{
    "a5503e93-7c7f-4aac-af35-1f1ff0bb276f": {
        "event_id": 12627,
        "created_at": "2022-03-21T09:30:57.671792+00:00",
        "updated_at": "2022-03-21T10:35:06.892247+00:00",
        "name": "Campagna sLoad via PEC",
        "description": "il contenuto presente all'interno dell'allegato contiene dati personali riferiti allo stato dei pagamenti delle sue forniture.\r\nCordiali Saluti\r\n\r\nPer qualsiasi necessita' di chiarimenti non rispondere a questa mail, ma utilizzare i tradizionali canali di assistenza presenti sul sito www.fatturapa.gov.it.\r\n\r\nsLoad $ver=\"4.3.3\";",
        "subject": "Ragione sociale",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "zip",
            "wsf"
        ],
        "theme": "Pagamenti",
        "malware": "sLoad",
        "phishing": null,
        "via": "pec",
        "tag": [],
        "ioc_list": {
            "md5": [
                "d5299434aa5119814df6f50d9ddce8e1",
                "d1f648c2eedc678d7807991e5046ad88",
                "0ceae1ec3949da0a10251b9f43250edc",
                "4100fb23ea472d29ae5df0996e638876",
                "14a639a2cbd83fa00656919bfeaf50d6"
            ],
            "sha1": [
                "d3156dcb01873b100272647268b9357ed1767596",
                "32d2ff1a5b317a3760bebea5e383887d341467a2",
                "9f5e4b6c8e630d2d49445f0c307ed71518d63372",
                "84ffbd7d83a4e0b783c94a20c907525a03734081",
                "b93e98c3df7992dfb6dc6ec1c74a568775b6778a"
            ],
            "sha256": [
                "5fa5ef757f62463989958fd2a0edb5c5323dac09eb4c1d4d9bdce8462a2d1d4a",
                "799108cf77a0db06445201e48314ba934d8b139955a68e9f3248ce7e60ba0bde",
                "6b52b13a1bfea9b571ee5de8a6b954e743ed133ca041d8dd679b431afc5f2a0e",
                "9376c7f07d0265e3ed21c2cbc8023e5fca95650401fb8530fe7aa20f5472c9cd",
                "c045bb10a6ac933916a04f0bc84c0da4c70dacda19af13288f12e00515b355cd"
            ],
            "imphash": [],
            "domain": [
                "tutyjk.eu",
                "fdhtyki.eu",
                "pluner.eu",
                "uybntuuik.eu",
                "dnhytik.eu"
            ],
            "url": [
                "https://fdhtyki.eu/post/",
                "https://tutyjk.eu/mazu/",
                "https://pluner.eu/",
                "https://dnhytik.eu/topic/",
                "https://uybntuuik.eu/topic/"
            ],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}