hxxps://attachments[.]office[.]net/owa/david_herrera%40bantrab[.]com/service[.]svc/s/GetAttachmentThumbnail?id=AAMkADhkZmY5ZjdlLTdjMGEtNDFmNC05MjNlLTgyNzU5MTU0MTUzNQBGAAAAAACdLRQ1XxEcQKLs34yaMSqQBwDZvZxU99gRSpvTERzp1Q%2FXAAAAAAEMAADZvZxU99gRSpvTERzp1Q%2FXAAE%2Blw%2F4AAABEgAQAIVgNpUmMA5AklB4s4Ecal4%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ[.]eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiMTNkOGY4MGIyMmNkNGI3N2JmYzljNjMzODIwMTEzY2UiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQGU5NWQxOWNiLTg3MjUtNGIwYi04Y2UyLWZmNDJiZTlhZTZlOSIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTEyMjAyMzg2OTQ5NlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcImQ3N2ViODJjLWNmOTktNGNmYi1hYzUyLWFiMTQ1MGViYjFmNVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtNzk1ODQ0NTkyLTEwMzM2MDE0MTgtNDA1MDIyODgyOC0yMzc4NTU1XCJ9IiwibmJmIjoxNjg4NzQ2NTI4LCJleHAiOjE2ODg3NDcxMjgsImlzcyI6IjAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJhdWQiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvYXR0YWNobWVudHMub2ZmaWNlLm5ldEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJoYXBwIjoib3dhIn0[.]OsvIO5wIqWbsrUuf8VSIswEGQRRDKtDy31N4NegzKZqJGekhqnbhUjX1scMtxtj3WqzWc-qErYmg_RWLSafcc9CBBGBdyc1elasdm33bhnFvKfya395mlgIRqJEvKDAP8Go4qMiQ4toyiHQeXH7DTelsg7k7viG8cgJ0JdlKFiXe8FTkXGMgchvbAIFXYbdaZTZBnuLdIV5dnCD8emD0ExKV_RqHclQyAXlW7pVa71GHlCrbeSYxEqvo76FgajbubovHnSgF3NzorYNtJJyYB264hXmwaDC6D8843zgMhLdUDrk9giP-Gz5rpn7rRpwiZH5_oGCMhWC_HOUDOzYy_w&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook[.]office[.]com&scriptVer=20230630004[.]03&animation=true

Resubmissions

07/07/2023, 16:23

230707-tvvw9sbb6v 8

07/07/2023, 16:19

230707-tsxyvaab84 8

Sharing

Copy URL Twitter E-mail

Behavioral task

behavioral1

Sample

https://attachments.office.net/owa/david_herrera%40bantrab.com/service.svc/s/GetAttachmentThumbnail?id=AAMkADhkZmY5ZjdlLTdjMGEtNDFmNC05MjNlLTgyNzU5MTU0MTUzNQBGAAAAAACdLRQ1XxEcQKLs34yaMSqQBwDZvZxU99gRSpvTERzp1Q%2FXAAAAAAEMAADZvZxU99gRSpvTERzp1Q%2FXAAE%2Blw%2F4AAABEgAQAIVgNpUmMA5AklB4s4Ecal4%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiMTNkOGY4MGIyMmNkNGI3N2JmYzljNjMzODIwMTEzY2UiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQGU5NWQxOWNiLTg3MjUtNGIwYi04Y2UyLWZmNDJiZTlhZTZlOSIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTEyMjAyMzg2OTQ5NlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcImQ3N2ViODJjLWNmOTktNGNmYi1hYzUyLWFiMTQ1MGViYjFmNVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtNzk1ODQ0NTkyLTEwMzM2MDE0MTgtNDA1MDIyODgyOC0yMzc4NTU1XCJ9IiwibmJmIjoxNjg4NzQ2NTI4LCJleHAiOjE2ODg3NDcxMjgsImlzcyI6IjAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJhdWQiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvYXR0YWNobWVudHMub2ZmaWNlLm5ldEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJoYXBwIjoib3dhIn0.OsvIO5wIqWbsrUuf8VSIswEGQRRDKtDy31N4NegzKZqJGekhqnbhUjX1scMtxtj3WqzWc-qErYmg_RWLSafcc9CBBGBdyc1elasdm33bhnFvKfya395mlgIRqJEvKDAP8Go4qMiQ4toyiHQeXH7DTelsg7k7viG8cgJ0JdlKFiXe8FTkXGMgchvbAIFXYbdaZTZBnuLdIV5dnCD8emD0ExKV_RqHclQyAXlW7pVa71GHlCrbeSYxEqvo76FgajbubovHnSgF3NzorYNtJJyYB264hXmwaDC6D8843zgMhLdUDrk9giP-Gz5rpn7rRpwiZH5_oGCMhWC_HOUDOzYy_w&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook.office.com&scriptVer=20230630004.03&animation=true

Resource

win10v2004-20230703-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

https://attachments.office.net/owa/david_herrera%40bantrab.com/service.svc/s/GetAttachmentThumbnail?id=AAMkADhkZmY5ZjdlLTdjMGEtNDFmNC05MjNlLTgyNzU5MTU0MTUzNQBGAAAAAACdLRQ1XxEcQKLs34yaMSqQBwDZvZxU99gRSpvTERzp1Q%2FXAAAAAAEMAADZvZxU99gRSpvTERzp1Q%2FXAAE%2Blw%2F4AAABEgAQAIVgNpUmMA5AklB4s4Ecal4%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiMTNkOGY4MGIyMmNkNGI3N2JmYzljNjMzODIwMTEzY2UiLCJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQGU5NWQxOWNiLTg3MjUtNGIwYi04Y2UyLWZmNDJiZTlhZTZlOSIsImlzc3JpbmciOiJXVyIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHVpZFwiOlwiMTE1MzgwMTEyMjAyMzg2OTQ5NlwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCIsXCJvaWRcIjpcImQ3N2ViODJjLWNmOTktNGNmYi1hYzUyLWFiMTQ1MGViYjFmNVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtNzk1ODQ0NTkyLTEwMzM2MDE0MTgtNDA1MDIyODgyOC0yMzc4NTU1XCJ9IiwibmJmIjoxNjg4NzQ2NTI4LCJleHAiOjE2ODg3NDcxMjgsImlzcyI6IjAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJhdWQiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvYXR0YWNobWVudHMub2ZmaWNlLm5ldEBlOTVkMTljYi04NzI1LTRiMGItOGNlMi1mZjQyYmU5YWU2ZTkiLCJoYXBwIjoib3dhIn0.OsvIO5wIqWbsrUuf8VSIswEGQRRDKtDy31N4NegzKZqJGekhqnbhUjX1scMtxtj3WqzWc-qErYmg_RWLSafcc9CBBGBdyc1elasdm33bhnFvKfya395mlgIRqJEvKDAP8Go4qMiQ4toyiHQeXH7DTelsg7k7viG8cgJ0JdlKFiXe8FTkXGMgchvbAIFXYbdaZTZBnuLdIV5dnCD8emD0ExKV_RqHclQyAXlW7pVa71GHlCrbeSYxEqvo76FgajbubovHnSgF3NzorYNtJJyYB264hXmwaDC6D8843zgMhLdUDrk9giP-Gz5rpn7rRpwiZH5_oGCMhWC_HOUDOzYy_w&X-OWA-CANARY=X-OWA-CANARY_cookie_is_null_or_empty&owa=outlook.office.com&scriptVer=20230630004.03&animation=true

Score

8^/10

phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing

Resubmissions

Sharing

General

Malware Config

Signatures

Files