Details

_id 62fb40e2348d24c6a7973774
reference ['https://labs.inquest.net/dfi/hash/eef6bfdc05d17537c7171396e8dc3a40af029d27e501456b0fd363f98e97c19a']
md5 []
sha1 []
sha256 ['b6d92095255846e3142c966fc9a8d57fc5ab21a328c806e1b965a4513f340e2e', 'eef6bfdc05d17537c7171396e8dc3a40af029d27e501456b0fd363f98e97c19a']
mail []
ip ['198.23.207.54']
domain ['jmcglone.com']
url ['198.23.207.54/https/shipping.doc', 'http://jmcglone.com']
user InQuest
tweet 🤖 Potentially malicious RTF document found hosted at: hxxp://jmcglone.com@198.23.207.54/https/shipping.doc SHA256: b6d92095255846e3142c966fc9a8d57fc5ab21a328c806e1b965a4513f340e2e IOC extracted from sample: https://labs.inquest.net/dfi/hash/eef6bfdc05d17537c7171396e8dc3a40af029d27e501456b0fd363f98e97c19a (Automated Tweet. maybe a FP)
id 1559115696394600448
retweets 1
link https://twitter.com/InQuest/status/1559115696394600448
mentions ['@198']
hashtags []
date 2022-08-15 09:52:03
timestamp 1660582323

Tweet