Malicious
214c8724e1ec1e70a0d18389ce3039ab
VBScript | MD5: 214c8724e1ec1e70a0d18389ce3039ab | Size: 25.08 KB | text/vbscript
VBScript
MD5: 214c8724e1ec1e70a0d18389ce3039ab
Size: 25.08 KB
text/vbscript
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 214c8724e1ec1e70a0d18389ce3039ab
|
| Sha1 | 448dbbfe874ce9fa37ae43273e785e6a0d19685e
|
| Sha256 | 2e472cdbc494996a8f47d9f7709ef1f42873ab2c7eb49c2f19415272044e4d76
|
| Sha384 | 2b504c3f1d8b01d31f39bc4ada872b28cff9b50d8cb9ab0a626a26f85dfa4f089038e0102b0cf365eedaeacf578e8c5a
|
| Sha512 | 17300fc8dd183bfa3dfcffd22df94cb4ded2b83caec4f1d538f1bccfe7392b9cfe7b2509ab6fc36dfa14b3b8bd7c219f91b9fe176fcf1e0eaafaa0b1a5ded9d7
|
| SSDeep | 384:UR8vfuhvnKArqg7VIcadHagBmSBqDWIrdH3+BwSjnvKFsATTYWLyqQiApygYc0aC:q9pId5xqx5AKmC/
|
| TLSH | E3B2AA930E38FD9012D8A934BD676192E2D3DFAE6195622301C357A927228F44FE47F3
|
File Structure
214c8724e1ec1e70a0d18389ce3039ab
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
214c8724e1ec1e70a0d18389ce3039ab.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
214c8724e1ec1e70a0d18389ce3039ab
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
214c8724e1ec1e70a0d18389ce3039ab (25.08 KB)
File Structure
214c8724e1ec1e70a0d18389ce3039ab
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
214c8724e1ec1e70a0d18389ce3039ab.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
214c8724e1ec1e70a0d18389ce3039ab
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.