{ "Event": { "analysis": "2", "date": "2013-01-14", "extends_uuid": "", "info": "[Threat Intel] \u201cRed October\u201d Diplomatic Cyber Attacks Investigation", "protected": false, "publish_timestamp": "1780039712", "published": true, "threat_level_id": "1", "timestamp": "1772901966", "uuid": "e5762a9d-4604-4bff-ba53-14cc0931dc8a", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:region=\"143 - Central Asia\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:region=\"151 - Eastern Europe\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#10003d", "local": false, "name": "rectifyq:sub-category=\"TA-profile\"", "relationship_type": "" }, { "colour": "#d92121", "local": false, "name": "rectifyq:target=\"targeted\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#0aebeb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploitation for Client Execution - T1203\"", "relationship_type": "" }, { "colour": "#b76d96", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Registry Run Keys / Startup Folder - T1547.001\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#1ebce4", "local": false, "name": "misp-galaxy:producer=\"Kaspersky\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317594", "to_ids": false, "type": "link", "uuid": "cf63ebd2-9e22-4db7-9ea9-ac364247c402", "value": "https://securelist.com/red-october-diplomatic-cyber-attacks-investigation/36740/" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317622", "to_ids": false, "type": "threat-actor", "uuid": "91cec422-525d-438e-a017-5126cd87db27", "value": "Red October" }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968825", "to_ids": true, "type": "domain", "uuid": "d2831cee-4f17-4199-b9e1-ee87381eff16", "value": "shellupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968846", "to_ids": true, "type": "domain", "uuid": "8c34103b-5784-4bf1-9aae-bd5616e16771", "value": "msgenuine.net", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968867", "to_ids": true, "type": "domain", "uuid": "89ba2dda-1da7-45ea-827b-7f48d439bcee", "value": "microsoft-msdn.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968889", "to_ids": true, "type": "domain", "uuid": "b8e71978-fc5d-464c-b8ea-334365f9aa6d", "value": "windowsonlineupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968910", "to_ids": true, "type": "domain", "uuid": "362b741f-3e01-4bba-bbb8-153a5bc44c5a", "value": "dll-host-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "registered and sinkholed by Kaspersky Lab", "deleted": false, "disable_correlation": false, "timestamp": "1740968931", "to_ids": true, "type": "domain", "uuid": "ec6bc598-17b2-4534-9610-e8ae8712152d", "value": "windows-genuine.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740968953", "to_ids": true, "type": "domain", "uuid": "7e6a8ff9-1dfb-4af2-9ed7-98156dad5a6d", "value": "nt-windows-online.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "5d84c1a2-2f5b-436e-94a4-c49e991e60bb", "value": "ustuygov_d@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740968974", "to_ids": true, "type": "domain", "uuid": "429c9e5d-b502-4385-99f1-206d6fe0c47e", "value": "genuine-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740968995", "to_ids": true, "type": "domain", "uuid": "b77dd567-9898-40f7-a631-00d1f9c8f59d", "value": "genuineupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "9ab201c1-e835-4ba0-ada1-1263395eb964", "value": "shaven@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969016", "to_ids": true, "type": "domain", "uuid": "dfdc1c4c-1d98-4783-a7b2-1ec7fbe17514", "value": "nt-windows-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969037", "to_ids": true, "type": "domain", "uuid": "9a89d657-75ba-4c37-9ea3-278dee4d0a3f", "value": "nt-windows-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969059", "to_ids": true, "type": "domain", "uuid": "31a4b5e2-85b7-4ace-9573-357a667b7d57", "value": "genuineservicecheck.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "2fffb31b-fdac-496d-817e-4a2ae4d693e0", "value": "zorin_24@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969080", "to_ids": true, "type": "domain", "uuid": "284e907d-3f7e-4a89-ab48-c963335cc461", "value": "svchost-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "b00818d3-1ee8-4f76-8eda-19b48046fbbc", "value": "dkajan@list.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969101", "to_ids": true, "type": "domain", "uuid": "e97c30fb-9121-4835-bf5c-e25b57cd2fc5", "value": "svchost-online.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969122", "to_ids": true, "type": "domain", "uuid": "7d2647e0-712a-4036-a533-dac4809ee962", "value": "microsoftosupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "9abf4c12-cffe-4712-9305-3d7eb7caca5c", "value": "simmutijjk@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969144", "to_ids": true, "type": "domain", "uuid": "05d42578-e4ba-4af3-94cb-3d774751dffc", "value": "microsoftcheck.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969165", "to_ids": true, "type": "domain", "uuid": "3de2e546-4dbc-4440-be32-5004c90c7ccd", "value": "msinfoonline.org", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "5369542f-1d80-4d59-ae74-72ae86722a4d", "value": "stijk@yandex.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "fe42d636-1e69-47f4-9e30-81c704f15705", "value": "kleyton107@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969186", "to_ids": true, "type": "domain", "uuid": "7088f296-5f01-4ea1-a597-d180832bba9b", "value": "win-check-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969207", "to_ids": true, "type": "domain", "uuid": "46acc397-33d9-4aac-a385-a21f5ada21ec", "value": "mobile-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969228", "to_ids": true, "type": "domain", "uuid": "d7fed28d-09e7-41a5-b84b-a1f724e44dc3", "value": "ms-software-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "c2d524e7-6046-4ad2-99d5-a7dbcc7b4d49", "value": "gartovanov@bk.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969249", "to_ids": true, "type": "domain", "uuid": "961b7604-bc2b-4d47-8531-133cc1dad2c4", "value": "ms-software-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "fc01ac6a-efd3-4050-89d5-f32781f52ba2", "value": "nevelskij@bk.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969270", "to_ids": true, "type": "domain", "uuid": "a00eff28-80de-43c7-b2ca-58893cec0c88", "value": "ms-software-genuine.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "0df5de28-e967-4731-b4f5-aea150c2ddc9", "value": "kaliniserg@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969292", "to_ids": true, "type": "domain", "uuid": "302ae263-ce2e-4117-a3b1-a044e64f121a", "value": "windowscheckupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "b262738b-a8b1-4553-8540-ea624bdc2779", "value": "pyshkareva_76@mail.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "2b0d3eb9-c24a-41be-ac0d-4c3a79b850fc", "value": "kolkys@yandex.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969313", "to_ids": true, "type": "domain", "uuid": "ba100a01-2a2b-44d8-94b1-07e2fccf2b02", "value": "csrss-check-new.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969334", "to_ids": true, "type": "domain", "uuid": "e71465c7-602f-4a35-8b81-1bdecfcbe2bc", "value": "csrss-update-new.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317985", "to_ids": true, "type": "email-src", "uuid": "e2e62617-035e-466d-852f-023108b3f038", "value": "kluev.leonid@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969355", "to_ids": true, "type": "domain", "uuid": "43215a33-539e-4d64-8016-22136411118d", "value": "csrss-upgrade-new.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "cfaad901-b825-4aa2-951c-41a05b75f62d", "value": "aleksandriavrov@lenta.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969376", "to_ids": true, "type": "domain", "uuid": "47b7ae6e-e76d-46fc-9126-47252cce4a01", "value": "dil-host-update.com", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969397", "to_ids": true, "type": "domain", "uuid": "07c50abc-7785-41ba-87c7-21e9008b862f", "value": "dil-host-check.com", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969418", "to_ids": true, "type": "domain", "uuid": "0e2b2acc-8902-415a-bf77-babf295286d2", "value": "dll-host.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "92191d9d-8de8-4b18-906f-61f6c3896449", "value": "volinsergej@yandex.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "6b6ba120-a284-4964-b69a-870fe35b246e", "value": "ortov.orloffsergej@yandex.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969440", "to_ids": true, "type": "domain", "uuid": "748628da-41b3-4a71-9464-5dbb420843bb", "value": "win-driver-upgrade.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969461", "to_ids": true, "type": "domain", "uuid": "adf1e588-575b-493e-9b10-f9b873b28c85", "value": "update-genuine.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969481", "to_ids": true, "type": "domain", "uuid": "dd6ac737-5bd9-4f26-ae6f-b937efc30fd3", "value": "svchost-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969503", "to_ids": true, "type": "domain", "uuid": "91c2f85e-e064-41e0-82d9-8d0f2696a6d0", "value": "os-microsoft-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969524", "to_ids": true, "type": "domain", "uuid": "4ab048e3-cd4a-4c7f-8a27-c86d3229a7cf", "value": "xponlineupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "a3cfd03a-66ea-4e8e-80e4-153f8a9d916a", "value": "eherik-kirsti@rambler.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "8b08f46e-ab37-437f-ab81-2ae82191b885", "value": "lykashvadim@rambler.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "d38a208e-6ab9-4c30-b499-c97aabe592e0", "value": "valdas-palajtis@yandex.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "ec7085f9-1d1a-4c2c-afbd-4eed79f5ebf9", "value": "dumkovski@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969545", "to_ids": true, "type": "domain", "uuid": "f3e60a3d-dba7-4d8b-833e-9095cca16fa4", "value": "dil-host-udate.com", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969566", "to_ids": true, "type": "domain", "uuid": "9c1f72ef-3489-4f60-9974-164c65ea0462", "value": "new-driver-upgrade.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "2fa47573-e83f-4e0d-97bc-4c636533e7c1", "value": "deriven@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969587", "to_ids": true, "type": "domain", "uuid": "70cb4876-995d-4780-955d-25236b7af2aa", "value": "dllupdate.info", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969608", "to_ids": true, "type": "domain", "uuid": "d372b781-8fdc-414e-8e76-6a0ee1765faa", "value": "os-microsoft-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "3cb5f5a2-a2fe-4483-bf20-962bea08fdec", "value": "den-syhar@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969629", "to_ids": true, "type": "domain", "uuid": "06b81987-10b5-4462-b765-f1d097c949b1", "value": "wingenuine.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969651", "to_ids": true, "type": "domain", "uuid": "b18649b3-0d11-45ee-bcc1-c1b78389370d", "value": "drivers-update-online.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "983a5e86-9076-445c-98f9-034d4334ce32", "value": "lystenko@inbox.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969672", "to_ids": true, "type": "domain", "uuid": "f5cf42fe-1515-4c54-ab7b-e6692499ff1a", "value": "wins-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "529a2cc3-01ba-4cbb-ab01-202af9b6ba98", "value": "praskyren@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969694", "to_ids": true, "type": "domain", "uuid": "42129590-5ecf-4c34-a0ad-7bf886cdb695", "value": "wins-driver-update.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969715", "to_ids": true, "type": "domain", "uuid": "5cb47aad-4944-460d-a163-1179b6050b9f", "value": "msonlineupdate.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "991d5e6d-8c44-4ad5-99e4-79bc3dff4bc3", "value": "denis-dumkov@rambler.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969736", "to_ids": true, "type": "domain", "uuid": "9ed85cd9-6ffd-4e6f-9f3a-3b47a3eb928a", "value": "wins-driver-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "918076b0-280f-4904-b97c-b7222f30fe8c", "value": "zinin-ant@bk.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969757", "to_ids": true, "type": "domain", "uuid": "debb1d03-4956-40b8-9f80-4aba63354e61", "value": "drivers-check.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "d867b1de-3f09-4605-9e7f-4c0bdc7bd649", "value": "stypin_86@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969778", "to_ids": true, "type": "domain", "uuid": "4dd7474a-562e-4ed4-85ba-62f95bbd39c7", "value": "drivers-get.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "ec83b9f7-51cf-4c11-a0cb-fcc710730f9c", "value": "sidorenko_81@list.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969799", "to_ids": true, "type": "domain", "uuid": "39a17af4-0dc2-4ea8-a8bc-b88ab14025fb", "value": "osgenuine.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "2071f6e6-1c8f-45d9-a74d-e8b63f1b75a7", "value": "vidmans-semenov@yandex.ru" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "6e872e42-00b8-412b-8168-6e7accfe7a52", "value": "bulanov24@yahoo.com" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "9e0d9c66-b844-4a53-867a-866509f86783", "value": "botov_denis@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969820", "to_ids": true, "type": "domain", "uuid": "b8d1b24d-19e3-49e5-b150-f78ed6d23c21", "value": "msonlinecheck.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740317986", "to_ids": true, "type": "email-src", "uuid": "c4410f10-5057-46ab-a8b0-f51818ccbb24", "value": "denis_demidkov@mail.ru" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740969842", "to_ids": true, "type": "domain", "uuid": "1ded7001-ac8f-4ab3-ab64-a97e4c3f08fb", "value": "msonlineget.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740318030", "to_ids": false, "type": "vulnerability", "uuid": "3c2fc917-4884-48bd-a8c8-ffeb353add8d", "value": "CVE-2009-3129" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740318030", "to_ids": false, "type": "vulnerability", "uuid": "dc42c8e5-1768-4103-9029-212ce60311ba", "value": "CVE-2010-3333" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740318030", "to_ids": false, "type": "vulnerability", "uuid": "891da08e-e289-4e9e-9fab-d60a58efaa6e", "value": "CVE-2012-0158" } ] } }