Scenario: You are a Level 1 SOC Analyst. Several suspicious emails have been forwarded to you from other coworkers. You must obtain details from each email for your team to implement the appropriate rules to prevent colleagues from receiving additional spam/phishing emails.
A malicious attachment from a phishing email was uploaded to Any Run for analysis.
What is this analysis classified as?
What is the name of the Excel file?
What is the SHA 256 hash for the file?
What domains are listed as malicious? Defang the URLs & submit answers in alphabetical order. (answer: URL1,URL2,URL3)
What IP addresses are listed as malicious? Defang the IP addresses & submit answers from lowest to highest. (answer: IP1,IP2,IP3)
What vulnerability does this malicious attachment attempt to exploit?