Edit tour
Windows
Analysis Report
attachment(1).eml
Overview
General Information
| Sample name: | attachment(1).eml |
| Analysis ID: | 1541128 |
| MD5: | 0dede3f92bef4730ef21e6e143c87140 |
| SHA1: | 5617a99b3e4d541a36a45f8fe35a3a364601ea08 |
| SHA256: | 1c6d6635a271e90527917b6493ea85c0c7b8011f421ba6338bfe55d91162ca44 |
| Infos: |  |
 | |
Detection
| Score: | 48 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
AI detected phishing page
Connects to many different domains
Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port
Drops PE files
Drops PE files to the windows directory (C:\Windows)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded SVGs detected
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Sigma detected: Outlook Security Settings Updated - Registry
Stores files to the Windows start menu directory
Stores large binary data to the registry
Classification
- System is w10x64_ra
OUTLOOK.EXE (PID: 6152 cmdline: "C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\OUTLO OK.EXE" /e ml "C:\Use rs\user\De sktop\atta chment(1). eml" MD5: 91A5292942864110ED734005B7E005C0) 
ai.exe (PID: 2412 cmdline: "C:\Progra m Files (x 86)\Micros oft Office \root\vfs\ ProgramFil esCommonX6 4\Microsof t Shared\O ffice16\ai .exe" "EED D0B08-3C37 -4EF1-B694 -807A717ED 8F1" "193B A9E5-FC59- 42A9-BD52- 9D566D4EE5 80" "6152" "C:\Progr am Files ( x86)\Micro soft Offic e\Root\Off ice16\OUTL OOK.EXE" " WordCombin edFloatieL reOnline.o nnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD) 
chrome.exe (PID: 1996 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// euroservis .circle.so /c/docs/se cure-9c150 fda-a3b5-4 727-912d-c 98142ae40d a MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3312 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2164 --fi eld-trial- handle=193 6,i,339287 3588386690 937,144044 5761825179 1924,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No yara matches
| Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): | ||
| Source: | Author: frack113: | ||
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
Phishing |   |
|---|
| Source: | LLM: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | Directory created: | ||
| Source: | File created: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Memory has grown: | ||
| Source: | Network traffic detected: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File deleted: | ||
| Source: | Classification label: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File read: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Section loaded: | ||
| Source: | Key value queried: | ||
| Source: | Window found: | ||
| Source: | Window detected: | ||
| Source: | Key opened: | ||
| Source: | Directory created: | ||
| Source: | Static file information: | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | Key value created or modified: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | File Volume queried: | ||
| Source: | Process information queried: | ||
| Source: | Queries volume information: | ||
| Source: | Key value queried: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 DLL Side-Loading | 1 Process Injection | 23 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | 1 Modify Registry | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 Registry Run Keys / Startup Folder | 1 Process Injection | Security Account Manager | 13 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 1 Extra Window Memory Injection | 1 DLL Side-Loading | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 File Deletion | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
| Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Extra Window Memory Injection | Cached Domain Credentials | Wi-Fi Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | ReversingLabs |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| static.cloudflareinsights.com | 104.16.79.73 | true | false | unknown | |
| rsms.me | 104.21.234.234 | true | false | unknown | |
| euroservis.basiic.net | 188.114.97.3 | true | true | unknown | |
| z-p42-instagram.c10r.instagram.com | 157.240.0.174 | true | false | unknown | |
| platform.twitter.map.fastly.net | 199.232.188.157 | true | false | unknown | |
| stats.g.doubleclick.net | 74.125.133.156 | true | false | unknown | |
| partnerlinks.io | 104.18.31.133 | true | false | unknown | |
| rum-static.pingdom.net | 104.22.54.104 | true | false | unknown | |
| scontent.xx.fbcdn.net | 157.240.0.6 | true | false | unknown | |
| code.jquery.com | 151.101.130.137 | true | false | unknown | |
| cdnjs.cloudflare.com | 104.17.24.14 | true | false | unknown | |
| stripe.com | 54.76.53.164 | true | false | unknown | |
| sni1gl.wpc.omegacdn.net | 152.199.21.175 | true | false | unknown | |
| www.google.com | 142.250.186.68 | true | false | unknown | |
| grsm.io | 104.18.10.212 | true | false | unknown | |
| stackpath.bootstrapcdn.com | 104.18.10.207 | true | false | unknown | |
| 5102487645.my.id | 162.241.71.126 | true | false | unknown | |
| a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
| sessions.bugsnag.com | 35.190.88.7 | true | false | unknown | |
| maxcdn.bootstrapcdn.com | 104.18.10.207 | true | false | unknown | |
| s-part-0017.t-0009.fb-t-msedge.net | 13.107.253.45 | true | false | unknown | |
| stripecdn.map.fastly.net | 151.101.128.176 | true | false | unknown | |
| euroservis.circle.so | 104.18.39.141 | true | false | unknown | |
| prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com | 54.228.145.139 | true | false | unknown | |
| ger.file.myqcloud.com | 162.62.150.187 | true | false | unknown | |
| m.stripe.com | 54.200.229.67 | true | false | unknown | |
| challenges.cloudflare.com | 104.18.94.41 | true | false | unknown | |
| dexeqbeb7giwr.cloudfront.net | 3.161.82.129 | true | false | unknown | |
| analytics.google.com | 142.250.186.142 | true | false | unknown | |
| td.doubleclick.net | 216.58.212.130 | true | false | unknown | |
| js.partnerstack.com | 104.18.6.218 | true | false | unknown | |
| instagram.c10r.instagram.com | 157.240.251.63 | true | false | unknown | |
| cdn.embedly.com | unknown | unknown | false | unknown | |
| m.stripe.network | unknown | unknown | false | unknown | |
| 5102487645-1323985617.cos.eu-frankfurt.myqcloud.com | unknown | unknown | false | unknown | |
| platform.instagram.com | unknown | unknown | false | unknown | |
| platform.twitter.com | unknown | unknown | false | unknown | |
| aadcdn.msftauth.net | unknown | unknown | false | unknown | |
| rum-collector-2.pingdom.net | unknown | unknown | false | unknown | |
| connect.facebook.net | unknown | unknown | false | unknown | |
| www.instagram.com | unknown | unknown | false | unknown | |
| js.stripe.com | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown | ||
| true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 142.250.186.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 151.101.0.176 | unknown | United States | 54113 | FASTLYUS | false | |
| 35.190.88.7 | sessions.bugsnag.com | United States | 15169 | GOOGLEUS | false | |
| 151.101.130.137 | code.jquery.com | United States | 54113 | FASTLYUS | false | |
| 2.19.126.160 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
| 151.101.66.137 | unknown | United States | 54113 | FASTLYUS | false | |
| 157.240.0.174 | z-p42-instagram.c10r.instagram.com | United States | 32934 | FACEBOOKUS | false | |
| 35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
| 162.241.71.126 | 5102487645.my.id | United States | 26337 | OIS1US | false | |
| 34.104.35.123 | unknown | United States | 15169 | GOOGLEUS | false | |
| 1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
| 54.228.145.139 | prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com | United States | 16509 | AMAZON-02US | false | |
| 18.245.86.52 | unknown | United States | 16509 | AMAZON-02US | false | |
| 104.21.234.234 | rsms.me | United States | 13335 | CLOUDFLARENETUS | false | |
| 104.18.95.41 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 151.101.128.176 | stripecdn.map.fastly.net | United States | 54113 | FASTLYUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 188.114.97.3 | euroservis.basiic.net | European Union | 13335 | CLOUDFLARENETUS | true | |
| 3.161.82.129 | dexeqbeb7giwr.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
| 142.250.186.142 | analytics.google.com | United States | 15169 | GOOGLEUS | false | |
| 152.199.21.175 | sni1gl.wpc.omegacdn.net | United States | 15133 | EDGECASTUS | false | |
| 199.232.188.157 | platform.twitter.map.fastly.net | United States | 54113 | FASTLYUS | false | |
| 142.250.184.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.72 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.18.31.133 | partnerlinks.io | United States | 13335 | CLOUDFLARENETUS | false | |
| 74.125.133.156 | stats.g.doubleclick.net | United States | 15169 | GOOGLEUS | false | |
| 104.18.10.207 | stackpath.bootstrapcdn.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 172.217.18.14 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.18.94.41 | challenges.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 216.58.206.36 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.202 | unknown | United States | 15169 | GOOGLEUS | false | |
| 157.240.0.6 | scontent.xx.fbcdn.net | United States | 32934 | FACEBOOKUS | false | |
| 142.250.185.163 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.18.39.141 | euroservis.circle.so | United States | 13335 | CLOUDFLARENETUS | false | |
| 52.109.89.19 | unknown | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 157.240.251.63 | instagram.c10r.instagram.com | United States | 32934 | FACEBOOKUS | false | |
| 104.16.90.50 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 13.89.178.26 | unknown | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 104.16.79.73 | static.cloudflareinsights.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 216.58.212.130 | td.doubleclick.net | United States | 15169 | GOOGLEUS | false | |
| 172.217.18.10 | unknown | United States | 15169 | GOOGLEUS | false | |
| 216.239.36.178 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.186.99 | unknown | United States | 15169 | GOOGLEUS | false | |
| 52.113.194.132 | unknown | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 104.17.24.14 | cdnjs.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 104.18.10.212 | grsm.io | United States | 13335 | CLOUDFLARENETUS | false | |
| 13.107.253.45 | s-part-0017.t-0009.fb-t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 54.76.53.164 | stripe.com | United States | 16509 | AMAZON-02US | false | |
| 104.22.55.104 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 142.250.185.136 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.18.6.218 | js.partnerstack.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 157.240.251.9 | unknown | United States | 32934 | FACEBOOKUS | false | |
| 104.18.11.207 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 142.250.185.170 | unknown | United States | 15169 | GOOGLEUS | false | |
| 162.62.150.176 | unknown | Singapore | 132203 | TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN | false | |
| 64.233.184.84 | unknown | United States | 15169 | GOOGLEUS | false | |
| 184.28.90.27 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
| 142.250.186.168 | unknown | United States | 15169 | GOOGLEUS | false | |
| 54.200.229.67 | m.stripe.com | United States | 16509 | AMAZON-02US | false | |
| 104.22.54.104 | rum-static.pingdom.net | United States | 13335 | CLOUDFLARENETUS | false |
| IP |
|---|
| 192.168.2.16 |
| Joe Sandbox version: | 41.0.0 Charoite |
| Analysis ID: | 1541128 |
| Start date and time: | 2024-10-24 13:39:03 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 12 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | stream |
| Analysis stop reason: | Timeout |
| Sample name: | attachment(1).eml |
| Detection: | MAL |
| Classification: | mal48.phis.winEML@33/39@124/557 |
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe
- Excluded IPs from analysis (whitelisted): 52.113.194.132
- Excluded domains from analysis (whitelisted): ecs.office.com, slscr.update.microsoft.com, s-0005.s-msedge.net, ecs.office.trafficmanager.net, s-0005-office.config.skype.com, ecs-office.s-0005.s-msedge.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtQueryAttributesFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
- VT rate limit hit for: attachment(1).eml
| Input | Output |
|---|---|
| URL: Model: claude-3-5-sonnet-20240620 | {
"explanation": [
"The email appears to be a legitimate file sharing notification from a known sender (Furio Sterni) within the same company (Euroservis)",
"The email contains standard company disclaimers and privacy notices, which are typical for legitimate business communications",
"The email is generated through Microsoft 365, a common business email platform, and doesn't contain suspicious external links"
],
"phishing": false,
"confidence": 8
} |
Is this email content a phishing attempt? Please respond only in valid JSON format:
Email content converted to JSON:
{
"date": "Thu, 24 Oct 2024 11:35:52 +0200",
"subject": "I: Furio Sterni ha condiviso la cartella \"Documentazione\" con te",
"communications": [
" Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante CAUTION: This email sent from an EXTERNAL SENDER. Please BE CAREFUL to links and attachments! Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. /* Font Definitions */ @font-face {font-family:\"Cambria Math\"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:userbri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Aptos;} @font-face {font-family:\"Segoe UI Emoji\"; panose-1:2 11 5 2 4 2 4 2 2 3;} @font-face {font-family:\"Avenir Next LT Pro\";} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; font-size:12.0pt; font-family:\"Aptos\",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} span.entitydelimiterbefore {mso-style-name:entitydelimiterbefore;} span.entity {mso-style-name:_entity;} span.entitydelimiterafter {mso-style-name:entitydelimiterafter;} span.EmailStyle22 {mso-style-type:personal-compose; font-family:\"Times New Roman\",serif; color:black;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt; mso-ligatures:none;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --> Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante CAUTION: This email sent from an EXTERNAL SENDER. Please BE CAREFUL to links and attachments! Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante Non ricevi spesso messaggi di posta elettronica da furio.sterni@euroservis.eu. Scopri perch importante Scopri perch importante https://aka.ms/LearnAboutSenderIdentification CAUTION: This email sent from an EXTERNAL SENDER. Please BE CAREFUL to links and attachments! Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. CAUTION: This email sent from an EXTERNAL SENDER. Please BE CAREFUL to links and attachments! CAUTION: Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Salve, Vedi allegato. Grazie. FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Salve, Salve, Salve, Vedi allegato. Vedi allegato. Vedi allegato. Grazie. Grazie. Grazie. FURIO STERNI FURIO STERNI FURIO STERNI RESPONSABILE COMMERCIALE E MARKETING RESPONSABILE COMMERCIALE E MARKETING furio.sterni@euroservis.eu +39 328 0122969 furio.sterni@euroservis.eu +39 328 0122969 furio.sterni@euroservis.eu mailto:furio.sterni@euroservis.eu https://www.facebook.com/EuroservisSrl/ https://www.linkedin.com/company/euro-servis-srl/?originalSubdomain=it https://www.youtube.com/channel/UCupR1c7OEA0ALczt32sENDQ Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu Euroservis S.r.l. Euroservis S.r.l. Riva Tommaso Gulli, 12 34123 Trieste (Italia) t. +39 040 762712 info@euroservis.eu www.euroservis.eu info@euroservis.eu mailto:info@euroservis.eu info@euroservis.eu www.euroservis.eu www.euroservis.eu https://euroservis.eu/ www.euroservis.eu Please consider the environment before printing this email. Please consider the environment before printing this email. Please consider the environment before printing this email. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Ai sensi del Regolamento UE 2016/679 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Pursuant to regulation (Eu) 2016/679 Of The European Parliament And Of The Council, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Osebne podatke varujemo po evropski Sploni uredbi o varstvu osebnih podatkov EU 679/2016 (GDPR). Sporoilo, ki ste ga prejeli, je zaupno in namenjeno izkljuno fizini osebi ali podjetju v naslovu. V primeru, da ste to sporoilo prejeli pomotoma, vas vljudno prosimo, da ga nemudoma izbriete, ne da bi ga kopirali ali posredovali tretjim osebam in nas o tem obvestite. Hvala. Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Da: Da: Furio Sterni <furio.sterni@euroservis.eu> Inviato: gioved 24 ottobre 2024 11:19 A: Furio Sterni <furio.sterni@euroservis.eu> Oggetto: Furio Sterni ha condiviso la cartella \"Documentazione\" con te Inviato: A: Oggetto: Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Furio Sterni ti ha invitato a modificare una cartella Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Ecco la cartella che Furio Sterni ha condiviso con te. Ecco la cartella che Furio Sterni ha condiviso con te. Ecco la cartella che Furio Sterni ha condiviso con te. Ecco la cartella che Furio Sterni ha condiviso con te. Documentazione Documentazione Documentazione Documentazione Documentazione Documentazione https://euroservissrl-my.sharepoint.com/:f:/r/personal/furio_sterni_euroservis_eu/Documents/Documentazione?e=5%3ad20090fe3a75485dba5eb06c7a124e15&sharingv2=true&fromShare=true&at=9 Documentazione Documentazione Documentazione Documentazione Documentazione https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Questo invito funzioner solo per te e le persone con accesso esistente. Apri Condividi Apri Condividi Apri Condividi Apri Condividi Apri Condividi Apri Condividi Apri Apri Apri Apri Apri Apri https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Condividi Condividi Condividi Condividi Condividi Condividi https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. Questo messaggio di posta elettronica viene generato tramite Euroservis Srl'uso di Microsoft 365 e pu contenere contenuto controllato da Euroservis Srl. "
],
"from": "Furio Sterni <furio.sterni@euroservis.eu>",
"to": "Furio Sterni <furio.sterni@euroservis.eu>"
} | |
| URL: Email Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": true,
"trigger_text": "CLICK HERE TO VIEW DOCUMENT",
"prominent_button_name": "unknown",
"text_input_field_labels": [
"furio.sterni@euroservis.eu",
"+39 328 0122969"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": true,
"has_visible_qrcode": false
} |
 | |
| URL: Email Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Euroservis"
]
} |
| |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Amiella's Community"
]
} |
| |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Amiella's Community"
]
} |
| |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": true,
"trigger_text": "Redirecting",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.circle.so/c/docs/secure-9c150fda-a3b5-4727-912d-c98142ae40da Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Amiella's Community"
]
} |
| |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": true,
"trigger_text": "Secure browsing setup in process",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Cloudflare"
]
} |
 | |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": true,
"trigger_text": "Sign In",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Microsoft"
]
} |
| |
| URL: https://euroservis.basiic.net/4fHFE/ Model: gpt-4o | ```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is classified as 'wellknown'.", "The legitimate domain for Microsoft is 'microsoft.com'.", "The provided URL 'euroservis.basiic.net' does not match the legitimate domain for Microsoft.", "The domain 'basiic.net' is unrelated to Microsoft and could be a potential phishing attempt.", "The use of a subdomain 'euroservis' and an unrelated main domain 'basiic.net' is suspicious.", "The input fields 'Email, phone, or Skype' are commonly targeted in phishing attempts to collect personal information." ], "riskscore": 9}
Google indexed: False |
URL: euroservis.basiic.net
Brands: Microsoft
Input Fields: Email, phone, or Skype | |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"contains_trigger_text": true,
"trigger_text": "We couldn't find an account with that username. Try another account.",
"prominent_button_name": "next",
"text_input_field_labels": [
"steve@outlook.it"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false
} |
 | |
| URL: https://euroservis.basiic.net/4fHFE/ Model: claude-3-haiku-20240307 | ```json
{
"brands": [
"Microsoft"
]
} |
|
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 231348 |
| Entropy (8bit): | 4.394749151135462 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 18F8B51800C3E215D7D63932022A21DD |
| SHA1: | 632BA0EADDEEC8386B52ABDFD73FCB940C4B51D0 |
| SHA-256: | EC80C6BE0C02F73A8D0C3EBEBF9EEE25AE6DBBEFE50B4F76E81EE2D93F489FFA |
| SHA-512: | 0DF090067107D7BA803EDC7187E53907FE0C805D17332F82683519397010768439787D959D2CE09A86761AA1E13BFB174BB922498331376CF930B5395D161B8B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | modified |
| Size (bytes): | 2195 |
| Entropy (8bit): | 5.113312154345127 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C880940B984DF9EBD4753C9DC0AE847C |
| SHA1: | EA093DD2C26F58FDA3ABDC04686FA34557868341 |
| SHA-256: | 81883EB5BAFC3DEDC9B95BED97FCE18E498DE4C292E329950B249D60D8AD9D3D |
| SHA-512: | 0227BC0F22342EE968BC4D9773C71586220908E6D0C7CC6A9879EDD5F3DD8DC8A5DA1CB0161B04B9BB9257DC8CC7E4AD9FECA4303946F60D81808898E3CB3001 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 521377 |
| Entropy (8bit): | 4.9084889265453135 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C37972CBD8748E2CA6DA205839B16444 |
| SHA1: | 9834B46ACF560146DD7EE9086DB6019FBAC13B4E |
| SHA-256: | D4CFBB0E8B9D3E36ECE921B9B51BD37EF1D3195A9CFA1C4586AEA200EB3434A7 |
| SHA-512: | 02B4D134F84122B6EE9A304D79745A003E71803C354FB01BAF986BD15E3BA57BA5EF167CC444ED67B9BA5964FF5922C50E2E92A8A09862059852ECD9CEF1A900 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Avenir Next LT Pro\25381880192.ttf
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 103956 |
| Entropy (8bit): | 6.311905251881408 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DC3944D3250416223933AC60B076E979 |
| SHA1: | 292C506D0F84C6EDFF4E04B1E3637EFD095E4390 |
| SHA-256: | 28023B68E674F3BE1CE0EEEB89D08129EC78D9A1F0BF3CACFB9BB9EEC1ECC35E |
| SHA-512: | 3255DC91849286F7C4FE5C6DA5A2615CEF434D61BDF02332E8C5CFA743003443A74C9A7333033F9B485C6C003421F3263DEF1188811CAB80FE8C310766AD5145 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Avenir Next LT Pro\26301410506.ttf
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 102824 |
| Entropy (8bit): | 6.304446798040571 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C47CF8935E2F2DC88FED986342229F50 |
| SHA1: | EC799EEA286C31349BD40A70A9057BC81217082E |
| SHA-256: | 0924698340C40827289297AD9B9C5D36D3F91D2E7A7E75E76AE4B8D82C46616A |
| SHA-512: | 81F61D3120CF0F893B1CC32288E7E6165C1F49ECBADDC0A8AC10365370D50F7BACA9AE463C148A5A80480636470EDB8DE0FE3BDEF5E2C2BF29FEE1C40106DDD7 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_40.ttf
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 773040 |
| Entropy (8bit): | 6.55939673749297 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4296A064B917926682E7EED650D4A745 |
| SHA1: | 3953A6AA9100F652A6CA533C2E05895E52343718 |
| SHA-256: | E04E41C74D6C78213BA1588BACEE64B42C0EDECE85224C474A714F39960D8083 |
| SHA-512: | A25388DDCE58D9F06716C0F0BDF2AEFA7F68EBCA7171077533AF4A9BE99A08E3DCD8DFE1A278B7AA5DE65DA9F32501B4B0B0ECAB51F9AF0F12A3A8A75363FF2C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntities.bin
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 322260 |
| Entropy (8bit): | 4.000299760592446 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CC90D669144261B198DEAD45AA266572 |
| SHA1: | EF164048A8BC8BD3A015CF63E78BDAC720071305 |
| SHA-256: | 89C701EEFF939A44F28921FD85365ECD87041935DCD0FE0BAF04957DA12C9899 |
| SHA-512: | 16F8A8A6DCBAEAEFB88C7CFF910BCCC71B76A723CF808B810F500E28E543112C2FAE2491D4D209569BD810490EDFF564A2B084709B02963BCAF6FDF1AEEC59AC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntitiesUpdated.bin
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 10 |
| Entropy (8bit): | 2.321928094887362 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7537E6A2BD113548F3866F71B5F269EA |
| SHA1: | BBA89D45692D079AEAED80C3B063C35FE9F5AF21 |
| SHA-256: | DCD6E793BF6CDA12CD4336470EA424D7862DE0AB628429C41B4AC0660E095BB8 |
| SHA-512: | 20B716C09E1312F3D64132A371F6F3F7849162F8BE50605C97384EE5D45B54E24584B393A7992C766588439421262DE6899080942244F8FFF97D27B54325BFD0 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4616 |
| Entropy (8bit): | 0.13760166725504608 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FE981A6130A7192B97B3926833CCC213 |
| SHA1: | 599FE047532A71980646C79A9FA615FD68EE3AB7 |
| SHA-256: | 2E6E0A555A8C1F6837B541E25D81C2BD4FDAB33C34E78BDE21FAC6A241918790 |
| SHA-512: | 0357EB87B4A2434BE9E3312676D7899E13920F025E24A7191E9BB80F141E067E884366783DDCD457389DF726E4F980CA45047116D36EA1E0DFC796D34EB74C30 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 25867 |
| Entropy (8bit): | 7.698778588626363 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8892E439B5CFAFDE3D87E6EBC6103F26 |
| SHA1: | C28F83FD79763BCEC5C6955C73C5B02A0562CD5D |
| SHA-256: | 59218FE5DCE5EEAFBA91D8883D0840C96C9DE925FD8196F0D013321E5B9E6308 |
| SHA-512: | 49730A1F4C87EE2FB418ABF153F89BB806A975EBC0C3A57F0620FEDA6D4310903E392CDEC84487BAD500F751DBA293705031734C33F943C7023D41E4CB59EA75 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 560 |
| Entropy (8bit): | 7.391782030480221 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B17C3DA71EF9089E6B4D93CC3710178E |
| SHA1: | 2E252640729F0A957398DAC7545317F225DF18B6 |
| SHA-256: | 6EFF14D37801903459C3952A38FE9D2509001BE32DA489A6DDBE482D784ED6C9 |
| SHA-512: | C228C5E0FBCD65E0FD92FE6AF7B33E9F7330B955341E0BEFE8A8338AEC6435A681BC902F6B81D741A225C883D595AFC9369AF0476DC974F68950CE0E5EEA69B2 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 560 |
| Entropy (8bit): | 7.202675966728479 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C8BF8E6B73F65643F299721BE280AFD4 |
| SHA1: | 3C1302210ED6D13A3D98E8D512F4F72DA066E2E9 |
| SHA-256: | C201EFFC2BAD916AD6DFCF3A43F301B300F76EAF297BE0A3E024AA6BCC0B693B |
| SHA-512: | 378E599691264A337FE122BB250CC95291812A30B81DB188286B875BD2FB3129E9B03B0C29B6E3F87EE06A522511E99D67A6489F4CAA8077E9AFEB852772E9E5 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 31208 |
| Entropy (8bit): | 7.573712932465293 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F3B97ABD4EE80B01A637FC4812697A78 |
| SHA1: | 2349C7A1FDF00761E7142E9AAB58DD79AF36D8F5 |
| SHA-256: | 4B2EE52489AFBC050F0B37B739C07E590A32183E2A9BFC3841D29010F00ADB27 |
| SHA-512: | F7261ED442850E15DE2298D18F193FE07BE2D30254523563587264164D96AD964F9B02A3D5667B11ECEFD35D7773BE306464FA5D68F005A48A5153502456CB51 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2877 |
| Entropy (8bit): | 7.9028514706867385 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1E13EE0ED09C4AF1ADFB6C0D280879B0 |
| SHA1: | 1192A79F7B4C4FF814583743F8C66ACA7ECB8ACF |
| SHA-256: | E2395FBA25D3FB8A971345CA65D144F7D9C9D933F70409165446E63D18C0958D |
| SHA-512: | 4D86A41DE4B3CA8BB73BF641838953BE03FFF34A890B7BDDC506276186D42979BC99A7DC5553005F135AA1C02137C85C6A2623498C78A617CC195E28FD8B3C95 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\GZKBQLBB\Outlook-linkedin (003).png
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 9450 |
| Entropy (8bit): | 7.885865767097977 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 42BE735F0B6DCF7CFE2DB8798E7510AB |
| SHA1: | 4DE2BC672F40D18A7B4B2F2B241CCFC89F76BD37 |
| SHA-256: | 038D77190A791C976F49F20A906BE7EE229EAB17888BAB6852CEAA4BE7D2E924 |
| SHA-512: | 1728A030554D12962B282227D0539309BDDD4C841B7287C7BB901AC7061959746742C0687522CD4D23A0DE4329A7B2DF21D839A201C85DD59FE211B942BD1A5C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\GZKBQLBB\Outlook-linkedin (004).png:Zone.Identifier
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 26 |
| Entropy (8bit): | 3.95006375643621 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FBCCF14D504B7B2DBCB5A5BDA75BD93B |
| SHA1: | D59FC84CDD5217C6CF74785703655F78DA6B582B |
| SHA-256: | EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913 |
| SHA-512: | AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\GZKBQLBB\Outlook-zuca5g32.png
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 62036 |
| Entropy (8bit): | 7.906956676977432 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8876D85ABFA5E6712EBD0B4A0AC3EEE2 |
| SHA1: | C1BCE7BB240717D902A5166594BD97BA3675F150 |
| SHA-256: | 2B7826546E82266BFCC9B90411046B13F57C0D72EA402B9DBB9904CE0E3F37A6 |
| SHA-512: | B90A996A77545E7E625302BB372DFBC4BB227A60886A2970106DF701E070AF97F7CF31A1D07850C27E691C84EF04985A2BCE1035CE9317CDC1DC9760E57E6BEF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 30 |
| Entropy (8bit): | 1.2389205950315936 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 96C9159E9F05B0419E3DCC4EBE20F368 |
| SHA1: | 0C677F90B03A974B471B8D608C12706F1E743FC9 |
| SHA-256: | 1ED5DF17D4A58C96388ACAD96F8F123C6DE5A61839752580A842DBD0F4553F2C |
| SHA-512: | E9BA938D072FE01DA27C8951039790DA7FB245AF4CC519ECA4BD95381CDC6D6345C4645E62C755C268FF7B8C76543F66C3E3DC2C0C7341A0A88353E660FB4347 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2673 |
| Entropy (8bit): | 3.983443441337046 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9C425B248C7BF7D646604E02934F1B9E |
| SHA1: | 256885ED7402BD091EDD3C1D158BC39F3334E731 |
| SHA-256: | 4C9ADC30D4D6FE2728345C5912A262895F6EE2C67C5C2A9DE7C98144E3502803 |
| SHA-512: | 229EF50BAB9E97C377890310F7F73EB89BE1BB9F8DC02A7F96F76BA9A8DC5E0D3738691942352D180440A4AAA88C70F2D9B43081994A579F5A10E95CE96535CC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2675 |
| Entropy (8bit): | 4.000223881614656 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 56585D9192EA3543C5E3DC5F5EB0A8C2 |
| SHA1: | 470ADC52F5B0D12C2E72A158742E14FB89DE358A |
| SHA-256: | 6B9F22725D3D923A9E9E6129B4CEAE738EBABBB534F153E8BBFE0A427A61AF7A |
| SHA-512: | 183A7BC3EE924914EB91995AD288DBE12026133880130DEBD94EB77D92DB5BD9C50C07508BBEE87463AF2DF8D484D4A33A9BC5FF4C698FB55D6827B0FBBF3F57 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2689 |
| Entropy (8bit): | 4.007277491500882 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5259F31A15D3C65584D6E02ADEF51BA9 |
| SHA1: | 654F53D7F2F7B4A59D382F4D0CF7636EB16B64A4 |
| SHA-256: | D1C4C8F6AEE0C3C01D4BA8482F8D80CD87567659A862883A51B0AEF91DBDFD70 |
| SHA-512: | 4B0E6643430766FB2744579221E24A68C1F1A87B01AE8AA018E416461F9980E9D52BF3339D94B8FA736B69F0B21ED407DE603E2B0532E4E5CB6196733B72F491 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.99707149647577 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 21637D76B252CA4FC8B7251241367138 |
| SHA1: | 2C2DE0267BBC5313F44B690C8A72CA6AFBDC6707 |
| SHA-256: | CF8D47DE630B79AA705D91669F9C451741A1FBBA595B71818D7C4071AD0A451E |
| SHA-512: | 285E184E7AA6D366990BC3A1F49F238EF2B1926E5559BBD21A586AAA175578C3DC0F381622BB51E682ABE611D85AFC3C62C8C460F18EF2A568192511A22E89F1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.9869587655153826 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A3DAB4925CC55D43578FD3BCB3C11450 |
| SHA1: | 791016A75A0C1DC7B1CA288E25C25EE1587A29D5 |
| SHA-256: | 71C785336691CA6780052C7D947715793647129BBE74E4C23D67313E6A63715B |
| SHA-512: | 6DAB50EF01A3BAA8A4537ECD59F583E7EB61061E26037B2E3C78BBE9E6B54EF064FD63D8DB25708FAEA37394383A19264333B9E58A113B8B6E3F70ABF56C562A |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 3.9932744483415346 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 17DF757506AA39D29FB376277C35E29E |
| SHA1: | BCC7D74C106AC37399CCDB10B3E6E27424E72C9A |
| SHA-256: | 4753881154FA4E2431160A9BA7763B10278F5651F6941C88E9997734126528DD |
| SHA-512: | 70D67D449A8248DDE1064C870534A0E97726A13A1880C6BD720D1379976C9B84E0711DB2583D638963A657199911755FD2906F4494ED63687DCFCCCC5AAC926F |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1404197370\Google.Widevine.CDM.dll 
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2877728 |
| Entropy (8bit): | 6.868480682648069 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 477C17B6448695110B4D227664AA3C48 |
| SHA1: | 949FF1136E0971A0176F6ADEA8ADCC0DD6030F22 |
| SHA-256: | CB190E7D1B002A3050705580DD51EBA895A19EB09620BDD48D63085D5D88031E |
| SHA-512: | 1E267B01A78BE40E7A02612B331B1D9291DA8E4330DEA10BF786ACBC69F25E0BAECE45FB3BAFE1F4389F420EBAA62373E4F035A45E34EADA6F72C7C61D2302ED |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1404197370\_metadata\verified_contents.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1778 |
| Entropy (8bit): | 6.02086725086136 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3E839BA4DA1FFCE29A543C5756A19BDF |
| SHA1: | D8D84AC06C3BA27CCEF221C6F188042B741D2B91 |
| SHA-256: | 43DAA4139D3ED90F4B4635BD4D32346EB8E8528D0D5332052FCDA8F7860DB729 |
| SHA-512: | 19B085A9CFEC4D6F1B87CC6BBEEB6578F9CBA014704D05C9114CFB0A33B2E7729AC67499048CB33823C884517CBBDC24AA0748A9BB65E9C67714E6116365F1AB |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1404197370\manifest.fingerprint
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 66 |
| Entropy (8bit): | 3.974403644129192 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D30A5BBC00F7334EEDE0795D147B2E80 |
| SHA1: | 78F3A6995856854CAD0C524884F74E182F9C3C57 |
| SHA-256: | A08C1BC41DE319392676C7389048D8B1C7424C4B74D2F6466BCF5732B8D86642 |
| SHA-512: | DACF60E959C10A3499D55DC594454858343BF6A309F22D73BDEE86B676D8D0CED10E86AC95ECD78E745E8805237121A25830301680BD12BFC7122A82A885FF4B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1404197370\manifest.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 145 |
| Entropy (8bit): | 4.595307058143632 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BBC03E9C7C5944E62EFC9C660B7BD2B6 |
| SHA1: | 83F161E3F49B64553709994B048D9F597CDE3DC6 |
| SHA-256: | 6CCE5AD8D496BC5179FA84AF8AFC568EEBA980D8A75058C6380B64FB42298C28 |
| SHA-512: | FB80F091468A299B5209ACC30EDAF2001D081C22C3B30AAD422CBE6FEA7E5FE36A67A8E000D5DD03A30C60C30391C85FA31F3931E804C351AB0A71E9A978CC0F |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1763765446\Filtering Rules
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 74272 |
| Entropy (8bit): | 5.535436646838848 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B23DD5B6ECCB460003EA37BA0F5E3730 |
| SHA1: | FD444553CB7699F84CE7E5664232771673DCF67D |
| SHA-256: | 7F7F432C27D97DEE184DCD3EA20F731674C008BE849C0136F9C5358E359F3EA9 |
| SHA-512: | 7E47BD172C4BD4C65F063A8FA3FB33ED47F29156EB20E42D4E8EA73C6F02526A30FFE907BE5B7C1406D4EAA71FBEC7C0D557C376DCCD0A1A961E2F61B3431181 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1763765446\LICENSE.txt
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24623 |
| Entropy (8bit): | 4.588307081140814 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D33AAA5246E1CE0A94FA15BA0C407AE2 |
| SHA1: | 11D197ACB61361657D638154A9416DC3249EC9FB |
| SHA-256: | 1D4FF95CE9C6E21FE4A4FF3B41E7A0DF88638DD449D909A7B46974D3DFAB7311 |
| SHA-512: | 98B1B12FF0991FD7A5612141F83F69B86BC5A89DD62FC472EE5971817B7BBB612A034C746C2D81AE58FDF6873129256A89AA8BB7456022246DC4515BAAE2454B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1763765446\_metadata\verified_contents.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1529 |
| Entropy (8bit): | 5.990179229242317 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2FF08C4B4128F634CBBFEA0C1C44AA2E |
| SHA1: | 45D11E57DDF29E843AC8545C7D06CDDB5DF3E962 |
| SHA-256: | 33B6F2ECD5FB7F9FAF538F29808716EFA337A653809943A8E4B5E450B734DA09 |
| SHA-512: | 14BD9E921E1DB9AC8720C1177897DB624292865D29B976ED9CCCEE572726D7D123A8F39E470987DF796AE0552861FBAE056CDB395F0CB8B0E699C28F5E221999 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1763765446\manifest.fingerprint
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 66 |
| Entropy (8bit): | 3.8568101737886993 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6DBEDE254AF8A23D6CB2ABAEA8D2E38F |
| SHA1: | A827D46FA5D53CB7B134F143CC15A30BA015ED21 |
| SHA-256: | 376ED55CD5AB45C0F7BAA1AF0AC2637C33DEA6D1D4683B729AE7CE764F70DAA1 |
| SHA-512: | 0F28FD8AF582C18ECCCC1321B94902501D31C4B6C1D11684780DED6217C14E1B313F58A644516F37AE69232F1C2861915337A4D84185E18124F40C629A50B7F9 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_1763765446\manifest.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 114 |
| Entropy (8bit): | 4.547350270682037 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3448D97DA638C7EF0FBCA9B6949FFC8F |
| SHA1: | 36D8434F26F0316FAB4627F7856FCA7291FE8ADF |
| SHA-256: | 1700A11FD1E58367B450A41B2AE5FD26ECB5CDB459869C796C7DDE18F1D30F73 |
| SHA-512: | 9BF9055B2EF82BD1D2A1E94009FED2D3481FE2DC336D306FA0DB786658EFA5B72C9A9A214A829B9FCC4222476051871FF012009C64F09B9109072ABDF3DEF8CC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_757049762\LICENSE
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1558 |
| Entropy (8bit): | 5.11458514637545 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | EE002CB9E51BB8DFA89640A406A1090A |
| SHA1: | 49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2 |
| SHA-256: | 3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B |
| SHA-512: | D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_757049762\_metadata\verified_contents.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1864 |
| Entropy (8bit): | 6.021127689065198 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 68E6B5733E04AB7BF19699A84D8ABBC2 |
| SHA1: | 1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0 |
| SHA-256: | F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709 |
| SHA-512: | 9DC5D824A55C969820D5D1FBB0CA7773361F044AE0C255E7C48D994E16CE169FCEAC3DE180A3A544EBEF32337EA535683115584D592370E5FE7D85C68B86C891 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_757049762\manifest.fingerprint
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 66 |
| Entropy (8bit): | 3.9159446964030753 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CFB54589424206D0AE6437B5673F498D |
| SHA1: | D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609 |
| SHA-256: | 285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C |
| SHA-512: | 70FDCA4A1E6B7A5FFED3414E2DB74FECA7E0FD17482B8CB30393DFEE20AB9AD2B0B00FF0C590DD0E8D744D0EAD876CE8844519AF66618ED14666BCA56DF2DA21 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_757049762\manifest.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 85 |
| Entropy (8bit): | 4.4533115571544695 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C3419069A1C30140B77045ABA38F12CF |
| SHA1: | 11920F0C1E55CADC7D2893D1EEBB268B3459762A |
| SHA-256: | DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F |
| SHA-512: | C5E95A4E9F5919CB14F4127539C4353A55C5F68062BF6F95E1843B6690CEBED3C93170BADB2412B7FB9F109A620385B0AE74783227D6813F26FF8C29074758A1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1996_757049762\sets.json
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 9748 |
| Entropy (8bit): | 4.629326694042306 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | EEA4913A6625BEB838B3E4E79999B627 |
| SHA1: | 1B4966850F1B117041407413B70BFA925FD83703 |
| SHA-256: | 20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C |
| SHA-512: | 31B1429A5FACD6787F6BB45216A4AB1C724C79438C18EBFA8C19CED83149C17783FD492A03197110A75AAF38486A9F58828CA30B58D41E0FE89DFE8BDFC8A004 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.025119309004493 |
| TrID: |
|
| File name: | attachment(1).eml |
| File size: | 1'119'972 bytes |
| MD5: | 0dede3f92bef4730ef21e6e143c87140 |
| SHA1: | 5617a99b3e4d541a36a45f8fe35a3a364601ea08 |
| SHA256: | 1c6d6635a271e90527917b6493ea85c0c7b8011f421ba6338bfe55d91162ca44 |
| SHA512: | 7ed9e3e3d74d05be5e90c86b0700fa6956baba36aacf08996087d3fe3afde57c2301f16980f6b3297e9746b3df3e0dceb096799a80c24661a758fa80560c8455 |
| SSDEEP: | 12288:Zt75FNWVLpHNWVL3oNWVL3bNWVLCRNWVLbDNWVLeo+ZIyW47+ZIyW2E+ZIyW+i++:ZXaraYaBamataRwWYwWBwWvwWPwWtwWN |
| TLSH: | 373502732DA17FE65B21C5D360CD28E21FDC379744A0542AB8B8AD9531DA0D0ABF642F |
| File Content Preview: | Received: from PA4PR07MB7389.eurprd07.prod.outlook.com (::1) by.. VI1PR07MB9755.eurprd07.prod.outlook.com with HTTPS; Thu, 24 Oct 2024 09:36:09.. +0000..Received: from DBBPR09CA0020.eurprd09.prod.outlook.com (2603:10a6:10:c0::32).. by PA4PR07MB7389.eurprd |
| Subject: | I: Furio Sterni ha condiviso la cartella "Documentazione" con te |
| From: | Furio Sterni <furio.sterni@euroservis.eu> |
| To: | Furio Sterni <furio.sterni@euroservis.eu> |
| Cc: | |
| BCC: | |
| Date: | Thu, 24 Oct 2024 11:35:52 +0200 |
| Communications: |
|
| Attachments: |
|
| Key | Value |
|---|---|
| Received | from DU5PR08MB10561.eurprd08.prod.outlook.com ([fe80::d439:a2a1:26a1:a150]) by DU5PR08MB10561.eurprd08.prod.outlook.com ([fe80::d439:a2a1:26a1:a150%4]) with mapi id 15.20.8093.014; Thu, 24 Oct 2024 09:35:52 +0000 |
| From | Furio Sterni <furio.sterni@euroservis.eu> |
| To | Furio Sterni <furio.sterni@euroservis.eu> |
| Subject | I: Furio Sterni ha condiviso la cartella "Documentazione" con te |
| Thread-Topic | Furio Sterni ha condiviso la cartella "Documentazione" con te |
| Thread-Index | AQHbJfXPd29jpa7p7k6ZPFJ4D9vZ17KVkCmg |
| X-MS-Exchange-MessageSentRepresentingType | 1 |
| Date | Thu, 24 Oct 2024 11:35:52 +0200 |
| Message-ID | <DU5PR08MB10561FAA72FA52F9D161080B19F4E2@DU5PR08MB10561.eurprd08.prod.outlook.com> |
| References | <Share-f8ff5ca1-0054-a000-3292-25602afdc5f5-49556b70-7e93-4146-b0b2-9a90591a32d1-r0-SendEmail@odspnotify> |
| In-Reply-To | <Share-f8ff5ca1-0054-a000-3292-25602afdc5f5-49556b70-7e93-4146-b0b2-9a90591a32d1-r0-SendEmail@odspnotify> |
| Accept-Language | it-IT, en-US |
| Content-Language | en-US |
| X-MS-Exchange-Organization-AuthSource | DB1PEPF00039232.eurprd03.prod.outlook.com |
| X-MS-Has-Attach | yes |
| X-MS-Exchange-Organization-Network-Message-Id | 8c1cbb36-9440-4b0c-b781-08dcf40f432e |
| X-MS-Exchange-Organization-SCL | 1 |
| X-MS-TNEF-Correlator | |
| X-MS-Exchange-Organization-RecordReviewCfmType | 0 |
| received-spf | Pass (protection.outlook.com: domain of euroservis.eu designates 40.107.20.128 as permitted sender) receiver=protection.outlook.com; client-ip=40.107.20.128; helo=EUR05-DB8-obe.outbound.protection.outlook.com; pr=C |
| x-ms-exchange-organization-originalclientipaddress | 40.107.20.128 |
| x-ms-exchange-organization-originalserveripaddress | 10.167.8.105 |
| x-ms-publictraffictype | |
| x-ms-exchange-crosstenant-id | 6065539e-1467-456e-929c-c87c64b86dd3 |
| X-Microsoft-Antispam-Mailbox-Delivery | ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003); |
| X-Microsoft-Antispam-Message-Info | qgMX2NF9YWhw4JYH6hUvThByX+gtCrFKDcPrn7UDcS5EOuN9pNky6mWKfQY0871glXbKF1Zz7Oa2lIPLjzG7PwMHPOq05fXxrM8oIfH1bQudCntw/7jvTYK1YfKCTJGfkUB+FIeIvQk4A/MtBhj05PGYJEyjghY9VbsGXjzqxaa5uXGhegYGrXz1rf3TaaeQ80vK5+HFHtMkP0QHJzyM2PqX6/7qzoGKVu8FimbVJx8zlot1nRVy1gP8+ZKcJiCDMYomSicNbMOzHeroaIGyo9dXbX2rZH4XOq/wgbF5VT2DdTLEnCfBco93cXFn/yrWGJTvQwiW9cOBhRZK5KQR120tyCM2Q4zWH+nnxG6Yda/5mY2gmoZZW0ElKAnx48rQt+KiU94CIk5KamWvdbAGJYH47Aio68Yx9qa8rVI1WE6W7o4ZEGDm8EvmkmNLwbwPkLovZk3Qvfx0E7tFx/bzgSoPIUqMiKZs97PmGk5NzLJOdEUCAYLSlN38qXw3mtl67KdzClNy7btLOyA363e0FMZm02JMrIi5mpL3jBC4y17xKg7OaTRF0WsAe7B9v++cStY6IZGkDgiNDFzLC4z2noMiXfoaZ834QVhOuh2X+3tFQm75IQ9ztxfPlx3fK6M/YJ25eaiFu2SzBaTrYxVGj3yuJKMKXLzOnmHCUyg6oQBjSlywotetGXAJtxxGKr6/cF5Y//pA5XeIkT8GDMxyt14QP+2t9yBWR1R24/y5WdcqVDxsrjgoFVt8VDFFwxyNZ2FLZYTh/q0RJyzqNDZKW8Il+6Tz45zOtDTzAwbbN65BXQO2dZx0x/bn4Dvk3ZIjBeTDrvtj+toMXbazwhiI/IPn39TqynjAajeONTHvtJv8TDJkIk/MnKC/nwuH6l69jWhj72kHu4pfdlFWuuaZQf5zxmVdL6JNN6mVQVHk7CzE+8MCYRTvta2LWJGrHdW1RnDRKTnbg3NAy36xeCSzG/tdzIg7qiq2/HN4K3o1aGeiA6xRl1Ia/uKLGDWuc5LxZjRrxmXskkFfXA6qSt23QUgqZPi/1725liM9LrRfJoGfbBtcxV5Rx2Et4fhaPwtUQyZ1uUr7pcQM0AjzsavIrGf9m5lC3047C2BpcR9Qo8IF3CChx6Dn3f1UMYWyktEPt40qFMDC91tC0O44Wv7k3D2fh/l/GFZb5NKau8H//nHJ3megsrzGt7mI8rfIyeYWQmZ/64pMxsU8fQiKpg/ujRuyv0QQgt7gjqFcl27FpazK/VVPmd9orAUlZ7sMdWaiR8+nB4z7VAaoQw9qYS+EbDIcSOp0vliqSpVE5lhpZwlN4pVUMsYR1iAmUiZL17q+T6AdYJDeIU7V/Dzbm/NL+ho1+kL9Q6yA56AUYqyfuBWng42Od13uoJKcEKC9gHDWKKxPRdS10Sj/2N/jGCPtmvjBStB8bfNeAVNb9OBU+lz6m1xQxJcG2LtFz6m99nDItFS2khL2hkmYtxJBRFLrjchMpVAEHoN64+madLV+cldm1Hw4L3/D5yeUyADkwBuPi0xBIPSX6IAc7DzzEHp1mry9KwofX4eHwP0uedsHbN9kNeTvbyFtjW4YhlUNicvu8bhtoHFEfdEoXeKkoydu6/Z8Mav55pPZj42+uQgAMsP/7Npg47byU6cjCHKJKbvD2juDW+Z+BSRBZktpQxcC4duN0XWWHVSU01pmwQvqi518Ydu3QH1BqJT4PlGn/gctou7RqCETcreFkoh7mYcWUIXV7rT0AJywexpEi0eXbsJxisTZ4ExDb2wE35yQgHCnF/TUns3tiVvN/aalmP+Ou4NtAyRFnb1zHawpaxNbZw2fHjrUUza+4sf8i5ogpePNttNs2btKstjQxXfu3UlOfQlkZmTWycpDd2tB3ihEHk08aUyE6RAs0yVgmhteH0qpXz8J7Y58K7RyAMTghDT/cstLnH3ztC1Mo4pV18HpmjU2Lnqa8N36nNoad84ACWLB |
| Content-Type | multipart/mixed; boundary="_029_DU5PR08MB10561FAA72FA52F9D161080B19F4E2DU5PR08MB10561eu_" |
| MIME-Version | 1.0 |
 | |
| Icon Hash: | 46070c0a8e0c67d6 |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node