← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malicious attachment via phishing e-mail
WHITE ceyhun_kivanc_demir 2025-04-08 Modified: 2025-05-08
4
IOCs
LOW VOLUME
Source IP = 168.245.10.205 From = xvfrhxcd.outbound-mail.sendgrid.net Mail Subject = R: R: R: R: R: R: R: New order Attachment Name = SWIFT2024001013.docx SHA1 = 96a491acb5e0ab5d9d1bcb92720382ba9d959e02 SHA256 = 12898ccc6a9cf84dda412ea2bc17de58de6742ffae8392a84294fb7f95fcde27 MD5 = 9db5584eca2b1e730f43a22fe423d3d6
Malicious MacroPhishing E-mailMalware
Indicators of Compromise (4)
All hostname FileHash-MD5 FileHash-SHA1 FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
hostname xvfrhxcd.outbound-mail.sendgrid.net Attachment = SWIFT2024001013.docx (malicious macro) 2025-04-08
FileHash-MD5 9db5584eca2b1e730f43a22fe423d3d6 SWIFT2024001013.docx (malicious macro) 2025-04-08
FileHash-SHA1 96a491acb5e0ab5d9d1bcb92720382ba9d959e02 SWIFT2024001013.docx (malicious macro) 2025-04-08
FileHash-SHA256 12898ccc6a9cf84dda412ea2bc17de58de6742ffae8392a84294fb7f95fcde27 SWIFT2024001013.docx (malicious macro) 2025-04-08