Timestamps (between):
2018-06-18T17:52:54
2018-06-18T20:16:49
’From’ address:
mcvane <shanelle.mcvane@renwickslu[.]com>
Subject lines
New order
Sender IP and GEO:
66.85.173.27, 20454, SECURED SERVERS LLC, US
Headers x-mailer:
Helo:
renwickslu[.]com
Forwarder URLs:
hxxps://www[.]dropbox[.]com/s/kt5u6bzzzqblqdl/order.xlsx.iso?dl=1
hxxps://www[.]dropbox[.]com/s/i28nvu4sn7h7bgk/ORDER.XLSX%20-%20Copy.iso?dl=1
https://urlhaus.abuse.ch/url/20721/
https://urlhaus.abuse.ch/url/20584/
Attachments:
Name:
new po.iso
new-po.iso
File size:
716800
745472
MD5:
1f181dff2fa89f379a8b44db116bc4c0
7e9f37e5f158da505547eff4e3c62a14
SHA1:
ee121aa867914ab3c61f74b5c76da885faadc966
64d40ab189525df83e17c0e506ccd3cf95952188
SHA256:
3378432d7d10ae732fa3ad8cb6b1231a9bc90dfa874b7f24e6d2328708c3fd97
2e8217e50e203586d954e91589c035740e378b8b6032cd04350cf430528c3ceb
SHA512:
a3122768fccb23699b3060ea1fb1f822f4a62aed135fe1569aa7965280b617674cbd9de97701ebb2416cb2374a941aa4c17e3ccfebc9941cf726b0a61579f734
1942003e71266d021f64f1caa294dd83e81c56cee3a4e0a6e114908218cadba212d9f4a43cc0360f7e4973ed8e2ee5dee30aefefddec99bd838c4990cd6a98fa
Type:
ISO 9660 CD-ROM filesystem data ‘new-po’
ISO 9660 CD-ROM filesystem data ‘new po’
Mime:
application/x-iso9660-image