General

  • Target

    http://url1995.grupof.com.gt/ls/click?upn=u001.TXg9qm3NBOFbmZz0213syPsJvPN8sOPPiNx23hl016b6qmiuS0Ioy9zeuj-2F25WmVG69ukJXNjN1PEodCWRqOeXkbRU5wJmv2iG5FhlKz4tcPlR2G6ia9v1G87wx5HW3ZziPtq3qVgwEI80G-2BYObBTb8e09ZLMFwPn23G6H-2Fbv3c-3Df7rU_tbVFG6M9zywTG3M7IxJCip96CRys2zAdFC8KJPix6yL5X6GytSFWZkMiY7qdkqRvWuK4sWqjaG4ZXywpz-2BS3zDfosOHp74FnclWa0T-2FkHpcKCHztR5Qdr-2BYpWotYwMmskQVV86X6SgucsCgiEDcejglfxS9zTkDo32bplLtRmJDyE2-2B2wWdoSnOBeb5D13qjvjkNX7pxgr8gHEQRkkBW2MNIEsc-2BHx8e04cZvyYYRApmGxCdF3eJBhI14c17mZeYW8ZHXYDrNH3WsVZzAWZWIgncQYBZUd7Yg9d-2BAiI5VdUOe7IsDEqXIZ8Di8ZacigOydcbWJn2SVaEZbKZhPL4RgZOlzwH9jzT40F-2BJdoRpHhCJ8TeQ0sH4zabnjd9SRzdc-2B3xcG0aBpqd1mowJWcb-2B2hnZqTJH-2Big8EW5sK1-2BqHeJdBsWCGo3sH70NyxLLE3wJfWWV74-2FseZJ5hYUy-2B9rJkHEGYY4CRTh71qj0CSrxI3-2BI3GiMsLWBiDaBQNIuIdpL2Rs7QCBg8Rlav8dtWHcT6cWxTACY8mZfOf3higINcb73spg9IUrwlNjR2tYPpji75zxO0apeSsavysm8dPQWpqUc5fWr5twzKNrs03iBYXIBoNJLdbAUh9cxWGrXc2bhLwDRHUvL8K6V43yg7nkjEAW6V5tTNuLtMxf0TOBEEjccDBtEhZtKlqYqaDcHWURPdNExR-2Bh6AhME3sfSd8PB8Diufrm1WapVoBqd-2BZf-2F0KPT2L1NA9iTy3COn86lb5hH2WeqtRzS2XDJfKtxon7eJFcNhlzIViqQWEgnhUGqGiHZwzE5aVWcRUwWY8LvImRT5tBtxryPH1FXwDv-2BFpM8gTw3cMPFuxmuzQwRxU-2BvYZKKznZ6RqIe0kKHjubLY4f61nHm9dyijDg33rWemPBw7sG1LSfWvMrZrrXN7leX18Nj01tODaMkKQeRfDORxUF8-2BPv-2BvbvhSFr8zPVaxeZOA-3D-3D

  • Sample

    241128-qyrr8syqcx

Malware Config

Targets

    • Target

      http://url1995.grupof.com.gt/ls/click?upn=u001.TXg9qm3NBOFbmZz0213syPsJvPN8sOPPiNx23hl016b6qmiuS0Ioy9zeuj-2F25WmVG69ukJXNjN1PEodCWRqOeXkbRU5wJmv2iG5FhlKz4tcPlR2G6ia9v1G87wx5HW3ZziPtq3qVgwEI80G-2BYObBTb8e09ZLMFwPn23G6H-2Fbv3c-3Df7rU_tbVFG6M9zywTG3M7IxJCip96CRys2zAdFC8KJPix6yL5X6GytSFWZkMiY7qdkqRvWuK4sWqjaG4ZXywpz-2BS3zDfosOHp74FnclWa0T-2FkHpcKCHztR5Qdr-2BYpWotYwMmskQVV86X6SgucsCgiEDcejglfxS9zTkDo32bplLtRmJDyE2-2B2wWdoSnOBeb5D13qjvjkNX7pxgr8gHEQRkkBW2MNIEsc-2BHx8e04cZvyYYRApmGxCdF3eJBhI14c17mZeYW8ZHXYDrNH3WsVZzAWZWIgncQYBZUd7Yg9d-2BAiI5VdUOe7IsDEqXIZ8Di8ZacigOydcbWJn2SVaEZbKZhPL4RgZOlzwH9jzT40F-2BJdoRpHhCJ8TeQ0sH4zabnjd9SRzdc-2B3xcG0aBpqd1mowJWcb-2B2hnZqTJH-2Big8EW5sK1-2BqHeJdBsWCGo3sH70NyxLLE3wJfWWV74-2FseZJ5hYUy-2B9rJkHEGYY4CRTh71qj0CSrxI3-2BI3GiMsLWBiDaBQNIuIdpL2Rs7QCBg8Rlav8dtWHcT6cWxTACY8mZfOf3higINcb73spg9IUrwlNjR2tYPpji75zxO0apeSsavysm8dPQWpqUc5fWr5twzKNrs03iBYXIBoNJLdbAUh9cxWGrXc2bhLwDRHUvL8K6V43yg7nkjEAW6V5tTNuLtMxf0TOBEEjccDBtEhZtKlqYqaDcHWURPdNExR-2Bh6AhME3sfSd8PB8Diufrm1WapVoBqd-2BZf-2F0KPT2L1NA9iTy3COn86lb5hH2WeqtRzS2XDJfKtxon7eJFcNhlzIViqQWEgnhUGqGiHZwzE5aVWcRUwWY8LvImRT5tBtxryPH1FXwDv-2BFpM8gTw3cMPFuxmuzQwRxU-2BvYZKKznZ6RqIe0kKHjubLY4f61nHm9dyijDg33rWemPBw7sG1LSfWvMrZrrXN7leX18Nj01tODaMkKQeRfDORxUF8-2BPv-2BvbvhSFr8zPVaxeZOA-3D-3D

    Score
    6/10
    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks