Alerts

Victim

10.7.31.101

DESKTOP-DPHW305

00:0c:6e:12:af:38

gregory.simmons

Windows 10

IOC

1 - MS Word with macro

2020-07-31 00:25:37.088661

10.7.31.101:49737

191.6.208.51:80

HTTP GET /www/ZdJCAB/ HTTP/1.1

e-dsm[.]com[.]br

URL

hxxp://e-dsm[.]com[.]br/www/ZdJCAB/

https://urlhaus.abuse.ch/url/422498/ → Emotet