General

  • Target

    https://lcdgdamas.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZjbG91ZGZsYXJlLWlwZnMuY29tJTJGaXBmcyUyRmJhZnliZWlkanN0dndybWRwZmZ4enZ5aGhkZWRkaXN4aGRoYzVuZnZ2cTNwNGtiMnNqbWJjM2FtZDNxJTJGQ1BvNmZpYW4uaHRt&sig=BBnVSaCgCs4waHH7RegHsns6AhtmcnXKQwo9xnTRehDN&iat=1716275718&a=%7C%7C1003198648%7C%7C&account=lcdgdamas%2Eactivehosted%2Ecom&email=Auj11iW0ZAosuaShTEnUKuoG%2BHdayjCM4et5TQW%2BC4SnOY1G5kCKI6w%3D%3AxaQXvYdJKunLLUf9knN4DGr8IoFqK03U&s=YWph dmFpZGdvbmc2NTVAeWFuZGV4LmNvbQ==&i=7A9A0A21#n.myrtollari@neptun.al

  • Sample

    240521-kkwldafa4t

Score
10/10

Malware Config

Targets

    • Target

      https://lcdgdamas.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZjbG91ZGZsYXJlLWlwZnMuY29tJTJGaXBmcyUyRmJhZnliZWlkanN0dndybWRwZmZ4enZ5aGhkZWRkaXN4aGRoYzVuZnZ2cTNwNGtiMnNqbWJjM2FtZDNxJTJGQ1BvNmZpYW4uaHRt&sig=BBnVSaCgCs4waHH7RegHsns6AhtmcnXKQwo9xnTRehDN&iat=1716275718&a=%7C%7C1003198648%7C%7C&account=lcdgdamas%2Eactivehosted%2Ecom&email=Auj11iW0ZAosuaShTEnUKuoG%2BHdayjCM4et5TQW%2BC4SnOY1G5kCKI6w%3D%3AxaQXvYdJKunLLUf9knN4DGr8IoFqK03U&s=YWph dmFpZGdvbmc2NTVAeWFuZGV4LmNvbQ==&i=7A9A0A21#n.myrtollari@neptun.al

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Command and Control

Web Service

1
T1102

Tasks