Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
===========================================================================================
SHA256 hashes
===========================================================================================
62dea2b8d3cf75a1d86224eb5dcff11001f88849 (Trojan.Win32.FRS.VSNW12J23, myscr759609.js) 
3957b57182daeb1de431159da8581bb60c1edcb4 (Trojan.HTML.PHISH.QURAAOOITB, 799g) 

Dracoon Public Shares that contain the PDF file
===========================================================================================
https://dracoon.team/public/download-shares/RjqetKkzebun7rB6OWWI3kPcpZ3RruPA
https://dracoon.team/public/download-shares/EKUjs7UmPdFmMRsFDyTamqS6DmI12kgi
https://dracoon.team/public/download-shares/6WFCaZsnvb0rSsxe7ULUCy2Q1cVuk4s9

Link embedded in the PDF file: 
===========================================================================================
https://8lw0sbfwny54fx7oh[.]o65y0v.ru/799g (Dangerous - Fake M365 Logon Page)