{
    "a91a8408-3225-41a9-b81e-c76806c55d31": {
        "event_id": 12284,
        "created_at": "2022-02-07T10:37:07.497559+00:00",
        "updated_at": "2022-02-07T12:43:34.251565+00:00",
        "name": "Campagna sLoad via PEC",
        "description": "Spett.le [RAGIONE SOCIALE]\r\ncome da accordi in allegato trovi fattura di cortesia non valida ai fini fiscali. Il documento in formato elettronico e' stato inviato al SDI come da normativa fatturazione elettronica.\r\nRingraziandovi per l'attenzione porgiamo cordiali saluti.",
        "subject": "CONSEGNA: [RAGIONE SOCIALE]",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "zip",
            "wsf"
        ],
        "theme": "Pagamenti",
        "malware": "sLoad",
        "phishing": null,
        "via": "pec",
        "tag": [],
        "ioc_list": {
            "md5": [
                "0d325ed95336f576fbf9ef55fd2ce65e",
                "e605b5ee80f9ee44c9a5ac5c7c14106f",
                "db6b6ca8337208c98659d89928d7030d",
                "813ba87eab398192ea50c33cb37bb069",
                "73284816cf3182f446536c380f805b1f",
                "6449ba492ce34af559141df37e41c9f0"
            ],
            "sha1": [
                "bce4d45ad4d68a865d9be6d9bb00b7afd3f40040",
                "32adf08aa712794e3260bc4e79d49385f3e337d8",
                "2fc7302cf8d89caf0e3feacf6dd9cefa5967efb1",
                "d4f40b9eeea84f726c6afc381e9eb8d722107d8d",
                "1b83c90059bc7a751e62635b05c9f2d5436f5065",
                "1f76add240b143994e24b9727983558c2b594371"
            ],
            "sha256": [
                "456e912133c6556acc6c9fee1678448cfc88695d2edcc932111d093b0123b9c8",
                "ba63cde629ffb4c3491c49b96addf157062b9fc2970a976fe58cf4641a9e08ff",
                "7aeab05053b0c136f55e69302eddc4e8c87745ed0c034180eb31af8792f4e8e8",
                "4001d11c465aeeb1cd314fdb939719eaf214e3135bde206373329cb788836179",
                "0d6f4f65cc73dfdde19c32e341ec6ab8d764c6fb0e725567c1c566fc55e006f4",
                "267a0f244d1d0d21b306ba31de5c42223508e71228c06d7396af9f9811cdc5dc"
            ],
            "imphash": [],
            "domain": [
                "pupideluco.eu",
                "toscaelio.eu",
                "angedionisu.eu",
                "hgjui.eu",
                "hkjt.eu"
            ],
            "url": [
                "https://toscaelio.eu/decu/08531051210/developer.txt",
                "https://toscaelio.eu/scala/08531051210/novo.txt",
                "https://pupideluco.eu/decu/00021100557/developer.txt",
                "https://pupideluco.eu/scala/00021100557/novo.txt",
                "https://angedionisu.eu/ange/15403501008/novo.rtf",
                "https://hgjui.eu/topic/",
                "https://hkjt.eu/topic/"
            ],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}