General
-
Target
https://www.paypal.com/signin/?returnUri=%2Fmyaccount%2Ftransfer%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq&id=ptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ&expId=p2p&onboardData=%7B%22signUpRequest%22%3A%7B%22method%22%3A%22get%22%2C%22url%22%3A%22https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Ftransfer%2FguestLogin%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq%26id%3DptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ%22%7D%7D&flowContextData=8NsWouwoA552GBm0AVT1fbGICc4wcFTb4APVHTCLw93AHFUrDnYY4DFlvRo09JKGgyd3bELL_lUe9rHEuLippDrU4KbGMD28H6VKYrwg4yAxFmVReOJT5TDtOf6tUeDAW1-IyYhl5_liM4yIwmcaT1G_RLr3IcXL5jHV5DkIGKqmo6kfAR4dCAspPu4a2KyaMIB_AWR8UAVlZNTCLJUrKPdppzMVKENbgwXQ8RsQn6X96IIdlReUoU-A6R84CIJn_od2JWoV-MFfRJYRCi2OlLPud18ohPBQspXztmfTAEajrvGo89LCSSv6_DS5HpZDAAq9RblvQ6JXcq978P_93XCMsbXt_0yhZQ0kS4lNEA4fqvEgNNT5Oq-cP7yhgCcYAYoKjNNoYXyCYjXAupeeE-Qj-WB4EKJfHXC_Om0cC8VwCG1loVFpnhYfdgtyFVZmxSAmBWW5a8GnXMJdLTJ654AmpGgXfcXbM0nNRIXowMGukP12J1Kl4uD1gMGBix-iQxAVa8J_lJMvODiSwXlABZKJjR1j5PA1GuYn8maXNG10wGrYdFeIqiBr4BzmLltIwi5_JW&v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&calc=f909668e297c0&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.293.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=www.paypal.com_signin
-
Sample
241118-xzpgtstenk
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.paypal.com/signin/?returnUri=%2Fmyaccount%2Ftransfer%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq&id=ptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ&expId=p2p&onboardData=%7B%22signUpRequest%22%3A%7B%22method%22%3A%22get%22%2C%22url%22%3A%22https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Ftransfer%2FguestLogin%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq%26id%3DptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ%22%7D%7D&flowContextData=8NsWouwoA552GBm0AVT1fbGICc4wcFTb4APVHTCLw93AHFUrDnYY4DFlvRo09JKGgyd3bELL_lUe9rHEuLippDrU4KbGMD28H6VKYrwg4yAxFmVReOJT5TDtOf6tUeDAW1-IyYhl5_liM4yIwmcaT1G_RLr3IcXL5jHV5DkIGKqmo6kfAR4dCAspPu4a2KyaMIB_AWR8UAVlZNTCLJUrKPdppzMVKENbgwXQ8RsQn6X96IIdlReUoU-A6R84CIJn_od2JWoV-MFfRJYRCi2OlLPud18ohPBQspXztmfTAEajrvGo89LCSSv6_DS5HpZDAAq9RblvQ6JXcq978P_93XCMsbXt_0yhZQ0kS4lNEA4fqvEgNNT5Oq-cP7yhgCcYAYoKjNNoYXyCYjXAupeeE-Qj-WB4EKJfHXC_Om0cC8VwCG1loVFpnhYfdgtyFVZmxSAmBWW5a8GnXMJdLTJ654AmpGgXfcXbM0nNRIXowMGukP12J1Kl4uD1gMGBix-iQxAVa8J_lJMvODiSwXlABZKJjR1j5PA1GuYn8maXNG10wGrYdFeIqiBr4BzmLltIwi5_JW&v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&calc=f909668e297c0&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.293.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=www.paypal.com_signin
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
https://www.paypal.com/signin/?returnUri=%2Fmyaccount%2Ftransfer%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq&id=ptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ&expId=p2p&onboardData=%7B%22signUpRequest%22%3A%7B%22method%22%3A%22get%22%2C%22url%22%3A%22https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Ftransfer%2FguestLogin%2FpayRequest%2FU-1KB40730YX163061W%2FU-2RS07800L4826801J%3FclassicUrl%3D%2FUS%2Fcgi-bin%2F%3Fcmd%3D_prq%26id%3DptyIS05lBWl2U9u1YlrfhVRmuIJ7H5gqzPG1GQ%22%7D%7D&flowContextData=8NsWouwoA552GBm0AVT1fbGICc4wcFTb4APVHTCLw93AHFUrDnYY4DFlvRo09JKGgyd3bELL_lUe9rHEuLippDrU4KbGMD28H6VKYrwg4yAxFmVReOJT5TDtOf6tUeDAW1-IyYhl5_liM4yIwmcaT1G_RLr3IcXL5jHV5DkIGKqmo6kfAR4dCAspPu4a2KyaMIB_AWR8UAVlZNTCLJUrKPdppzMVKENbgwXQ8RsQn6X96IIdlReUoU-A6R84CIJn_od2JWoV-MFfRJYRCi2OlLPud18ohPBQspXztmfTAEajrvGo89LCSSv6_DS5HpZDAAq9RblvQ6JXcq978P_93XCMsbXt_0yhZQ0kS4lNEA4fqvEgNNT5Oq-cP7yhgCcYAYoKjNNoYXyCYjXAupeeE-Qj-WB4EKJfHXC_Om0cC8VwCG1loVFpnhYfdgtyFVZmxSAmBWW5a8GnXMJdLTJ654AmpGgXfcXbM0nNRIXowMGukP12J1Kl4uD1gMGBix-iQxAVa8J_lJMvODiSwXlABZKJjR1j5PA1GuYn8maXNG10wGrYdFeIqiBr4BzmLltIwi5_JW&v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=8616a58b-a5d6-11ef-bc8a-8bbd2e03b669&calc=f909668e297c0&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.293.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=www.paypal.com_signin
-