General
-
Target
https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d
-
Sample
240709-tfrw3ataqg
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Targets
-
-
Target
https://msworldw-my.sharepoint.com/:f:/g/personal/cvillegas_grupoms_com_mx/Et24UAlIVFxHjBP30w9cpI0BCsH5IwuKOSe_60xlT68BcQ?e=0BQzdX&xsdata=MDV8MDJ8c3ZldGxhbmEubGFmbGV1ckB0ZWNobmlwZm1jLmNvbXxjMDc1N2NlNWE5NGM0NTlmYWZiMTA4ZGNhMDJhOGFmOXwwODA0Yzk1MTkzYTA0MDVkODBlNGZhODdjNzU1MWQ2YXwwfDB8NjM4NTYxMzUzNjI0MTExMjI0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXw2MDAwMHx8fA%3d%3d&sdata=d0swc3h2TXBLSENaU3ZVcm96M2IzcTFhc0JjNCtWNE4vRzdjcnYrcXFvYz0%3d
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-