So, the original link included in the email was hxxps://bit.ly/3SAF5Ck

When you expand that redirect, we get a much longer URL which itself contains another redirect:

hxxps://mutde2xgea.execute-api.us-east-1.amazonaws.com/production/track-ad-click?redirectURL=hxxps://conchauuev.world/wrt/1f1b1y7fdbqw3eu/z/d/xb/%3Fpuboischial%3Damsd&prerecognize=tg&unicornlike=yhqpn

I ran that URL through some analysis and got these:

  1. hxxps://urlscan.io/result/682edf35-83c4-48db-8184-996b4edd7a1c/

  2. hxxps://hybrid-analysis.com/sample/bde8f0ea84356896378831c80c2931d1289abe30f8ac8397908c82140fb2a134/6334ce930c6a2d2fe5536cd1

Still unclear of how dangerous this is and/or it’s actual function.

Any ideas?

submitted by /u/aknalid
[link] [comments]

Go to Source of this post
Author Of this post: /u/aknalid

By admin