General
-
Target
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://hmyy.21.seymenkimyatemizlik.com/google.android.apps.youtube.music/75sfb1rw%20#tj_base64_encode%20aHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL2FwcGZvcmVzdF91Zi9mMTY3OTY2Nzc3NzczNHgyMjkwMTUwNDQzODE3OTI5MDAvY29sZS5odG1s?em=Maria.Bolanos@txdot.gov%22
-
Sample
230327-3khnmahg3x
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://hmyy.21.seymenkimyatemizlik.com/google.android.apps.youtube.music/75sfb1rw%20#tj_base64_encode%20aHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL2FwcGZvcmVzdF91Zi9mMTY3OTY2Nzc3NzczNHgyMjkwMTUwNDQzODE3OTI5MDAvY29sZS5odG1s?em=Maria.Bolanos@txdot.gov%22
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://hmyy.21.seymenkimyatemizlik.com/google.android.apps.youtube.music/75sfb1rw%20#tj_base64_encode%20aHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL2FwcGZvcmVzdF91Zi9mMTY3OTY2Nzc3NzczNHgyMjkwMTUwNDQzODE3OTI5MDAvY29sZS5odG1s?em=Maria.Bolanos@txdot.gov%22
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-