{
    "75d59856-49b6-4710-bdf1-312b4e494f2a": {
        "event_id": 10886,
        "created_at": "2021-03-23T14:45:38.734380+00:00",
        "updated_at": "2021-03-23T18:43:55.383673+00:00",
        "name": "Campagna Ransomware Lockthesystem",
        "description": "",
        "subject": "Conferma di partenza della spedizione STCPA00008217121",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "doc"
        ],
        "theme": "Delivery",
        "malware": "Lockthesystem",
        "phishing": null,
        "tag": [],
        "ioc_list": {
            "md5": [
                "2bee61c5ee63bc27f5ea66e2d42e136d",
                "3e0c0275c22f75048511cbcbdcca3641"
            ],
            "sha1": [
                "18c97fafbb6bed70e3b3f88bd39fba342e49b112",
                "bd3900aa0f468a4fbb9ea3046959254e276ad394"
            ],
            "sha256": [
                "4c722b5c01a7ded39eed2b06d3e4aee0fbc9e23bb1c71b329390dd12235dd27e",
                "8a4a038a965ba42a0442d44abf25e4d21f5049d4a4a8aa9cb6691ec4282814a1"
            ],
            "imphash": [
                "f34d5f2d4577ed6d9ceec516c1f5a744"
            ],
            "domain": [],
            "url": [
                "https://bbuseruploads.s3.amazonaws.com/b45aff17-53db-4c54-963e-fc80befd02c5/downloads/fd384389-73a2-4dc5-bf20-55f4ef700fba/Clientnik.txt",
                "http://bit.ly/3f6aqMB"
            ],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    },
    "a523946f-dd52-483f-b1a3-d0adca74fce4": {
        "event_id": 10879,
        "created_at": "2021-03-22T16:33:58.393056+00:00",
        "updated_at": "2021-03-22T16:33:58.420840+00:00",
        "name": "Campagna Ransomware Lockthesystem",
        "description": "",
        "subject": "Conferma di partenza della spedizione STCPA00008217121",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "rar",
            "js"
        ],
        "theme": "Delivery",
        "malware": "Lockthesystem",
        "phishing": null,
        "tag": [],
        "ioc_list": {
            "md5": [
                "52245973b6384c738aabdf49915e1a30",
                "16adb6f51040e9ee2237e72dcc7ea636",
                "b4282c7f3fa918a48c6cc2a8d1872764"
            ],
            "sha1": [
                "010d520204b7aa0e8fccce16187dd19a9399498b",
                "70858c1a406fa9e98911d538a0d210c04bf59d6a",
                "cb883fd321f017967a5a99b48123f70a552cc546"
            ],
            "sha256": [
                "9ab45752c95af8f173b7d9a1a727f7b1b61a786b6ca30186bbc6bd5a36656d85",
                "960ba461dd43fdefe71a538bf2fa8009e579ef848a9472f51f4b64030b8c6169",
                "899f48bad035165acf8869af63922619f8a901bbeb8a7fc13919ba90dd9e7768"
            ],
            "imphash": [
                "f34d5f2d4577ed6d9ceec516c1f5a744"
            ],
            "domain": [],
            "url": [
                "http://lmvirtualbookkeeping.com/mar/Client-0.exe",
                "http://lmvirtualbookkeeping.com/mar/"
            ],
            "ipv4": [],
            "email": [
                "maximilian02@gmx.de"
            ]
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}