Overview

overview

5

Static

static

1

triage-rep...om.zip

windows7-x64

1

triage-rep...om.zip

windows10-2004-x64

1

triage-rep...YF.png

windows7-x64

3

triage-rep...YF.png

windows10-2004-x64

3

triage-rep...BZ.png

windows7-x64

3

triage-rep...BZ.png

windows10-2004-x64

3

triage-rep...y.html

windows7-x64

1

triage-rep...y.html

windows10-2004-x64

1

triage-rep...dy.txt

windows7-x64

1

triage-rep...dy.txt

windows10-2004-x64

1

triage-rep...rs.eml

windows7-x64

5

triage-rep...rs.eml

windows10-2004-x64

3

triage-rep...al.eml

windows7-x64

5

triage-rep...al.eml

windows10-2004-x64

3

Document s...PM.eml

windows7-x64

5

Document s...PM.eml

windows10-2004-x64

1

NZULDWSGTRLIMBYF.png

windows7-x64

3

NZULDWSGTRLIMBYF.png

windows10-2004-x64

3

QPUZCOJSNTIUBZ.png

windows7-x64

3

QPUZCOJSNTIUBZ.png

windows10-2004-x64

3

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

triage-rep...aw.eml

windows7-x64

5

triage-rep...aw.eml

windows10-2004-x64

3

NZULDWSGTRLIMBYF.png

windows7-x64

3

NZULDWSGTRLIMBYF.png

windows10-2004-x64

3

QPUZCOJSNTIUBZ.png

windows7-x64

3

QPUZCOJSNTIUBZ.png

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    triage-report_17288-casillas_AT_hon204_com.zip

  • Size

    52KB

  • MD5

    0e71860c2514053700b12dcbe71ec33f

  • SHA1

    ed4f4f2624bfec8b0993a7c1904f77a84560bdd3

  • SHA256

    c8b48e18f0a263c9ab8f361c09b482057df689380032c34192fc784d54408043

  • SHA512

    a86c6036fa3cb1b21ed301b00f258d90c1ecbf492797e287113e0b8998ca09c4e63d6f1acbfb0e83461ff80540c7132b82fa45c1c27f3b56f2523ac4b8519254

  • SSDEEP

    768:R/d+/ZDVUihbAXwhuIO53M0YetXWzLP/tIuStgFw0fyxsa:7+/ZZUngTQ80YaXuP/tI5qFw4y+a

Score
1/10

Malware Config

Signatures

Files

  • triage-report_17288-casillas_AT_hon204_com.zip
    .zip

    Password: infected

  • triage-report_17288-casillas_AT_hon204_com/attachments/NZULDWSGTRLIMBYF.png
    .png
  • triage-report_17288-casillas_AT_hon204_com/attachments/QPUZCOJSNTIUBZ.png
    .png
  • triage-report_17288-casillas_AT_hon204_com/body.html
    .html
  • triage-report_17288-casillas_AT_hon204_com/body.txt
  • triage-report_17288-casillas_AT_hon204_com/headers.txt
    .eml
  • triage-report_17288-casillas_AT_hon204_com/original.eml
    .eml

    • https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=

    • https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=

    • https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=bbeep%E3%80%82cl/dev/igocaagn/Y2hyaXN0aW5lLmRhbHRvbkBzZW5lY2Fjb2xsZWdlLmNh#<FONT

    • http://www.ne16.com/t/45738038/1649292533/99583094/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=d8116c57

    • http://www.ne16.com/t/45738038/1649292533/99583095/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=40524888

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/desktop.jpg

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/mobile.jpg

    • http://www.ne16.com/do/45738038/1649292533/1005571/1.gif?x=04e2c159

    • Show all
  • Document shared with you Senecacollege Distribution Payoff B.V. & PLS Fr=ay-February-2024 1322 PM.eml
    .eml

    • https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=

    • https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=

    • https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=bbeep%E3%80%82cl/dev/igocaagn/Y2hyaXN0aW5lLmRhbHRvbkBzZW5lY2Fjb2xsZWdlLmNh#

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/desktop.jpg]

    • http://www.ne16.com/t/45738038/1649292533/99583094/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=d8116c57

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/mobile.jpg]

    • http://www.ne16.com/t/45738038/1649292533/99583095/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=40524888

    • https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=bbeep%E3%80%82cl/dev/igocaagn/Y2hyaXN0aW5lLmRhbHRvbkBzZW5lY2Fjb2xsZWdlLmNh#<FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT>&e=7222055419&elqTrackId=etxgxvbrlikzrtunrjao&elq=7##char20##&elqaid=208402&elqat=1&elqcst=272&elqcsid=1506365

  • NZULDWSGTRLIMBYF.png
    .png
  • QPUZCOJSNTIUBZ.png
    .png
  • email-html-2.txt
    .html
  • email-plain-1.txt
  • email-plain-1.txt
  • triage-report_17288-casillas_AT_hon204_com/raw.eml
    .eml

    • https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=

    • https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=

    • https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=bbeep%E3%80%82cl/dev/igocaagn/Y2hyaXN0aW5lLmRhbHRvbkBzZW5lY2Fjb2xsZWdlLmNh#

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/desktop.jpg]

    • http://www.ne16.com/t/45738038/1649292533/99583094/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=d8116c57

    • http://serve.insideindianabusiness.com/creative/114/2024-01-26/mobile.jpg]

    • http://www.ne16.com/t/45738038/1649292533/99583095/0/1005571/?f5d63f87=V2Vla2x5JTIwTGluZXVwJTIwLSUyMDIwMjQtMDEtMjY&x=40524888

    • https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=bbeep%E3%80%82cl/dev/igocaagn/Y2hyaXN0aW5lLmRhbHRvbkBzZW5lY2Fjb2xsZWdlLmNh#<FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT><FONT id={igocaagn}>‏<STRONG>igocaagn</STRONG>‎</FONT>&e=7222055419&elqTrackId=etxgxvbrlikzrtunrjao&elq=7##char20##&elqaid=208402&elqat=1&elqcst=272&elqcsid=1506365

  • NZULDWSGTRLIMBYF.png
    .png
  • QPUZCOJSNTIUBZ.png
    .png
  • email-html-2.txt
    .html
  • email-plain-1.txt
  • triage-report_17288-casillas_AT_hon204_com/urls.txt