Overview

overview

8

Static

static

8

Quarantine...3).zip

windows7-x64

1

Quarantine...3).zip

windows10-2004-x64

1

attachment-3.eml

windows7-x64

5

attachment-3.eml

windows10-2004-x64

3

445043 - I...3.docm

windows7-x64

4

445043 - I...3.docm

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

attachment-4.eml

windows7-x64

5

attachment-4.eml

windows10-2004-x64

3

attachment-3.eml

windows7-x64

5

attachment-3.eml

windows10-2004-x64

3

445043 - I...3.docm

windows7-x64

4

445043 - I...3.docm

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

attachment-5.eml

windows7-x64

5

attachment-5.eml

windows10-2004-x64

3

445043 - I...3.docm

windows7-x64

4

445043 - I...3.docm

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Quarantined Messages (3).zip

  • Size

    309KB

  • MD5

    b29eb279165defa82c393b8a1054dec6

  • SHA1

    01ebe33135af7fa8d28ad5c6b106f5accd76f747

  • SHA256

    f8ef136c4d3bf1f1a62e2f9968f7f1d9a7260916a8ad739c42696773be24c6a3

  • SHA512

    778581da1ce2be90022f86eba13ccbe5142f7525219db0f307efbfef413d85fdf9282e9facb34587ea66f7818ee0e8488f2b45fe5a7da8a107145d9959db4dbc

  • SSDEEP

    6144:2TVvgahk/pWwyLBXT0rde6GpBeQ4xuTG3kRCwyWmHBuQslVgpiGe:ivgXovBk9qN4AOhwScXgm

Score
8/10
macro

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • Quarantined Messages (3).zip
    .zip
  • Quarantined Messages (2)/217c5e78-6e3e-4458-1f92-08db40e1af67/ae6a1128-5c3c-4a73-b766-3c3838947cf1.eml
    .eml

    • https://www.unum.com/covid-19.

    • https://www.unum.com/covid-19

    • http:/www.acrisurebenefitsgroup.com/

  • attachment-3
    .eml

    • https://www.unum.com/covid-19.

    • https://www.unum.com/covid-19

  • 445043 - IRR Renewal Package 2023.docm
    .docm office2007

    ThisDocument

  • email-html-2.txt
    .html
  • email-plain-1.txt
  • image001.jpg
    .jpg
  • attachment-4
    .eml

    • https://www.unum.com/covid-19.

    • https://www.unum.com/covid-19

    • http:/www.acrisurebenefitsgroup.com/

  • attachment-3
    .eml

    • https://www.unum.com/covid-19.

    • https://www.unum.com/covid-19

  • 445043 - IRR Renewal Package 2023.docm
    .docm office2007

    ThisDocument

  • email-html-2.txt
    .html
  • email-plain-1.txt
  • image001.jpg
    .jpg
  • email-html-2.txt
    .html
  • email-plain-1.txt
  • image001.jpg
    .jpg
  • attachment-5
    .eml

    • https://www.unum.com/covid-19.

    • https://www.unum.com/covid-19

  • 445043 - IRR Renewal Package 2023.docm
    .docm office2007

    ThisDocument

  • email-html-2.txt
    .html
  • email-plain-1.txt
  • image001.jpg
    .jpg
  • email-html-2.txt
    .html
  • email-plain-1.txt
  • image001.jpg
    .jpg