Overview

overview

8

Static

static

8

URLScan

urlscan

https://outlook.offi...

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=allison.clark%40eastgeorgiaregional.com&senderemailaddress=Natalie.Valentine%40CBTRCO.com&senderorganization=AwGAAAAAAnwAAAADAQAAAM%2bQtz6t2DVNlrG7Cu7gXi1PVT1DQlRSQ09jb20ub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjA2QTAwNyxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NywWI2fDrPUmd9VKdiQBYUENOPUNvbmZpZ3VyYXRpb24sQ049Q0JUUkNPY29tLm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIwNkEwMDcsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE%3d&messageid=%3cDM8P221MB04568D64D93C01BA1232C80E8CBC9%40DM8P221MB0456.NAMP221.PROD.OUTLOOK.COM%3e&cfmRecipient=SystemMailbox%7bD0E409A0-AF9B-4720-92FE-AAC869B0D201%7d%40CBTRCOcom.onmicrosoft.com&consumerEncryption=false&senderorgid=10e46e02-4d52-4857-88a1-6b9426904d0c&urldecoded=1&e4e_sdata=VggpbxKUI0x9mttAl13yzHClW5oqjc0s3wdc6SFGSGyRTrSlcp7G82hthKVij7NK9u01%2fo%2fBxTuJfGk3ryPNnvQ6OkKh5KkWexjT5466fzwN1MWK7vBGvRopHSGOwA7SYdocc1YLG2KHy5wGcYhkSFZXS7NNeguXy0YXr%2bO5cxK8jbyl5PvoR6Quwg2hTTV7Ipp5e%2bfpr8dko71b7QkQND1mNOx%2flzYdAawPEOMZqMipJiF%2f4%2bvfJKJ8l8%2f%2bdbEa2XvX3WokUNMVAQRe5iWzmbpSXYSM4fgA9zyrozrW%2fINgnCUtw2rqd%2fNL0OyTmZbxFVjvZ%2bqgGgBSnMj0Ap0WIQ%3d%3d

  • Sample

    230317-t5xtlsbb7w

Score
8/10
persistencephishing

Malware Config

Targets

    • Target

      https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=allison.clark%40eastgeorgiaregional.com&senderemailaddress=Natalie.Valentine%40CBTRCO.com&senderorganization=AwGAAAAAAnwAAAADAQAAAM%2bQtz6t2DVNlrG7Cu7gXi1PVT1DQlRSQ09jb20ub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjA2QTAwNyxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NywWI2fDrPUmd9VKdiQBYUENOPUNvbmZpZ3VyYXRpb24sQ049Q0JUUkNPY29tLm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIwNkEwMDcsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE%3d&messageid=%3cDM8P221MB04568D64D93C01BA1232C80E8CBC9%40DM8P221MB0456.NAMP221.PROD.OUTLOOK.COM%3e&cfmRecipient=SystemMailbox%7bD0E409A0-AF9B-4720-92FE-AAC869B0D201%7d%40CBTRCOcom.onmicrosoft.com&consumerEncryption=false&senderorgid=10e46e02-4d52-4857-88a1-6b9426904d0c&urldecoded=1&e4e_sdata=VggpbxKUI0x9mttAl13yzHClW5oqjc0s3wdc6SFGSGyRTrSlcp7G82hthKVij7NK9u01%2fo%2fBxTuJfGk3ryPNnvQ6OkKh5KkWexjT5466fzwN1MWK7vBGvRopHSGOwA7SYdocc1YLG2KHy5wGcYhkSFZXS7NNeguXy0YXr%2bO5cxK8jbyl5PvoR6Quwg2hTTV7Ipp5e%2bfpr8dko71b7QkQND1mNOx%2flzYdAawPEOMZqMipJiF%2f4%2bvfJKJ8l8%2f%2bdbEa2XvX3WokUNMVAQRe5iWzmbpSXYSM4fgA9zyrozrW%2fINgnCUtw2rqd%2fNL0OyTmZbxFVjvZ%2bqgGgBSnMj0Ap0WIQ%3d%3d

    Score
    6/10
    persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks