hxxps://attachments[.]office[.]net/owa/suspicious@resolutionlife[.]com[.]au/service[.]svc/s/GetAttachmentThumbnail?id=AAMkAGE1MDgwYzcyLTZhYTUtNDgyMy05ZDQyLTljOWUxMjljN2RmMgBGAAAAAACEmunnZVhQQLHpqubea6wQBwBbzcY7x5R3QY9e2JhrbznRAAAAAAEMAABbzcY7x5R3QY9e2JhrbznRAAIX37WNAAACEgAQAIgYFxPK3IBGiVeq5E5xWyYSABAAg1BpG83fxEGC5hOFiLc8Ow%3D%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ[.]eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNmEyNzViYmM0ZTJmNDNkODg2NTdlYjk4MGE5OWI2MWQiLCJzaWduaW5fc3RhdGUiOiJbXCJkdmNfbW5nZFwiLFwiZHZjX2NtcFwiLFwiZHZjX2RtamRcIixcImlua25vd25udHdrXCIsXCJrbXNpXCJdIiwidmVyIjoiRXhjaGFuZ2UuQ2FsbGJhY2suVjEiLCJhcHBjdHhzZW5kZXIiOiJPd2FEb3dubG9hZEBhMDExMjhhNC1lM2U0LTQzNGMtOGFkNC1iM2Y3OTExNjU1Y2IiLCJpc3NyaW5nIjoiV1ciLCJhcHBjdHgiOiJ7XCJtc2V4Y2hwcm90XCI6XCJvd2FcIixcInB1aWRcIjpcIjExNTM4MDExMjQyNTU5NzcwNjJcIixcInNjb3BlXCI6XCJPd2FEb3dubG9hZFwiLFwib2lkXCI6XCIwZjNiNzA4NC1hNTZlLTRhMGQtOWQzOS1iMzFiNTY5OWQ2YzNcIixcInByaW1hcnlzaWRcIjpcIlMtMS01LTIxLTM3Njc1NjE2MzMtNDI2MDE4MTk4Mi04ODQxMjgyMC0yNzgxNDkxNlwifSIsIm5iZiI6MTcwMDE5MDE5NCwiZXhwIjoxNzAwMTkwNzk0LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiaGFwcCI6Im93YSJ9[.]NhfwINtfA1xba3gWBLIUqZt49aoG__1RSxoNlYUox7MYbL1-5PhB2wIimx6JWFaCpNTmHxYDsNH1J3FNCsBASkpjzT4cqo0XkJhm0x1tPxTVEnUVEx2D38Me4OjOf505Zoexqy7qHB0Y-sMSbUfrgEArVil6bxxD5ZdEq4PHyTZDcmE1oC0ttBcda-JHZ9QYw9tLONIxYCdmXs2phJInZtHK9ihANUk80an4ePax9vLX0QL2F_frG0vLdNcRxA-bsN5ZsX3OTlnTwDxJAwi29c0Sk_nAPTNMZUXI44HryTVAaknOr8wgZAvjSxnawaUWvk_WjbiQaYKC78OJLCkZsw&X-OWA-CANARY=uuzpais5mkCDo9lmzOMTULB79M4a59sYEgC1kjjfuwVXJpOC2_0qbQlEKaHGF_YoZYGZTvmfHr4[.]&owa=outlook[.]office[.]com&scriptVer=20231103003[.]24&animation=true

Sharing

Behavioral task

behavioral1

Sample

https://attachments.office.net/owa/[email protected]/service.svc/s/GetAttachmentThumbnail?id=AAMkAGE1MDgwYzcyLTZhYTUtNDgyMy05ZDQyLTljOWUxMjljN2RmMgBGAAAAAACEmunnZVhQQLHpqubea6wQBwBbzcY7x5R3QY9e2JhrbznRAAAAAAEMAABbzcY7x5R3QY9e2JhrbznRAAIX37WNAAACEgAQAIgYFxPK3IBGiVeq5E5xWyYSABAAg1BpG83fxEGC5hOFiLc8Ow%3D%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNmEyNzViYmM0ZTJmNDNkODg2NTdlYjk4MGE5OWI2MWQiLCJzaWduaW5fc3RhdGUiOiJbXCJkdmNfbW5nZFwiLFwiZHZjX2NtcFwiLFwiZHZjX2RtamRcIixcImlua25vd25udHdrXCIsXCJrbXNpXCJdIiwidmVyIjoiRXhjaGFuZ2UuQ2FsbGJhY2suVjEiLCJhcHBjdHhzZW5kZXIiOiJPd2FEb3dubG9hZEBhMDExMjhhNC1lM2U0LTQzNGMtOGFkNC1iM2Y3OTExNjU1Y2IiLCJpc3NyaW5nIjoiV1ciLCJhcHBjdHgiOiJ7XCJtc2V4Y2hwcm90XCI6XCJvd2FcIixcInB1aWRcIjpcIjExNTM4MDExMjQyNTU5NzcwNjJcIixcInNjb3BlXCI6XCJPd2FEb3dubG9hZFwiLFwib2lkXCI6XCIwZjNiNzA4NC1hNTZlLTRhMGQtOWQzOS1iMzFiNTY5OWQ2YzNcIixcInByaW1hcnlzaWRcIjpcIlMtMS01LTIxLTM3Njc1NjE2MzMtNDI2MDE4MTk4Mi04ODQxMjgyMC0yNzgxNDkxNlwifSIsIm5iZiI6MTcwMDE5MDE5NCwiZXhwIjoxNzAwMTkwNzk0LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiaGFwcCI6Im93YSJ9.NhfwINtfA1xba3gWBLIUqZt49aoG__1RSxoNlYUox7MYbL1-5PhB2wIimx6JWFaCpNTmHxYDsNH1J3FNCsBASkpjzT4cqo0XkJhm0x1tPxTVEnUVEx2D38Me4OjOf505Zoexqy7qHB0Y-sMSbUfrgEArVil6bxxD5ZdEq4PHyTZDcmE1oC0ttBcda-JHZ9QYw9tLONIxYCdmXs2phJInZtHK9ihANUk80an4ePax9vLX0QL2F_frG0vLdNcRxA-bsN5ZsX3OTlnTwDxJAwi29c0Sk_nAPTNMZUXI44HryTVAaknOr8wgZAvjSxnawaUWvk_WjbiQaYKC78OJLCkZsw&X-OWA-CANARY=uuzpais5mkCDo9lmzOMTULB79M4a59sYEgC1kjjfuwVXJpOC2_0qbQlEKaHGF_YoZYGZTvmfHr4.&owa=outlook.office.com&scriptVer=20231103003.24&animation=true

Resource

win10v2004-20231025-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

https://attachments.office.net/owa/[email protected]/service.svc/s/GetAttachmentThumbnail?id=AAMkAGE1MDgwYzcyLTZhYTUtNDgyMy05ZDQyLTljOWUxMjljN2RmMgBGAAAAAACEmunnZVhQQLHpqubea6wQBwBbzcY7x5R3QY9e2JhrbznRAAAAAAEMAABbzcY7x5R3QY9e2JhrbznRAAIX37WNAAACEgAQAIgYFxPK3IBGiVeq5E5xWyYSABAAg1BpG83fxEGC5hOFiLc8Ow%3D%3D&thumbnailType=2&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjczRkI5QkJFRjYzNjc4RDRGN0U4NEI0NDBCQUJCMTJBMzM5RDlGOTgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJjX3VidnZZMmVOVDM2RXRFQzZ1eEtqT2RuNWcifQ.eyJvcmlnaW4iOiJodHRwczovL291dGxvb2sub2ZmaWNlLmNvbSIsInVjIjoiNmEyNzViYmM0ZTJmNDNkODg2NTdlYjk4MGE5OWI2MWQiLCJzaWduaW5fc3RhdGUiOiJbXCJkdmNfbW5nZFwiLFwiZHZjX2NtcFwiLFwiZHZjX2RtamRcIixcImlua25vd25udHdrXCIsXCJrbXNpXCJdIiwidmVyIjoiRXhjaGFuZ2UuQ2FsbGJhY2suVjEiLCJhcHBjdHhzZW5kZXIiOiJPd2FEb3dubG9hZEBhMDExMjhhNC1lM2U0LTQzNGMtOGFkNC1iM2Y3OTExNjU1Y2IiLCJpc3NyaW5nIjoiV1ciLCJhcHBjdHgiOiJ7XCJtc2V4Y2hwcm90XCI6XCJvd2FcIixcInB1aWRcIjpcIjExNTM4MDExMjQyNTU5NzcwNjJcIixcInNjb3BlXCI6XCJPd2FEb3dubG9hZFwiLFwib2lkXCI6XCIwZjNiNzA4NC1hNTZlLTRhMGQtOWQzOS1iMzFiNTY5OWQ2YzNcIixcInByaW1hcnlzaWRcIjpcIlMtMS01LTIxLTM3Njc1NjE2MzMtNDI2MDE4MTk4Mi04ODQxMjgyMC0yNzgxNDkxNlwifSIsIm5iZiI6MTcwMDE5MDE5NCwiZXhwIjoxNzAwMTkwNzk0LCJpc3MiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiYXVkIjoiMDAwMDAwMDItMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwL2F0dGFjaG1lbnRzLm9mZmljZS5uZXRAYTAxMTI4YTQtZTNlNC00MzRjLThhZDQtYjNmNzkxMTY1NWNiIiwiaGFwcCI6Im93YSJ9.NhfwINtfA1xba3gWBLIUqZt49aoG__1RSxoNlYUox7MYbL1-5PhB2wIimx6JWFaCpNTmHxYDsNH1J3FNCsBASkpjzT4cqo0XkJhm0x1tPxTVEnUVEx2D38Me4OjOf505Zoexqy7qHB0Y-sMSbUfrgEArVil6bxxD5ZdEq4PHyTZDcmE1oC0ttBcda-JHZ9QYw9tLONIxYCdmXs2phJInZtHK9ihANUk80an4ePax9vLX0QL2F_frG0vLdNcRxA-bsN5ZsX3OTlnTwDxJAwi29c0Sk_nAPTNMZUXI44HryTVAaknOr8wgZAvjSxnawaUWvk_WjbiQaYKC78OJLCkZsw&X-OWA-CANARY=uuzpais5mkCDo9lmzOMTULB79M4a59sYEgC1kjjfuwVXJpOC2_0qbQlEKaHGF_YoZYGZTvmfHr4.&owa=outlook.office.com&scriptVer=20231103003.24&animation=true

Score

8^/10

phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing

Sharing

General

Malware Config

Signatures

Files