Overview

overview

6

Static

static

1

URLScan

urlscan

1

http://link.csrwire....

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://link.csrwire.com/ls/click?upn=u001.Si0DiArC1V8ZAnBzMk9-2BdVKW245QccVJHq5a8ac9PL1cxKEohrdYzj-2Bi8X2xywdF5x014kxhAPztuH7dRixzSCWE-2BJwchVhYZ74Ivk5CnEAPFl7yJBY43wNoXEBfuRY7zCLn7IFjGzLO2VDHwzMa6b1dQgFTMqVrhr7lYKJs9qSYs-2BIWqneYUpThOMtW8ZRR6Iy8ZluudY9oUF69ErkVqDXRzKWr3ai9QTULytGDiV29M71uRByx3ILXC4dCftaPXs7uLwcN-2Fq23qfOa9hBQnBLpQKGBXMbjA8vk1dffI5M-3DDt_y_eIB-2FMrYSk0wosOVVKSgUBYFJolMgU1V9ft3tDzU6Fm-2Fz4W2S35D5Xr8-2Fb811Ufm-2FHB3u7ealyHMF-2FCNHzVO9vXeiqF5LieacqRqtGcWLFZniQYm8Pap9shQBuArJNgkrL1twOsex0RpXmtOSXenAHka0yR-2BFve-2Fuk5jeCKL08RkmIvNDk0Pu4TIJx2Y5DRZ-2FdcuWLsWlEK9bXH3HuDbCdQ-3D-3D

  • Sample

    240508-fz8f9scf7t

Score
6/10

Malware Config

Targets

    • Target

      http://link.csrwire.com/ls/click?upn=u001.Si0DiArC1V8ZAnBzMk9-2BdVKW245QccVJHq5a8ac9PL1cxKEohrdYzj-2Bi8X2xywdF5x014kxhAPztuH7dRixzSCWE-2BJwchVhYZ74Ivk5CnEAPFl7yJBY43wNoXEBfuRY7zCLn7IFjGzLO2VDHwzMa6b1dQgFTMqVrhr7lYKJs9qSYs-2BIWqneYUpThOMtW8ZRR6Iy8ZluudY9oUF69ErkVqDXRzKWr3ai9QTULytGDiV29M71uRByx3ILXC4dCftaPXs7uLwcN-2Fq23qfOa9hBQnBLpQKGBXMbjA8vk1dffI5M-3DDt_y_eIB-2FMrYSk0wosOVVKSgUBYFJolMgU1V9ft3tDzU6Fm-2Fz4W2S35D5Xr8-2Fb811Ufm-2FHB3u7ealyHMF-2FCNHzVO9vXeiqF5LieacqRqtGcWLFZniQYm8Pap9shQBuArJNgkrL1twOsex0RpXmtOSXenAHka0yR-2BFve-2Fuk5jeCKL08RkmIvNDk0Pu4TIJx2Y5DRZ-2FdcuWLsWlEK9bXH3HuDbCdQ-3D-3D

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks