Overview

overview

6

Static

static

1

URLScan

urlscan

1

http://click.promote...

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://click.promote.weebly.com/ls/click?upn=u001.7i5irEreM-2F5o8b396UackAZ3FHqG1unuAmguvSscUrPEOvVtjoMCYRZpEqxQ0ZRapwafxHwjrQYTUpomfLBBXQ-3D-3D_6EP_naYZ0EbwNfWhECeLvwlxmDbJve4AWt-2FuDxXYqt-2BVLoorkB1lgJoUdQVFnUK4K0ej0WDkRucUuToL0SewXUuSBL4vcee4WCUKGWrNkHpQJyjXUNJo4KmZRgAcRd3Pz06HP-2FWCqE3x8Tl6SByZldKkhikX3Vr0BCpnDKd6OcVm6PIpmxdkfy0Py0tDk4VJOAw15clzjlfaKeNk00XT6s2JdQcDyQFH8HJ5J7SP9ccV-2FSUbnQmzof79i0DNXnQnCJFNqI1Z2vH5tSvFAx1U1LuOoYPS2OgGYfWf2hZbUNA23yMpg3VPKHAoP-2F9jUps-2Bz3gSR1ItU-2FMr4Rk36Rnrdp4upR3yt2KBXUsRQ8z2DgXBUGCpYF8FSxGqhBn-2FzrpyHv8xrYvElagb2973-2FnKLrn2wLFf-2FD7Kr-2FZHWAmSrvEXD-2FIRadmfuhm0WK5WCpOjOmNv6EJ2qBvXXKFhJGTTeiSBSPhWoJhFe3raKOyqaUk6pxlE-3D

  • Sample

    241010-hb452szdra

Score
6/10
discoverymotwphishing

Malware Config

Targets

    • Target

      http://click.promote.weebly.com/ls/click?upn=u001.7i5irEreM-2F5o8b396UackAZ3FHqG1unuAmguvSscUrPEOvVtjoMCYRZpEqxQ0ZRapwafxHwjrQYTUpomfLBBXQ-3D-3D_6EP_naYZ0EbwNfWhECeLvwlxmDbJve4AWt-2FuDxXYqt-2BVLoorkB1lgJoUdQVFnUK4K0ej0WDkRucUuToL0SewXUuSBL4vcee4WCUKGWrNkHpQJyjXUNJo4KmZRgAcRd3Pz06HP-2FWCqE3x8Tl6SByZldKkhikX3Vr0BCpnDKd6OcVm6PIpmxdkfy0Py0tDk4VJOAw15clzjlfaKeNk00XT6s2JdQcDyQFH8HJ5J7SP9ccV-2FSUbnQmzof79i0DNXnQnCJFNqI1Z2vH5tSvFAx1U1LuOoYPS2OgGYfWf2hZbUNA23yMpg3VPKHAoP-2F9jUps-2Bz3gSR1ItU-2FMr4Rk36Rnrdp4upR3yt2KBXUsRQ8z2DgXBUGCpYF8FSxGqhBn-2FzrpyHv8xrYvElagb2973-2FnKLrn2wLFf-2FD7Kr-2FZHWAmSrvEXD-2FIRadmfuhm0WK5WCpOjOmNv6EJ2qBvXXKFhJGTTeiSBSPhWoJhFe3raKOyqaUk6pxlE-3D

    Score
    6/10
    discoverymotwphishing

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks