuduba.xyz", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255957", "to_ids": true, "type": "domain", "uuid": "36cffa1a-94f5-4708-87ad-5f4977a2c444", "value": "z42f1m.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255978", "to_ids": true, "type": "domain", "uuid": "65ffbf96-4f06-40c3-b74d-feefa233d713", "value": "zhekou838.cn", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737255999", "to_ids": true, "type": "domain", "uuid": "30b561d5-5067-4c1c-a1aa-4ee634f8c642", "value": "ziniao.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Suspected Malware Delivery Domain", "deleted": false, "disable_correlation": false, "timestamp": "1737256021", "to_ids": true, "type": "domain", "uuid": "6459e9fd-157c-4c0c-8990-d8cf9b0f46a0", "value": "zoomi.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256041", "to_ids": true, "type": "url", "uuid": "b8fe7859-9242-4a59-9b1b-0fb4bd897a79", "value": "kipkshsa.top/download/letsvppn-latest.msi", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Stage 2 Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256063", "to_ids": true, "type": "url", "uuid": "e172dd39-0e1c-426b-aadc-0f4d7f8585d9", "value": "https://fs-im-kefu.7moor-fs1.com/ly/4d2c3f00-7d4c-11e5-af15-41bf63ae4ea0/1733466890455/3.txt", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256084", "to_ids": true, "type": "url", "uuid": "3d3fe3b8-4d7e-48ea-bec2-2bdb42d472b6", "value": "https://ni1kpuro.oss-ap-southeast-1.aliyuncs.com/QuickQ.zip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256105", "to_ids": true, "type": "domain", "uuid": "29e2a6ea-80e9-48ee-9eee-7cd5f0d14112", "value": "quickq.zip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256126", "to_ids": true, "type": "url", "uuid": "577af006-ae01-4ba9-a21e-64fc9e91658d", "value": "kuailiani.net/download/kuailian64.52.msi", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256147", "to_ids": true, "type": "url", "uuid": "0e9e2a41-402e-412d-a776-a831856732db", "value": "https://caiyun1688.oss-cn-shenzhen.aliyuncs.com/QuickQ-18.zip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "No sample in VT\r\nLast check:18/01/2025", "deleted": false, "disable_correlation": false, "timestamp": "1737197010", "to_ids": true, "type": "sha256", "uuid": "64f67592-7918-4feb-9518-e002ad6c5c52", "value": "5283873308336ae1011ebfe1d057621413b7d528340e45d76359850d5589e662", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"VirusTotal\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256168", "to_ids": true, "type": "url", "uuid": "a448c384-cf31-4418-817e-ace858720383", "value": "quickqi.net/assets/download/quicqk66.12.msi", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256188", "to_ids": true, "type": "url", "uuid": "c8e5267f-d489-45d2-8af6-80aa8e1afeaf", "value": "quickiq.top/assets/download/win32-quicq.msi", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256209", "to_ids": true, "type": "url", "uuid": "55808465-0e58-4cab-8ce8-5dda77298660", "value": "isdndjsq.top/assets/download/win32-quicq.msi", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256231", "to_ids": true, "type": "url", "uuid": "47f55f58-93a8-43a6-a6f3-c8e64b9035c9", "value": "https://letscdn.world/assets/download/letsvpn-latest.rar", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256253", "to_ids": true, "type": "url", "uuid": "ce092a35-4bb8-4e44-854e-f24f67f5d2a1", "value": "https://telegrinxkam.top/assets/download/Ttsetuphdmgj.exe", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256274", "to_ids": true, "type": "domain", "uuid": "c185f296-74c2-456f-9374-c4034383a48f", "value": "eyy5201.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256295", "to_ids": true, "type": "url", "uuid": "d609b99c-8757-4964-bf25-ea7c32737878", "value": "https://eyy5201.top/static/download/yiwaiwai66.31.msi", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256316", "to_ids": true, "type": "url", "uuid": "14ccd62c-5d4e-4f4b-a82e-a0ff7a0ff24d", "value": "https://letsvpn-ui.top/assets/download/letsvpn-latest.exe", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256338", "to_ids": true, "type": "url", "uuid": "64923c6f-7bb7-49e7-90d3-d3f84698efa0", "value": "https://chrmpw.top/download.html", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256359", "to_ids": true, "type": "url", "uuid": "20869128-58f8-4168-a33b-0d115d64de29", "value": "https://pub-bbd4563a163f414086e62f5cf87a6b4e.r2.dev/fah-0.zip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256381", "to_ids": true, "type": "domain", "uuid": "bd3ad6d2-5f63-4250-8208-5cb1c06bec54", "value": "fah-0.zip", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256402", "to_ids": true, "type": "domain", "uuid": "bbb13541-a968-4228-9c4c-fc645cd94c59", "value": "qwapmuuq.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256423", "to_ids": true, "type": "domain", "uuid": "1b6c5c5e-35c4-4408-b70a-ad89f6cc845c", "value": "fsquhgne.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256448", "to_ids": true, "type": "domain", "uuid": "799d3103-8417-4a2f-b0dc-46b4dcd04d1d", "value": "rtuoxxsr.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256469", "to_ids": true, "type": "domain", "uuid": "82ff93f8-0bc1-4f4d-8a57-1f4518fe706b", "value": "fzqecfyi.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256490", "to_ids": true, "type": "domain", "uuid": "cc5a7fe3-19ab-4ed9-8359-fd3bf8d683c5", "value": "modbydto.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256512", "to_ids": true, "type": "domain", "uuid": "bff69d59-f4f3-4bac-89f6-d3982d3733f3", "value": "szyyotmp.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256533", "to_ids": true, "type": "domain", "uuid": "4b6f601e-73d4-44f7-8258-5d0049db71dc", "value": "vltlpung.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256555", "to_ids": true, "type": "domain", "uuid": "72c2136a-6a3b-4197-abed-c68a6d36eb22", "value": "twyudoft.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256576", "to_ids": true, "type": "url", "uuid": "6a7a5e38-45a5-4e54-96e7-6bbc2b2a3b50", "value": "https://quiiqq.com/win32-quickq.zip", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256597", "to_ids": true, "type": "domain", "uuid": "7450c44d-c635-4a87-9fa3-3c420d60364f", "value": "win32-quickq.zip", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "No sample in VT\r\nLast check:18/01/2025", "deleted": false, "disable_correlation": false, "timestamp": "1737197011", "to_ids": true, "type": "sha256", "uuid": "5f1dcffa-5918-454c-8a63-2238c00d6b3d", "value": "005bdfdde6a0d0718ac60bcc7071bd87d0ac869308cf8dd7ed8afa7478709ba9", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"VirusTotal\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256618", "to_ids": true, "type": "domain", "uuid": "567f37af-db8e-4279-8125-14c0599bf1dc", "value": "quickq.fit", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737256641", "to_ids": true, "type": "url", "uuid": "e1b93b3e-7b37-4a29-aeb5-bcb7ff039661", "value": "http://quickq.fit/sdk/win32-quickq.exe", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1737256662", "to_ids": true, "type": "url", "uuid": "06822495-e046-4647-a6ae-ddb2bccaf701", "value": "https://setupx64.oss-cn-hongkong.aliyuncs.com/QuickSetup.msi", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Download URL", "deleted": false, "disable_correlation": false, "timestamp": "1737181300", "to_ids": true, "type": "filename", "uuid": "d501b360-5c12-4275-9224-a4563be4cd2a", "value": "mctuqqe4z.top/qucke1.2_\u5feb\u5ba2.zip" }, { "category": "Other", "comment": "Fake Login Pages Delivering Malware - Included in the website\u2019s imported JavaScript files is \u201c/assets/js/ebzcecf9.js\u201d, which contain login credentials for the website.", "deleted": false, "disable_correlation": false, "timestamp": "1737181683", "to_ids": false, "type": "text", "uuid": "e2bbc6e6-23a7-49d3-8426-a9cc4dfe521f", "value": "admin:admin123" } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256684", "uuid": "87ef1755-767a-4789-8357-797e23a8c08a", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 1", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256684", "to_ids": true, "type": "md5", "uuid": "89feac38-bc51-4b4e-b5d6-e092e2fe7777", "value": "3b51a6619edb1f3a971040ff08be6838", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 1", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196955", "to_ids": true, "type": "sha1", "uuid": "7e64dcb1-eeea-44b2-ba3d-412667c0a2e0", "value": "4e1e81bfe3b82030ca707f5c6d3bbcb5b8745a96", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 1", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196956", "to_ids": true, "type": "sha256", "uuid": "7fce4247-ac9b-4b83-8b9b-9e15a1123d98", "value": "d1c9957bd55933a619d22e741fadcee6085e679e66af5cd8edbff7d9cf8fd4cf", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195135", "to_ids": true, "type": "ssdeep", "uuid": "3c5eebfc-fac2-4144-933c-32e77bb72771", "value": "393216:0OFMhpppPi7P26RzIcdwQuiQDlwg0S+B7Pnnzmqy:zMBpgP2k0EwQul+dCq" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195135", "to_ids": false, "type": "size-in-bytes", "uuid": "a46251e4-0e21-45c7-bc52-a6de42e3aba1", "value": "19062784" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195135", "to_ids": true, "type": "vhash", "uuid": "a82c8231-7f12-468e-8d75-59c5419d8494", "value": "351e7a6d8c473c17b06cb4e891879d88" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195135", "to_ids": true, "type": "filename", "uuid": "02d1971f-23dd-4fee-9e7a-65b3c785616f", "value": "letsvppn-latest.msi" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 29/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195135", "to_ids": false, "type": "text", "uuid": "f748e208-19fc-43cd-84e8-6486420cd259", "value": "Stage 1\r\nType Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:13/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256705", "uuid": "c66be78b-b80c-474d-b750-11e0a6995aa4", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 2 Downloader", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256705", "to_ids": true, "type": "md5", "uuid": "acf51665-95d0-43d3-aa3f-a13cb0c11a5e", "value": "a7ecaaeb5f6d836dc7f98f0c70be6b2d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Downloader", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196957", "to_ids": true, "type": "sha1", "uuid": "07320196-4efd-4fde-b889-ba010ec88ae6", "value": "34128a910b09f311f8d2045fb952ddc0179df0c2", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Downloader", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196957", "to_ids": true, "type": "sha256", "uuid": "ab883943-26ac-4139-9108-08ae5ad3f890", "value": "927474984e549f9d1269950e5782f755cb96f11d404a3cac56114d1e795609c5", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195158", "to_ids": true, "type": "ssdeep", "uuid": "1470e784-2111-4298-b819-6323e3e423c9", "value": "6144:5FqUuaF3I9T/7VXWy37Xx7vD7WnIL72m1GW6aKdZSNdibNLPSEPFR/:58NT/hjh7vXYI+m1GW6aIgaNOEPF" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195158", "to_ids": false, "type": "size-in-bytes", "uuid": "5db339ea-8e03-4318-8cfe-b8bd9e8b548f", "value": "389632" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195158", "to_ids": true, "type": "vhash", "uuid": "05db5b82-103b-44cc-8152-504b7f16a26e", "value": "035056655d155510901010021z837zf0c7z4007b1z4bz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195158", "to_ids": true, "type": "filename", "uuid": "cf1e9232-a8c0-4912-a02b-17deae76310c", "value": "QQQQ.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 15/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195158", "to_ids": false, "type": "text", "uuid": "8a8727b4-8f91-468a-a813-dca9291cc354", "value": "Stage 2 Downloader\r\nType Description: Win32 EXE\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:55/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256726", "uuid": "54e63e2c-8d43-4b43-90ce-9ba94b11b0ea", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 2 Dropper", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256726", "to_ids": true, "type": "md5", "uuid": "9de19493-11e3-48dc-8784-9a85001667aa", "value": "500a6f44b24947eae05d3a1df2388b0c", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Dropper", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196958", "to_ids": true, "type": "sha1", "uuid": "bd530083-60a7-4526-a603-e662f6a53bf3", "value": "2298c45fbeb02fec1e9c5b7d40cf9489f96bf359", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Dropper", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196959", "to_ids": true, "type": "sha256", "uuid": "f3a1e552-2ff6-4b10-b853-62a6df06c32d", "value": "839e314d6027977399ee486d1cadba972685550ab97467ec77ef746ffc81a478", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195179", "to_ids": true, "type": "ssdeep", "uuid": "c483c589-d2c2-4d1d-984c-bac332191f1a", "value": "24576:bLNzC+0Ju9TJLs8h8qiSQQQmaaaaaaaaaaaaaaazPRUD:FzGu9Tu8jaaaaaaaaaaaaaaaQ" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195179", "to_ids": false, "type": "size-in-bytes", "uuid": "55af1a91-896f-4b8c-a01e-79fbc71d649c", "value": "1276292" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195179", "to_ids": true, "type": "filename", "uuid": "93ed0fa1-5ba9-474d-8a75-309e9d13d437", "value": "3.txt" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 29/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195179", "to_ids": false, "type": "text", "uuid": "c327aee4-5d1e-41c9-baca-f09b849ae8e1", "value": "Stage 2 Dropper\r\nType Description: unknown\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:1/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256747", "uuid": "fd9c9e34-2624-4376-ad3e-16dd3a719254", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256747", "to_ids": true, "type": "md5", "uuid": "bd941032-b6f0-4f66-961b-045462a77672", "value": "f7185caab2681dd19aca1d7df8b0fff8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196960", "to_ids": true, "type": "sha1", "uuid": "b076cb36-2175-4836-b9af-10af29d8d429", "value": "2938295599ee219c6c8014adb58cbca06c64a274", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196960", "to_ids": true, "type": "sha256", "uuid": "a843a06b-ea9a-4fca-b3b7-c45d2e291c9e", "value": "7ac5b8905c760bf38d38761efc56362799f8a40b4fe2d570f56472b83a625360", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195201", "to_ids": true, "type": "ssdeep", "uuid": "4e0ca53a-0150-4228-8227-6fda746831ee", "value": "24576:CRaMuHXghb+Cpj6GcMCi6tDbAJH3kuzM5WbUg/n3MtRldzFrhtTkRfK0m3:CjBGbJ3Tky" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195201", "to_ids": false, "type": "size-in-bytes", "uuid": "f23171d4-70e2-497b-8bed-2534bd0cfaa9", "value": "1273856" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195201", "to_ids": true, "type": "vhash", "uuid": "b7c2bd1b-d907-4a10-8c17-dd5ceeaefe71", "value": "1160766666551d55055295zc00733a083z301023z50500431z902191d4z1" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195201", "to_ids": true, "type": "filename", "uuid": "5f71eb0b-00e6-4e35-b619-e19f8b5769cc", "value": "f7185caab2681dd19aca1d7df8b0fff8.extracted" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 29/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195201", "to_ids": false, "type": "text", "uuid": "7bfea35e-3db5-42e4-a298-c94d40928ec3", "value": "Stage 2 Trojan: Gh0stRAT\r\nType Description: Win32 DLL\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: TrojanDownloader:Win32/GhostRAT.I!MTB\nSentinelOne: Static AI - Malicious PE\nVT Total Detection:50/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256768", "uuid": "718982b9-9248-4807-abcf-70f1a5bc41bc", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256768", "to_ids": true, "type": "md5", "uuid": "bdad2ffb-7fa0-4120-bf6c-20f9635a089e", "value": "85557f1f224d5603368a0372955b4aea", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196961", "to_ids": true, "type": "sha1", "uuid": "4eb4c950-4485-4af1-9fed-204ab9085e6c", "value": "7dc004a87d5b84bc2b8abe5b4ffca65ebbdd87ca", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196962", "to_ids": true, "type": "sha256", "uuid": "b8565982-ef04-4e4d-a7e8-8c39a735cf70", "value": "7aa498dc87e734e306f850082fad723ca7c05ef2f0a84c5232111eb3e86156fc", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195223", "to_ids": true, "type": "ssdeep", "uuid": "1a616ec6-57f5-4cde-afa1-9d6c7c0ef232", "value": "3145728:82Uv9T+HFT5jEwmJHhPKEx6vCRvI6PzlzuTgdi+juLdoGtLuNx/g2xV2TVIZsPI0:8n5WjE/PVx8C+6PBuTm+LpLQ/PbZil" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195223", "to_ids": false, "type": "size-in-bytes", "uuid": "b2631247-6be6-49ec-8fa3-755ded90b82e", "value": "160081732" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195223", "to_ids": true, "type": "vhash", "uuid": "1a26fda6-b63c-4360-a194-7ac2bc074703", "value": "8f7c17ab226539fdd4487b454ab0c583" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195223", "to_ids": true, "type": "filename", "uuid": "b00368ad-6b6c-4d6a-8893-4fb277e4a4c5", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 31/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195223", "to_ids": false, "type": "text", "uuid": "ac82ea97-f768-4da4-8a8a-9cfbf8c743e9", "value": "Type Description: ZIP\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:7/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256790", "uuid": "e59796ba-8a9f-49cf-903c-76f32847255e", "Attribute": [ { "category": "Payload delivery", "comment": "Spyware: Chinad / FlyStudio", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256790", "to_ids": true, "type": "md5", "uuid": "bd443b25-13d3-4eae-a0eb-e91e519090c9", "value": "53134055194fcd673f4697150175e295", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Spyware: Chinad / FlyStudio", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196962", "to_ids": true, "type": "sha1", "uuid": "22c03dc3-5ce0-4bbb-adb7-8e860123d65d", "value": "c4078b260fa9ec68f31a3930f6dac37be6e3f0a1", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Spyware: Chinad / FlyStudio", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196963", "to_ids": true, "type": "sha256", "uuid": "fbb60f53-28c3-471a-bf94-6c0a021f1471", "value": "adb6afadbd9f31a2c6548b6e3c6378a7164a3604c04332e48a409c16faf4f598", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195245", "to_ids": true, "type": "ssdeep", "uuid": "162a23ad-bfc3-4065-82bd-72d8f4ff811c", "value": "3145728:QeebuOBtabZSD0e7bZsCCPV/s6w9x9M2w5vXw9N+QruiG/C1DFx4Dnrks:3zOaSr3Z5uq6wFM22kNmiL1in4" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195245", "to_ids": false, "type": "size-in-bytes", "uuid": "e1cfe63c-e65b-47d2-b667-c6ba1572093e", "value": "164573184" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195245", "to_ids": true, "type": "vhash", "uuid": "de2a0e38-c9fc-4cc1-b917-3e08773aa520", "value": "96daf2966defdfe969c4e19216f5ec4f" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195245", "to_ids": true, "type": "filename", "uuid": "be2a4da7-7ad8-4817-bf67-240f7895f21a", "value": "QuickQ.msi" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 31/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195245", "to_ids": false, "type": "text", "uuid": "b28fe666-17d7-4fb1-b46f-8a94665bf7f2", "value": "Spyware: Chinad / FlyStudio\r\nType Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:9/60" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256811", "uuid": "fb6b1466-7d45-4ddc-b84d-922ddc7b1aab", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256811", "to_ids": true, "type": "md5", "uuid": "6780642e-7d27-43ff-8630-2978629c0173", "value": "796fceb154a7c69d095e789a9a3eb529", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196964", "to_ids": true, "type": "sha1", "uuid": "6dc80621-6e9c-4810-9267-16d9a3b6389f", "value": "15bd3d1b34e74a89d4fd8a281d78005cbafebd0e", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196964", "to_ids": true, "type": "sha256", "uuid": "1189fd7d-5005-4a58-8b95-5fe99e8b109f", "value": "d75a2b9d03aab50d9f3eb6afbde06034adec7a183dfcaf090ce78e4cd7a59117", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195267", "to_ids": true, "type": "ssdeep", "uuid": "8452b757-f87f-418a-9f5c-9619445ae57c", "value": "3145728:JmtgGpqMqdZElpXle4AQuTi7lDX8CL2RuPtcwb2Cr18k0gdl:YDpq1fEle4juOx4XREcwb260" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195267", "to_ids": false, "type": "size-in-bytes", "uuid": "c13326e0-7fb6-453b-bf13-f7700d2040ee", "value": "108650496" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195267", "to_ids": true, "type": "vhash", "uuid": "bde0b8c3-0092-48e7-b5f2-a2b2527b78fc", "value": "6b90995feaac28f699f20e4bb6ac5b32" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195267", "to_ids": true, "type": "filename", "uuid": "60f2841e-5fc4-4085-9a30-cd325a0d1951", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 17/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195267", "to_ids": false, "type": "text", "uuid": "7a7e9821-8bae-44eb-a284-e5bf261e153f", "value": "Type Descriptio%WINDIR%\\Installer\nSymantec: Trojan.Gen.2\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:25/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256832", "uuid": "d3b581f9-976a-487c-9238-c7d032730021", "Attribute": [ { "category": "Payload delivery", "comment": "RedLine / LummaStealer", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256832", "to_ids": true, "type": "md5", "uuid": "8f194984-9667-4223-a7ed-95ee98b44b93", "value": "a9941233b9415b479d3b4f3732161eab", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "RedLine / LummaStealer", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196965", "to_ids": true, "type": "sha1", "uuid": "514ee3df-4440-49b3-9298-a580bfcab995", "value": "cb2d99af52b3b1c712943b13e45d85c80c732e57", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "RedLine / LummaStealer", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196966", "to_ids": true, "type": "sha256", "uuid": "2571f0be-0593-408c-9855-4f19a11d0aab", "value": "ce34cc14e8d26119e1bf28a3a8368da6e10d13851004e2675976c5ad58b122e2", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195288", "to_ids": true, "type": "ssdeep", "uuid": "5cd9fccd-4b8b-4e00-8d11-b3ba222cbbef", "value": "6144:waFYTdIO9QmvIeVKVhaxkSBULBA4tKSM3BZC4o4AOlKmN9ysU5pvs8g73iK:JYL9HXVW0xOA+KlZC4vA55s8g73iK" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195288", "to_ids": false, "type": "size-in-bytes", "uuid": "2bc6002b-130d-471c-b31b-bed92ac52e0f", "value": "602432" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195288", "to_ids": true, "type": "vhash", "uuid": "612be959-2460-427d-8be8-b7f8f2a32489", "value": "165056655d1515632z20211z841z73z80d5z7040036z55z52" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195288", "to_ids": true, "type": "filename", "uuid": "8645cfa0-a53d-48e4-a423-a20ac234bfef", "value": "AICustAct.dll" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 28/11/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195288", "to_ids": false, "type": "text", "uuid": "a67153c6-6910-444f-bb5c-bcec7cd67659", "value": "RedLine / LummaStealer\r\nType Description: Win32 DLL\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:1/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256854", "uuid": "b106b327-aac4-42e5-9e0d-aebec3adbd8a", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256854", "to_ids": true, "type": "md5", "uuid": "c7505c0f-8d41-460f-aece-98c1212a22c3", "value": "af18ebaf441637c673b90e72dc641442", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196967", "to_ids": true, "type": "sha1", "uuid": "40ae2da9-ad40-4958-bbcb-c12953be84ae", "value": "ca566667df442c85de6ef2b05bdcae253f7c6ea0", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196967", "to_ids": true, "type": "sha256", "uuid": "a2a1449d-7ad5-41d2-a064-6814acdb9375", "value": "e15a6646d20b4aa486f06fa81a1af55be0bd99dbff85cbd7a7a29d15ad73a693", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195331", "to_ids": true, "type": "ssdeep", "uuid": "3f14244c-26c6-4665-91a4-74b87bedcdcf", "value": "1572864:iApCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:7+9unkRxDw/Mf/pBGRj5" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195331", "to_ids": false, "type": "size-in-bytes", "uuid": "7ef12742-4c27-4da8-b7cb-0f987cc8f7b9", "value": "110876672" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195331", "to_ids": true, "type": "vhash", "uuid": "c3a4e901-ae6c-4fd1-9eb4-e9208ca86242", "value": "018066651d7555751091z1002e00976z120d5za050088fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195331", "to_ids": true, "type": "filename", "uuid": "5530cf11-3735-4447-ab2a-3a588a16b820", "value": "MyPlayer.EXE" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 03/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195331", "to_ids": false, "type": "text", "uuid": "2ebff996-b577-4aa1-83dc-ab5d10b13942", "value": "Type Description: Win32 EXE\nSymantec: Trojan.Gen.MBT\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:23/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256875", "uuid": "5f2cc109-207c-45ff-ab17-3225476a70da", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256875", "to_ids": true, "type": "md5", "uuid": "0e3c0fd2-55e9-4e17-b6b7-899df1ee8052", "value": "5d71908b049395a104b30c2846dba2a6", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196968", "to_ids": true, "type": "sha1", "uuid": "5ca82d20-103b-4360-a12e-890f1980388f", "value": "bacf211bae25d86cdda0947d74846049a91e0c02", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196968", "to_ids": true, "type": "sha256", "uuid": "624a551e-db98-4001-823d-3ece9f883696", "value": "e5205e1964b63ce14c85dd2c1ff6cdb06b3b1d323ccdbe0b2d6368a88dfe8f70", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195352", "to_ids": true, "type": "ssdeep", "uuid": "ad290397-929f-44dc-ba08-af67361279f7", "value": "1572864:JulfgWHsFr75CJ1HT0zPCtNPTniytbWmcZVOkB:JWt+78J1z6P09nfbWFZVP" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195352", "to_ids": false, "type": "size-in-bytes", "uuid": "d05cdb0e-296e-4617-b3cf-218da46f34a4", "value": "65651648" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195352", "to_ids": true, "type": "vhash", "uuid": "cc2b37e2-033b-4c08-aef5-3c1fe3ad85ac", "value": "067056655d5c0510d043z8003d7z47z62z3ffz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195352", "to_ids": true, "type": "filename", "uuid": "c8d305da-4558-4ebc-a369-6f7345995e91", "value": "win32-67-quickq.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 13/11/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195352", "to_ids": false, "type": "text", "uuid": "b2b98c30-ed77-43a3-8b93-f462db6a1fe5", "value": "Trojan\r\nType Description: Win32 EXE\nSymantec: None\nMicrosoft: Trojan:Win32/Malgent!MSR\nSentinelOne: None\nVT Total Detection:3/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256903", "uuid": "f0d54a4f-991e-4f65-97e8-5a2c1d152046", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan Downloader", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256903", "to_ids": true, "type": "md5", "uuid": "04adb017-291d-4c17-853c-314c47a1b9ee", "value": "ebfd1d2d242b2a6b857b179ef7fe9f9f", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan Downloader", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196970", "to_ids": true, "type": "sha1", "uuid": "a50a2905-60f4-4c71-8759-faa0244dd8af", "value": "5c5ff5fa6b27d3d942a0bbe3723a8b71a7cf1afe", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan Downloader", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196970", "to_ids": true, "type": "sha256", "uuid": "7787b08c-2586-4fad-8d3a-8000461787e0", "value": "fe1b5431ae27c85b1c652e3ac9541c2a801540c02c04fa7f4a3a9543c284eca5", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195374", "to_ids": true, "type": "ssdeep", "uuid": "ab68fdb5-bd6e-4771-b46a-562c2bc77a5b", "value": "1572864:MemUkqyvdVLQUNlL6fmdlYbpK63AvM670fKW6wsiYaDnv+bP7TN0P9Qbobc:9mUsvdGO6fmHkKAAv17/4ZDKd0PUi" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195374", "to_ids": false, "type": "size-in-bytes", "uuid": "4941cd8b-66b5-4820-a11c-a58925579985", "value": "102118400" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195374", "to_ids": true, "type": "vhash", "uuid": "803281e0-1c88-4207-b01b-6f0ee89a15a9", "value": "96daf2966defdfe969c4e19216f5ec4f" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195374", "to_ids": true, "type": "filename", "uuid": "971ed570-605b-4abc-abd1-9477df951c54", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 03/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195374", "to_ids": false, "type": "text", "uuid": "499e5607-9965-41c0-b9b6-c31e327fcb18", "value": "Trojan Downloader\r\nType Descriptio%WINDIR%\\Installer\nSymantec: Trojan.Gen.MBT\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:33/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256925", "uuid": "c395a39b-3747-492c-8f93-fa94cccfddcb", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256925", "to_ids": true, "type": "md5", "uuid": "7c7caa32-218c-48e7-b809-98bf3e86b22e", "value": "e890656cdc3b65d3fc380aeb3ed17055", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196971", "to_ids": true, "type": "sha1", "uuid": "eaef4bc8-85c6-4909-8319-e4954a9a6497", "value": "0649b544ffa71700b3674c7e40c10f5c07b9ae5d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196971", "to_ids": true, "type": "sha256", "uuid": "5c66c705-7af5-4cef-82af-040b3179bac7", "value": "bb152e75a72aa3ae675561f308614eba6c070e55e3895bc1b67125689dc24cee", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195396", "to_ids": true, "type": "ssdeep", "uuid": "f0d27853-539a-44f1-a4d9-0af393b68b51", "value": "393216:pllTeQaCbehmw1DTsC/dIaAguBTH8Vl5/jtnuMERncPrTq:daCmDdTsC/3AnBTcVl1jZLE6+" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195396", "to_ids": false, "type": "size-in-bytes", "uuid": "70a92cc1-9ac0-400d-9bc4-4cc6d9952ddc", "value": "20823449" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195396", "to_ids": true, "type": "filename", "uuid": "0bf303bb-b079-4746-99d8-0852586544f8", "value": "letsvpn-latest.rar" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 30/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195396", "to_ids": false, "type": "text", "uuid": "338cd081-24ed-4c09-b759-571e89d71034", "value": "Type Description: RAR\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:25/63" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256946", "uuid": "b2ad3bda-c534-411e-9417-c3b774b00e46", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256946", "to_ids": true, "type": "md5", "uuid": "afc5c2e1-c2c5-4bfa-83ac-dc5ab49c7a69", "value": "a9448e9f323b769a549f2561af80d340", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196973", "to_ids": true, "type": "sha1", "uuid": "3d552f8a-56bf-4a02-8083-c144dc3992ea", "value": "68fbcf232bf58a4d978f9b225fd5efe134b9a9d7", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196973", "to_ids": true, "type": "sha256", "uuid": "c5b658ed-1f8a-4fba-9bc1-2ef57eca461f", "value": "c7531f022be3a5e33aa71aadcd5f0b5ae9989c7980b3a218e1e1415f6b61953d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195418", "to_ids": true, "type": "ssdeep", "uuid": "aef33a49-b7e1-4f27-a342-11191da4f4a0", "value": "393216:UFREVB8HaiLK1TXuNl3zIZNzWTPUYpA4RaAtl+zD4RHY8+IzlV86U9UXRX64tYo:UFR8iUzusnqDUEAU7qPSM2lV86U9IX68" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195418", "to_ids": false, "type": "size-in-bytes", "uuid": "ab8e217e-3852-409e-ab75-344bc9bf78ca", "value": "21038677" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195418", "to_ids": true, "type": "vhash", "uuid": "75924116-053c-452f-8763-01cc38c768bf", "value": "027056655d15551028z4fhz13z8fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195418", "to_ids": true, "type": "filename", "uuid": "33e4c6a9-dbb4-4269-9480-c2cee2b4b141", "value": "suf_launch.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 30/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195418", "to_ids": false, "type": "text", "uuid": "9450e8c7-b714-4359-bef7-a0c1d3075af6", "value": "Trojan\r\nType Description: Win32 EXE\nSymantec: Trojan.Gen.MBT\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:37/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256968", "uuid": "83598c0c-0cb0-4fd2-9676-d591209dcc06", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256968", "to_ids": true, "type": "md5", "uuid": "d81ffebc-ef24-4335-b33f-7497a73503dd", "value": "67eb363520a5c82caf7a686c7ac2768b", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196974", "to_ids": true, "type": "sha1", "uuid": "bb59f7e0-485f-4ded-a2f1-6dc16fbdb543", "value": "81781c5589b6a99309b681cd5615744f5d20d4bd", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196974", "to_ids": true, "type": "sha256", "uuid": "b6d94af9-cb5d-4945-ab8f-ab3424df7e23", "value": "d219a6056e1f65507c984475711bd7e674b1319d11fd7a1149f3da983fd4f7c8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195439", "to_ids": true, "type": "ssdeep", "uuid": "d8195bfb-023b-4677-99a6-3084e60747e8", "value": "1572864:28u56CYtl2ISs8dbYe1ax4fDiGp4aqFMCTzxd5fCb:283l27Qx4bOTzx+b" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195439", "to_ids": false, "type": "size-in-bytes", "uuid": "94245d1d-ae42-4518-8d09-a6e17bc12b3c", "value": "74129322" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195439", "to_ids": true, "type": "vhash", "uuid": "b96d410b-1b0b-494b-b2f6-60f1443355e9", "value": "0770b6666d5c0d5d151c00d016z699zbaz1fz2" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195439", "to_ids": true, "type": "filename", "uuid": "f602badb-d27a-497f-b528-885225686219", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 02/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195439", "to_ids": false, "type": "text", "uuid": "8966f76c-ecbb-488c-8e48-23efb4af00b9", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:3/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737256989", "uuid": "7fecab81-4e5b-41e9-aa2f-39b5ebd0e623", "Attribute": [ { "category": "Payload delivery", "comment": "trojan: vmprotected", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737256989", "to_ids": true, "type": "md5", "uuid": "d0635726-d9e9-4923-84fb-f1afdb8e4dcb", "value": "dfde3f23eecea94e91a52e0c192e750d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "trojan: vmprotected", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196976", "to_ids": true, "type": "sha1", "uuid": "2e6319a8-f8ff-4b9d-b335-f3183d83abca", "value": "b56fcc5f375e037525b7d80f3bddab696e65103e", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "trojan: vmprotected", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196976", "to_ids": true, "type": "sha256", "uuid": "74307f0c-2948-4691-8dd0-0b3b19e74db3", "value": "f309c2c4847a5c888a580a2b154dfa1168016a9c3a335890f1b9e201819857e3", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195462", "to_ids": true, "type": "ssdeep", "uuid": "06c7d61a-8d4b-4079-a17a-6b7d3fff3bb1", "value": "98304:ZHtTFfZQGoHv28k8Wjbd9K7xq3p80gJx3xsso5pUYdkIuq1:BtTFce8CP77K0CbUpmo1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195462", "to_ids": false, "type": "size-in-bytes", "uuid": "841d85fd-e4d3-4046-81ba-fbd80dbe0047", "value": "4970496" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195462", "to_ids": true, "type": "vhash", "uuid": "3fd8851a-d091-4549-a59d-282440d43258", "value": "1460c6755d15751550151bz1=zf7" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195462", "to_ids": true, "type": "filename", "uuid": "3f10caa8-090f-4137-8a62-91c7a4ba4dd6", "value": "libcef.dll" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 09/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195462", "to_ids": false, "type": "text", "uuid": "8b2eb3ae-b6fb-4763-bcfb-0ea34802803e", "value": "trojan: vmprotected\r\nType Description: Win32 DLL\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: Program:Win32/Wacapew.C!ml\nSentinelOne: Static AI - Suspicious PE\nVT Total Detection:48/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257010", "uuid": "0f2d125f-5e69-41cf-9bfe-ce36b1a5aef2", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257010", "to_ids": true, "type": "md5", "uuid": "458f0dfb-58b1-4080-bba6-c578fa040da8", "value": "2899b2ad40a1b88095cf1b62c3b27c47", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196977", "to_ids": true, "type": "sha1", "uuid": "e0b91c21-7934-41b7-b3e0-f9338c8635a1", "value": "dc3d7b1fc4dd2dafc9ccd148bf8b08f9e2c13f01", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196978", "to_ids": true, "type": "sha256", "uuid": "73825530-05f8-4883-8975-1913d4d1c942", "value": "fe86e1fff0afefd79de4fd26f041757495c5fadd116400699411a200978f0e41", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195484", "to_ids": true, "type": "ssdeep", "uuid": "cf6e17bf-2695-4f88-a717-e7d78d3bf2af", "value": "1572864:4oSA0QBbuuGska9/nbB9FJ0gMA8kdPKZ9cll2tKjFf0FGiOLuoRU:4hVQl85ADxJokw95M1iGi3O" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195484", "to_ids": false, "type": "size-in-bytes", "uuid": "e955b116-0d01-485c-ac09-61ea91c36feb", "value": "72824832" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195484", "to_ids": true, "type": "vhash", "uuid": "db1adb3e-52e5-4790-9990-9517e97fb29a", "value": "a63ffeb1384b2f28af105cd7e56e1a31" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195484", "to_ids": true, "type": "filename", "uuid": "21ab9ff5-40d7-4706-8760-b3050fa3ad2d", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 17/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195484", "to_ids": false, "type": "text", "uuid": "587d1401-f081-4449-8a46-9742d0016a51", "value": "Trojan\r\nType Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: Trojan:Win32/Alevaul!rfn\nSentinelOne: None\nVT Total Detection:9/60" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257031", "uuid": "0ce5902c-5b6c-4410-9c84-cae8050499a8", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257031", "to_ids": true, "type": "md5", "uuid": "78f54d9d-2111-4afe-b8ed-b1c62caa34b0", "value": "613e8da8d5bd874f75c356516945af23", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196978", "to_ids": true, "type": "sha1", "uuid": "80a70d97-b479-4026-96d5-15b9f050227a", "value": "1ba656663de62626f80bc5feae17d82379445a7d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196978", "to_ids": true, "type": "sha256", "uuid": "25d8798d-c020-4dd2-a631-e00d3c4f0206", "value": "e09056567f146da73aa0c4266a15cd61655e4402146b75a836d1c92926cd37c4", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195506", "to_ids": true, "type": "ssdeep", "uuid": "1cc02c0b-441f-4f1c-875c-b38229c3f96f", "value": "1572864:/dGx0lFZc5KssedqDOpVpWk1qzecDyNPRyjJ1PBKswaiP1CjcbE:/4ejcMedkObgMseLP4jjPYsw0" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195506", "to_ids": false, "type": "size-in-bytes", "uuid": "ac07006c-bf8e-4c40-b5e3-56faf320ee46", "value": "79261184" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195506", "to_ids": true, "type": "vhash", "uuid": "c295ecab-65e9-4aa4-846c-8c4de2e823ed", "value": "56e2107d1e62d849593dfa6e10856c43" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195506", "to_ids": true, "type": "filename", "uuid": "555bf12d-ee3c-48ce-b647-dbd6e083f6c5", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 02/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195506", "to_ids": false, "type": "text", "uuid": "111297c7-59c9-4241-a53e-5b4bbc51fecd", "value": "Trojan\r\nType Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:10/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257052", "uuid": "3c234a18-cd12-4251-8629-6286e377b856", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 1 Loader", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257052", "to_ids": true, "type": "md5", "uuid": "7c92ac35-6c7e-4625-afa0-19c61c7912a5", "value": "ab3f71731d4ef298d5cf75ff281d9f57", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 1 Loader", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196980", "to_ids": true, "type": "sha1", "uuid": "dc4ee7dd-0ad2-4d97-9b99-3ae8a2e45534", "value": "039f27ddb56dabda9c1aed8559e44bc88ff5d83e", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 1 Loader", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196980", "to_ids": true, "type": "sha256", "uuid": "d5b80048-4ea8-4c48-aae3-bba9ec4a5973", "value": "29163c8afb477b27f700e1c5eac694a6cbb816a86c8eadbbbac6ba5c034a9c96", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195528", "to_ids": true, "type": "ssdeep", "uuid": "ff4eb4e0-1221-4165-8066-e63ab0f348f4", "value": "3145728:UA4ohGBl0b63dCzGojnb3+iu0JDejdn0OMtr:RzhGBL3sVnT+EI9w" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195528", "to_ids": false, "type": "size-in-bytes", "uuid": "48109b73-79d4-4354-ad0e-dd2c515da8d8", "value": "126918771" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195528", "to_ids": true, "type": "vhash", "uuid": "141d2a15-2e27-4f5f-9f9b-8f1364d67810", "value": "018046655d1511z13zb00521f5z3035z72z32fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195528", "to_ids": true, "type": "filename", "uuid": "6bb34d48-c5ee-4eb8-a415-f7ebb874f76e", "value": "7ZSfxMod_x86.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 28/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195528", "to_ids": false, "type": "text", "uuid": "1d4d4918-fb0c-45d8-b9eb-7a30b3c6ff26", "value": "Stage 1 Loader\r\nType Description: Win32 EXE\nSymantec: Trojan.Gen.MBT\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:27/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257074", "uuid": "b35fc9c8-0cc6-4366-8c27-3f39c2184085", "Attribute": [ { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257074", "to_ids": true, "type": "md5", "uuid": "eb934939-fc17-4557-94ab-27a9fa0c0460", "value": "eb45d147bc069cdbf0a1e6e2a1b62060", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196982", "to_ids": true, "type": "sha1", "uuid": "db721f34-cf58-4af2-bbf4-a1d837776e2f", "value": "2de61aabd799baade29d9643786e5c1e17f290e4", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Stage 2 Trojan: Gh0stRAT", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196982", "to_ids": true, "type": "sha256", "uuid": "a1ffca6c-ea6a-414b-978f-798f5a082b30", "value": "443a4ce93232d56f0d1d15e6875f7eff5fc581f25df320e277608be0d1148fa1", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195549", "to_ids": true, "type": "ssdeep", "uuid": "a7e13fd7-6d0b-4304-8b47-48f1934f1c26", "value": "6144:qMBBwDbYhqu/pxHyYubw4gRaGQ9u0Qj8yUI:FDwDbY8iKbw4gRaGQU0S" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195549", "to_ids": false, "type": "size-in-bytes", "uuid": "e561af75-c064-44cf-8c11-4fa85158fab4", "value": "199680" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195549", "to_ids": true, "type": "vhash", "uuid": "14329765-ccb9-4a90-8100-4560a4ef21fc", "value": "115056655d15555145zc008a7z503013z12z133z1176z1" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 05/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195549", "to_ids": false, "type": "text", "uuid": "bfd50629-dbc4-49c9-991c-1a05228cfb49", "value": "Stage 2 Trojan: Gh0stRAT\r\nType Description: Win32 DLL\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: Trojan:Win32/Farfli.AG!MTB\nSentinelOne: None\nVT Total Detection:56/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257095", "uuid": "30d118bb-58ce-41e4-ac36-c3241515a0e5", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257095", "to_ids": true, "type": "md5", "uuid": "e3f08a08-e3de-4bac-a602-036eb430c357", "value": "04e10106ac896b04c945b966c4d37d7e", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196983", "to_ids": true, "type": "sha1", "uuid": "05097a2a-0b91-416c-b4d1-26dbfeb8ffb1", "value": "aa24f97211eba8e1a689de9f14f9d67963bc701c", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196983", "to_ids": true, "type": "sha256", "uuid": "a5f75f6a-e099-4225-9b51-72d033a53bad", "value": "73083665902ccc0cf7cbd48af24ecd62205ff2f0970e3206f6f9be5ae096bc46", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195571", "to_ids": true, "type": "ssdeep", "uuid": "4ad6629a-9a0c-4e40-9202-478776f131c7", "value": "1572864:+7B59l80xy4p3DxTeTo51A7j8bWYNpY0upSYSINnmgNSg3VnAp/W3:u/l80Icl1Mgbb28vINnmgggmp/W3" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195571", "to_ids": false, "type": "size-in-bytes", "uuid": "5479acbc-6a6f-4359-92cf-b76272723b45", "value": "79239819" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195571", "to_ids": true, "type": "vhash", "uuid": "1156d004-e6bb-40cb-b360-893f9f9ae089", "value": "61c04fcdd4d0c7cc68aaddab92aa1273" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195571", "to_ids": true, "type": "filename", "uuid": "0a2287b2-1073-422e-9cc1-9e1f0b855db0", "value": "fah-0.zip" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 16/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195571", "to_ids": false, "type": "text", "uuid": "f74291c8-fb3f-4d90-9535-55e0bd97c67b", "value": "Type Description: ZIP\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:11/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257116", "uuid": "e87402a7-d0a1-47ee-8ca1-f8fdc706fa7d", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257116", "to_ids": true, "type": "md5", "uuid": "30c27325-c0e2-4bb2-ae11-59a669d9f635", "value": "7bcc4735ef3192c2e3fec26214a7deaf", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196984", "to_ids": true, "type": "sha1", "uuid": "9d3e7c92-630e-43fb-8525-7a5830ce440f", "value": "687210aa4a7df15716e68aa739225b7b2c44fe7c", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196984", "to_ids": true, "type": "sha256", "uuid": "981707ce-457a-4412-970f-2337841651bd", "value": "a099f02c95b99abfcb3825d795797a11d69a08dc0d95e9171325dc13a9bcd796", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195593", "to_ids": true, "type": "ssdeep", "uuid": "935aacb7-6bd2-4aec-a3aa-4335ea0b73b3", "value": "1572864:NvRw/NRLX2O/6GCrxJmAcBOFXFaPBUb7qjWy2+gjEegABtMQ7yOhk7O5p:NJwnLX2OArxJC20Jsw7ABtMQGOL5p" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195593", "to_ids": false, "type": "size-in-bytes", "uuid": "273cb509-75c4-4482-afab-89a5db707696", "value": "87333888" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195593", "to_ids": true, "type": "vhash", "uuid": "acdc79a1-f306-4fe0-9da3-7b4b05c8a03b", "value": "8c7ae282ceb429cee3f838b4a0471bef" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195593", "to_ids": true, "type": "filename", "uuid": "cc1eb5a2-d621-4822-bf3c-205809b9e3ea", "value": "fah-0.msi" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 03/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195593", "to_ids": false, "type": "text", "uuid": "a89561cb-6133-4105-a021-bc837ccb6dfa", "value": "Type Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:12/62" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257137", "uuid": "85141225-4174-4278-9c8f-81991da8fe67", "Attribute": [ { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257137", "to_ids": true, "type": "md5", "uuid": "57da8540-cf22-4e6b-9409-061befc84207", "value": "a2f6f0c8c2db9db764e887eb069e0f26", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196986", "to_ids": true, "type": "sha1", "uuid": "5e482aa4-f164-414a-a673-cca8b382b7fb", "value": "77597d1c5c89abe97066c7dd07b65efe43c79c98", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "Trojan", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196986", "to_ids": true, "type": "sha256", "uuid": "4f3bf258-1106-4d2e-a6ad-fc121500c80e", "value": "bfb90dfe0d6b4342489c4e8aa9c5ef803e462e0b451cb9ad016f2afba39fedf9", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195636", "to_ids": true, "type": "ssdeep", "uuid": "55516931-edfb-49c2-88d9-1ee8c9910bf4", "value": "3145728:YZVQAoj4e7W3/pKzRbtEYW3810Fjk7/MZ0V9S8GX:SV/B2ltmM1WaxV9vG" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195636", "to_ids": false, "type": "size-in-bytes", "uuid": "8d388ae5-2cbe-4096-835c-7ad2d41ec579", "value": "105282048" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195636", "to_ids": true, "type": "vhash", "uuid": "8a49dffd-a477-4011-9dc7-088a67d64f8a", "value": "b9264977b4f797d19ce506c6928257e9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195636", "to_ids": true, "type": "filename", "uuid": "74756698-d1e6-4831-b650-99a76cbac206", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 15/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195636", "to_ids": false, "type": "text", "uuid": "6a559880-7760-4aac-b06d-7cfed21e4d78", "value": "Trojan\r\nType Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:13/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257159", "uuid": "87f8041d-5045-45d8-8660-450e72cfb618", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257159", "to_ids": true, "type": "md5", "uuid": "5be061f8-1deb-465b-ae15-f4c44017dd83", "value": "b243796d0ae645b439daf2e0a88f5c57", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196987", "to_ids": true, "type": "sha1", "uuid": "7684c8bf-6616-42bb-86f5-07869d5276a6", "value": "d5adb38c70a118aa58869cee0ec6d0962e6a11a5", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196987", "to_ids": true, "type": "sha256", "uuid": "f46bd9fd-2320-4851-b5a0-9023804692f1", "value": "1f58903b39f58568589776333d2752957c1dd1a2c5296fd2fd5343560f6be860", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195658", "to_ids": true, "type": "ssdeep", "uuid": "f66b13b1-1ea5-46a0-8032-9923be74efb4", "value": "393216:GRBi0lwDQiv9woVsxGxbiDDzWzmJ/2inHWazagVdtBrx8wXpZVYcs4:ABBuEivyoWG0DDzWCgin/tB97YK" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195658", "to_ids": false, "type": "size-in-bytes", "uuid": "e8b74c4d-9f3f-4a8c-a6b3-2f3aaf234612", "value": "32211968" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195658", "to_ids": true, "type": "vhash", "uuid": "25c4f5f2-b888-422f-9d8f-563b64587ec6", "value": "037056655d755550e1z1005200976z18045z70500b5fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195658", "to_ids": true, "type": "filename", "uuid": "1bd474f0-33f6-44e4-8c09-065685d2fa49", "value": "letspn-latest.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 29/12/2024", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195658", "to_ids": false, "type": "text", "uuid": "e7fdf52a-ac6e-41c4-8ad2-3d1a18657175", "value": "Type Description: Win32 EXE\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: n/a\nVT Total Detection:44/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257180", "uuid": "c27a26d3-6d6e-46f9-a3cf-8169f906e08e", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257180", "to_ids": true, "type": "md5", "uuid": "8c0031a8-b4fe-4292-aaee-bb76726c3dd9", "value": "8ca197b33b8e2cab6a4d12703918b37a", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196989", "to_ids": true, "type": "sha1", "uuid": "2bd9d1bc-d15a-4854-bc45-507e81e260bd", "value": "b064c39b94a0b9deea2154d050deb827b5d7c4c8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196989", "to_ids": true, "type": "sha256", "uuid": "46a4833b-eb19-4831-9f70-1e5032f9f2d9", "value": "9ba254138f5e79354334a0deb48e38d04fa3754ac43b4a2adc388f81705ef044", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195679", "to_ids": true, "type": "ssdeep", "uuid": "7e8f0f6b-b4e8-4a3d-885e-ebdc2dfb74a7", "value": "98304:jJo6Z+bQUXDTCcawv6GXKKAsiCBudpDEXgklJ498:jJLMQUz1aw/XtAsiCvxE9" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195679", "to_ids": false, "type": "size-in-bytes", "uuid": "0c5ba371-a6c5-4641-a63e-2faea6e10c0d", "value": "5275648" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195679", "to_ids": true, "type": "vhash", "uuid": "0a4119e1-1514-4560-bb63-e3f7d52d63fa", "value": "cb73e8b4e1c8a3f18cfa5f91254a091c" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 03/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195679", "to_ids": false, "type": "text", "uuid": "3cd3a39f-d872-4b3a-8d8b-83a424bda29a", "value": "Type Descriptio%WINDIR%\\Installer\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:6/61" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257202", "uuid": "678f9dad-752b-455e-9522-215e1bec7dfa", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257202", "to_ids": true, "type": "md5", "uuid": "9f68aa70-cf46-4afb-928a-a7e54efa1ec7", "value": "09211445f61851d2b2c911d7cf4e6595", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196990", "to_ids": true, "type": "sha1", "uuid": "0fe593ef-e70d-4201-9fcd-f8de27feea26", "value": "093c1bfd12380aaacec5f3656f415c94df745e6b", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196990", "to_ids": true, "type": "sha256", "uuid": "1167c06a-b68d-42bd-ab45-c68b86457383", "value": "c7ba88724118bacaad78ff46794b6d2ebb7f1c55753d95249f6bcd0c49a8cd74", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195701", "to_ids": true, "type": "ssdeep", "uuid": "b314ebc8-fe04-487b-b91c-6d332b05a977", "value": "6144:kKtL0RSVgMoEao8ItdKwzBFdYmT+xmCiRLBVMLhkM:htwSqEao8It4wlDCxm/Yx" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195701", "to_ids": false, "type": "size-in-bytes", "uuid": "57c25d68-a50e-4302-aa28-fb4ec8e5914f", "value": "389632" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195701", "to_ids": true, "type": "vhash", "uuid": "7c8c88a4-8a21-4b58-a415-5187e5ae39db", "value": "035056655d15555165zc00a87z5015z12z163z1177z" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195701", "to_ids": true, "type": "filename", "uuid": "d13d5c31-e8fa-4ba6-83e9-6fec75fdac29", "value": "payload" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 07/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195701", "to_ids": false, "type": "text", "uuid": "ebbd9b26-9907-44e8-a5dc-4b82530d7201", "value": "Type Description: Win32 EXE\nSymantec: ML.Attribute.HighConfidence\nMicrosoft: Trojan:Win64/GhostRAT!MTB\nSentinelOne: None\nVT Total Detection:45/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257223", "uuid": "55af3c44-fec6-48af-8713-d8e0763757dc", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257223", "to_ids": true, "type": "md5", "uuid": "bec8fbb9-c79b-4966-8e41-d52639303da1", "value": "2a71873faeb7233dde7355fa2fcc09bb", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196992", "to_ids": true, "type": "sha1", "uuid": "a763a1ab-e54f-4cbc-9712-d646279e71de", "value": "2c855669671ab401ea593b9181bf1fa1ef7ce515", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196992", "to_ids": true, "type": "sha256", "uuid": "08c4a489-0572-4fa8-913a-14291b07796b", "value": "1a48a730cdd4982a5ac0b44984d70253eab9ea070285d9fc2124c83270576cf4", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195723", "to_ids": true, "type": "ssdeep", "uuid": "5eac051c-1bb0-49a5-9832-69902c1249c5", "value": "196608:NDu1D0qvxAkpwDStB3amOTZYeq/XBBvw50jRpnkLVijbfe88Tvs6cwazzt3vJamk:KvquwDs36Tueq/X0iHkL2bl8TvDcPN32" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195723", "to_ids": false, "type": "size-in-bytes", "uuid": "617c3470-8824-484d-a28e-7e156cbfece2", "value": "11657252" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195723", "to_ids": true, "type": "vhash", "uuid": "6bda05a9-2c3d-4eeb-b3c9-bf90446cf5aa", "value": "af1fe0f647bf7a484b5cd30861695251" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195723", "to_ids": true, "type": "filename", "uuid": "02805fe0-9194-4dce-adaf-f97b6b64cecc", "value": "QuarkUpdaterSetup_fuzz_1.rar" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 14/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195723", "to_ids": false, "type": "text", "uuid": "29f691dd-2deb-4362-81ec-e4b12b0e9553", "value": "Type Description: RAR\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:2/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1747981728", "uuid": "0949c76a-0834-4474-961c-7e065bdd6f43", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1747981728", "to_ids": true, "type": "md5", "uuid": "e243b7f4-73b9-48f3-844c-f0e154717459", "value": "e0ee7714d5e8fdf946fc92f7cf125468", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1747981728", "to_ids": true, "type": "sha1", "uuid": "c7d1eb65-7cd5-4c05-a340-b2e3b25cfb02", "value": "ced7895ebab661e5aea524a2bf75f022fc23d9ab", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1747981728", "to_ids": true, "type": "sha256", "uuid": "b1aef208-7da3-4b72-954f-200f76cde5f3", "value": "f8c117a65e11fd370cb0673d1066af3415dfd9c8fde98225498f6e4ac92c213e", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195745", "to_ids": true, "type": "ssdeep", "uuid": "b46a224c-2e46-46a7-b686-ac1f8367481d", "value": "196608:HAXsnyOEfOrHvhhIx6Q7w7teoCjjxJ+T4FZgli7IXAj+Ev1IZmR:kkyDUHvhhpQDu4FwetNyu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195745", "to_ids": false, "type": "size-in-bytes", "uuid": "adf60d17-ac14-4bda-8c48-bcb1b9561145", "value": "14594544" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195745", "to_ids": true, "type": "vhash", "uuid": "455a96f4-712c-46ca-bf15-86104d69ae2a", "value": "0170b6656d5565501d166468zd53z11ze0f3z1050200113z18zc" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195745", "to_ids": true, "type": "filename", "uuid": "21f66f1d-4a68-42bd-af82-8f32fccdbf73", "value": "Chromium" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 18/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195745", "to_ids": false, "type": "text", "uuid": "3282b3ad-c70f-455b-a279-81f12a146d0a", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:7/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257265", "uuid": "002d35d1-9cb7-4c8a-beab-4173e19d894a", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257265", "to_ids": true, "type": "md5", "uuid": "d2cd68f2-1763-43c4-ae38-7d99061bf1fa", "value": "22c73d67863a8119dbbf5107676d5aad", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196995", "to_ids": true, "type": "sha1", "uuid": "5a03a075-6c6f-4d78-889b-990aed30c2f0", "value": "8ae2908631f8a1f8be84f911a0ca4a896ef7d7ae", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196995", "to_ids": true, "type": "sha256", "uuid": "5cb63a91-6566-4240-ad0d-68b691f52b8e", "value": "215872ff03e4a9d0baf12643b94d8cb60a5dba86153fa05148bd52344567e030", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195767", "to_ids": true, "type": "ssdeep", "uuid": "5c0c259c-93a9-46bd-9989-79f29286f625", "value": "1572864:6hSTLj9HVn/kWgEWVOBJ40y1RDRKOBYNF29d0fYnjGxgGVP0DAro2y65CE2yv:ltYJsH4V1RDQOB2E9afoG2Gton2f5V" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195767", "to_ids": false, "type": "size-in-bytes", "uuid": "40a1bb9e-05f7-450c-b05c-fd2a5053c6ba", "value": "120302558" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195767", "to_ids": true, "type": "vhash", "uuid": "47b32030-1e39-4d9c-b1ae-b4b51b566de3", "value": "26abeb595dc49dd7c7aced4c26b25683" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195767", "to_ids": true, "type": "filename", "uuid": "70088c6d-919c-4b49-993f-998b499b82f3", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 16/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195767", "to_ids": false, "type": "text", "uuid": "f78c7ce2-d5b3-42aa-94ab-8aba51abaddb", "value": "Type Description: ZIP\nSymantec: None\nMicrosoft: Trojan:Script/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:17/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257288", "uuid": "31db4b8f-f7fe-457d-9c7e-6abae5f10f62", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257288", "to_ids": true, "type": "md5", "uuid": "4ec0cef5-41a0-441d-a79c-e829e54e543c", "value": "c386f5099678775232ceb489e54e1ce8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196997", "to_ids": true, "type": "sha1", "uuid": "43b1ffc2-f1c7-4ce5-88d5-9dd531d8d891", "value": "7184ce15f39371e902780f3a08ba98c0ab1b61e2", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196997", "to_ids": true, "type": "sha256", "uuid": "29b83484-93d2-4632-a5be-ae592b04a438", "value": "d5b9d07f1aa0bf738521db66439d448913da86420f2c2a0753e35ba6b63a393a", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195789", "to_ids": true, "type": "ssdeep", "uuid": "70a6ab51-92e6-40b6-82b1-a42e50f2cb26", "value": "1572864:/3kGS9hP/7sE6FOpZBWGe+/6q+FehatlGpCYyEZXQMm3fa7irim+2xin92fqg:ecGbmu6HFehEsw0Zfma2r9N8Qf" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195789", "to_ids": false, "type": "size-in-bytes", "uuid": "5195006e-cca3-4ed0-b167-a68c20597ad7", "value": "120999216" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195789", "to_ids": true, "type": "vhash", "uuid": "872271ef-e36d-4963-b123-e6b89e8e4a73", "value": "018056655d15551028z4fhz13z8fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195789", "to_ids": true, "type": "filename", "uuid": "93b57867-8364-4f96-9476-94abf9b02ef9", "value": "suf_launch.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 16/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195789", "to_ids": false, "type": "text", "uuid": "a3f70da7-8cfb-48ab-9b5a-2f0a0b5fa683", "value": "Type Description: Win32 EXE\nSymantec: Trojan.Gen.MBT\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:19/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257309", "uuid": "254a39e7-2019-490f-a955-8a4477ce3c75", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257309", "to_ids": true, "type": "md5", "uuid": "b8138f30-20af-47de-a8b5-708d11048624", "value": "73ae87c242bf606a0c465305a1ed4344", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737196998", "to_ids": true, "type": "sha1", "uuid": "eb72e98a-b17b-4fe9-a019-24ce8e81d6f6", "value": "910948275f9762b229ca31587e75510d46e28007", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737196998", "to_ids": true, "type": "sha256", "uuid": "5abf882f-5967-4b3e-a355-cacf376fd32b", "value": "134cba7e74c243b3f58535fd224f14a637445e176a5017a8d2938f357a88e9cb", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195810", "to_ids": true, "type": "ssdeep", "uuid": "ee54947a-12dd-4e59-a6b6-2fe6eebe2885", "value": "1572864:8TiKxhbw7bTNP1bQ54Uw3U4c1J1fFWxG/s4Til05zEBkIJJhgxZjdnoAeR1ylVkd:9KxpwXT9ugk4c1JRFWAKV/nAjdno1ylG" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195810", "to_ids": false, "type": "size-in-bytes", "uuid": "d11aa01d-7a08-4161-a794-7e3d47997e52", "value": "89104256" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195810", "to_ids": true, "type": "vhash", "uuid": "a9ba14b2-bc9b-40ac-be29-15b02ae9b24c", "value": "7f5e65a935664f0a264b85bda8f5107c" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195810", "to_ids": true, "type": "filename", "uuid": "b5dc9dac-af2b-4be6-9b3d-0dfc5628be96", "value": "filename" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 16/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195810", "to_ids": false, "type": "text", "uuid": "1cc494b4-6afd-4823-9c87-0a49c49dd136", "value": "Type Description: RAR\nSymantec: Trojan.Gen.MBT\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:29/64" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257330", "uuid": "c94f4668-c5c2-4cd9-9700-05c420e39968", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257330", "to_ids": true, "type": "md5", "uuid": "16f3cf7e-5106-49dd-80c8-1866b37e0239", "value": "42ca3f9227ec84b8779a63e2b16faed8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197000", "to_ids": true, "type": "sha1", "uuid": "f11fe71d-14c5-4780-ba6a-5bc647c325c2", "value": "e79e2ae69666b92c905f72229f16413fc3d7f527", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197000", "to_ids": true, "type": "sha256", "uuid": "4cd45a2a-0d98-4355-8ec0-fd57b6972d05", "value": "3823cc7228d7d8f75f007a4eafc0e4f4f1789ce26a6e1ca15c5045e17810396d", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195832", "to_ids": true, "type": "ssdeep", "uuid": "b531ede5-65ca-4991-8829-35d91ba68733", "value": "1572864:/+oUCxZJ+a4I7C6Jj5Dabu77YZYbro0yV7y3x7WDxHXYgm/PApb:/BlFpp7Dj52KfYZyLygx7WF3Yh/IR" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195832", "to_ids": false, "type": "size-in-bytes", "uuid": "c531f7ec-64da-44af-85c5-ea507b2430bd", "value": "91868552" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195832", "to_ids": true, "type": "vhash", "uuid": "1ca2d791-0ff0-49da-95e3-cb7f0fafa701", "value": "097076657d15651575510022z7200b76z230e5zc0600e21z4019z" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195832", "to_ids": true, "type": "filename", "uuid": "8b428b3f-ad5d-4b2a-ab2b-b87433a59550", "value": "ToDesk_Setup.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 14/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195832", "to_ids": false, "type": "text", "uuid": "d66ed9b7-ecce-4b66-a617-0ac3370f89e7", "value": "Type Description: Win32 EXE\nSymantec: Trojan.Gen.MBT\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:34/70" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257352", "uuid": "0167c475-d4ad-492a-839c-8d13a2319369", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257352", "to_ids": true, "type": "md5", "uuid": "fc9abd34-45bb-4507-b41d-db575670f748", "value": "14278ea71b9992c4de330272d4eef90b", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197001", "to_ids": true, "type": "sha1", "uuid": "4566aa15-9cb6-475c-939d-d1fd1da4a79e", "value": "6c956264217dd8072f2331765f0002e663324534", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197001", "to_ids": true, "type": "sha256", "uuid": "7cc056e9-9e71-4072-a988-2ef82af362b8", "value": "ffe3be504d0a89ace9271a6a1fc51f6b0539903a10b1bf89285875606852ba65", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195853", "to_ids": true, "type": "ssdeep", "uuid": "22bf01e1-06eb-4f5d-84dc-539335f1182b", "value": "393216:Ad0L/JDFIV3NN48qpoAbrW3Vrh2tJ5roYFR7IXsmWnKndsbFwVHJAMvOON4QTX9D:Ad0I9Ar0VG5MYFZGhWKnmaQsKi7YR/6t" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195853", "to_ids": false, "type": "size-in-bytes", "uuid": "d969b687-d643-4a4b-a6f0-d6b466300f31", "value": "27952047" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195853", "to_ids": true, "type": "vhash", "uuid": "dececdd6-5a14-474b-9fea-d7d1d8e29386", "value": "d79e6d73ceb9f332256ca447c672f3b1" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195853", "to_ids": true, "type": "filename", "uuid": "c204581f-0fde-4266-ab5c-8228a7fde40c", "value": "%E9%9B%B7%E7%94%B5%E6%A8%A1%E6%8B%9F%E5%99%A8.zip" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 13/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195853", "to_ids": false, "type": "text", "uuid": "a5460a3b-7181-46e6-9b54-053a72d99490", "value": "Type Description: ZIP\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:9/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257373", "uuid": "14c24604-3f22-408b-b681-257742a230ad", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257373", "to_ids": true, "type": "md5", "uuid": "b7e3a41a-3463-4330-a69d-71f4caf27733", "value": "7312031130717f32fb09c7e602f831f3", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197003", "to_ids": true, "type": "sha1", "uuid": "9d7f9f4a-48be-4131-895c-a8eaec7b0c3f", "value": "9272bbba4ea4e3a8876d3b6644e72b55b0306ab9", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197003", "to_ids": true, "type": "sha256", "uuid": "f681336b-c439-48e6-94fd-d3c138522d22", "value": "e34fd0f5fbc5f09f55ccdf2e6a5f70215c8686f9c83c45f421ac2a475d8bfd47", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195875", "to_ids": true, "type": "ssdeep", "uuid": "476e5887-f117-425a-a4a5-388adeeb2b88", "value": "393216:6mJM+TNl4kKw3Iq7/bRaBf8N8+bdIYFus4LQy9dqWEPRTcHrIGKPSw:5XYqDlqfS1C1syiWycLNK9" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195875", "to_ids": false, "type": "size-in-bytes", "uuid": "27aada47-c9cb-46d3-849c-7ea5d38f8a8b", "value": "22259952" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195875", "to_ids": true, "type": "vhash", "uuid": "47cd637b-af99-41b1-a585-dbb0984eaa5f", "value": "027046655d151028z51hz13z8fz" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195875", "to_ids": true, "type": "filename", "uuid": "266af790-6d4f-45bb-87ad-5084574e473d", "value": "suf80_launch.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 16/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195875", "to_ids": false, "type": "text", "uuid": "bfe4f400-1b8c-4428-b783-780aef5fa7af", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: Trojan:Win32/Wacatac.B!ml\nSentinelOne: None\nVT Total Detection:16/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257395", "uuid": "fabc1c70-5a20-46f8-9763-6b04c6109fca", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257395", "to_ids": true, "type": "md5", "uuid": "9716fae5-76f4-4780-aba2-9c7ee0d89c91", "value": "f188454bfbc5ac5e2ab171f4a6ac3490", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197004", "to_ids": true, "type": "sha1", "uuid": "9ff7e9b8-5af7-4fdb-81df-11e4bc93fff9", "value": "073bbcdba33d6d1649a2ebd1292c9a3993335751", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197004", "to_ids": true, "type": "sha256", "uuid": "b58cb49e-325e-487a-bd03-75c5f64d86b7", "value": "65049df06de78a4fda14d5f07d83eef1b316c0dea0ecfc3dbec7e5e1b7b20754", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195898", "to_ids": true, "type": "ssdeep", "uuid": "9ceeb37c-c010-4db6-9ed7-9ec7efb6e6b2", "value": "393216:4j5S+EEz78tcPVbmBKRdaU1pdS8xEFD1/VAInDbfQ6UjyRqvs4HHy+4BqN:CS+E+7821mBcsU19EFp/VAIDLIfdHwc" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195898", "to_ids": false, "type": "size-in-bytes", "uuid": "1ac7ec22-414c-4132-a1d2-506760463396", "value": "26108869" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195898", "to_ids": true, "type": "vhash", "uuid": "6ed1dee0-c0e4-4003-86fc-3a016954e3ea", "value": "0270b6666d5c0d5d151c00d016z699zbaz1fz2" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195898", "to_ids": true, "type": "filename", "uuid": "d9a2fcab-b329-4c48-8289-dce7a004357d", "value": "k3.2.6.0\u5347\u7ea7\u7ec4\u4ef6.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 13/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195898", "to_ids": false, "type": "text", "uuid": "70b4e439-6275-4f3f-87f6-7a37928c5b94", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:4/72" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1747981728", "uuid": "61705596-7e92-482a-8e8f-e68e19d2c952", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1747981728", "to_ids": true, "type": "md5", "uuid": "564c9678-56e3-40fd-a800-4bba58563ac4", "value": "eabc234727934ad76f332e7cfb28c80b", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1747981728", "to_ids": true, "type": "sha1", "uuid": "25142ac0-3a35-45a6-b713-86c66270c0c4", "value": "c89d84a40075a2c53da3be5eb17e3fd95d6b7cc8", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1747981728", "to_ids": true, "type": "sha256", "uuid": "538e23d1-5d89-42a7-bc0c-f3eb5d40025e", "value": "5e1d7275b0abd484c15f186690db73c42e861311da3f5f048563636336933b4a", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#220082", "local": false, "name": "rectifyq:samples-found-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195919", "to_ids": true, "type": "ssdeep", "uuid": "d972e09d-6b88-4360-a57e-1469cfee12ca", "value": "393216:m24IY5EzejkCerI8v6sN4hd79bb/wwDkbHdj3LHvFN0eW/Lw4e:m5Ib2kCe0e67jZJwHh3LPFN7" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195919", "to_ids": false, "type": "size-in-bytes", "uuid": "d2c8cdd2-4310-4e94-b68c-492c984467db", "value": "23566848" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195920", "to_ids": true, "type": "vhash", "uuid": "24c836ff-3a52-42e4-a095-db8f48deabc6", "value": "027026755\"z" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195920", "to_ids": true, "type": "filename", "uuid": "000bb96d-bda6-431f-89d3-1c8f08093796", "value": "XMM556.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 17/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195920", "to_ids": false, "type": "text", "uuid": "6fb5b560-fb43-4373-95aa-dea8f27eca81", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: Trojan:Win32/Alevaul!rfn\nSentinelOne: Static AI - Suspicious PE\nVT Total Detection:27/71" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257438", "uuid": "d5ab9c22-fb7b-4097-9a03-ff170312bbde", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257438", "to_ids": true, "type": "md5", "uuid": "7e80ec71-b024-42cb-a704-ca7e79a75539", "value": "5b6f8a136246b4745eb99e056816e702", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197007", "to_ids": true, "type": "sha1", "uuid": "2a606539-8d55-44a7-bfa3-708bbd506bbe", "value": "c6594835b3fbe0beb5f180f1ef39be63a6fec1b5", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197008", "to_ids": true, "type": "sha256", "uuid": "1a0f8544-d7a2-4bee-b824-bc698b6841e1", "value": "86f8239224a0ace2b1e0a2216511b0a0aea1bf055f7cbeca2fcf9c316f3de921", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195942", "to_ids": true, "type": "ssdeep", "uuid": "2b942bb0-9b01-4078-8d88-570fff874bab", "value": "98304:LjdH/mzyWmKmLqjqjmkxIek1nD9zI7ljzsPUWO23DqX8awTZynCoGyw+FYBWk6Rc:Lp/mJmLLAJkmek1nDchvWl3DubRCR1+G" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195942", "to_ids": false, "type": "size-in-bytes", "uuid": "f607ff5f-524d-403c-a738-8b46e8ed7cb3", "value": "5350745" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195942", "to_ids": true, "type": "vhash", "uuid": "27207877-9b03-42dd-b36c-6c293ac47657", "value": "1af29b5095ec18b40b14d0a4d3a9b4f6" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195942", "to_ids": true, "type": "filename", "uuid": "722a6f57-c672-47b2-91d0-397c6918fe90", "value": "Flash_x32.zip" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 14/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195942", "to_ids": false, "type": "text", "uuid": "b81c2cf0-2fbe-4788-993c-37131f5889b1", "value": "Type Description: ZIP\nSymantec: Trojan.Gen.MBT\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:39/66" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "24", "timestamp": "1737257460", "uuid": "b9dd0c21-e7f8-475c-b339-b3ff7ec84d01", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1737257460", "to_ids": true, "type": "md5", "uuid": "d31f5db7-edf2-4f61-ad61-48c57ce098a0", "value": "ae50a5ef3d2cb3b821f87bcba02f154a", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1737197009", "to_ids": true, "type": "sha1", "uuid": "fcd03904-24ef-4989-9fe9-ad3398f9bba7", "value": "748c1c503ff44231535facba2e8e1fc4a1dbb0ae", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1737197009", "to_ids": true, "type": "sha256", "uuid": "b5a3d558-04ad-49c4-bf1d-dc552a8d260c", "value": "2901ca8eefd1d431d25f3d45dbf42dc48136b74692801ca0f6b606541d645baf", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#e87d07", "local": false, "name": "verify-require=epp", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1737195963", "to_ids": true, "type": "ssdeep", "uuid": "e2aa73f7-d437-4060-9f72-3af5c357a513", "value": "196608:aXDIQDGFFG25kKd+VDsIjfcPJ3MhpZLBW1sG4DYTiPZDjSCsI2Cjp9VoR5:aXDDDGFgOd8jf0eLBkTiPZD2CsI/vm" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1737195963", "to_ids": false, "type": "size-in-bytes", "uuid": "f4d15e28-3ca5-4ef1-a82a-a606ae74aec1", "value": "10106256" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1737195963", "to_ids": true, "type": "vhash", "uuid": "dacd15ba-a39c-4174-9fab-7841189bbf84", "value": "0170b6666d5c0d5d151c00d016z699zbaz1fz2" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1737195963", "to_ids": true, "type": "filename", "uuid": "57c379b6-264b-47f8-afd9-105b8a741763", "value": "setup.exe" }, { "category": "Other", "comment": "Checked: 18/01/2025\nLast-scan\t: 13/01/2025", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1737195963", "to_ids": false, "type": "text", "uuid": "9a6dedcc-522f-4d34-a96e-6e5f6eac1d93", "value": "Type Description: Win32 EXE\nSymantec: None\nMicrosoft: None\nSentinelOne: None\nVT Total Detection:6/72" } ] } ] } }