{ "a6f0b00c-1203-4c10-9579-5d3f0ebfa915": { "event_id": 14357, "created_at": "2023-04-26T12:00:09.392025+00:00", "updated_at": "2023-04-26T13:27:16.196315+00:00", "name": "Campagna PythonRAT", "description": "eseguibile ospitato su dominio italiano", "subject": null, "tlp": "0", "campaign_type": "malware", "method": "attached", "country": "generic", "file_type": [ "zip", "chm" ], "theme": null, "malware": "PyhtonRAT", "phishing": null, "via": "email", "tag": [], "ioc_list": { "md5": [ "8a419e45e6ece666f5529299d8497bb8", "952d6923f15c2fc764d4e577d42f0512", "c1a31c3594d1f94983b79784dfc9d9aa" ], "sha1": [ "4ef8daa7c7afe763f05e45997cc55b6eab21dfa2", "5d444d42ef461af0e26ff9d4c2345ff8d70c3065", "cfb2f7d68c49c4faa387fd57552c752c8961dc77" ], "sha256": [ "3035ab2a9c83b4fb5159981c8ccd159b300a28b91e45e7b38793407d243dc9d3", "3a8191685b0dbd44b12051ab53a21c6f1f4969bba7d759b3d3497cc05ce7bfad", "7f482c7d24e7191746061169e8bb9d329026638be072bf4526a2509b34ccf32c" ], "imphash": [], "domain": [], "url": [ "https://lucaagostini.it/regallo/zohoservice.exe", "http://45.82.69.203/st.ps1", "https://lucaagostini.it/regallo/" ], "ipv4": [ "45.82.69.203" ], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }