appdomain.cloud

Phishing Download C&C Exfiltration

Attackers can use a *.appdomain.cloud subdomain to host their phishing websites. They can be used for credential harvesting or redirecting users to a malicious websites.

Attackers can use *.appdomain.cloud for C&C purposes.

Attackers can use *.appdomain.cloud as storage and upload exfiltrated files there.

Malicious tools can be stored on *.appdomain.cloud and downloaded when required.

https://www.joesandbox.com/analysis/496810/0/html