{ "125a0d50-5e61-46fa-9475-255309680f52": { "event_id": 14364, "created_at": "2023-04-27T09:14:45.473455+00:00", "updated_at": "2023-04-27T09:59:40.195411+00:00", "name": "Campagna Ursnif italiana DHL botnet 5050", "description": "PDF (link) > ZIP > JS > DLL", "subject": "Secondo Sollecito di Pagamento del 27/04/2023 : IT06518458140", "tlp": "0", "campaign_type": "malware", "method": "attached", "country": "italy", "file_type": [ "zip", "js", "pdf" ], "theme": "Delivery", "malware": "Ursnif", "phishing": null, "via": "email", "tag": [], "ioc_list": { "md5": [ "776d72affd6ee0a4f273cd87570f0e81", "f79d49664f8971ea626043cb5008060b", "552bf8474706f42f28f296377ad36250", "c23525aaf9b05ddce4b45a6146b2bbdb", "5400b53bfcd00f3db1f67ce0125a8169" ], "sha1": [ "c7ec1567c55d91ac0254dcea2ade2028ec21766f", "477dd6a37517a8f37bdc50ed3a53afd5936c0973", "560c86125a4801cfcb9621c5ca8015839676842f", "5ca2bd5825e9b4d657fcc3922286e2c35629f4ca", "a5fbd87667c8a3214052b51700ba566be9b3e925" ], "sha256": [ "43c92cbe749d74385b5d7ce8392e97c18b0eab14a5051ca845aa3cf87cd1958e", "58b0cd8e48f0a3b226f33aa51c0265000c6d029462539aefc58b0021a68c2f23", "dc7b0c1ecf1f2b1d085c63a9509db92ee4cf1cccae11b64d7e62341e70464a5d", "ed93537b8b5b70b143394fe0be400a7419d0204e9b9d6f1081f22c1f4c0a221f", "0f93ae21644a5c01a498cf020710e2957fe8b30436d1388612c34c7ae1467ddd" ], "imphash": [ "ac33d285839de1ea9fd6256ae9a855bd" ], "domain": [ "secnutis.com" ], "url": [ "http://debosod.com/jerry/", "http://91.215.85.222/jerry/", "http://fastyray.com/jerry/", "https://secnutis.com/lista", "https://secnutis.com/bollettino", "http://94.140.115.190/sk64.jpg", "http://94.140.115.190/c64.jpg" ], "ipv4": [ "91.215.85.222", "94.140.115.190" ], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }