{"Status":"Done"}

{"Status":"Not done"}

{"Status":"Done"}

{"Status":"Not done"}

{"absolute_file_paths":["file_path_1","file_path_2"]}

{[{"Entity":"8b2e701e91101955c73865589a4c72999aeabc11043f7xxxxx","EntityResult":{"is_risky":true,"attributes":{"authentihash":"ad56160b465f7bd1e7568640397f01fc4f8819ce6f0c141569xxxx","creation_date":1410950077,"downloadable":true,"exiftool":{"CharacterSet":"Unicode","CodeSize":"547xx","CompanyName":"MySQL, AB","EntryPoint":"0x39xx","FileDescription":"WinMerge Shell Integration","FileFlagsMask":"0x00xx","FileOS":"Windows NT 32-bit","FileSubtype":"0","FileType":"Win32 EXE","FileTypeExtension":"exe","FileVersion":"1.0.1.6","FileVersionNumber":"1.0.1.6","ImageFileCharacteristics":"Executable, 32-bit","ImageVersion":"0.0","InitializedDataSize":"199168","InternalName":"ShellExtension","LanguageCode":"English (U.S.)","LegalCopyright":"Copyright 2003-2013","LinkerVersion":"10.0","MIMEType":"application/octet-stream","MachineType":"Intel 386 or later, and compatibles","OSVersion":"5.1","ObjectFileType":"Executable application","OriginalFileName":"ShellExtension","PEType":"PE32","ProductName":"ShellExtension","ProductVersion":"1.0.1.6","ProductVersionNumber":"1.0.1.6","Subsystem":"Windows GUI","SubsystemVersion":"5.1","TimeStamp":"2014:09:17 10:34:37+00:00","UninitializedDataSize":"0"},"first_submission_date":1411582812,"last_analysis_date":1606903659,"last_analysis_results":{"ALYac":{"category":"malicious","engine_name":"ALYac","engine_update":"20201202","engine_version":"1.1.1.5","method":"blacklist","result":"Trojan.Foreign.Gen.2"}},"last_analysis_stats":{"confirmed-timeout":0,"failure":0,"harmless":0,"malicious":61,"suspicious":0,"timeout":0,"type-unsupported":5,"undetected":10},"last_modification_date":1606911051,"last_submission_date":1572934476,"magic":"PE32 executable for MS Windows (GUI) Intel 80386 32-bit","md5":"9498ff82a64ff445398c8426exxxx","meaningful_name":"ShellExtension","names":["ShellExtension","ZeuS_binary_9498ff82a64ff445398c8426exxxx.exe","9498ff82a64ff445398c8426exxxx.exe","9498ff82a64ff445398c8426exxxx","2420800","8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdb1xxxxx.exe","sigchxxx.exe","malwxxx.exe"],"reputation":-49,"sha1":"36f9ca40b3ce96fcee1cf1d4a722293553xxxx","sha256":"8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdb1cxxxx","sigma_analysis_stats":{"critical":0,"high":0,"low":4,"medium":0},"sigma_analysis_summary":{"Sigma Integrated Rule Set (GitHub)":{"critical":0,"high":0,"low":4,"medium":0}},"signature_info":{"copyright":"Copyright 2003-2013","description":"WinMerge Shell Integration","file version":"1.0.1.6","internal name":"ShellExtension","original name":"ShellExtension","product":"ShellExtension"},"size":254976,"ssdeep":"6144:Gz90qLc1zR98hUb4UdjzEwG+vqAWiR4EXePbix67CNzjX:Gz90qLc1lWhUbhVqxxxx","tags":["peexe","runtime-modules","direct-cpu-clock-access"],"times_submitted":8,"tlsh":"T1DB44CF267660D833D0DF94316C75C3F9673BFC2123215A6B6A4417699E307Exxxx","total_votes":{"harmless":2,"malicious":7},"trid":[{"file_type":"Win32 Executable MS Visual C++ (generic)","probability":54.3},{"file_type":"Win16 NE executable (generic)","probability":12.2},{"file_type":"Win32 Dynamic Link Library (generic)","probability":11.4},{"file_type":"Win32 Executable (generic)","probability":7.8},{"file_type":"OS/2 Executable (generic)","probability":3.5}],"type_description":"Win32 EXE","type_extension":"exe","type_tag":"peexe","unique_sources":8,"vhash":"025056657d755510804011z9005b9z25z1xxxx"},"id":"8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxxx","links":{"self":"https://www.virustotal.com/api/v3/files/8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxx"},"type":"file","comments":[{"attributes":{"date":1595402790,"html":"#malware #Zeus<br /><br />Full genetic report from Intezer Analyze:<br />https://analyze.intezer.com/#/files/8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxx<br /><br />#IntezerAnalyze","tags":["malware","zeus","intezeranalyze"],"text":"#malware #Zeus\n\nFull genetic report from Intezer Analyze:\nhttps://analyze.intezer.com/#/files/8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxx\n\n#IntezerAnalyze","votes":{"abuse":0,"negative":0,"positive":0}},"id":"f-8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxx-9945xxxx","links":{"self":"https://www.virustotal.com/api/v3/comments/f-8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdbxxxx-9945xxx"},"type":"comment"}],"widget_url":"https://www.virustotal.com/ui/widget/html/OGIyZTcwMWU5MTEwMTk1NWM3Mzg2NTU4OWE0YzcyOTk5YWVhYmMxMTA0M2Y3MTJlMDVmZGIxYzE3YzRhYjE5YXx8ZmlsZXx8eyJiZDEiOiAiIzRkNjM4NSIsICJiZzEiOiAiIzMxM2Q1YSIsICJiZzIiOiAiIzIyMmM0MiIsICJmZzEiOiAiI2ZmZmZmZiIsICJ0eXBlIjogImRlZmF1bHQifXx8ZnVsbHx8Zm91bmR8fDE2NDY2NzIzOTN8fGI5OWQ3MTY5MGIzZGY5MmVjMWExNTZlMmQ1MjM3OWJhMGMxYzgyZTAwMjVkMTJmZjg5MWM2YzdjNxxxxxxxxxx","related_mitre_tactics":[{"id":"TA0002","name":"Execution"}],"related_mitre_techniques":[{"id":"T1129","name":"Shared Modules","severity":"INFO"}],"sandboxes_analysis":{"VirusTotal Jujubox":{"attributes":{"registry_keys_opened":["HKCU\\\\SOFTWARE\\\\Microsoft","SOFTWARE\\\\Microsoft\\\\Xuoc"],"calls_highlighted":["GetTickCount"],"tags":["DIRECT_CPU_CLOCK_ACCESS","RUNTIME_MODULES"],"files_written":["C:\\\\Users\\\\<USER>\\\\AppData\\\\Roaming\\\\Uwcyi\\\\xeysv.exe"],"mutexes_opened":["Local\\\\{159989F5-EED2-E258-7F7B-44xxxxxxxxxx}"],"modules_loaded":["ADVAPI32.dll"],"analysis_date":1593005327,"sandbox_name":"VirusTotal Jujubox","has_html_report":true,"behash":"891a0af66a031b044dce08xxxxxxxxxx","has_evtx":false,"text_highlighted":["C:\\\\Windows\\\\system32\\\\cmd.exe"],"last_modification_date":1593005327,"has_memdump":false,"mutexes_created":["Global\\\\{5995CC4B-E3B3-EBC8-9F85-4Bxxxxxxxxxx}"],"has_pcap":true,"files_opened":["C:\\\\Windows\\\\system32\\\\SXS.DLL"]},"type":"file_behaviour","id":"8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdb1xxxxxxxxxx_VirusTotal Jujubox","links":{"self":"https://www.virustotal.com/api/v3/file_behaviours/8b2e701e91101955c73865589a4c72999aeabc11043f712e05fdb1xxxxxxxxxx_VirusTotal Jujubox"}}}}}],"is_risky":true}

{"Entity":"CVE-2024-49138","EntityResult":{"targeted_regions":[],"cwe":{"title":"Heap-based Buffer Overflow","id":"CWE-122"},"exploitation_consequence":"Privilege Escalation","source_regions_hierarchy":[],"name":"CVE-2024-49138","cisa_known_exploited":{"ransomware_use":"Unknown","added_date":1733788800,"due_date":1735603200},"analysis":"\n\nOn Dec. 10, 2024, Microsoft stated exploitation of this vulnerability was detected in the wild. For more information, please see [Microsoft's advisory.](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138)\n\n","workarounds":[],"last_modification_date":1738271466,"description":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","sources":[{"title":null,"name":"Cybersecurity and Infrastructure Security Agency (CISA)","source_description":null,"unique_id":null,"url":"https://github.com/cisagov/vulnrichment/blob/develop/2024/49xxx/CVE-2024-49138.json","md5":"d6f2c868480ebbdb413eb2d57524b324","cvss":{"cvssv2_0":null,"cvssv3_x":{"base_score":7.8,"temporal_score":null,"vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"},"cvssv3_x_translated":null,"cvssv4_x":null},"published_date":1733852988},{"title":"Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","name":"CISA","source_description":"CISA's Known Exploited Vulnerabilities Catalog","unique_id":null,"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog","md5":null,"cvss":{"cvssv2_0":null,"cvssv3_x":null,"cvssv3_x_translated":null,"cvssv4_x":null},"published_date":1733788800}],"mitigations":[],"cve_id":"CVE-2024-49138","creation_date":1733853672,"detection_names":[],"risk_factors":["Local Access Required","User Permissions Required"],"alt_names":[],"exploit_availability":"Publicly Available","cpes":[{"end_rel":"<","start_rel":null,"start_cpe":null,"end_cpe":{"version":"10.0.10240.20857 x64","product":"Windows 10 1507","vendor":"Microsoft","uri":"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20857:*:*:*:*:*:x64:*"}}{"end_rel":"<","start_rel":">=","start_cpe":{"version":"10.0.0","product":"Windows Server 2022","vendor":"Microsoft","uri":"cpe:2.3:o:microsoft:windows_server_2022:10.0.0:*:*:*:*:*:*:*"},"end_cpe":{"version":"10.0.20348.2908","product":"Windows Server 2022","vendor":"Microsoft","uri":"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2908:*:*:*:*:*:*:*"}}],"available_mitigation":["Patch"],"malware_roles":[],"counters":{"files":1,"domains":0,"ip_addresses":0,"urls":0,"iocs":1,"subscribers":1,"attack_techniques":0},"collection_links":[],"domains_count":0,"priority":"P0","files_count":1,"urls_count":0,"alt_names_details":[],"affected_systems":[],"operating_systems":[],"first_seen_details":[],"targeted_informations":[],"recent_activity_summary":[0,0,0,0,0,0,0,0,0,0,0,0,0,0],"merged_actors":[],"date_of_disclosure":1733788800,"tags":["media_attention","observed_in_the_wild","has_exploits","was_zero_day"],"last_seen_details":[],"epss":{"percentile":0.25741,"score":0.00054},"ip_addresses_count":0,"autogenerated_tags":[],"private":true,"executive_summary":"\n\n* A Heap-based Buffer Overflow vulnerability exists that, when exploited, allows a local, privileged attacker to escalate privileges.\n* This vulnerability has been confirmed to be exploited in the wild. Weaponized code is publicly available.\n* Mandiant Intelligence considers this a Medium-risk vulnerability due to the potential for privilege escalation, offset by local access requirements and user permission requirements.\n* Mitigation options include a patch.\n","summary_stats":{},"threat_scape":[],"exploitation_state":"Confirmed","version_history":[{"version_notes":["priority: Added"],"date":1739529103}],"origin":"Google Threat Intelligence","references_count":0,"capabilities":[],"targeted_industries":[],"motivations":[],"predicted_risk_rating":"MEDIUM","cvss":{"cvssv3_x":{"base_score":7.8,"temporal_score":6.8,"vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}},"mve_id":"MVE-2024-33694","status":"COMPUTED","exploitation_vectors":["Unspecified Local Vector"],"risk_rating":"MEDIUM","tags_details":[{"last_seen":null,"description":null,"value":"was_zero_day","confidence":"possible","first_seen":null}],"mati_genids_dict":{"cve_id":"vulnerability--012f19f2-00d0-58c8-b981-8b6ce04a8f43","mve_id":"vulnerability--c5ef5265-21d1-57ac-b960-5bf56f37d63f","report_id":null},"technologies":[],"exploitation":{"exploit_release_date":1736899200,"first_exploitation":1733788800,"tech_details_release_date":null},"targeted_industries_tree":[],"subscribers_count":1,"intended_effects":[],"collection_type":"vulnerability","field_sources":[{"field":"cvss.cvssv3_x","source":{"sources":[],"source_url":"","source_name":"Cybersecurity and Infrastructure Security Agency (CISA)","field_type":"Ranked"}},{"field":"exploitation_state","source":{"sources":[],"source_url":"","source_name":"Microsoft Corp.","field_type":"Severity"}}],"vendor_fix_references":[{"title":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","name":"Microsoft Corp.","source_description":null,"unique_id":null,"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138","md5":null,"cvss":null,"published_date":1733817600}],"targeted_regions_hierarchy":[],"top_icon_md5":[],"aggregations":{}}}

{"Entity":"APT42","EntityResult":{"threat_actor_id":"123123""affected_systems":[],"targeted_regions_hierarchy":[{"region":"Oceania","sub_region":"Australia and New Zealand","country":"Australia","country_iso2":"AU","confidence":"confirmed","first_seen":1630467976,"last_seen":1630467976,"description":null,"source":null},{"region":"Europe","sub_region":"Western Europe","country":"Austria","country_iso2":"AT","confidence":"confirmed","first_seen":1630467976,"last_seen":1705487116,"description":null,"source":null}],"recent_activity_relative_change":-0.6340275969799531,"subscribers_count":30,"version_history":[],"field_sources":[],"detection_names":[],"references_count":82,"files_count":1182,"workarounds":[],"threat_scape":[],"alt_names_details":[{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"APT35 (Avertium)"},{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"APT35 (Check Point)"}],"description":"APT42 is an Iranian state-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and organizations of strategic interest to the Iranian Government. The group's operations, which are designed to build trust and rapport with their victims, have included accessing the personal and corporate email accounts of government officials, former Iranian policymakers or political figures, members of the Iranian diaspora and opposition groups, journalists, and academics who are involved in research on Iran. The group has also deployed mobile malware capable of tracking victim locations, recording phone conversations, accessing videos and images, and extracting entire SMS inboxes.","creation_date":1428278400,"tags":[],"private":true,"available_mitigation":[],"name":"APT42","origin":"Google Threat Intelligence","mitigations":[],"merged_actors":[{"description":"threat-actor--a5ccf0a6-79ab-57cc-98b3-f8ee2e123071","first_seen":1691519658,"last_seen":1691519658,"confidence":"confirmed","value":"UNC4391"},{"description":"threat-actor--20ea26fa-d7ef-51c1-905f-28a2982a0bb5","first_seen":1659365630,"last_seen":1659365630,"confidence":"confirmed","value":"UNC788"},{"description":"threat-actor--f3e232d1-dfea-55f5-b1f0-e8e09c035ee2","first_seen":1704210115,"last_seen":1704210115,"confidence":"confirmed","value":"UNC4980"},{"description":"threat-actor--c7672fb1-f752-54fd-853e-5cbd49dc8187","first_seen":1670883116,"last_seen":1670883116,"confidence":"confirmed","value":"UNC4248"},{"description":"threat-actor--e5f884bd-cb76-5bed-a351-7984d6023b4a","first_seen":1682448032,"last_seen":1682448032,"confidence":"confirmed","value":"UNC4689"},{"description":"threat-actor--a28ebf5f-a384-55c0-a544-c5e4df56b136","first_seen":1693336040,"last_seen":1693336040,"confidence":"confirmed","value":"UNC4423"},{"description":"threat-actor--feb78504-3e56-5217-ad21-7dc9dab8974b","first_seen":1708987865,"last_seen":1708987865,"confidence":"confirmed","value":"UNC2440"},{"description":"threat-actor--d0f848d6-d92f-5147-9bf8-a3b5e93092ff","first_seen":1605743032,"last_seen":1605743032,"confidence":"confirmed","value":"UNC2013"},{"description":"threat-actor--284c29d0-575d-5410-a7f2-dab16e2a5863","first_seen":1605139211,"last_seen":1605139211,"confidence":"confirmed","value":"UNC1896"},{"description":"threat-actor--8d09d09c-6a09-56b5-86ad-c76f3a006d24","first_seen":1605744560,"last_seen":1605744560,"confidence":"confirmed","value":"UNC1137"},{"description":"threat-actor--9d0ac442-9a26-54d7-9061-af1ff9080071","first_seen":1605744040,"last_seen":1605744040,"confidence":"confirmed","value":"UNC978"},{"description":"threat-actor--1aa4e976-a6d0-57b8-861a-478d767f10f5","first_seen":1605137808,"last_seen":1605137808,"confidence":"confirmed","value":"UNC1900"},{"description":"threat-actor--237842b5-7aa3-5674-8c06-257d0f38c4d6","first_seen":1605136271,"last_seen":1605136271,"confidence":"confirmed","value":"UNC2086"},{"description":"threat-actor--bfdfb34f-5dea-5864-b80d-02b9cfeeb6d2","first_seen":1605128797,"last_seen":1605128797,"confidence":"confirmed","value":"UNC2087"},{"description":"threat-actor--cf4e7cfa-2707-5a4a-a543-ef32cd4f5d66","first_seen":1692622313,"last_seen":1692622313,"confidence":"confirmed","value":"UNC4439"},{"description":"threat-actor--60cccdf6-fad7-5706-92df-35aa6111923d","first_seen":1728393601,"last_seen":1728393601,"confidence":"confirmed","value":"UNC5246"}],"intended_effects":[],"urls_count":2617,"targeted_industries_tree":[{"industry_group":"Chemicals & Materials","industry":null,"confidence":"confirmed","first_seen":1665304135,"last_seen":1683023019,"description":null,"source":null}],"alt_names":["APT35 (Google)","Charmingcypress (Volexity)","Voidbalaur (Trend Micro)","Yellow Garuda (PwC)","GreenCharlie (Recorded Future)","Cobalt Illusion (Dell SecureWorks)","UNC788 (Facebook)","Charmingkitten (Kaspersky)","Charming Kitten (Certfa)","APT35 (Avertium)","Charming Kitten (CrowdStrike)","TA453 (Proofpoint)","Charming Kitten (ClearSky)","Charmingkitten (Bitdefender)","TAG-56 (Recorded Future)","ITG18 (IBM)","Charmingkitten (Volexity)","Phosphorus (Check Point)","APT35 (Check Point)","CALANQUE (Google TAG)","Mint Sandstorm (Microsoft)"],"first_seen":1428278400,"counters":{"files":1182,"domains":3888,"ip_addresses":1670,"urls":2617,"iocs":9357,"subscribers":30,"attack_techniques":127},"collection_type":"threat-actor","motivations":[{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"Espionage"},{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"Surveillance"}],"collection_links":[],"targeted_regions":["GB","BE","AT","IL","LB","UA","EG","AU","AZ","IT","US","IR","BG","TR","AE","NO","MY"],"source_regions_hierarchy":[{"region":"Asia","sub_region":"Southern Asia","country":"Iran, Islamic Republic Of","country_iso2":"IR","confidence":"confirmed","first_seen":null,"last_seen":null,"description":null,"source":null}],"malware_roles":[],"last_seen_details":[{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"2025-03-05T17:55:03.551Z"}],"domains_count":3888,"operating_systems":[],"source_region":"IR","targeted_informations":[],"risk_factors":[],"tags_details":[],"ip_addresses_count":1670,"capabilities":[],"targeted_industries":[],"vulnerable_products":"","technologies":[],"recent_activity_summary":[1341,1083,839,656,852,1136,1693,1485,1304,767,893,772,1169,67],"vendor_fix_references":[],"last_seen":1741197303,"autogenerated_tags":["upx","cve-2004-0790","contains-elf","downloads-zip","cve-2021-26084","cve-1999-0016","cve-2018-10561","cve-2021-44228","downloads-elf","contains-embedded-js","cve-2005-0068","base64-embedded","bobsoft","cve-2022-30190","opendir","attachment","cve-2014-3931","cve-2020-7961","contains-pe","cve-2021-1675","downloads-pe","downloads-doc","cve-2017-0199","themida"],"exploitation_vectors":[],"first_seen_details":[{"description":null,"first_seen":null,"last_seen":null,"confidence":"confirmed","value":"2015-04-06T00:00:00Z"}],"last_modification_date":1741314287,"summary_stats":{"first_submission_date":{"min":1234800101.0,"max":1741187401.0,"avg":1689528709.5449305},"last_submission_date":{"min":1366635040.0,"max":1741328711.0,"avg":1714984562.318413},"files_detections":{"min":0.0,"max":70.0,"avg":26.672566371681413},"urls_detections":{"min":0.0,"max":19.0,"avg":7.352873563218389}},"status":"COMPUTED","top_icon_md5":["b8fabacf5f0ce868656ac7a1d38c7c99","4aa5f091c9e667deb2123284461493e7","03234c84e6474d7cc9ecf39b9812fac4"]}}

{"ioc":{"identifier":"203.0.113.1","details":{"attributes":{"categories":{"Dr.Web":"known infection source/not recommended site","Forcepoint ThreatSeeker":"compromised websites","sophos":"malware repository, spyware and malware"},"first_submission_date":1582300443,"html_meta":{},"last_analysis_date":1599853405,"last_analysis_results":{"EXAMPLELabs":{"category":"harmless","engine_name":"EXAMPLELabs","method":"blacklist","result":"clean"},"Example":{"category":"harmless","engine_name":"Example","method":"blacklist","result":"clean"}},"last_analysis_stats":{"harmless":64,"malicious":6,"suspicious":1,"timeout":0,"undetected":8},"last_final_url":"http://203.0.113.1/input/?mark=20200207-example.com/31mawe&tpl=example&engkey=bar+chart+click+event","last_http_response_code":404,"last_http_response_content_length":204,"last_http_response_content_sha256":"58df637d178e35690516bda9e41e245db836170f046041fdebeedd20eca61d9d","last_http_response_headers":{"connection":"keep-alive","content-length":"204","content-type":"text/html; charset=iso-8859-1","date":"Fri, 11 Sep 2020 19:51:50 GMT","keep-alive":"timeout=60","server":"nginx"},"last_modification_date":1599853921,"last_submission_date":1599853405,"reputation":0,"tags":["ip"],"targeted_brand":{},"threat_names":["Mal/HTMLGen-A"],"times_submitted":3,"title":"404 Not Found","total_votes":{"harmless":0,"malicious":0},"trackers":{},"url":"http://203.0.113.1/input/?mark=20200207-example.com/31mawe&tpl=example&engkey=bar+chart+click+event"},"id":"ID","links":{"self":"https://www.virustotal.com/api/v3/urls/ID"},"type":"url","report_link":"{generated report link}","widget_url":"https: //www.virustotal.com/ui/widget/html/WIDGET_ID""widget_html"}}}

{"attributes":{"type_description":"Android","tlsh":"T156B6128BF7885D2BC0B78136899A1136B76A8D254B43A3473548772C3EB32D44F6DBD8","vhash":"8d145b883d0a7f814ba5b130454fbf36","exiftool":{"ZipRequiredVersion":"20","MIMEType":"application/zip","ZipCRC":"0xf27716ce","FileType":"ZIP","ZipCompression":"Deflated","ZipUncompressedSize":"46952","ZipCompressedSize":"8913","FileTypeExtension":"zip","ZipFileName":"Example.xml","ZipBitFlag":"0x0800","ZipModifyDate":"2023:06:11 17:54:18"},"type_tags":["executable","mobile","android","apk"],"crowdsourced_yara_results":["RESULTS_OMITTED"]"magic":"Zip archive data, at least v1.0 to extract, compression method=store","permhash":"a3e0005ad57d3ff03e09e0d055ad10bcf28a58a04a8c2aeccdad2b9e9bc52434","meaningful_name":"Example","reputation":0},"type":"file","id":"FILE_ID","links":{"self":"https://www.virustotal.com/api/v3/files/FILE_ID"}}

{"uuid":"UUID","dynamic_id":"Intrigue::Entity::Uri#http://192.0.2.73:80","collection_name":"example_oum28bu","alias_group":8515,"aliases":["http://192.0.2.73:80"],"allow_list":false,"ancestors":[{"type":"Intrigue::Entity::NetBlock","name":"192.0.2.0/24"}],"category":null,"collection_naics":null,"confidence":null,"deleted":false,"deny_list":false,"details":<!CONTENTOMITTED—>"http":{"code":404,"title":"404 Not Found","content":{"favicon_hash":null,"hash":null,"forms":false},"auth":{"any":false,"basic":false,"ntlm":false,"forms":false,"2fa":false}},"ports":{"tcp":[80],"udp":[],"count":1},"network":{"name":"Example, Inc.","asn":16509,"route":null,"type":null},"technology":{"cloud":true,"cloud_providers":["Example Services"],"cpes":[],"technologies":[],"technology_labels":[]},"vulns":{"current_count":0,"vulns":[]}},{"tags":[],"id":8620,"scoped_at":"2022-09-30 06:51:57 +0000","detail_string":"Fingerprint: Nginx |  Title: 404 Not Found","enrichment_tasks":["enrich/uri","sslcan"],"generated_at":"2022-09-30T21:21:18Z"}

{"data":{"attributes":{"comments_count":0,"creation_date":1603219837,"graph_data":{"description":"Example LLC","version":"api-5.0.0"},"last_modified_date":1603219837,"links":[{"connection_type":"last_serving_ip_address","source":"ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","target":"relationships_last_serving_ip_address_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671"},{"connection_type":"last_serving_ip_address","source":"relationships_last_serving_ip_address_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","target":"203.0.113.3"},{"connection_type":"network_location","source":"ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","target":"relationships_network_location_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671"},{"connection_type":"network_location","source":"relationships_network_location_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","target":"203.0.113.3"},{"connection_type":"communicating_files","source":"203.0.113.3","target":"relationships_communicating_files_20301133"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"4935cc8a4ff76d595e1bfab9fd2e6aa0f7c2fea941693f1ab4586eaba1528f47"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"c975794ff65c02b63fae1a94006a75294aac13277ca464e3ea7e40de5eda2b14"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"c7752154a2e894a4dec84833bee656357f4b84a9c7f601f586f79de667d8fe5c"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"692bb2ed1da43b0408c104b4ca4b4e97e15f3224e37dbea60214bcd991a2cfd3"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"74273ef55d8b7d23f7b058c7e47f3cbaf60c823a3e41ffb10e494917bad77381"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"f4f2f17c4df1b558cb80c8eab3edf5198970e9d87bd03943d4c2effafb696187"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"5edc8496869697aa229540bd6106b6679f6cfcbc6ee4837887183f470b49acb5"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"1582da57cb082d3f6835158133aafb5f3b8dcc880a813be135a0ff8099cf0ee8"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"be4ccb1ca71a987f481c22a1a43de491353945d815c89cbcc06233d993ac73cf"},{"connection_type":"communicating_files","source":"relationships_communicating_files_20301133","target":"60bb6467ee465f23a15f17cd73f7ecb9db9894c5a3186081a1c70fdc6e7607d6"}],"nodes":[{"entity_attributes":{"has_detections":false},"entity_id":"ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","index":0,"text":"","type":"url","x":51.22276722115952,"y":65.7811310194184},{"entity_attributes":{},"entity_id":"relationships_last_serving_ip_address_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","index":1,"text":"","type":"relationship","x":25.415664700492094,"y":37.66636498768037},{"entity_attributes":{"country":"US"},"entity_id":"203.0.113.3","fx":-19.03611541222395,"fy":24.958500220062717,"index":2,"text":"","type":"ip_address","x":-19.03611541222395,"y":24.958500220062717},{"entity_attributes":{},"entity_id":"relationships_network_location_ea241b193c1bd89f999db9231359e7479bc2f05105ce43964955068c5d7c4671","index":3,"text":"","type":"relationship","x":14.37403861978968,"y":56.85562691824892},{"entity_attributes":{},"entity_id":"relationships_communicating_files_20301133","index":4,"text":"","type":"relationship","x":-51.78097726144755,"y":10.087893225996158},{"entity_attributes":{"has_detections":true,"type_tag":"peexe"},"entity_id":"4935cc8a4ff76d595e1bfab9fd2e6aa0f7c2fea941693f1ab4586eaba1528f47","index":5,"text":"","type":"file","x":-79.11606194776019,"y":-18.475026322309112},{"entity_attributes":{"has_detections":true,"type_tag":"peexe"},"entity_id":"c975794ff65c02b63fae1a94006a75294aac13277ca464e3ea7e40de5eda2b14","index":6,"text":"","type":"file","x":-64.80938048199627,"y":46.75892061191275},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"c7752154a2e894a4dec84833bee656357f4b84a9c7f601f586f79de667d8fe5c","index":7,"text":"","type":"file","x":-43.54064004476819,"y":-28.547923020662786},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"692bb2ed1da43b0408c104b4ca4b4e97e15f3224e37dbea60214bcd991a2cfd3","index":8,"text":"","type":"file","x":-15.529860440278318,"y":-2.068209789825876},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"74273ef55d8b7d23f7b058c7e47f3cbaf60c823a3e41ffb10e494917bad77381","index":9,"text":"","type":"file","x":-42.55971948293377,"y":46.937155845680415},{"entity_attributes":{"has_detections":true,"type_tag":"html"},"entity_id":"f4f2f17c4df1b558cb80c8eab3edf5198970e9d87bd03943d4c2effafb696187","index":10,"text":"","type":"file","x":-62.447976875107706,"y":-28.172418384729067},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"5edc8496869697aa229540bd6106b6679f6cfcbc6ee4837887183f470b49acb5","index":11,"text":"","type":"file","x":-89.0326649183805,"y":-2.2638551448322484},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"1582da57cb082d3f6835158133aafb5f3b8dcc880a813be135a0ff8099cf0ee8","index":12,"text":"","type":"file","x":-26.35260716195174,"y":-20.25669077264115},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"be4ccb1ca71a987f481c22a1a43de491353945d815c89cbcc06233d993ac73cf","index":13,"text":"","type":"file","x":-82.1415994911387,"y":34.89636762607467},{"entity_attributes":{"has_detections":true,"type_tag":"android"},"entity_id":"ENTITY_ID","index":14,"text":"","type":"file","x":-90.87738694680043,"y":16.374462198116138}],"private":false,"views_count":30},"id":"ID","links":{"self":"https://www.virustotal.com/api/v3/graphs/ID"},"type":"graph"}}