Report Writing

Header, Artefacts, content

Header/Artefact

Email Header:

  • Sending Email Address (Ex: J0hnSm1th@gmail.com)

  • Reply-to Address (Ex: F4keacc0unt2421@gmail.com)

  • Date Sent (Ex: 20th October 2019, 9:34 AM)

  • Sending Server IP (Ex: 40.92.10.10)

  • Reverse DNS of Sending Server IP (Ex: mail-oln040092010100.outbound.protection.outlook.com)

  • Recipient(s) (Ex: jason.s@domain.com, kirsty.p@domain.com, brian.b@domain.com)

  • Subject Line (Ex: Payroll Update – URGENT!)

Email with URLs:

  • Any relevant URLs (Sanitised) (Ex: hxxps://Healthcare-United[.]com/wp/index/2020/PAYPAL/lure.php?)

Emails with Attachments:

  • File Name(s) + Extension (Ex: PayrollDecember_UK.exe)

  • MD5 Hash(es)

Body Content

  • Brief description of email (1-2 sentence what it looks like and what its objective is)

  • Screenshot of email.

Analysis Process

  • Assess the risk

  • Tools used

  • Results provided

PreviousReactive MeasuresNextIntroduction

Last updated