General
-
Target
https://ehtosgroup.com/?b9df5ufpk=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9NWRhYjgzMzUtOTU5OC1iMmYxLTE5M2YtZjcyZTc3OGNmZmNhJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUxOTg4ODExMTA5Njc3NC5lNmRiMjM0Yi01YmIyLTRlOGYtOWU0ZC0xNWM4NDgxNTBlNGMmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNERlFQRTRvYlZ0Ml9WajgyVTBDZ0Qxc0laVUk5SGFwMEZCVklpcWo5YzZudDJYMVlrTXhxOGl1RHc3bmhTUlRXVW1LODB6eEh2bjk3dndE
-
Sample
240522-3xywdadg8v
Malware Config
Targets
-
-
Target
https://ehtosgroup.com/?b9df5ufpk=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9NWRhYjgzMzUtOTU5OC1iMmYxLTE5M2YtZjcyZTc3OGNmZmNhJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUxOTg4ODExMTA5Njc3NC5lNmRiMjM0Yi01YmIyLTRlOGYtOWU0ZC0xNWM4NDgxNTBlNGMmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNERlFQRTRvYlZ0Ml9WajgyVTBDZ0Qxc0laVUk5SGFwMEZCVklpcWo5YzZudDJYMVlrTXhxOGl1RHc3bmhTUlRXVW1LODB6eEh2bjk3dndE
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-