Stage a phish email in downloads folder

Create a fake email that contains a link to an Excel document containing a malicious macro. If the user opens the macro, it will download a Pneuma payload (on Windows) and open a modal explaining they have accidentally installed malware.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)