flash

Result Threat Antivirus Icon Time & Date Name Info Class Graph Actions
malicious
17%
15.04.2020 16:49:25
Purchase Order Potter Group.pps
malicious
3%
15.04.2020 16:45:27
New document 1.vbs
clean
0%
15.04.2020 16:42:49
https://confluence.atlassian.com/x/YzcWN
suspicious
None
15.04.2020 16:41:14
http://Received: from QB1PR01MB2481.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:1::46) by YQXPR0101MB1640.CANPRD01.PROD.OUTLOOK.COM with HTTPS via YQBPR0101CA0069.CANPRD01.PROD.OUTLOOK.COM; Wed, 15 Apr 2020 14:14:45 +0000 Authentication-Results: sait.ca; dkim=none (message not signed) header.d=none;sait.ca; dmarc=none action=none header.from=sait.ca; Received: from QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM (52.132.88.27) by QB1PR01MB2481.CANPRD01.PROD.OUTLOOK.COM (52.132.86.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.17; Wed, 15 Apr 2020 14:14:45 +0000 Received: from QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM ([fe80::f8fd:e356:d821:982]) by QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM ([fe80::f8fd:e356:d821:982%7]) with mapi id 15.20.2900.028; Wed, 15 Apr 2020 14:14:45 +0000 Content-Type: application/ms-tnef;%20name=%22winmail.dat%22%20Content-Transfer-Encoding:%20binary%20From:%20Annie%20Wang%20%3Cannie.wang@sait.ca%3E%20To:%20Paul%20Usama%20%3CPaul.Usama@sait.ca%3E%20CC:%20Khalid%20Hamid%20%3Ckhalid.hamid@sait.ca%3E%20Subject:%20FW:%20Request%20Thread-Topic:%20Request%20Thread-Index:%20AQHWEyzA4jgENnq9JEOiN/CHgRpn/qh6ObZg%20Date:%20Wed,%2015%20Apr%202020%2014:14:44%20+0000%20Message-ID:%20%20%3CQB1PR01MB36014112F306F488D7D5C13D85DB0@QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM%3E%20References:%20%20%3CCAK09crAjxKAOqfXUbr8do0QpyYyx=gJQf2O=k8hcOe6rxyjxHg@mail.gmail.com%3E%20In-Reply-To:%20%20%3CCAK09crAjxKAOqfXUbr8do0QpyYyx=gJQf2O=k8hcOe6rxyjxHg@mail.gmail.com%3E%20Accept-Language:%20en-CA,%20en-US%20Content-Language:%20en-US%20X-MS-Has-Attach:%20X-MS-Exchange-Organization-SCL:%20-1%20X-MS-TNEF-Correlator:%20%20%3CQB1PR01MB36014112F306F488D7D5C13D85DB0@QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM%3E%20MIME-Version:%201.0%20X-MS-Exchange-Organization-MessageDirectionality:%20Originating%20X-MS-Exchange-Organization-AuthSource:%20QB1PR01MB3601.CANPRD01.PROD.OUTLOOK.COM%20X-MS-Exchange-Organization-A... (truncated)
Incomplete analysis
None
15.04.2020 16:40:14
http://teamsites.celgene.com/sites/Thalidomide
clean
None
15.04.2020 16:39:00
Depature Sign Pilot Scope Approved TS 041420.pdf
clean
None
15.04.2020 16:38:35
2004-545973.pdf
clean
1%
15.04.2020 16:37:55
http://www.altn.com/ndr/
clean
0%
15.04.2020 16:35:29
https://infograph.venngage.com/pl/THqXYKVRQlk
malicious
Remcos FormBook
45%
15.04.2020 16:34:44
SBA_Payroll_Protection_Application_Documents_Prom_Note_Benef.exe
clean
1%
15.04.2020 16:34:44
http://config.htestspeedhere.com/
Incomplete analysis
None
15.04.2020 16:33:17
https://u15783618.ct.sendgrid.net/ls/click?upn=oOBr0oxNVHgKNkZISVr-2B0-2FdwDZepcjqYYa8OM8-2Bdj-2B0op72skhZ8ZujnH6YR-2BFz2wSJ4R3B0OBJAKfRnuaCr0w-3D-3D2e-h_3lBBdh8Og6Kl48UBegsBMmxFHxXiyvALlJ08L2TlIsBwQXFfJ9tqmlei7T9mCSiVNDik0yEDAK1cQRVAV4buXCcolHedn7xdKGZ3jdA8L-2BUt-2F5WPAyoDevuB97OEyQpIV2oyjD-2FaNeTZyRjjLznwLePzHH3YhsaFU7vT6Vdo0UQn6B7Gj4d0NQYQQmrTtGC-2Bbr-2F-2FuQnOT7osoIMF4NxoVwjlUJw0iB1aOcPXPXGRkAnvXxPah7gOyCIf11h-2FStb1Z2jQKsJ7XNTOKW2-2FM3R65KpdF1b0g7aplho-2F7hNIfhLjVvqh42D0CzHhsCl1zBB4Rstglc2Pdds2IDxLPNpk5FG6EU-2B4KzUAyGybH-2FfSqZzY2VtF596Ijqxtxdc2TZAlN4w04TE-2BXNx4hszJx3U6dbPLZs80p-2B-2FYByukTbDaMXyc0onC4rSV9MTVx5d51P2HD7eWDYT3K1dMIBmyzQWWHDPdio37h8VkuzVpoDWZ5iB3FDDgQYfOQ00W0YAYeXga2jjc7v0vpw4AuUa9xYsNtRyZiqCS-2FOQQP2-2F18tWKQLj7pAOlpW0ExhuLrsmIRjKHCDLmrizjDH-2Fs8-2FuNMG80okG0fMWQI-2Ba-2BndPt-2FcNvNNWnS1DiTxEBl4rT7zYK1TrUhuT0ucmb2OMqUnJ1FDlPZmtiMDHafRuhSsgz7uTjG-2Fc-3D
malicious
3%
15.04.2020 16:31:22
https://townebank.azurefd.net/voiceindex/#dsmoker@merchantsbangor.com
clean
0%
15.04.2020 16:30:52
https://cnt1a.blob.core.windows.net/cont/sharepoint.html?sp=r&st=2020-04-09T19:27:18Z&se=2020-04-10T03:27:18Z&spr=https&sv=2019-02-02&sr=b&sig=KhZX8Zk886A90EjxuFYUWUA5mvn36euvvoBZqWwJNdU%3D
malicious
24%
15.04.2020 16:28:31
t6b5Sn6wFd.ppt
clean
2%
15.04.2020 16:24:46
SDL.dll
clean
0%
15.04.2020 16:23:25
install.bat
suspicious
0%
15.04.2020 16:23:24
AppSetupSilent.exe
malicious
9%
15.04.2020 16:22:38
Avviso di pagamento 683 del 15_04_2020 (002).xls
malicious
AgentTesla
51%
15.04.2020 16:18:13
Vessel Details.xlsm
Windows:
InjectsHas kernel mode componentDrops PE FilesHas more than one ProcessHas Email attachmentDisassembly is available
Android: Receives SMS Sends SMS Reboot Native CMD
Common: Generates Internet Traffic Generates HTTP Network Traffic Expired Sample