Malicious
1359d74c08d9b62d0aa4dba4ff9e11a6
VBScript | MD5: 1359d74c08d9b62d0aa4dba4ff9e11a6 | Size: 23.87 KB | text/vbscript
VBScript
MD5: 1359d74c08d9b62d0aa4dba4ff9e11a6
Size: 23.87 KB
text/vbscript
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 1359d74c08d9b62d0aa4dba4ff9e11a6
|
| Sha1 | c87de6ec9d39c0d2a41c009e9f6b33dc0b894638
|
| Sha256 | fb49c2f7464017431523443263a71b8b251c364e792d551aff3baa53f29a28bf
|
| Sha384 | ab3b2f3cc1943a7f267d0c7997cf11bf1e68e773b1a336b47b89cfa0aec7e91d8eb7033b695e5e33f83a3f031df8dc7b
|
| Sha512 | bf807fea8da5b1b36e1faf12c4b622933c21338b80e9ffd59a9475a93537302873b3a09c32350ba46e43008a40af609a893c20bdbafd900afb949726e7e4a22e
|
| SSDeep | 384:JM5SMezzClhLw4iEMsElvtlYWXGej7FvcEO6xw6GasJSIvLsFnFhMJOiRWQtLMKR:N+R0jIrcE1KnE
|
| TLSH | 7DB2A9930E38FD9451D8A934BD676192E2E3DF6E6185512301C30BA927229F94FE87F3
|
File Structure
1359d74c08d9b62d0aa4dba4ff9e11a6
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
1359d74c08d9b62d0aa4dba4ff9e11a6.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
1359d74c08d9b62d0aa4dba4ff9e11a6
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
1359d74c08d9b62d0aa4dba4ff9e11a6 (23.87 KB)
File Structure
1359d74c08d9b62d0aa4dba4ff9e11a6
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
1359d74c08d9b62d0aa4dba4ff9e11a6.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
1359d74c08d9b62d0aa4dba4ff9e11a6
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.