{ "397e1a84-022f-4adb-8e6a-4c47ff8c8770": { "event_id": 13951, "created_at": "2023-01-23T08:17:36.846503+00:00", "updated_at": "2023-01-23T14:59:46.931489+00:00", "name": "Campagna Ursnif a tema Agenzia Entrate", "description": "", "subject": "Commissione di osservanza sull'anagrafe tributaria", "tlp": "0", "campaign_type": "malware", "method": "linked", "country": "italy", "file_type": [ "zip", "url" ], "theme": "Agenzia Entrate", "malware": "Ursnif", "phishing": null, "via": "email", "tag": [ "SMB" ], "ioc_list": { "md5": [ "be6c15d948f05610f11d0c4c49ee0dde", "a9b3aed56101d9993d412850bc623f8d", "19ea8fc7ab76e4ced49b8f5da17afaf9", "23301d211eee22fe26182735358c9394", "97074f0ad9a95ae9d73b5c3e4547518c", "913f000caf3a88346eb6d01d801eabd2", "92a8e2a4fb2c38d8150d3972b2c88120", "f66f610515864244902840bad733a204", "8e6bd7d6e35ac24218f00763e6b53e11", "c6e2980fe8017026d6edd9bae2cf3ffb" ], "sha1": [ "cf081a3376f1a726d0004ed098a95a584e2761f7", "4d5819e1107a2d72ed1ef2308f32995c4e518a2e", "e07cacb3b00e82813792b698d781bd9c7b955e22", "51dba332b709a17bbe3004feab013c1344fe1468", "624d869c2e95a5d279cfd495c03de7cef14498f6", "3bba7ef71aa29f823c5f2f8338db7b2c9e15e8ac", "84fbfba5847474e4fd81e0152a89dbea29cee704", "0cba6b0ad558223a26166d89af39593c7280a71f", "93060c9ba9f16d8afab977760d07c3521af355a0", "d9d1f9706428c54fab91d5dd1efc74daf2aba950" ], "sha256": [ "6f7db62fae3b24dc36d2d922cb4d53ba4e70d2b077880e6594bfe325d3f2a93c", "61a8b6bab2a3742abffde49fefcc19fee5fb34a0340c157c527249ff1c35e2b0", "5783f0cf870bfecb2a35e73236e2062f169a2d7f5e46e42276c9c30ae614dd4d", "d805414808764f9a88179e1a76491d5ec30100e8671dd73f9f4d8cc1bae0b339", "7796075f1ef6325830eed5369b7e5930ca514b6f32d304d51434873fcb5031e0", "5a867e1b8a9f61982d85e13d152be9e0ac1bb415850d837194d94636b058c621", "df8a5ac88c6a185144000e908d8dac0045d92525a84353c9b94c04aec5550dac", "9ce62ce611e015b9317a3c28b0d52b21a5ec7f862585cddec2733cf727f9dc32", "90cdd9a437d7a0c6245c58eef426322e52247694685234b7911d28b9bd93c7b7", "8f39a46199c14658253c6448acdf76f2f474936ef0879785bbc273d32878baf2" ], "imphash": [ "7973a61531c93981746e35cc3b7b0ae0" ], "domain": [], "url": [ "http://193.0.178.235/drew/", "http://62.173.149.10/drew/", "https://xbjmqkdo.page.link/wG3QKpQ5vQKvCf1p6", "http://31.41.44.27/drew/", "https://xbjmqkdo.page.link/", "https://pvlnramb.page.link/fUpqqhzrHGtaHQTu6", "https://pvlnramb.page.link/", "https://ekbdtvvo.page.link/EG1jMLLNXX7Mbe2Z7", "https://ekbdtvvo.page.link/", "https://dtgnymim.page.link/", "https://dtgnymim.page.link/KsaT4caunCLKmA5W8", "https://jvodnkkm.page.link/L3oLVEV6AU4oKzVZ6", "https://jvodnkkm.page.link/", "https://lsgumtfl.page.link/pZBGPpshisZ8kmMZA", "http://globesecure.de/agenzia/", "http://lanrungnamtau.com/agenzia/", "http://evrookna.spb.ru/headers/online/", "https://gite-randonnee-ardeche.com/testWP/wp-content/themes/sketch/online/index.php", "http://wynecare.com/static/azienda/", "http://pc1pa.dyndns.org/passalacqua/wp/wp-content/plugins/woocommerce/includes/widgets/", "http://ginoscratch.com/agenzia/", "https://www.lasikofmichigan.com/wp-content/themes/", "http://kiengiang24h.com/agenzia/", "http://nhachannuoi.vn/agenzia/", "http://dexpertspro.com/headers/", "http://ancien.7tv-live.com/agenzia/", "http://kitdigital.tecoinfor.com/agenzia/", "https://enmillenium.com/agenzia/", "http://akeadparis.com/agenzia" ], "ipv4": [ "193.0.178.235", "62.173.149.10", "193.0.178.237", "31.41.44.27", "46.8.210.29", "46.8.210.28", "62.173.138.24", "46.8.210.26", "185.31.160.229", "194.116.162.14", "62.173.140.192", "62.173.140.128", "193.233.175.99" ], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }