General
-
Target
http://recp.mkt81.net/ctt?m=9201264&r=MjcwMzc5ODk4MTM3S0&b=0&j=MTY4MDU5NzgyOAS2&k=Language&kx=1&kt=12&kd=//assets-usa.mkt.dynamics.com/2cd19119-032d-ef11-8406-000d3a342d2d/digitalassets/standaloneforms/1799700c-1f2d-ef11-840a-000d3a5c988f??#Ytv1fbx-2FTav-2BQH9ZOs5QAVQoyOVXkjqzWmn068bxJM1DUjUUU5Y-2BBw-3D-3D%26data%3D05%257C02%257Cbob.briggs%2540grammer.com%257Ceacc07dcf1304938423e08dc122cbb1b%257C63d639818f404ab2a0cc299291d700fc%257C0%257C0%257C638405230530695155%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C3000%257C%257C%257C%26sdata%3DidFt5Zdq6%252FFBDWXC9y5X6YRdrAeTIbDuY%252B57c2BGf8Q%253D%26reserved%3D0%26McasTsid%3D20893&McasCSRF=6cb6998babe0869e6f1be1711d4d6fe2f63a7c6279b2ca508c107864e8181b5e
-
Sample
240618-xld4yavbmf
Malware Config
Targets
-
-
Target
http://recp.mkt81.net/ctt?m=9201264&r=MjcwMzc5ODk4MTM3S0&b=0&j=MTY4MDU5NzgyOAS2&k=Language&kx=1&kt=12&kd=//assets-usa.mkt.dynamics.com/2cd19119-032d-ef11-8406-000d3a342d2d/digitalassets/standaloneforms/1799700c-1f2d-ef11-840a-000d3a5c988f??#Ytv1fbx-2FTav-2BQH9ZOs5QAVQoyOVXkjqzWmn068bxJM1DUjUUU5Y-2BBw-3D-3D%26data%3D05%257C02%257Cbob.briggs%2540grammer.com%257Ceacc07dcf1304938423e08dc122cbb1b%257C63d639818f404ab2a0cc299291d700fc%257C0%257C0%257C638405230530695155%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C3000%257C%257C%257C%26sdata%3DidFt5Zdq6%252FFBDWXC9y5X6YRdrAeTIbDuY%252B57c2BGf8Q%253D%26reserved%3D0%26McasTsid%3D20893&McasCSRF=6cb6998babe0869e6f1be1711d4d6fe2f63a7c6279b2ca508c107864e8181b5e
Score6/10-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-