Website
*.cloudapp.net
Tags
Phishing Download Exfiltration C&C
Phishing
Attackers can use a customized subdomain of cloudapp.net to host their phishing websites.
Command and Control
Attackers can use a customized subdomain of cloudapp.net as their C&C server.
Exfiltration
Attackers can add upload functionalities hosted on *.cloudapp.net and exfiltrate data on there.
Download
Malicious tools can be stored on *.cloudapp.net and downloaded when required.
Service Provider
Microsoft
Sample
https://app.any.run/tasks/4e40f95a-4829-4901-b348-1d92b61d59c5/
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x