Static task
static1
Behavioral task
behavioral1
Sample
require.05.20.doc
Resource
win7v200430
Behavioral task
behavioral2
Sample
require.05.20.doc
Resource
win10v200430
General
-
Target
email.zip
-
Size
656KB
-
MD5
f5ff4bd765f59fc7a5f9e30a4bd02fdd
-
SHA1
2022a4cffeb6ba5372ce63a24427717b7b8d69fc
-
SHA256
7c5e3fb421331b44461fb1a324c85feca52dbe117639c39fed6d5097f151d300
-
SHA512
3aa554fcee8b55bd781c110c901069cba520cdfed5ccefd3b934242b7a6ae3ce6c8c40a7a2dd4ef66b424de4a67300a5ea0448bf56b930391ec6c2d1f52a7235
Malware Config
Signatures
Files
-
email.zip.zip
Password: infected
-
atelierhealth_emails/[External] [Not Virus Scanned] Re DO NOT TURN ON THE AC TODAY.eml.eml
-
Atelierhealthbh.zip.zip
Password: 446WF
-
require.05.20.doc.doc office2007
-
email-html-2.txt
-
email-plain-1.txt
-
atelierhealth_emails/[External] [Not Virus Scanned] Re New Message from Southwest Answering Service.eml.eml
-
Atelierhealthbh.zip.zip
Password: 446WF
-
require.05.20.doc.doc office2007
-
email-html-2.txt
-
email-plain-1.txt
-
atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0227577 comments added -- Request access to Cedars-Sinai electronic medical record system.eml.eml
-
https://urldefense.com/v3/__https://csmc.service-now.com/cssp?id=ticket&table=sc_req_item&sys_id=a37b5396db3753845c1f906adb9619c6__;!!KOmnBZxC8_2BBQ!iqmIh9riLm1Hp47hdjC80tflVJyZ1Is72-LFc_FY2CLg4YpHIbleJOYMwLeWjBV7TOI$
-
https://urldefense.com/v3/__https://csmc.service-now.com/cssp__;!!KOmnBZxC8_2BBQ!iqmIh9riLm1Hp47hdjC80tflVJyZ1Is72-LFc_FY2CLg4YpHIbleJOYMwLeWm3o05yc$
-
-
Atelierhealthbh.zip.zip
Password: 446WF
-
require.05.20.doc.doc office2007
-
CS_email_header_eis@2x.png.png
-
email-html-2.txt
-
email-plain-1.txt
-
atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0227578 comments added -- Request access to Cedars-Sinai electronic medical record system.eml.eml
-
https://urldefense.com/v3/__https://csmc.service-now.com/cssp?id=ticket&table=sc_req_item&sys_id=199b1fd2dbf35f8042a3540adc96192f__;!!KOmnBZxC8_2BBQ!iYtYIW0Y4_PCp-Cq9YI7PPYD25uRl11fex_LGk1cBsjzxLi9037BbaXq7xNnDwh1$
-
https://urldefense.com/v3/__https://csmc.service-now.com/cssp__;!!KOmnBZxC8_2BBQ!iYtYIW0Y4_PCp-Cq9YI7PPYD25uRl11fex_LGk1cBsjzxLi9037BbaXq7wa4XqgB$
-
-
Atelierhealthbh.zip.zip
Password: 446WF
-
require.05.20.doc.doc office2007
-
CS_email_header_eis@2x.png.png
-
email-html-2.txt
-
email-plain-1.txt
-
atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system (1).eml.eml
-
atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system (2).eml.eml
-
atelierhealth_emails/[External] [Not Virus Scanned] Re Requested Item RITM0229605 comments added -- Request access to Cedars-Sinai electronic medical record system.eml.eml