Daily IoCs for 2021-04-17 (MISP)

1. {"Event":{"Attribute":[{"Tag":[{"name":"mwdb:family=\"AgentTesla\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"ed3d97397e27bcf7e5a95cfa965d78910728773f3bc7fd53cf4cc92529557c3e"},{"Tag":[{"name":"mwdb:family=\"AgentTesla\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"1af69b5e90ee17eda14504001f969e7c67962578d2ce2bd626516c9edbf1fb1d"},{"Tag":[{"name":"mwdb:family=\"AgentTesla\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"b45a5842b0af5fa0030223cc87a46bb4953ccce55c0f7975cfe3ca154e1a27cc"},{"Tag":[{"name":"mwdb:family=\"AgentTesla\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"ec9d7da695d9a71ae98730257f34ed7726eeb93ac54f72198c8614f9f58e5799"},{"Tag":[{"name":"mwdb:family=\"BitRAT\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"9c3dd2c5dea47259630a28200ce45fdd407b5cc86675bc3dd61f6b29d61382cc"},{"Tag":[{"name":"mwdb:family=\"FormBook\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"71d2d9c3f5293bb5180e233d1e91a1cdf177e9aa29fa0a48f083da6902ea9b48"},{"Tag":[{"name":"mwdb:family=\"Nanocore\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"86059a4b84489fb1b625b1eb2bdabcd88fb4226fb04b769fddfe0fbec40c28b5"},{"Tag":[{"name":"mwdb:family=\"Nanocore\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"1f79630981b51ca24bc7dd487bceef04017f57637cdb1c828b547835ff33e9cc"},{"Tag":[{"name":"malware_classification:malware-category=\"Phishing\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"3dd4de6bec3e1e7deb446cda4c080d2c9355a6a49b2cac87ad9cd6cf932d4fd2"},{"Tag":[{"name":"malware_classification:malware-category=\"Ransomware\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"c373d37b5a9427a18dbf93d519968d9fda04f2a262f424d0611830764c8cc69c"},{"Tag":[{"name":"mwdb:family=\"Shathak\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"0cc685b64f2bbe64096ce5a5bba316bb9d0b86a1e97afac26f3612932fe73ad6"},{"Tag":[{"name":"mwdb:family=\"Shathak\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"61f9a920327b8f40fa1bc2d9b165962f2c3b96b3363a418adbb92ab1e5840a00"},{"Tag":[{"name":"mwdb:family=\"Shathak\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"379ae624796c82f3d835d0f363e432296ac76c3fe141382c0b334b3f0ce67863"},{"Tag":[{"name":"mwdb:family=\"Shathak\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"34b3fde67a1e94979e0a051d1c7c1e271327f39048ecba5dad6ceddf664b5cd6"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"97d5cf97367c24e2195254026aae9b1788b799891e08471eaa88090debce3e4e"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"8cdec7581a0a85631164424381ad06a8249426638c8ed2f705fd6ac37da2e38a"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"15e0762d87a842a2d13df996abe91d5d38a2590d39422a7aa4399f1faf13d36c"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"a49d0ce9c361e9b1298ac9c569d9437e2d4741af113bb42752d0390c95213b58"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"9bb4b56b2c12e1ac0a5ffd5dc7d9d8f02722a0ddd99c405c995681c7b8c8d90d"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"37147eb2920041bb49c70cd88dc0bb5bef7f07bbf4ab40ec4ea8b3641ea98209"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"9aa3ecf7898d6cd94135d4f9bb747c7e58203856cf11b829867eed45275d3a00"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"186db33ac859c18f816ebb511e26048e4cb319e6af22887d91ba654d01dd1e84"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"13bf5b7fa8cee0d805352032928fe933d954a0466b039ea9877583a6bd7f586b"},{"comment":"Unknown Malware","category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"75151aa41a50cbeb8699b7afe56374aa4b4a232114e4c0afbbf00350f2cea2e6"},{"Tag":[{"name":"mwdb:family=\"Ursnif\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"5ef774b675222c112ab39af957a898ffc0c1c6e345ba960ec784c0affac7817c"},{"Tag":[{"name":"mwdb:family=\"Ursnif\""}],"category":"Payload delivery","deleted":false,"disable_correlation":false,"distribution":"5","object_id":"0","object_relation":null,"sharing_group_id":"0","to_ids":true,"type":"sha256","value":"bfb06bb73779cab8565e39cf4fc0aa4f099350a8eaeb0b447c9409cba0dfdba4"}],"analysis":"0","date":"2020-10-07","disable_correlation":false,"distribution":"0","extends_uuid":"","info":"Daily IoCs for 2021-04-17","locked":false,"proposal_email_lock":false,"publish_timestamp":"0","published":false,"sharing_group_id":"0","threat_level_id":"4"}}