{
    "229b1c36-730a-45bb-a9c9-04066cfb5b6d": {
        "event_id": 13236,
        "created_at": "2022-07-08T09:04:49.560860+00:00",
        "updated_at": "2022-07-08T09:04:49.599672+00:00",
        "name": "Campagna EnvyScout italiana",
        "description": "The Russian criminal team #APT29 \r\nAllega PDF -> Link HTML -> ISO -> LNK + 2 DLL",
        "subject": "Molto importante! Dipartimento del governo n. 348/2022",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "pdf"
        ],
        "theme": "Covid-19",
        "malware": "EnvyScout",
        "phishing": null,
        "via": "email",
        "tag": [
            "APT29"
        ],
        "ioc_list": {
            "md5": [
                "3aa44a7951ad95d02c426e9e2a174c2e",
                "eab854f520b18206b5c83988e21938ab",
                "59b5d262532dab929bbe56c90a0257d2",
                "5ed4414e0edcaacdeb865a0ff64ac2ac",
                "6228d15e3bb50adfa59c1bdf5f6ce9f0",
                "9a077e38fe8528c56351eb228c4bd817",
                "6812031432039a89fa741e9338f8e887"
            ],
            "sha1": [
                "beb41adb5eecdebe080fc6fd0c0e495f19b9b598",
                "230f2d919119a61e76f195417abde78e3056457e",
                "1d34a13349f186edebc9a6c46f491245b89430f1",
                "f24897d749463dc054571b6f841e887abb2c5401",
                "38609baafd89e5b6892486f92281781b1b4a5824",
                "02aaa5dd927c55c2e0c043812195c4f3fda3e398",
                "977f715c543dc4d3cd3c66fad4cd89e6ffbaf360"
            ],
            "sha256": [
                "d05449cd3e9438f68b9570c38857d57e791bc17aae36241dc38ece7902eed8af",
                "913c8c0b9111db7841079222d0104fcbc075ff704d8f59c2de944a9f53e89ae4",
                "5d77343f2ae2214954e9de34da1dbb05b538ac68187050fe254e068bc7a82f8b",
                "722ed29043120069ece978f2a76ccde18ae519b40422856b832b071974da9671",
                "879a20cc630ff7473827e7781021dacc57bcec78c01a7765fc5ee028e4a03623",
                "2b183881d2a9c00482d411e2331920e10a960fc94d2326235839981d699adad9",
                "4856da80222e8e68071e361993cf2e668f9bee43fc2c6c8bc5e24d71349dfa5e"
            ],
            "imphash": [],
            "domain": [
                "agencijazaregistraciju.rs"
            ],
            "url": [
                "https://www.agencijazaregistraciju.rs/i.html",
                "https://slack.com/api/files.list?channel=C03NSRMQJ4A&user=U03MMK35QQ1",
                "https://www.agencijazaregistraciju.rs/t.php"
            ],
            "ipv4": [],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}