On the 29th November a VBS file was identified by Check Point’s Threat Emulation detection engine to be communicating with an external resource. Fortunately, the file inspection the engine decided to stop the attack at the most primary and earliest stage of the attack. Details of the resource accessed are below: