hxxps://attachments[.]office[.]net/owa/soc@openexc[.]com/service[.]svc/s/GetAttachmentThumbnail?id=AAMkAGQ3NWViOGU1LWNlOWYtNDNlYy04MWU4LTc2ZDkzNmE1NjMwYgBGAAAAAABkwhxTV1iRRbMKWLkYV%2BkvBwBunZWj3xSvQ4jRH9zUW6%2BVAAAAAAEMAABunZWj3xSvQ4jRH9zUW6%2BVAAGObKzhAAABEgAQAKaJKr0l1WFPqqr7M8s9A3E%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ[.]eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNjBiMmJhNzE2MTM2NDg1YmFjNTVkMTRlNmZiMTM1NzYiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQDdmNWFmMzgyLTg4YmEtNGM3Zi04ZDhlLTU1ZDJhZGEyNDJkZCIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTExODIzNzQ4MDYxNlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcIjBkZjEzNjhiLTY3ZGYtNGZlMC05ZjlhLWNmY2Q0NTU2YTRjMVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtMzcyMjUyNDY5OS0zMzU3MjI4MjYwLTE3OTQ2MzM5ODUtNzE2MzUxMFwifSIsIm5iZiI6MTY4ODEzNTk2NiwiZXhwIjoxNjg4MTM2NTY2LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiaGFwcCI6Im93YSJ9[.]WZCfCub2geYLiCe5vq-2qvXG_3AvDzu7Ei5HWEz9QkUwcjH3yqWv1dHxcCRVVDTIOVF8gjtxKQlFQEZTp996g4u7dFshjRe5hoHZ6EwdcfM6YrCvr_CMtP6MDpGj59_aVaRfI0ARuWbLjVDeRWfT3kTX9Dktk0PlEFhKnN0lKCIGG-_jc67bKpU9ZInNE7SxG47d4kX9Xr2IZjTx7-zBrNCwdvlUxQfBqPJOKIMu91I8xc4t2REIoChTiHsneDzN-xbKEMSiBhrHyDBHaUXcYKGwN1RuEypjgxbE03j9XIOdD-0sxBoXXHgFSRQkWvGARErqulg5B7Bcht3rL4rn2g&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook[.]office[.]com&scriptVer=20230616004[.]15&animation=true

Resubmissions

30/06/2023, 15:05

230630-sf9lfadf26 8

30/06/2023, 14:49

230630-r69tfsee5t 8

Sharing

Copy URL Twitter E-mail

Behavioral task

behavioral1

Sample

https://attachments.office.net/owa/[email protected]/service.svc/s/GetAttachmentThumbnail?id=AAMkAGQ3NWViOGU1LWNlOWYtNDNlYy04MWU4LTc2ZDkzNmE1NjMwYgBGAAAAAABkwhxTV1iRRbMKWLkYV%2BkvBwBunZWj3xSvQ4jRH9zUW6%2BVAAAAAAEMAABunZWj3xSvQ4jRH9zUW6%2BVAAGObKzhAAABEgAQAKaJKr0l1WFPqqr7M8s9A3E%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNjBiMmJhNzE2MTM2NDg1YmFjNTVkMTRlNmZiMTM1NzYiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQDdmNWFmMzgyLTg4YmEtNGM3Zi04ZDhlLTU1ZDJhZGEyNDJkZCIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTExODIzNzQ4MDYxNlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcIjBkZjEzNjhiLTY3ZGYtNGZlMC05ZjlhLWNmY2Q0NTU2YTRjMVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtMzcyMjUyNDY5OS0zMzU3MjI4MjYwLTE3OTQ2MzM5ODUtNzE2MzUxMFwifSIsIm5iZiI6MTY4ODEzNTk2NiwiZXhwIjoxNjg4MTM2NTY2LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiaGFwcCI6Im93YSJ9.WZCfCub2geYLiCe5vq-2qvXG_3AvDzu7Ei5HWEz9QkUwcjH3yqWv1dHxcCRVVDTIOVF8gjtxKQlFQEZTp996g4u7dFshjRe5hoHZ6EwdcfM6YrCvr_CMtP6MDpGj59_aVaRfI0ARuWbLjVDeRWfT3kTX9Dktk0PlEFhKnN0lKCIGG-_jc67bKpU9ZInNE7SxG47d4kX9Xr2IZjTx7-zBrNCwdvlUxQfBqPJOKIMu91I8xc4t2REIoChTiHsneDzN-xbKEMSiBhrHyDBHaUXcYKGwN1RuEypjgxbE03j9XIOdD-0sxBoXXHgFSRQkWvGARErqulg5B7Bcht3rL4rn2g&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook.office.com&scriptVer=20230616004.15&animation=true

Resource

win10v2004-20230621-en

windows10-2004-x64

9 signatures

150 seconds

General

Target

https://attachments.office.net/owa/[email protected]/service.svc/s/GetAttachmentThumbnail?id=AAMkAGQ3NWViOGU1LWNlOWYtNDNlYy04MWU4LTc2ZDkzNmE1NjMwYgBGAAAAAABkwhxTV1iRRbMKWLkYV%2BkvBwBunZWj3xSvQ4jRH9zUW6%2BVAAAAAAEMAABunZWj3xSvQ4jRH9zUW6%2BVAAGObKzhAAABEgAQAKaJKr0l1WFPqqr7M8s9A3E%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNjBiMmJhNzE2MTM2NDg1YmFjNTVkMTRlNmZiMTM1NzYiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQDdmNWFmMzgyLTg4YmEtNGM3Zi04ZDhlLTU1ZDJhZGEyNDJkZCIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTExODIzNzQ4MDYxNlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcIjBkZjEzNjhiLTY3ZGYtNGZlMC05ZjlhLWNmY2Q0NTU2YTRjMVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtMzcyMjUyNDY5OS0zMzU3MjI4MjYwLTE3OTQ2MzM5ODUtNzE2MzUxMFwifSIsIm5iZiI6MTY4ODEzNTk2NiwiZXhwIjoxNjg4MTM2NTY2LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAN2Y1YWYzODItODhiYS00YzdmLThkOGUtNTVkMmFkYTI0MmRkIiwiaGFwcCI6Im93YSJ9.WZCfCub2geYLiCe5vq-2qvXG_3AvDzu7Ei5HWEz9QkUwcjH3yqWv1dHxcCRVVDTIOVF8gjtxKQlFQEZTp996g4u7dFshjRe5hoHZ6EwdcfM6YrCvr_CMtP6MDpGj59_aVaRfI0ARuWbLjVDeRWfT3kTX9Dktk0PlEFhKnN0lKCIGG-_jc67bKpU9ZInNE7SxG47d4kX9Xr2IZjTx7-zBrNCwdvlUxQfBqPJOKIMu91I8xc4t2REIoChTiHsneDzN-xbKEMSiBhrHyDBHaUXcYKGwN1RuEypjgxbE03j9XIOdD-0sxBoXXHgFSRQkWvGARErqulg5B7Bcht3rL4rn2g&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook.office.com&scriptVer=20230616004.15&animation=true

Score

8^/10

phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing

Resubmissions

Sharing

General

Malware Config

Signatures

Files