Overview

overview

8

Static

static

8

URLScan

urlscan

https://outlook.offi...

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=jdevendorf%40barclaydamon.com&senderemailaddress=OOC%40citizensbank.com&senderorganization=AwGNAAAAAokAAAADAQAAAIM%2fny11uodEofCjAPo39WxPVT1jaXRpemVuc2ZpbmFuY2lhbGdyb3VwLm9ubWljcm9zb2Z0LmNvbSxPVT1NaWNyb3NvZnQgRXhjaGFuZ2UgSG9zdGVkIE9yZ2FuaXphdGlvbnMsREM9TkFNUFIwMUEwMTAsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTfZ%2bNib787FKieqjHIyXNL9DTj1Db25maWd1cmF0aW9uLENOPWNpdGl6ZW5zZmluYW5jaWFsZ3JvdXAub25taWNyb3NvZnQuY29tLENOPUNvbmZpZ3VyYXRpb25Vbml0cyxEQz1OQU1QUjAxQTAxMCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NAQ%3d%3d&messageid=%3cMN0PR01MB770738554A970FFAE0DED721F4C12%40MN0PR01MB7707.prod.exchangelabs.com%3e&cfmRecipient=SystemMailbox%7b67f0a663-4dc7-4c86-9784-bff2dfdd2bd5%7d%40citizensfinancialgroup.onmicrosoft.com&consumerEncryption=false&senderorgid=c9797bcf-8071-4c75-9ff0-5e2c6d7f5d4d&customizationTemplate=CustomOME&expiryDate=133679649229383627&urldecoded=1&e4e_sdata=c42sPYF01%2b5eka2W%2b0y%2bRc%2b6z4VUkGgH1LBlnz4M5%2fJV74yCCDeRHsyATWK2%2frawJz8Ulle8AveslvQDS4tdyPdrf%2bWpL1uKJAEBkfHX77O47HdQg2t5RzSBdFlbKt7D8PkGLn8TbBo%2f0WG994f46L6m0PKU1enl2NUd1JCYPRrOFtrZwp9m%2fWkwG%2feoya6XYgdpm4Rw1VnbSzmHeJqmSfuH21T5AhQCNVdbCtRFEiDp2Of7rZzW6SAur2WpAWdljm5jHgWDavc8oSVTxHfnG2LF3UTKk%2fl6G5TyrBVmyroQpcCFBPEK4xMwnUlbqb6GaP7IaYOEhQFmzgTFAaJIkQ%3d%3d

  • Sample

    240614-pbt4eazfjd

Score
8/10
phishing

Malware Config

Targets

    • Target

      https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=jdevendorf%40barclaydamon.com&senderemailaddress=OOC%40citizensbank.com&senderorganization=AwGNAAAAAokAAAADAQAAAIM%2fny11uodEofCjAPo39WxPVT1jaXRpemVuc2ZpbmFuY2lhbGdyb3VwLm9ubWljcm9zb2Z0LmNvbSxPVT1NaWNyb3NvZnQgRXhjaGFuZ2UgSG9zdGVkIE9yZ2FuaXphdGlvbnMsREM9TkFNUFIwMUEwMTAsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTfZ%2bNib787FKieqjHIyXNL9DTj1Db25maWd1cmF0aW9uLENOPWNpdGl6ZW5zZmluYW5jaWFsZ3JvdXAub25taWNyb3NvZnQuY29tLENOPUNvbmZpZ3VyYXRpb25Vbml0cyxEQz1OQU1QUjAxQTAxMCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NAQ%3d%3d&messageid=%3cMN0PR01MB770738554A970FFAE0DED721F4C12%40MN0PR01MB7707.prod.exchangelabs.com%3e&cfmRecipient=SystemMailbox%7b67f0a663-4dc7-4c86-9784-bff2dfdd2bd5%7d%40citizensfinancialgroup.onmicrosoft.com&consumerEncryption=false&senderorgid=c9797bcf-8071-4c75-9ff0-5e2c6d7f5d4d&customizationTemplate=CustomOME&expiryDate=133679649229383627&urldecoded=1&e4e_sdata=c42sPYF01%2b5eka2W%2b0y%2bRc%2b6z4VUkGgH1LBlnz4M5%2fJV74yCCDeRHsyATWK2%2frawJz8Ulle8AveslvQDS4tdyPdrf%2bWpL1uKJAEBkfHX77O47HdQg2t5RzSBdFlbKt7D8PkGLn8TbBo%2f0WG994f46L6m0PKU1enl2NUd1JCYPRrOFtrZwp9m%2fWkwG%2feoya6XYgdpm4Rw1VnbSzmHeJqmSfuH21T5AhQCNVdbCtRFEiDp2Of7rZzW6SAur2WpAWdljm5jHgWDavc8oSVTxHfnG2LF3UTKk%2fl6G5TyrBVmyroQpcCFBPEK4xMwnUlbqb6GaP7IaYOEhQFmzgTFAaJIkQ%3d%3d

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks