Overview

overview

10

Static

static

require.05.20.doc

windows7_x64

10

require.05.20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    email.zip

  • Size

    656KB

  • MD5

    f5ff4bd765f59fc7a5f9e30a4bd02fdd

  • SHA1

    2022a4cffeb6ba5372ce63a24427717b7b8d69fc

  • SHA256

    7c5e3fb421331b44461fb1a324c85feca52dbe117639c39fed6d5097f151d300

  • SHA512

    3aa554fcee8b55bd781c110c901069cba520cdfed5ccefd3b934242b7a6ae3ce6c8c40a7a2dd4ef66b424de4a67300a5ea0448bf56b930391ec6c2d1f52a7235

Score
N/A

Malware Config

Signatures

Files

  • email.zip
    .zip

    Password: infected

  • atelierhealth_emails/[External] [Not Virus Scanned] Re DO NOT TURN ON THE AC TODAY.eml
    .eml
  • Atelierhealthbh.zip
    .zip

    Password: 446WF

  • require.05.20.doc
    .doc office2007
  • email-html-2.txt
  • email-plain-1.txt
  • atelierhealth_emails/[External] [Not Virus Scanned] Re New Message from Southwest Answering Service.eml
    .eml
  • Atelierhealthbh.zip
    .zip

    Password: 446WF

  • require.05.20.doc
    .doc office2007
  • email-html-2.txt
  • email-plain-1.txt
  • atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0227577 comments added -- Request access to Cedars-Sinai electronic medical record system.eml
    .eml

    • https://urldefense.com/v3/__https://csmc.service-now.com/cssp?id=ticket&table=sc_req_item&sys_id=a37b5396db3753845c1f906adb9619c6__;!!KOmnBZxC8_2BBQ!iqmIh9riLm1Hp47hdjC80tflVJyZ1Is72-LFc_FY2CLg4YpHIbleJOYMwLeWjBV7TOI$

    • https://urldefense.com/v3/__https://csmc.service-now.com/cssp__;!!KOmnBZxC8_2BBQ!iqmIh9riLm1Hp47hdjC80tflVJyZ1Is72-LFc_FY2CLg4YpHIbleJOYMwLeWm3o05yc$

  • Atelierhealthbh.zip
    .zip

    Password: 446WF

  • require.05.20.doc
    .doc office2007
  • CS_email_header_eis@2x.png
    .png
  • email-html-2.txt
  • email-plain-1.txt
  • atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0227578 comments added -- Request access to Cedars-Sinai electronic medical record system.eml
    .eml

    • https://urldefense.com/v3/__https://csmc.service-now.com/cssp?id=ticket&table=sc_req_item&sys_id=199b1fd2dbf35f8042a3540adc96192f__;!!KOmnBZxC8_2BBQ!iYtYIW0Y4_PCp-Cq9YI7PPYD25uRl11fex_LGk1cBsjzxLi9037BbaXq7xNnDwh1$

    • https://urldefense.com/v3/__https://csmc.service-now.com/cssp__;!!KOmnBZxC8_2BBQ!iYtYIW0Y4_PCp-Cq9YI7PPYD25uRl11fex_LGk1cBsjzxLi9037BbaXq7wa4XqgB$

  • Atelierhealthbh.zip
    .zip

    Password: 446WF

  • require.05.20.doc
    .doc office2007
  • CS_email_header_eis@2x.png
    .png
  • email-html-2.txt
  • email-plain-1.txt
  • atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system (1).eml
    .eml
  • atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system (2).eml
    .eml
  • atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system.eml
    .eml