Overview

overview

8

Static

static

URLScan

urlscan

1

https://eur.safelink...

windows7-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://eur.safelink.emails.azure.net/redirect/?destination=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpower-platform%2Fadmin%2Finactive-teams-environment%23definition-of-user-activity&p=bT04MGJkZThlOC1iYzgxLTQwZGItOTNiMS05MDY2Njc0NzY5NDAmdT1hZW8mbD1pbmFjdGl2ZS10ZWFtcy1lbnZpcm9ubWVudF8y

  • Sample

    221130-gb64zaef6s

Score
8/10
microsoftphishing

Malware Config

Targets

    • Target

      https://eur.safelink.emails.azure.net/redirect/?destination=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpower-platform%2Fadmin%2Finactive-teams-environment%23definition-of-user-activity&p=bT04MGJkZThlOC1iYzgxLTQwZGItOTNiMS05MDY2Njc0NzY5NDAmdT1hZW8mbD1pbmFjdGl2ZS10ZWFtcy1lbnZpcm9ubWVudF8y

    Score
    8/10
    microsoftphishing

    • Executes dropped EXE

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks