General
-
Target
https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=HandyRideapps%40fresno.gov&senderemailaddress=pa.lee%40orchardpa.com&senderorganization=AwGGAAAAAoIAAAADAQAAAI6vJ0OF10BOtsSiHxVfbwhPVT1wcm92aWRlbmNlZ3JvdXAub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjEyQTAxMCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NJAgFoODNV0ak0NFXVZiI6kNOPUNvbmZpZ3VyYXRpb24sQ049cHJvdmlkZW5jZWdyb3VwLm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIxMkEwMTAsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE%3d&messageid=%3cDM4PR12MB6277C1F1B0F1F44EEB23062896F92%40DM4PR12MB6277.namprd12.prod.outlook.com%3e&cfmRecipient=SystemMailbox%7b6C0A1EFA-EC06-4AF8-8120-E8DF728D24A6%7d%40providencegroup.onmicrosoft.com&consumerEncryption=false&senderorgid=93c1680b-e1a5-4495-a6ba-9d1d4ea523b0&urldecoded=1&e4e_sdata=ts5wLX2LW98Md%2b1FpNMHOOGUsEzzPfFjmMIMuICMklsEL3N2CAyckz5Gs9pQpIc4SJWXHj%2bp1SuVei4FobErncsACpBCJ9aN7N3LA1BOD92KB15oLKBakuPF%2b73VqP%2bZ31xUwNKMlrHto2gD2UMZ9xh8yO5m5TP2YjplOKykaG3VpY%2fJeoutKRAcDdHk5m9V2M6Qy12OixinCG15jjhlMi59tc0R4IZ9DmnM%2faFlW0tQEjHkE8lfc72s%2f0RSmRoehmSPkEn3wyC%2fP89VvpyUXOMoWSgeTodtEW%2fUv1jO4YDveWXxvywBAkb4NTs4wzDabgN4w7%2f4nOnXsPtQLBp5mQ%3d%3d
Malware Config
Signatures
-
A potential corporate email address has been identified in the URL: [email protected]