General
-
Target
https://secure-web.cisco.com/1YnI6qkhd5GXSkZfZd7WDhVASwUGo4NlSsxzSYIqcF41o8n61pr6FC4SYTa0lDJkhz8jkuMmtnOICFw6udyMC2x8SXpodMh7WcWGCq3xoYUdroAj-Sot9mIF2aNqiGIBJa7MZ_iUpumSn362yJxHxN5g3J3yUWXGjbPsmte9DfNWaLzmrqJVG62mnz_LQ1ThzWP1vDBLWCetR9rH46MElZ7lSp7k4c_V3nR1w45ii_rIEm3GHE3FVW5XAS-XBCtMPAELxfRkuwWtu0QPMqk1RsJLeZrX4IdQYHZLkTCa3Ac_jFJnM8PPskjgYBWJzph3jt1GFEwhv6ItP7MlH_D6eeA/https%3A%2F%2Fapp.box.com%2Fs%2F25nmxk3r6x8jjf97l5nt9o7by0khdb7l
-
Sample
241120-v99jmszqbz
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://secure-web.cisco.com/1YnI6qkhd5GXSkZfZd7WDhVASwUGo4NlSsxzSYIqcF41o8n61pr6FC4SYTa0lDJkhz8jkuMmtnOICFw6udyMC2x8SXpodMh7WcWGCq3xoYUdroAj-Sot9mIF2aNqiGIBJa7MZ_iUpumSn362yJxHxN5g3J3yUWXGjbPsmte9DfNWaLzmrqJVG62mnz_LQ1ThzWP1vDBLWCetR9rH46MElZ7lSp7k4c_V3nR1w45ii_rIEm3GHE3FVW5XAS-XBCtMPAELxfRkuwWtu0QPMqk1RsJLeZrX4IdQYHZLkTCa3Ac_jFJnM8PPskjgYBWJzph3jt1GFEwhv6ItP7MlH_D6eeA/https%3A%2F%2Fapp.box.com%2Fs%2F25nmxk3r6x8jjf97l5nt9o7by0khdb7l
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
https://secure-web.cisco.com/1YnI6qkhd5GXSkZfZd7WDhVASwUGo4NlSsxzSYIqcF41o8n61pr6FC4SYTa0lDJkhz8jkuMmtnOICFw6udyMC2x8SXpodMh7WcWGCq3xoYUdroAj-Sot9mIF2aNqiGIBJa7MZ_iUpumSn362yJxHxN5g3J3yUWXGjbPsmte9DfNWaLzmrqJVG62mnz_LQ1ThzWP1vDBLWCetR9rH46MElZ7lSp7k4c_V3nR1w45ii_rIEm3GHE3FVW5XAS-XBCtMPAELxfRkuwWtu0QPMqk1RsJLeZrX4IdQYHZLkTCa3Ac_jFJnM8PPskjgYBWJzph3jt1GFEwhv6ItP7MlH_D6eeA/https%3A%2F%2Fapp.box.com%2Fs%2F25nmxk3r6x8jjf97l5nt9o7by0khdb7l
-
A potential corporate email address has been identified in the URL: image_loading@2x_fd2a63790bc01d48.min.gif
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-