A First Malicious OneNote Document, (Wed, Jan 25th)

This post was originally published on this site

Attackers are always trying to find new ways to deliver malware to victims. They recently started sending Microsoft OneNote files in massive phishing campaigns[1]. OneNote files (ending the extension ".one") are handled automatically by computers that have the Microsoft Office suite installed. Yesterday, my honeypot caught a first sample. This is a good opportunity to have a look at these files. The file, called "delivery-note.one", was delivered as an attachment to a classic phishing email:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.