Scenario
In this exercise, you have been given a compromised device. During your investigation, you have isolated an email address as the source of the compromise. You are tasked with investigating the email address to gain more information about the threat actor.
Objectives
Objective 1: What have you determined about this email address?
Objective 2: Is there any threat actor associated with the email address?
Objective 3: What have to discovered about this threat actor?
Searches
First search: Perform a search for the macie.dietrich50@mail.com.
https://community.riskiq.com/search/whois/email/macie.dietrich50@mail.com
Post-investigation Reads
Indictment of threat actor:
https://www.justice.gov/opa/page/file/1098481/download