{ "27e48074-a004-4fc5-b65a-d1a10607200c": { "event_id": 14105, "created_at": "2023-03-08T08:59:50.254494+00:00", "updated_at": "2023-03-08T11:57:23.554429+00:00", "name": "Campagna Emotet italiana", "description": "", "subject": "Re:", "tlp": "0", "campaign_type": "malware", "method": "attached", "country": "italy", "file_type": [ "zip", "doc" ], "theme": "Resend", "malware": "Emotet", "phishing": null, "via": "email", "tag": [ "Epoch4" ], "ioc_list": { "md5": [ "a8eccafcae138372d34c5a87b1f4d5c0", "ac31fad4a21b818d8f52e65750a2ec0f", "2148a6a2bef5a35ce5665cbc12d5e474", "17edd993d6c1c9e5c0942ae9b4013736", "3d047ed2f8c9b4d25a67b9a2639fcb74", "011b2e355d75d2fa0f1e9b8e72525eb4", "2adf96f58582819fafe987ec71b014c4", "9b1e551cd585f8166cd937f2a0980f81", "b13b243434b3d4b186026fa3d3fdba9a", "fb9e96b0881ea74a860c2d22e9f80272", "69a5d6bff7916e89328735d6dfeb1969", "fe95283184a2afa3f6d194abda4302d1", "3c7c56fc367b2a82335cd2f75d2dd099", "fbd7471bb4a8e518392c7132d356f3c2", "8442ab051947073b4ab2973d57a6233a", "11c5d0c955902be5e993f21fa4a85a4f" ], "sha1": [ "43719453c3a38c733195774cb643783f602fd044", "c11e836318755c06db5a18c54892e3cccf279da8", "f744b8a8e027265955e3111f2b2d21396b17d549", "e03ff89c6c85c5e60106da7aecd8d0cda362875d", "a0fd12d672cf43327d16336e3289acb01af1706f", "15fd840efab66b5b385992882a57aa06eb84cb1d", "c807383bc031f7e7ef247c3d6bda284a6163ba8d", "2e87b33309c888ab7d655e92a45a31f15753fdee", "4836aeaf18e1620ecc2ae422743d91965f832441", "954e23b16ded88b1cd050ddcb09b6a5ac6c35dcf", "bee820677053e96fbb51bf29e3b131f02cee6f4c", "9b08a294c6f0c6cf91c023f8314a4434c23e0fd2", "5a76435796fdab5e3fea83f77d33a03e859803dd", "a4c0b68d64dd79ebfaf613081a089a2712d2e7e9", "0556169695112c697e71609f0023ebcf8f1bcdd3", "35775728ce727b15be3b51ef243a1bb682ee2476" ], "sha256": [ "3fd0964eb74075e3431e27920ccdb2d6edffa8b8c2dac307a20f183d72e0cbdd", "cfad0dcd5988f2f30d91b4c51bf68ff571ec988393934ecd7bcb876163f5ea66", "0fd1f5eae56248a6ccd9f34bf99e5ef08e04c768cdd788e020ed137ce0d1f09b", "af73a3c11b0476b56b20a3ab05e468876e4f1ae69f79fdd3741ef8a982a1a688", "61e4713129e7466ba4986cbbc1cfe05464439f5a6c3a67590d3be59cc46b29cc", "34d17479f101c95b858ca4c9e54b5f3a6e7ffda281a9c9460a11be2831f8af54", "f616da0ebb4f984aecd40da922c0cdf70987643a86afadc969aa76598120cd5d", "d03af1301860699bdc724ed8cfd9c08a80f577bfcdad1fb7193e8344fd0d4d76", "6f9f0b51aaa11810ded4080d39bed24ff7649bc3fccc587ced5e9398951e27e0", "b8f75feddecdf100c062da90a3fa2423aece82a7f60dffa130395a07cfc46876", "f2223da36c8d349a3545f952992ffc45ad0649dfec02f4ca8d0bc50f151794db", "d8b45395fabe03155050debe2c8669ebc3a38f0d151143129f4361d5dbf51616", "5ecdc169d3da2345feeda676fa5f312ed1fa188acb7577033cfdebe7d393c5ab", "ab95cced90dd16a741f991226df7fac38ca514e18deb95c730eb7e7efe4da589", "1c9be74d8f870d1218685a86a51ffb01d96524a742fe9f610eb07d9c345e3961", "90c5a24027b6fdb3f45e59d5d263af8317d57657efd2f68f7fd840b927cdd464" ], "imphash": [], "domain": [], "url": [ "https://baumart.lv/wp-admin/S8jHW33QU77gLz/", "http://www.189dom.com/xue80/C0aJr5tfI5Pvi8m/?140152", "https://midcoastsupplies.com.au/configNQS/Es2oE4GEH7fbZ", "https://103.75.201.2/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/", "https://91.121.146.47:8080/ymnpwdwpx/sospyzw/", "https://esentai-gourmet.kz/404/EDt0f/?140152", "https://45.235.8.30:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/", "http://beyond.psiloveyou.co.za/dR05Bvq90dvlsVBzn/", "https://midcoastsupplies.com.au/configNQS/Es2oE4GEH7fbZ/", "http://mtp.evotek.vn/wp-content/L/", "https://www.snaptikt.com/wp-includes/aM4Cz6wp2K4sfQ/", "https://midcoastsupplies.com.au/configNQS/rGgpv/", "https://91.121.146.47:8080/jwthxfret/", "http://139.219.4.166/wp-includes/XXrRaJtiutdHn7N13/", "http://www.dnautik.com/wp-includes/UmAJjAP/?090459&c=1", "http://www.189dom.com/xue80/C0aJr5tfI5Pvi8m/", "http://xinyuhuang.com/images/48onjwxGImMdiUx/", "https://esentai-gourmet.kz/404/EDt0f/", "http://103.132.242.26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/", "https://lisaerp.com/ncsA/g7zWosP/", "http://3313v.com/ki7xh/QpSQfw9CPTFtNs4/", "http://melkovsky.com/advice/ZRSaP7QA5yTv1fZs/", "https://diasgallery.com/about/R/", "http://mtp.evotek.vn/wp-content/L/?140152", "https://103.132.242.26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/", "https://163.44.196.120:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/", "https://midcoastsupplies.com.au/configNQS/mh7qtrxo/", "http://blog.perio.com.tr/wp-admin/Boo3JTROHh7/", "http://106.54.169.77/wp-content/yxQWf/", "http://ali.faqun.cn/8uhjvgd/nhAOl4DRmdOKz/", "https://acfs-brisbane.org.au/ARCHIVE/Cen7LJ4iXlpWfb0/", "https://tatianka.com/pub/WJPrHm5OtTt/", "https://tatianka.com:443/pub/WJPrHm5OtTt/", "https://besthome.kz/docs/xtbWXvPtI0qQM/", "https://diagnostic.net/news/5P/", "https://moiki.online/speedsale/XJdpbjT/", "http://ly.bi3x.org/magazini/pWKy5V5/", "https://ns1.koleso.tc/b512c9bf0b/RnLGmaMVRRbyeY3nZb/" ], "ipv4": [ "110.232.117.186", "115.68.227.76", "164.90.222.65", "119.59.103.152", "164.68.99.3", "5.135.159.50", "95.217.221.146", "104.168.155.143", "91.207.28.33", "197.242.150.244", "103.75.201.2", "82.223.21.224", "159.89.202.34", "129.232.188.93", "159.65.88.10", "201.94.166.162", "202.129.205.3", "167.172.199.165", "167.172.253.162", "153.92.5.27", "101.50.0.91", "173.212.193.249", "163.44.196.120", "183.111.227.137", "1.234.2.232", "188.44.20.25", "153.126.146.25", "160.16.142.56", "172.105.226.75", "79.137.35.198", "139.59.126.41", "107.170.39.149", "103.43.75.120", "169.57.156.166", "182.162.143.56", "103.132.242.26", "147.139.166.154", "91.121.146.47", "45.176.232.124", "66.228.32.31", "187.63.160.88", "94.23.45.86", "72.15.201.15", "45.235.8.30", "206.189.28.199", "186.194.240.217", "213.239.212.5", "185.4.135.165", "149.56.131.28" ], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }