General
-
Target
https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6ImRrQGhvZ2EtYWcuY2giLCJyZXF1ZXN0SWQiOiJhZTk4MjQ5Yi00NmFhLTQ4NWYtNzg0Yi02YTA2ODIwYjY4NDAiLCJsaW5rIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9pZC91cm46YWFpZDpzYzpWQTZDMjpjMGU4MGQ1OS03MWRiLTRlOTctYTY0Zi1iMjAzOTFlZjY2YTQiLCJsYWJlbCI6IjExIiwibG9jYWxlIjoiZW5fVVMifQ.U6Jo_pC38v4yI592IyOMyuTmoDwDoIdp2bpqbHux_0G0EcqBqi9RAuMr7jJXHQH_5LWA67l9nTjQByG_pp-ATA
-
Sample
240403-hawghsag43
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6ImRrQGhvZ2EtYWcuY2giLCJyZXF1ZXN0SWQiOiJhZTk4MjQ5Yi00NmFhLTQ4NWYtNzg0Yi02YTA2ODIwYjY4NDAiLCJsaW5rIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9pZC91cm46YWFpZDpzYzpWQTZDMjpjMGU4MGQ1OS03MWRiLTRlOTctYTY0Zi1iMjAzOTFlZjY2YTQiLCJsYWJlbCI6IjExIiwibG9jYWxlIjoiZW5fVVMifQ.U6Jo_pC38v4yI592IyOMyuTmoDwDoIdp2bpqbHux_0G0EcqBqi9RAuMr7jJXHQH_5LWA67l9nTjQByG_pp-ATA
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6ImRrQGhvZ2EtYWcuY2giLCJyZXF1ZXN0SWQiOiJhZTk4MjQ5Yi00NmFhLTQ4NWYtNzg0Yi02YTA2ODIwYjY4NDAiLCJsaW5rIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9pZC91cm46YWFpZDpzYzpWQTZDMjpjMGU4MGQ1OS03MWRiLTRlOTctYTY0Zi1iMjAzOTFlZjY2YTQiLCJsYWJlbCI6IjExIiwibG9jYWxlIjoiZW5fVVMifQ.U6Jo_pC38v4yI592IyOMyuTmoDwDoIdp2bpqbHux_0G0EcqBqi9RAuMr7jJXHQH_5LWA67l9nTjQByG_pp-ATA
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-