General
-
Target
https://attachments.office.net/owa/pat.clark%40Msimga/service.svc/s/GetAttachmentThumbnail?id=AAMkAGM5Y2MxYWY4LTY5OTYtNDljNS05NWNkLWNmNjI4Y2VhMWVlNQBGAAAAAACGGZN%2BMIPjRJBma5sZOk%2FvBwDv2skf6KXiQ4py914BwY5eAAAAAAEJAADv2skf6KXiQ4py914BwY5eAAAcLhBnAAABEgAQANY11Q6StyVOmq%2FFEK24ONw%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IkQ4OThGN0RDMjk2ODQ1MDk1RUUwREZGQ0MzODBBOTM5NjUwNDNFNjQiLCJ0eXAiOiJKV1QiLCJ4NXQiOiIySmozM0Nsb1JRbGU0Tl84dzRDcE9XVUVQbVEifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiMDMyZmJlYjdmZTBiNGE4NjhjMTBjZjJlMDVlMWJjZGMiLCJzaWduaW5fc3RhdGUiOiJbXCJrbXNpXCJdIiwidmVyIjoiRXhjaGFuZ2UuQ2FsbGJhY2suVjEiLCJhcHBjdHhzZW5kZXIiOiJPd2FEb3dubG9hZEBhOThjYjBiMy1hYWI3LTQwMWUtYmJiZi00YjA2MGY4ZjBkMjMiLCJpc3NyaW5nIjoiV1ciLCJhcHBjdHgiOiJ7XCJtc2V4Y2hwcm90XCI6XCJvd2FcIixcInB1aWRcIjpcIjExNTM5MDY2NjExMTg0NDYxOTRcIixcInNjb3BlXCI6XCJPd2FEb3dubG9hZFwiLFwib2lkXCI6XCJhNzU2OWZjMC01NzliLTQwMzYtODdiZC1lYTllZTk5YTEzOWFcIixcInByaW1hcnlzaWRcIjpcIlMtMS01LTIxLTM5NzUxNjg2OTgtMjAzMTE2MzE0OS03MzMyNzc2MDktMjg3NjI3NFwifSIsIm5iZiI6MTY2Mjc0MzczMiwiZXhwIjoxNjYyNzQ0MzMyLCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAYTk4Y2IwYjMtYWFiNy00MDFlLWJiYmYtNGIwNjBmOGYwZDIzIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAYTk4Y2IwYjMtYWFiNy00MDFlLWJiYmYtNGIwNjBmOGYwZDIzIiwiaGFwcCI6Im93YSJ9.jrr6EgSlkdkYl7CfPdkQf9pGbuviSO-1PhduhM1xk7rNuoWlSlIzcvZXV_Jo3OddsLzbPmBgj87rVLTdaYIJLhPt7wYDTYDwgY6b940RPdahyWF6NUpl1M-fDNc7ZErJSQRYC5n44EbVcrwwqzBp_b6ZsNML4Qe5JRrUzhpDQVA3Otzy0aA0x6fo9E15pgYLn7vR6Er4c_AS0XXzvUncrUpDbUwVhMZcc__O3VUKg8cwVvS2b_7zLKhX5vMu7V8L29qFOuNYNkauEHZS43sRW1PvCxlkaORzUpIOvPW9a2ZRhtajjrsKvFoCWSSR_KifkZIdyMFmxAIRI2nhqGkQYg&X-OWA-CANARY=wRTfiI4qjUGkowioIHF6KTCwFXeHktoYrTrNDdKArKUHWTqBcxmD8equU9p5hEA0NPm_D8jzK1c.&owa=outlook.office.com&scriptVer=20220729002.18&animation=true
Malware Config
Signatures
-
A potential corporate email address has been identified in the URL: pat.clark@Msimga