General
-
Target
https://d.adroll.com/2015-12-11/emailsubscribe/?sendroll_payload=%98%92%A4sr_a%B66TO62S5Q7FBFVF4Y73PFEO%92%A4sr_c%B6B6WF25BVPBE6DLJB4C8SEN%92%A4sr_e%B6SXA2ZXMLMVF57ENSD68SEN%92%A4sr_r%AFmanojas%40ekfc.ae%92%A4sr_d%B6JFWK2S5FQNGQVPW7OJ8SEN%92%A4sr_u%DA%01%A3https%3A%2F%2Fwww.honey.services%2Frr%3Futm_nr_link_xpath%3D%252Fhtml%252Fbody%252Ftable%252Ftbody%252Ftr%252Ftd%252Ftable%255B1%255D%252Ftbody%252Ftr%252Ftd%252Ftable%252Ftbody%252Ftr%252Ftd%252Ftable%252Ftbody%252Ftr%252Ftd%252Fdiv%252Fdiv%252Fp%252Fspan%252Fa%26utm_source%3Dadroll%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-01---2024%252F01%252F22%26utm_nr_campaign_eid%3DB6WF25BVPBE6DLJB4C8SEN%26utm_nr_campaign_email_eid%3DSXA2ZXMLMVF57ENSD68SEN%26utm_nr_delayed_email_eid%3DJFWK2S5FQNGQVPW7OJ8SEN%92%A5sr_cn%DA%00%21Newsletter+01+-+2024%2F01%2F22+%28copy%29%92%A5sr_es%DA%00%28%3D%3FUTF-8%3FB%3FU2hpcG1lbnQgIzcxNDAwMTI1NjM%3D%3F%3D&sr_sg=SR18GMYYT66RUL4NHIIQ5DATAY5SQI8MWXU6WQ
Malware Config
Signatures
-
A potential corporate email address has been identified in the URL: sra6TO62S5Q7FBFVF4Y73PFEOsrcB6WF25BVPBE6DLJB4C8SENsreSXA2ZXMLMVF57ENSD68SENsrrmanojas@ekfc.aesrdJFWK2S5FQNGQVPW7OJ8SENsruhttpswww.honey.servicesrrutmnrlinkxpath2Fhtml2Fbody2Ftable2Ftbody2Ftr2Ftd2Ftable5B15D2Ftbody2Ftr2Ftd2Ftable2Ftbody2Ftr2Ftd2Ftable2Ftbody2Ftr2Ftd2Fdiv2Fdiv2Fp2Fspan2Fautmsourceadrollutmmediumemailutmcampaignnewsletter0120242F012F22utmnrcampaigneidB6WF25BVPBE6DLJB4C8SENutmnrcampaignemaileidSXA2ZXMLMVF57ENSD68SENutmnrdelayedemaileidJFWK2S5FQNGQVPW7OJ8SENsrcnNewsletter0120240122copysresUTF8BU2hpcG1lbnQgIzcxNDAwMTI1NjM