General

  • Target

    https://www.paypal.com/invoice/payerView/details/INV2-XYXV-BUDQ-WNVT-DRN2?locale.x=en_US&v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=96022f14-9c40-11ef-8ec1-a7c5e732ad0a&ppid=RT000238&cnac=US&rsta=en_US%28en-US%29&unptid=96022f14-9c40-11ef-8ec1-a7c5e732ad0a&calc=f997034978f20&unp_tpcid=invoice-buyer-notification&page=main%3Aemail%3ART000238&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.291.0&tenant_name=&xt=145585%2C134644%2C150948%2C104038&link_ref=details_inv2-xyxv-budq-wnvt-drn2

  • Sample

    241205-sg352szkdv

Malware Config

Targets

    • Target

      https://www.paypal.com/invoice/payerView/details/INV2-XYXV-BUDQ-WNVT-DRN2?locale.x=en_US&v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=96022f14-9c40-11ef-8ec1-a7c5e732ad0a&ppid=RT000238&cnac=US&rsta=en_US%28en-US%29&unptid=96022f14-9c40-11ef-8ec1-a7c5e732ad0a&calc=f997034978f20&unp_tpcid=invoice-buyer-notification&page=main%3Aemail%3ART000238&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.291.0&tenant_name=&xt=145585%2C134644%2C150948%2C104038&link_ref=details_inv2-xyxv-budq-wnvt-drn2

    • Network Share Discovery

      Attempt to gather information on host network.

    • Detected potential entity reuse from brand PAYPAL.

MITRE ATT&CK Enterprise v15

Tasks