This advisory details a recent security incident detected by one of our deployed security operations teams, which relates to malware distribution by email.

An email was sent to three user accounts containing an attached malware executable. The malicious attachment contained a single disk image .img file, inside of which is a Windows Portable Executable (PE) binary. It was identified by Windows Defender, but was not highlighted by Office365 Advanced Threat Protection.

For detailed analysis of the delivered malware, see our blog.

Alternatively, get in touch if you’d like to chat to us.

Malware Details