General
-
Target
Fwd_ Urgent notice canclation notice_update now.msg
-
Size
113KB
-
MD5
ff52f54c900ef612fc781bb25f42170b
-
SHA1
de7919de57dfc695f8b98a32a36c361d92a7af30
-
SHA256
3c96c851179cfd69679e7bcc1b28ee0095df044c9bc692bc4e6b0c0541649cbd
-
SHA512
811a1f31c80ebbc4101bedaf6089e35dfc175b4b2dee61f1d33231175b021dfd35c8378c5988eb4cca42cbbec60a93bf8244b12cc23f9b0c879b5cc07e2a7cd9
-
SSDEEP
1536:C1Tt8WvW3WYVWAc64jc64Lc64JmbQSc9W4WEuGx58uG+2AcL5tV5kvQMh:C1TtSE3uGxGuG+2A4V5kvQMh
Malware Config
Signatures
Files
-
Fwd_ Urgent notice canclation notice_update now.msg
-
https://Opcsa-outlook.office.com/Opcsa/inbox/id/AAQkADVlMWQ3ZmM1LWExNWUtNDk4YS05YjlkLTAwOGY1YjYxNDdhZQAQADFCPNUfG%2BdCgMu7xoAlNcQ%3D
-
https://eu1.proofpointessentials.com/app/report_spam.php?mod_id=11&mod_option=logitem&report=1&type=easyspam&k=k1&payload=53616c7465645f5f127fbdb0904bef2994b22efa4a55cbdd16b0354a23c494179a6c25d0d171fe7228fd2a0c1d2eedcab8505b1a19df712e24ab6a9b7fb17f8344f0540cef846667acfb35b8c8da39f319c3d00fe956f97d443a6887990da048a55fb2820bdf89d35fab65c4f1f2979a840f5fb0e2c0130f2ebad64a722d33b24709f2e522232f5b8d25b15a766bc098
-
https://eu1.proofpointessentials.com/app/report_spam.php?mod_id=11&mod_option=logitem&report=1&type=easyspam&k=k1&payload=53616c7465645f5f127fbdb0904bef2994b22efa4a55cbdd16b0354a23c494179a6c25d0d171fe7228fd2a0c1d2eedcab8505b1a19df712e24ab6a9b7fb17f8344f0540cef846667acfb35b8c8da39f319c3d00fe956f97d443a6887990da048a55fb2820bdf89d35fab65c4f1f2979a840f5fb0e2c0130f2ebad64a722d33b24709f2e522232f5b8d25b15a766bc098
-
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CyRiOTwJjZd7nMb2koPMPsuCUmAqyyKOtdLOe-7_dEc6Focr2ARABIIaPgAJgt4SAgPQwoAGCjIGJKcgBBqkCtPCaCrOWbD6oAwGqBO0BT9B7t6l6CqJDxrd8YVByT7tc2dsV0TqfJ1_GykBgeYiahFHhxxgW3wTURhgL-tAQtJY2FRhOBpyxZv0ADKWztmv7dbGm3em3Z0E708ZruC5b62KNfytYSZVfKb1Tf5O68tyRsd3arsovNTWRthdXLEreCI9OJUgh4sSaQ8RvY71psPrqnEHVohd-GtDHRkq5IIHaLoiMLwFyo4etBYyOIkSxZBC4-0B2hewVQOWMW5i7laQ7T5rdop7fZeY2p_ADv9R55EmqFewee7yzCdWhaqNxk-08B0OpOioZ75BYTbdjKHV6hL9kK_YNgQwLwAT06-Hb2QSIBe75g7RMkAYBoAY32AYCgAeCxNHoA4gHAZAHAqgH2baxAqgH4p6xAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAf0mbECqAfmmrECqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAItOipBKgIAbAIArgIAdIIHAiAgICABBACGEIyAoAEOge_8YCAgIBESLfmvyGxCcoaOoGdkD0qgAoTmAsByAsF0AstgAwBogwUKhIKEOS0sQLutbECtbixAru7sQLSDAIIAegMCZoNAS2qDQJOR8gNAdgTDIIUERoPbWFpbC5nb29nbGUuY29tqBUH0BUBmBYB-BYBgBcBuhcCEAE&gclid=CjwKCAiA9ourBhAVEiwA3L5RFgn7euqyDdZN4GkkyO2LQmDf013OYVzEBgezrsfATdCpsszHFoawIRoCmkMQAvD_BwE&cit=CkUKCQiA9ourBhDRARI0AAqinVblpJcV6hFdI6WOA2AnhGqpxF80GubQcgDQWzv_iw9RxvXDM10y5brpKyPNYPjmTBoCGw_w_wcB&num=1&cid=CAQSIgDICaaNNWlrFPVRVO5FNn8zxEPkVnKT9wxodEhzrNIxD5oYAQ&sig=AOD64_23cH0DCJLByH5G6DznpTBH4lKXmw&client=ca-gmail&label=gmail_message_ad_external_click&adurl=https%3A%2F%2Frzbz-rzbz.mailaccountonlinevalidationaccount.com/?s=ai5ub3dha0BvcGNzYS5jb20=
-
http://i2a.info
-
http://opcsa.com
-