Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

Malicious OneNote files campaign 20230424-01

WHITE DoctorZl0 2023-04-24 Modified: 2023-04-24

12

IOCs

MEDIUM VOLUME

↓ CSV ↓ JSON

Phishing OneNote

Indicators of Compromise (12)

All IPv4 domain FileHash-SHA256 FileHash-MD5 FileHash-SHA1

TYPE	INDICATOR	DESCRIPTION	CREATED
IPv4	94.100.26.139	CC=SG ASN=AS29802 HVC-AS	2023-04-24
domain	bimboophoto.com	—	2023-04-24
FileHash-SHA256	0861d3f77cecd494022492c36106ac9383bac27e29942191acf80f900ea9b2b5	Dropped file	2023-04-24
FileHash-MD5	e71c8443ae0bc2e282c73faead0a6dd3	MD5 of 95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72	2023-04-24
FileHash-SHA1	0c110c1b01e68edfacaeae64781a37b1995fa94b	SHA1 of 95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72	2023-04-24
FileHash-SHA256	95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72	—	2023-04-24
FileHash-SHA256	33cf7f76de3c18dae7d6c9aff7aff3f394151ef55812b68c2152fb2e7921720a	Dropped file	2023-04-24
FileHash-SHA256	fbb7a774336395f24d52ac603db1d61a87cacc8eee9c52e0a693d3652df348f6	—	2023-04-24
FileHash-MD5	9c56fa0aafd93cab6bd9c1d81353cc92	Dropped file	2023-04-24
FileHash-SHA256	1f390b9dfbe8747d034b134a236cefd673b847d32cb43567595003471c8cdadc	Original malicious OneNote file	2023-04-24
domain	amenezes.com	—	2023-04-24
FileHash-SHA256	fbb7a774336395f24d52ac603db1d61a87cacc8eee9c52e0a693d3652df348f6	The second original malicious OneNote file	2023-04-24