Sandbox Intelligence Investigation

Incident Overview

Scenario: You are a SOC Analyst. Several suspicious emails have been forwarded to you from other coworkers. You must obtain details from each email for your team to implement the appropriate block rules to prevent colleagues from receiving additional spam/phishing emails.

Two malicious attachments from these phishing emails were recently uploaded to the Any.Run sandbox for analysis.

Your Task: Investigate the analysis links provided in the case tabs on the left. Extract the requested Indicators of Compromise (IOCs) and submit them into the portal to generate block rules.