General
-
Target
Alerta correo sospechoso y suplantación de imagen TGICorreo Externo Suplantación de datos.msg
-
Size
1.3MB
-
MD5
8d94453fd58ac221354f073028152648
-
SHA1
fc400e827eeb4425d0803d144427648e260e1a43
-
SHA256
87a2429ad52657e1a6f7c288a58e4fbfef3d451d884ff9d2a015d25753b7ce51
-
SHA512
b9ff465d1475e1c14e29ba0c2461984bca72e76db4c435d32fd7e1e56a0e83e6e6d346a07e5994beb36d2f14078b6ba7c5276f30b3e6eb745b25e5b417e24b3d
-
SSDEEP
24576:ZXYQnlUsM3o0E9HjPCBGZqG/x5EC34Ssxz+T7JLuwWYzZD:lVMYNjPCBGbye7UwWYND
Malware Config
Signatures
Files
-
Alerta correo sospechoso y suplantación de imagen TGICorreo Externo Suplantación de datos.msg
-
http://geb.com.co
-
https://go.microsoft.com/fwlink/?Linkid=844050
-
https://go.microsoft.com/fwlink/p/?linkid=857875
-
https://outlook.office365.com/Encryption/lock.png
-
https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cBN6PR08MB34112534B349B0EC6D25ACE5F21FA%40BN6PR08MB3411.namprd08.prod.outlook.com%3e
-
https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cBN6PR08MB34112534B349B0EC6D25ACE5F21FA%40BN6PR08MB3411.namprd08.prod.outlook.com%3e
-
-
message.rpmsg