{
    "e540738c-04f9-4f47-b28e-e6733b66c20a": {
        "event_id": 14040,
        "created_at": "2023-02-15T16:04:52.229101+00:00",
        "updated_at": "2023-02-17T09:58:31.220441+00:00",
        "name": "Campagna Snake Keylogger italiana Universit\u00e0 di Bologna",
        "description": "integrazione IoC del 17/02/2022",
        "subject": "Elenco richieste Universit\u00e0 di Bologna",
        "tlp": "0",
        "campaign_type": "malware",
        "method": "attached",
        "country": "italy",
        "file_type": [
            "docx"
        ],
        "theme": "Universit\u00e0",
        "malware": "Snake",
        "phishing": null,
        "via": "email",
        "tag": [
            "Equation Editor"
        ],
        "ioc_list": {
            "md5": [
                "26c1c8bc65bc1734c6fbb5c70c6711e5",
                "514a008df632272c2e6bb3ea4e54fc83",
                "8318aec68f9d4c0a09e9a23c3f66bdc3",
                "865004f0278a4301cd6919a58e09c9b2",
                "9faddd060caaa8f6b2c285225e9d0fb3",
                "c2be0d4583bc551a308671709c1e253e"
            ],
            "sha1": [
                "ad58d9da0bc053b61196ba54d24adf142a6a1b83",
                "f431bc74dbc2de058839c497837bc831f6e6dd71",
                "15bdd0d6897e80ec1bc80800759981b5f46d4935",
                "dc9b67cf7f292f6f8f380ffbf49014bd0db2b526",
                "26dc1f074a685c83523ccd4a6ed77fce534ac984",
                "cbe69cca8e39b881847a03a8f1214412d2c3976f"
            ],
            "sha256": [
                "9ec0a5d16ceb38c5068035a1e31cc43267fb0e1bf48437a8dd4829745791fa04",
                "ee1071f45d5e61153dd8e1f2c78ee80928ffc86d7c7657a798099efbcbd9aaf5",
                "d037181a9e8d57201e9cd772144f2ce7e7a0b87f7362ccae4e055096ff3ea9b1",
                "f4caaca12511a364005bffaedeb802d4388e16f1bbf564386760619e9a15dccc",
                "73ec76f4e4dfbc1f548ddbc1a5706f12e932f53abc8e30a3f3cc0adb8cc012b0",
                "1a8ab52bb58371cdfdf171987be0fec8509fab2495da503417eff49567043850"
            ],
            "imphash": [
                "61259b55b8912888e90f516ca08dc514"
            ],
            "domain": [
                "smtp.citalmet.com.ar"
            ],
            "url": [
                "http://104.168.32.152/2787/vbc.exe",
                "http://104.168.32.152/OO.DOC",
                "http://104.168.32.152/7798/vbc.exe",
                "http://104.168.32.152/O_O.DOC"
            ],
            "ipv4": [
                "104.168.32.152"
            ],
            "email": []
        },
        "email_victim": [],
        "ioca_version": "1.0",
        "organization": "cert-agid"
    }
}