General

  • Target

    https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d

  • Sample

    240709-tfrw3ataqg

Malware Config

Targets

    • Target

      https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d

    Score
    6/10
    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks