General
-
Target
https://attachments.office.net/owa/[email protected]/service.svc/s/GetAttachmentThumbnail?id=AAMkADY4NTk2MzFjLTE5MTktNDZjNy05MDA2LTIwMDYwNDRhZTMzNABGAAAAAABcQuc0ooU8Q7CRR%2BoPNa8hBwDt4pkR1Z%2F9S56w7MzH6nsoAAQxHKXMAADt4pkR1Z%2F9S56w7MzH6nsoAAYTvB1%2BAAACEgAQAA9a4XU1Jp1Mij5YjxCZuEgSABAAOYW2MANbSEOSKzW0D9XbNw%3D%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiMWZlZjZhZmU4NWU0NDFjNjg1YjMxYmQzYTE3NTlkM2IiLCJzaWduaW5fc3RhdGUiOiJbXCJrbXNpXCJdIiwidmVyIjoiRXhjaGFuZ2UuQ2FsbGJhY2suVjEiLCJhcHBjdHhzZW5kZXIiOiJPd2FEb3dubG9hZEA5NzQ0NjAwZS0zZTA0LTQ5MmUtYmFhMS0yNWVjMjQ1YzZmMTAiLCJpc3NyaW5nIjoiV1ciLCJhcHBjdHgiOiJ7XCJtc2V4Y2hwcm90XCI6XCJvd2FcIixcInB1aWRcIjpcIjExNTM4MDExMTgzMDgzMzIxMzVcIixcInNjb3BlXCI6XCJPd2FEb3dubG9hZFwiLFwib2lkXCI6XCIzMDFkYzVlNy00Y2RiLTQ0ZjEtODIxNC0zMmE5MTM0Y2EyNDFcIixcInByaW1hcnlzaWRcIjpcIlMtMS01LTIxLTE5MDIxNjIwMDktMTQ4ODkxMzQwLTExNjQxNDAwOTUtNTM5MjY3NjhcIn0iLCJuYmYiOjE2ODY1OTk2MTAsImV4cCI6MTY4NjYwMDIxMCwiaXNzIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwQDk3NDQ2MDBlLTNlMDQtNDkyZS1iYWExLTI1ZWMyNDVjNmYxMCIsImF1ZCI6IjAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9hdHRhY2htZW50cy5vZmZpY2UubmV0QDk3NDQ2MDBlLTNlMDQtNDkyZS1iYWExLTI1ZWMyNDVjNmYxMCIsImhhcHAiOiJvd2EifQ.gmzmxMGzvMBrKJv4Cz3LuDmBs7ZHwNk3p0ODYH3YW1ON8XSl60em6NlE-tYC4qBT6yA_gdvJi3fSE6N_gpxINC_2iPBljH0Xv4lCiNDE1JCWxjsD5ar_cm8mwy_K2nGU8gDjljqymhMycqp8ySprnDIvwrUNRWSSLtu-O-iYPGrZhiHrpQZl0p-Lbv77DycaJWwg78IhuSZh0AJU88N63rKxebSwlhMmNmz_0Ia66ay2q0o5zhZ61j4vL4MYqc_NbE38rdLgEbNCFGuKApgnk4rtpVE2n2qY_LfDLWgLBhXZwG4IFgqW7AwydFMoUEDMtYgBKg_xXu3xgTiHU_AGvA&X-OWA-CANARY=HhmSBJ8tGkak1xi5cnenHPBcv2N_a9sYUjw2YQSIcvU8W3LIaX6y8HErfHhkQAhdmrjLVm5uNgA.&owa=outlook.office.com&scriptVer=20230602011.16&animation=true
Malware Config
Signatures
-
A potential corporate email address has been identified in the URL: [email protected]