Malicious
Malicious

bbd72c3c688c454beaa2305f36132e1ffab50e[...]ac1.zip

ZIP Archive
|
MD5: 2e54dae1aef2a89c66daba2fdae54eb7
|
Size: 2.16 MB
|
application/zip

Zip Archive
Executable
PE (Portable Executable)
Obfuscated
.Net Obfuscator
.Net Reactor
WScript.Shell
DeObfuscated
VBScript
T1059.005

Print
General
Structural Analysis
Config.1
Yara Rules3
Sync
Insights
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
Hash Value
MD5
2e54dae1aef2a89c66daba2fdae54eb7
Sha1
024d69b164f2a6d5223c1d7b50fd6c3556161fc6
Sha256
9909e8c1411e4a27293d6641607580952b19d719b09a432118526291b3662017
Sha384
7f75719a22eb47b848f89d3b53f32bfaa87f937375a859357eb8d8f4db7995cc0029f3ae7d06c2286c62aca3e318e12d
Sha512
7730e3753358867257f618d0a37caad5f319e6c7766d952ab32a8fabe765594dd58071ccb9bc371a72430b4e61abdab81e67bfef5cdd1cc9f79c47b114b918bd
SSDeep
49152:09wZdtRFraOjgzhBfQuLv2jtaj+GLSUiDJI9EJ1D4M:hjtSllBfQuCjtO+GLfb6bEM
TLSH
BEA533168C864C152EAE86B00EBF75CA8E01AF6F57CB3CC715F8D489275E99D27F5208
File Structure
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.zip
Zip Archive
Executable
PE (Portable Executable)
Obfuscated
.Net Obfuscator
.Net Reactor
WScript.Shell
DeObfuscated
VBScript
T1059.005
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe
Archive Entry
Executable
PE (Portable Executable)
Win 32 Exe
x86
Obfuscated
VBScript Encoded
.Net Obfuscator
.Net Reactor
WScript.Shell
DeObfuscated
VBScript
T1059.005
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs
Visual Basic
VBScript
VBScript Encoded
WScript.Shell
DeObfuscated
T1059.005
Obfuscated
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
Config. Field
Value
URL #1

http://schemas.microsoft.com/SMI/2005/WindowsSettings

bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.zip (2.16 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙