hxxps://drive[.]google[.]com/file/d/11w4DvSBfEF35-wo8zMPGY_00pj-Av-10/view?usp=drivesdk

Resubmissions

21-11-2024 14:16

241121-rldwaaxlap 10

21-11-2024 14:15

241121-rknzvstbmk 6

Sharing

Copy URL

Twitter E-mail

General

Target

https://drive.google.com/file/d/11w4DvSBfEF35-wo8zMPGY_00pj-Av-10/view?usp=drivesdk
Sample

241121-rldwaaxlap

Score

10^/10

defense_evasion discovery

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
juye mmds bjab mjcm

Targets

- Target
  
  https://drive.google.com/file/d/11w4DvSBfEF35-wo8zMPGY_00pj-Av-10/view?usp=drivesdk
Score

10^/10

defense_evasion discovery
- Drops desktop.ini file(s)
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

T1070

File Deletion

T1070.004

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Drops desktop.ini file(s)

Indicator Removal: File Deletion

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1