General
-
Target
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://cage.25.etfapars125.ir/google.android.apps.youtube.music/yodjwtfc%20#tj_base64_encode%20aHR0cDovLzNrNnhtNmh6Lmh5dW5kYWllYXN0ZXJuLmNvbS8=?em=bscotter@cpf.com.au%22
-
Sample
230328-f1x2xsha97
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://cage.25.etfapars125.ir/google.android.apps.youtube.music/yodjwtfc%20#tj_base64_encode%20aHR0cDovLzNrNnhtNmh6Lmh5dW5kYWllYXN0ZXJuLmNvbS8=?em=bscotter@cpf.com.au%22
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=http://cage.25.etfapars125.ir/google.android.apps.youtube.music/yodjwtfc%20#tj_base64_encode%20aHR0cDovLzNrNnhtNmh6Lmh5dW5kYWllYXN0ZXJuLmNvbS8=?em=bscotter@cpf.com.au%22
Score10/10-
Detected microsoft outlook phishing page
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-