-
Notifications
You must be signed in to change notification settings - Fork 4.9k
/
abusechmalware.ndjson.log-expected.json
785 lines (785 loc) · 40.8 KB
/
abusechmalware.ndjson.log-expected.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
[
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/48a6aee18bcfe9058b35b1018832aef1c9efd8f50ac822f49abb484a5e2a4b1f/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 0,
"related.hash": [
"7871286a8f1f68a14b18ae475683f724",
"48a6aee18bcfe9058b35b1018832aef1c9efd8f50ac822f49abb484a5e2a4b1f",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG5:X5DpBw/KViMTB1MnEWk0115JW",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "7871286a8f1f68a14b18ae475683f724",
"threatintel.indicator.file.hash.sha256": "48a6aee18bcfe9058b35b1018832aef1c9efd8f50ac822f49abb484a5e2a4b1f",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG5:X5DpBw/KViMTB1MnEWk0115JW",
"threatintel.indicator.file.hash.tlsh": "1344D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:14:05.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/ec59538e8de8525b1674b3b8fe0c180ac822145350bcce054ad3fc6b95b1b5a4/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 580,
"related.hash": [
"7b4c77dc293347b467fb860e34515163",
"ec59538e8de8525b1674b3b8fe0c180ac822145350bcce054ad3fc6b95b1b5a4",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGY:X5DpBw/KViMTB1MnEWk0115Jr",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "7b4c77dc293347b467fb860e34515163",
"threatintel.indicator.file.hash.sha256": "ec59538e8de8525b1674b3b8fe0c180ac822145350bcce054ad3fc6b95b1b5a4",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGY:X5DpBw/KViMTB1MnEWk0115Jr",
"threatintel.indicator.file.hash.tlsh": "4E44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:11:41.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 1160,
"related.hash": [
"373d34874d7bc89fd4cefa6272ee80bf",
"b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGG:X5DpBw/KViMTB1MnEWk0115Jd",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.virustotal.link": "https://www.virustotal.com/gui/file/b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7/detection/f-b0e914d",
"threatintel.abusemalware.virustotal.percent": "37.88",
"threatintel.abusemalware.virustotal.result": "25 / 66",
"threatintel.indicator.file.hash.md5": "373d34874d7bc89fd4cefa6272ee80bf",
"threatintel.indicator.file.hash.sha256": "b0e914d1bbe19433cc9df64ea1ca07fe77f7b150b511b786e46e007941a62bd7",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGG:X5DpBw/KViMTB1MnEWk0115Jd",
"threatintel.indicator.file.hash.tlsh": "7544D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:11:22.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/7483e834a73fb6817769596fe4c0fa01d28639f52bbbdc2b8a56c36d466dd7f8/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 1904,
"related.hash": [
"e2e02aae857488dbdbe6631c29abf3f8",
"7483e834a73fb6817769596fe4c0fa01d28639f52bbbdc2b8a56c36d466dd7f8",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ9:0h3eZgRQCcw+MN54dEq7kqRtoLZH",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "e2e02aae857488dbdbe6631c29abf3f8",
"threatintel.indicator.file.hash.sha256": "7483e834a73fb6817769596fe4c0fa01d28639f52bbbdc2b8a56c36d466dd7f8",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ9:0h3eZgRQCcw+MN54dEq7kqRtoLZH",
"threatintel.indicator.file.hash.tlsh": "5554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:11:21.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/760e729426fb115b967a41e5a6f2f42d7a52a5cee74ed99065a6dc39bf89f59b/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 2493,
"related.hash": [
"3e988e32b0c3c230d534e286665b89a5",
"760e729426fb115b967a41e5a6f2f42d7a52a5cee74ed99065a6dc39bf89f59b",
"6:TE6ll8uXi0jIAv6BHvPuA7RKTmOQamsQMGvMQgTYbtsWsQ72hCqPZG/:TTll8uTo5uA7RKtQamsS0QJfsQ7mCR"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "3e988e32b0c3c230d534e286665b89a5",
"threatintel.indicator.file.hash.sha256": "760e729426fb115b967a41e5a6f2f42d7a52a5cee74ed99065a6dc39bf89f59b",
"threatintel.indicator.file.hash.ssdeep": "6:TE6ll8uXi0jIAv6BHvPuA7RKTmOQamsQMGvMQgTYbtsWsQ72hCqPZG/:TTll8uTo5uA7RKtQamsS0QJfsQ7mCR",
"threatintel.indicator.file.hash.tlsh": "3CE0C002AB26C036500D154C221655B3B871911503CA14E6A6824BEA765D4A3290D190",
"threatintel.indicator.file.size": 352,
"threatintel.indicator.file.type": "unknown",
"threatintel.indicator.first_seen": "2021-01-14T06:08:02.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 3054,
"related.hash": [
"dcc20d534cdf29eab03d8148bf728857",
"86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGI:X5DpBw/KViMTB1MnEWk0115JH",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.virustotal.link": "https://www.virustotal.com/gui/file/86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac/detection/f-86655c0",
"threatintel.abusemalware.virustotal.percent": "39.13",
"threatintel.abusemalware.virustotal.result": "27 / 69",
"threatintel.indicator.file.hash.md5": "dcc20d534cdf29eab03d8148bf728857",
"threatintel.indicator.file.hash.sha256": "86655c0bcf9b21b5efc682f58eb80f42811042ba152358e1bfbbb867315a60ac",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGI:X5DpBw/KViMTB1MnEWk0115JH",
"threatintel.indicator.file.hash.tlsh": "0D44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:08:02.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/e91c9e11d3ce4f55fabd7196279367482d2fabfa32df81e614b15fc53b4e26be/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 3798,
"related.hash": [
"f6facbf7a90b9e67a6de9f6634eb40ba",
"e91c9e11d3ce4f55fabd7196279367482d2fabfa32df81e614b15fc53b4e26be",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ1:0h3eZgRQCcw+MN54dEq7kqRtoLZL",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "f6facbf7a90b9e67a6de9f6634eb40ba",
"threatintel.indicator.file.hash.sha256": "e91c9e11d3ce4f55fabd7196279367482d2fabfa32df81e614b15fc53b4e26be",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJ1:0h3eZgRQCcw+MN54dEq7kqRtoLZL",
"threatintel.indicator.file.hash.tlsh": "2554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:53.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/beedbbcacfc34b5edd8c68e3e4acf364992ebbcd989548e09e38fa03c5659bac/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 4387,
"related.hash": [
"44325fd5bdda2e2cdea07c3a39953bb1",
"beedbbcacfc34b5edd8c68e3e4acf364992ebbcd989548e09e38fa03c5659bac",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Jg",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "44325fd5bdda2e2cdea07c3a39953bb1",
"threatintel.indicator.file.hash.sha256": "beedbbcacfc34b5edd8c68e3e4acf364992ebbcd989548e09e38fa03c5659bac",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Jg",
"threatintel.indicator.file.hash.tlsh": "A044D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:41.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/7cba55da723c0e020267a02e6ffc83e03a83701757fc4ec65ea398618ad881cf/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 4967,
"related.hash": [
"4c549051950522a3f1b0814aa9b1f6d1",
"7cba55da723c0e020267a02e6ffc83e03a83701757fc4ec65ea398618ad881cf",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG4:X5DpBw/KViMTB1MnEWk0115Jv",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.signature": "Heodo",
"threatintel.indicator.file.hash.md5": "4c549051950522a3f1b0814aa9b1f6d1",
"threatintel.indicator.file.hash.sha256": "7cba55da723c0e020267a02e6ffc83e03a83701757fc4ec65ea398618ad881cf",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG4:X5DpBw/KViMTB1MnEWk0115Jv",
"threatintel.indicator.file.hash.tlsh": "4544D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:31.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/426be5e085e6bbad8430223dc89d8d3ced497133f8d478fd00005bcbb73399d4/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 5550,
"related.hash": [
"d7333113098d88b6a5dd5b8eb24f9b87",
"426be5e085e6bbad8430223dc89d8d3ced497133f8d478fd00005bcbb73399d4",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJw:0h3eZgRQCcw+MN54dEq7kqRtoLZW",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "d7333113098d88b6a5dd5b8eb24f9b87",
"threatintel.indicator.file.hash.sha256": "426be5e085e6bbad8430223dc89d8d3ced497133f8d478fd00005bcbb73399d4",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJw:0h3eZgRQCcw+MN54dEq7kqRtoLZW",
"threatintel.indicator.file.hash.tlsh": "9454CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:07.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/25093afdaeb3ea000743ab843360a6b64f58c0a1ab950072ba6528056735deb9/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 6139,
"related.hash": [
"c8dbb261c1f450534c3693da2f4b479f",
"25093afdaeb3ea000743ab843360a6b64f58c0a1ab950072ba6528056735deb9",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGe:X5DpBw/KViMTB1MnEWk0115JR",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "c8dbb261c1f450534c3693da2f4b479f",
"threatintel.indicator.file.hash.sha256": "25093afdaeb3ea000743ab843360a6b64f58c0a1ab950072ba6528056735deb9",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGe:X5DpBw/KViMTB1MnEWk0115JR",
"threatintel.indicator.file.hash.tlsh": "F344D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:07.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/b3327a96280365e441057f490df6261c9a2400fd63719eb9a7a0c9db95beecc5/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 6719,
"related.hash": [
"714953f1d0031a4bb2f0c44afd015931",
"b3327a96280365e441057f490df6261c9a2400fd63719eb9a7a0c9db95beecc5",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115J7",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "714953f1d0031a4bb2f0c44afd015931",
"threatintel.indicator.file.hash.sha256": "b3327a96280365e441057f490df6261c9a2400fd63719eb9a7a0c9db95beecc5",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115J7",
"threatintel.indicator.file.hash.tlsh": "F644D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:06.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/e92b54904391c171238863b584355197ba4508f73320a8e89afbb5425fc2dc4b/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 7299,
"related.hash": [
"20fd22742500d4cec123398afc3d3672",
"e92b54904391c171238863b584355197ba4508f73320a8e89afbb5425fc2dc4b",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115JP",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "20fd22742500d4cec123398afc3d3672",
"threatintel.indicator.file.hash.sha256": "e92b54904391c171238863b584355197ba4508f73320a8e89afbb5425fc2dc4b",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGc:X5DpBw/KViMTB1MnEWk0115JP",
"threatintel.indicator.file.hash.tlsh": "BE44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:07:00.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/dd15e74b3cd3a4fdb5f47adefd6f90e27d5a20e01316cc791711f6dce7c0f52e/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 7879,
"related.hash": [
"aa81ceea053797a6f8c38a0f2f9b80b0",
"dd15e74b3cd3a4fdb5f47adefd6f90e27d5a20e01316cc791711f6dce7c0f52e",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGf:X5DpBw/KViMTB1MnEWk0115Jo",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "aa81ceea053797a6f8c38a0f2f9b80b0",
"threatintel.indicator.file.hash.sha256": "dd15e74b3cd3a4fdb5f47adefd6f90e27d5a20e01316cc791711f6dce7c0f52e",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGf:X5DpBw/KViMTB1MnEWk0115Jo",
"threatintel.indicator.file.hash.tlsh": "CC44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:06:36.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/0fae1eeabc4f5e07bd16f7851aec5ab6032d407c7ff0270f2b6e85c2a3efebd1/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 8459,
"related.hash": [
"a2ce6795664c0fa93b07fa54ba868991",
"0fae1eeabc4f5e07bd16f7851aec5ab6032d407c7ff0270f2b6e85c2a3efebd1",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGD:X5DpBw/KViMTB1MnEWk0115JY",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.signature": "Heodo",
"threatintel.indicator.file.hash.md5": "a2ce6795664c0fa93b07fa54ba868991",
"threatintel.indicator.file.hash.sha256": "0fae1eeabc4f5e07bd16f7851aec5ab6032d407c7ff0270f2b6e85c2a3efebd1",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGD:X5DpBw/KViMTB1MnEWk0115JY",
"threatintel.indicator.file.hash.tlsh": "8C44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:06:13.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/07a9d84c0b2c8cf1fd90ab409b9399d06920ab4b6efb647b5a3b9bef1045ee7e/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 9042,
"related.hash": [
"9b9bac158dacb9c2f5511e9c464a7de4",
"07a9d84c0b2c8cf1fd90ab409b9399d06920ab4b6efb647b5a3b9bef1045ee7e",
"6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKk:W5MT4WNaHy9P1FjbrjlKk",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "9b9bac158dacb9c2f5511e9c464a7de4",
"threatintel.indicator.file.hash.sha256": "07a9d84c0b2c8cf1fd90ab409b9399d06920ab4b6efb647b5a3b9bef1045ee7e",
"threatintel.indicator.file.hash.ssdeep": "6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKk:W5MT4WNaHy9P1FjbrjlKk",
"threatintel.indicator.file.hash.tlsh": "6B54CF217A53C826F5E800FCA6E9878914167F346F44A4C773D40F6AA8759E2EF2B317",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 280064,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:52.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/708c0193aec6354af6877f314d4b0e3864552bac77258bee9ee5bf886a116df5/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 9611,
"related.hash": [
"e48e3fa5e0f7b21c1ecf1efc81ff91e8",
"708c0193aec6354af6877f314d4b0e3864552bac77258bee9ee5bf886a116df5",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGo:X5DpBw/KViMTB1MnEWk0115Jj",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "e48e3fa5e0f7b21c1ecf1efc81ff91e8",
"threatintel.indicator.file.hash.sha256": "708c0193aec6354af6877f314d4b0e3864552bac77258bee9ee5bf886a116df5",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGo:X5DpBw/KViMTB1MnEWk0115Jj",
"threatintel.indicator.file.hash.tlsh": "6644D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:51.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/f70a3c016fe791eb30959961f0bcaa08ba7b738491b9ae61cb4a667cd1de8b37/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 10191,
"related.hash": [
"8957f5347633ab4b10c2ae4fb92c8572",
"f70a3c016fe791eb30959961f0bcaa08ba7b738491b9ae61cb4a667cd1de8b37",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJy:0h3eZgRQCcw+MN54dEq7kqRtoLZM",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.signature": "Heodo",
"threatintel.indicator.file.hash.md5": "8957f5347633ab4b10c2ae4fb92c8572",
"threatintel.indicator.file.hash.sha256": "f70a3c016fe791eb30959961f0bcaa08ba7b738491b9ae61cb4a667cd1de8b37",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJy:0h3eZgRQCcw+MN54dEq7kqRtoLZM",
"threatintel.indicator.file.hash.tlsh": "0754CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:50.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/94ca186561b13fa9b1bf15f7e66118debc686b40d2a62a5cf4b3c6ca6ee1c7a1/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 10783,
"related.hash": [
"09cc76b7077b4d5704e46e864575ff03",
"94ca186561b13fa9b1bf15f7e66118debc686b40d2a62a5cf4b3c6ca6ee1c7a1",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Js",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "09cc76b7077b4d5704e46e864575ff03",
"threatintel.indicator.file.hash.sha256": "94ca186561b13fa9b1bf15f7e66118debc686b40d2a62a5cf4b3c6ca6ee1c7a1",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG/:X5DpBw/KViMTB1MnEWk0115Js",
"threatintel.indicator.file.hash.tlsh": "BB44D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:36.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/909f890dbc5748845cf06d0fb0b73a5c0cb17761f37e9cd4810eea0d0eb8627f/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 11363,
"related.hash": [
"98a1cdf7de4232363f1d1e0f33dbfd99",
"909f890dbc5748845cf06d0fb0b73a5c0cb17761f37e9cd4810eea0d0eb8627f",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJQ:0h3eZgRQCcw+MN54dEq7kqRtoLZ+",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "98a1cdf7de4232363f1d1e0f33dbfd99",
"threatintel.indicator.file.hash.sha256": "909f890dbc5748845cf06d0fb0b73a5c0cb17761f37e9cd4810eea0d0eb8627f",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJQ:0h3eZgRQCcw+MN54dEq7kqRtoLZ+",
"threatintel.indicator.file.hash.tlsh": "C554CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:16.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/d1fa76346bef5bc8adaa615e109894a7c30f0bef07ab6272409c4056ea8d52aa/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 11952,
"related.hash": [
"8a51830c1662513ba6bd44e2f7849547",
"d1fa76346bef5bc8adaa615e109894a7c30f0bef07ab6272409c4056ea8d52aa",
"6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJh:0h3eZgRQCcw+MN54dEq7kqRtoLZ/",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.abusemalware.signature": "Heodo",
"threatintel.indicator.file.hash.md5": "8a51830c1662513ba6bd44e2f7849547",
"threatintel.indicator.file.hash.sha256": "d1fa76346bef5bc8adaa615e109894a7c30f0bef07ab6272409c4056ea8d52aa",
"threatintel.indicator.file.hash.ssdeep": "6144:0hlBeZgR9LqvgFcwNAwhGV52n5Dv4JdEqvQykqRqYdBx8pRA7OZJh:0h3eZgRQCcw+MN54dEq7kqRtoLZ/",
"threatintel.indicator.file.hash.tlsh": "1654CF22E642C926F1E900FCB2A98B4451257E355F40F4D777C40FABA835AE2AF27717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 284672,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:15.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/3b9698b6c18bcba15ee33378440dd3f42509730e6b1d2d5832c71a74b1920e51/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 12544,
"related.hash": [
"ae21d742a8118d6b86674aa5370bd6a7",
"3b9698b6c18bcba15ee33378440dd3f42509730e6b1d2d5832c71a74b1920e51",
"6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKS:W5MT4WNaHy9P1FjbrjlKS",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "ae21d742a8118d6b86674aa5370bd6a7",
"threatintel.indicator.file.hash.sha256": "3b9698b6c18bcba15ee33378440dd3f42509730e6b1d2d5832c71a74b1920e51",
"threatintel.indicator.file.hash.ssdeep": "6144:WlLMUG2gFWLDFO9vNa11y3NPcJufFFTXNZrjJTKS:W5MT4WNaHy9P1FjbrjlKS",
"threatintel.indicator.file.hash.tlsh": "5454CF217A53C826F5E800FCA6E9878925167F346F44A4C373D40F6AA8759E2DF2B317",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 280064,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:05:12.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/d11edc90f0e879a175abc6e2ce5c94a263aa2a01cd3b6e8b9fdf93a51235ae99/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 13113,
"related.hash": [
"78c9d88d24ed1d982a83216eed1590f6",
"d11edc90f0e879a175abc6e2ce5c94a263aa2a01cd3b6e8b9fdf93a51235ae99",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG8:X5DpBw/KViMTB1MnEWk0115Jr",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "78c9d88d24ed1d982a83216eed1590f6",
"threatintel.indicator.file.hash.sha256": "d11edc90f0e879a175abc6e2ce5c94a263aa2a01cd3b6e8b9fdf93a51235ae99",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JG8:X5DpBw/KViMTB1MnEWk0115Jr",
"threatintel.indicator.file.hash.tlsh": "6044D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:04:38.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/8cd28fed7ebdcd79ea2509dca84f0a727ca28d4eaaed5a92cd10b1279ff16afa/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 13693,
"related.hash": [
"236577d5d83e2a8d08623a7a7f724188",
"8cd28fed7ebdcd79ea2509dca84f0a727ca28d4eaaed5a92cd10b1279ff16afa",
"6144:X1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:X1GmSafShjYdd96z/6cwdC",
"ed2860c18f5483e3b5388bad75169dc1"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "236577d5d83e2a8d08623a7a7f724188",
"threatintel.indicator.file.hash.sha256": "8cd28fed7ebdcd79ea2509dca84f0a727ca28d4eaaed5a92cd10b1279ff16afa",
"threatintel.indicator.file.hash.ssdeep": "6144:X1G3WVIOY6Bdjehj+qudd96ou/6mv5wdC:X1GmSafShjYdd96z/6cwdC",
"threatintel.indicator.file.hash.tlsh": "8D34BE41B28B8B4BD163163C2976D1F8953CFC909761CE693B64B22F0F739D0892E7A5",
"threatintel.indicator.file.pe.imphash": "ed2860c18f5483e3b5388bad75169dc1",
"threatintel.indicator.file.size": 241664,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:04:26.000Z",
"threatintel.indicator.type": "file"
},
{
"event.category": "threat",
"event.dataset": "threatintel.abusemalware",
"event.kind": "enrichment",
"event.module": "threatintel",
"event.reference": "https://urlhaus-api.abuse.ch/v1/download/fb25d13188a5d0913bbcf5aeff6c7e3208ad92a7d10ab6bed2735f4d43310a27/",
"event.type": "indicator",
"fileset.name": "abusemalware",
"input.type": "log",
"log.offset": 14256,
"related.hash": [
"ff60107d82dcda7e6726d214528758e7",
"fb25d13188a5d0913bbcf5aeff6c7e3208ad92a7d10ab6bed2735f4d43310a27",
"6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGz:X5DpBw/KViMTB1MnEWk0115JU",
"68aea345b134d576ccdef7f06db86088"
],
"service.type": "threatintel",
"tags": [
"threatintel-abusemalware",
"forwarded"
],
"threatintel.indicator.file.hash.md5": "ff60107d82dcda7e6726d214528758e7",
"threatintel.indicator.file.hash.sha256": "fb25d13188a5d0913bbcf5aeff6c7e3208ad92a7d10ab6bed2735f4d43310a27",
"threatintel.indicator.file.hash.ssdeep": "6144:+60EDP6uCLfGw/GpxXinM1BCo1PlumGx2mx2tXd0t115JGz:X5DpBw/KViMTB1MnEWk0115JU",
"threatintel.indicator.file.hash.tlsh": "9244D022AD13DD37E1F400FCA6A58F8561626E381F00A89777D41F8A98356F1BB2B717",
"threatintel.indicator.file.pe.imphash": "68aea345b134d576ccdef7f06db86088",
"threatintel.indicator.file.size": 277504,
"threatintel.indicator.file.type": "dll",
"threatintel.indicator.first_seen": "2021-01-14T06:04:20.000Z",
"threatintel.indicator.type": "file"
}
]