Overview

overview

10

Static

static

8

URLScan

urlscan

10

https://ucnj.lt.emln...

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://ucnj.lt.emlnk.com/Prod/link-tracker?a=%7C%7C478503287%7C%7C&account=ucnj%2Eactivehosted%2Ecom&email=fh1YPNhAaowlWBhxjNzT4LnZY8sGzV4L2lpm4RgxgfHr%2BUhw07XZpsA%3D%3AOKTykNq6MmyIzle2yXhFKY32s6BNxR4c&i=2A4A0A5&iat=1708254622&notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZjbG91ZGZsYXJlLWlwZnMuY29tJTJGaXBmcyUyRmJhZnliZWlhZHQzeHVrNnd6c3Y1a3E2Z2ttbGtpdWYzdWJhaW9lYnVtdmgzc2hnenN6YjJ5czdtb3c0JTJG&s=aGVyY3plZy50YW1hc0B2aWRlb3Rvbi5odQ==&sig=G4qLhCHkkP7JH4fixmLZUvXEkHVom88cwz67j1yCuVZ6#apalomeque@ienova.com.mx

  • Sample

    240227-nmgrsaga7x

Score
10/10
sharepointphishing

Malware Config

Targets

    • Target

      https://ucnj.lt.emlnk.com/Prod/link-tracker?a=%7C%7C478503287%7C%7C&account=ucnj%2Eactivehosted%2Ecom&email=fh1YPNhAaowlWBhxjNzT4LnZY8sGzV4L2lpm4RgxgfHr%2BUhw07XZpsA%3D%3AOKTykNq6MmyIzle2yXhFKY32s6BNxR4c&i=2A4A0A5&iat=1708254622&notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZjbG91ZGZsYXJlLWlwZnMuY29tJTJGaXBmcyUyRmJhZnliZWlhZHQzeHVrNnd6c3Y1a3E2Z2ttbGtpdWYzdWJhaW9lYnVtdmgzc2hnenN6YjJ5czdtb3c0JTJG&s=aGVyY3plZy50YW1hc0B2aWRlb3Rvbi5odQ==&sig=G4qLhCHkkP7JH4fixmLZUvXEkHVom88cwz67j1yCuVZ6#apalomeque@ienova.com.mx

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks