{
    "234a391d-7206-43b2-9fc1-b7602566f3c7": {
        "event_id": 12115,
        "created_at": "2022-01-12T12:39:30.701460+00:00",
        "updated_at": "2022-01-12T19:16:34.587680+00:00",
        "name": "Campagna Ursnif Agenzia delle Entrate",
        "description": "",
        "subject": "Cortese [denominazione]",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "zip",
            "vbe"
        ],
        "theme": "Agenzia Entrate",
        "malware": "Ursnif",
        "phishing": null,
        "via": "email",
        "tag": [],
        "ioc_list": {
            "md5": [
                "b5988cc7524fcccc13104c9da4849b85",
                "4081fd95a87905a998b314f7bb4e8b14",
                "6a3263c89dd86c24a073bfaf5253601c",
                "0df3ea793cc3585b21845b0788be8c24"
            ],
            "sha1": [
                "9e1dea614373041f5aec080f2e59a6f935a748d6",
                "e9644e9686e3d5bc0f94099359520506722e601f",
                "32437cb53d20b166e31e54fc8c01a7d537ad701c",
                "47c1d3e96f0c9cbf66ce7d476921db745d392b6f"
            ],
            "sha256": [
                "aa7d9770d0b97e20874c111997c98232bb047032b1c6ef59de6b7222f63ce623",
                "45f11d97a8ed1a9215e9c6c8d44335229e17bd63bb0a48abcc8c2a02dca241c4",
                "2c21b89e8d6b5c52c27d0b30a1a0b55ad8f5d528e570b17ae1b52a37d91e89eb",
                "890832e596bbacac895d1c630149dbcb4c1d2c7fa42f5715206864d05ab39b00"
            ],
            "imphash": [],
            "domain": [
                "mmmmmm.casa",
                "mmmmmm.bar",
                "entrate.bar",
                "www.mmmmmm.casa",
                "agenziaitaliane.bar"
            ],
            "url": [],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    },
    "b12c7d9f-aaaa-4c4e-9d98-c211a4951b78": {
        "event_id": 12097,
        "created_at": "2022-01-11T09:03:10.919926+00:00",
        "updated_at": "2022-01-11T12:30:17.492575+00:00",
        "name": "Campagna Ursnif Agenzia delle Entrate",
        "description": "Allega ZIP con Password \"gennaio2022\"",
        "subject": "Cortese [denominazione]",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "zip",
            "vbe"
        ],
        "theme": "Agenzia Entrate",
        "malware": "Ursnif",
        "phishing": null,
        "via": "email",
        "tag": [],
        "ioc_list": {
            "md5": [
                "f87afdf798e81745c792a52e3259b19e",
                "4081fd95a87905a998b314f7bb4e8b14",
                "e5ed6c6afb29314dba05263ce042b213"
            ],
            "sha1": [
                "dbf1a8dbddf82e9091f4d6a1884ebcf7fad538d5",
                "e9644e9686e3d5bc0f94099359520506722e601f",
                "b6d7bdf686e6a71a3d11895cae7cacb253fd96d2"
            ],
            "sha256": [
                "84fa9705f1e1ee6063945dab72e6c1e507b5ec4c8a1869fa9d92fa377bd89ca3",
                "45f11d97a8ed1a9215e9c6c8d44335229e17bd63bb0a48abcc8c2a02dca241c4",
                "a7c07b0f4a0cc03f141943e9ed5f72c1dc6aca1ab79d979fd1fcd86be322800d"
            ],
            "imphash": [
                "6299c55186fab34c5992194e04e88327"
            ],
            "domain": [
                "autosblogs.co",
                "autosblogs.com",
                "mmmmmm.bar",
                "blogsautos.info",
                "lineautos.com",
                "autoslives.co",
                "blogsautos.com",
                "livesautos.com",
                "mmmmmm.casa",
                "autoslives.com"
            ],
            "url": [
                "https://fiscale.bar/image.txt"
            ],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}