General

  • Target

    https://ebay.onelink.me/TAsm?3ihwpid=Email&c=CM_Incentives_App-only_program&Country=UK&af_web_dp=https://brandequity.economictimes.indiatimes.com.////etl.php?url=hxjskaiujndjskwijnxhbsnaqgwhslxmisowlkm.pages.dev/#?email=YnJhbmR5LmhhaXJlbGxAdGRjai50ZXhhcy5nb3Y=

  • Sample

    240808-1f9kfatfqa

Malware Config

Targets

    • Target

      https://ebay.onelink.me/TAsm?3ihwpid=Email&c=CM_Incentives_App-only_program&Country=UK&af_web_dp=https://brandequity.economictimes.indiatimes.com.////etl.php?url=hxjskaiujndjskwijnxhbsnaqgwhslxmisowlkm.pages.dev/#?email=YnJhbmR5LmhhaXJlbGxAdGRjai50ZXhhcy5nb3Y=

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks