General
-
Target
Quarantined Messages (3).zip
-
Size
309KB
-
MD5
b29eb279165defa82c393b8a1054dec6
-
SHA1
01ebe33135af7fa8d28ad5c6b106f5accd76f747
-
SHA256
f8ef136c4d3bf1f1a62e2f9968f7f1d9a7260916a8ad739c42696773be24c6a3
-
SHA512
778581da1ce2be90022f86eba13ccbe5142f7525219db0f307efbfef413d85fdf9282e9facb34587ea66f7818ee0e8488f2b45fe5a7da8a107145d9959db4dbc
-
SSDEEP
6144:2TVvgahk/pWwyLBXT0rde6GpBeQ4xuTG3kRCwyWmHBuQslVgpiGe:ivgXovBk9qN4AOhwScXgm
Malware Config
Signatures
-
Suspicious Office macro 1 IoCs
Office document equipped with macros.
Files
-
Quarantined Messages (3).zip
-
Quarantined Messages (2)/217c5e78-6e3e-4458-1f92-08db40e1af67/ae6a1128-5c3c-4a73-b766-3c3838947cf1.eml
-
https://www.unum.com/covid-19.
-
https://www.unum.com/covid-19
-
http:/www.acrisurebenefitsgroup.com/
-
-
attachment-3
-
https://www.unum.com/covid-19.
-
https://www.unum.com/covid-19
-
-
445043 - IRR Renewal Package 2023.docm
ThisDocument
-
email-html-2.txt
-
email-plain-1.txt
-
image001.jpg
-
attachment-4
-
https://www.unum.com/covid-19.
-
https://www.unum.com/covid-19
-
http:/www.acrisurebenefitsgroup.com/
-
-
attachment-3
-
https://www.unum.com/covid-19.
-
https://www.unum.com/covid-19
-
-
445043 - IRR Renewal Package 2023.docm
ThisDocument
-
email-html-2.txt
-
email-plain-1.txt
-
image001.jpg
-
email-html-2.txt
-
email-plain-1.txt
-
image001.jpg
-
attachment-5
-
https://www.unum.com/covid-19.
-
https://www.unum.com/covid-19
-
-
445043 - IRR Renewal Package 2023.docm
ThisDocument
-
email-html-2.txt
-
email-plain-1.txt
-
image001.jpg
-
email-html-2.txt
-
email-plain-1.txt
-
image001.jpg