General
Structural Analysis
Config.1
Yara Rules20
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 2e54dae1aef2a89c66daba2fdae54eb7
|
| Sha1 | 024d69b164f2a6d5223c1d7b50fd6c3556161fc6
|
| Sha256 | 9909e8c1411e4a27293d6641607580952b19d719b09a432118526291b3662017
|
| Sha384 | 7f75719a22eb47b848f89d3b53f32bfaa87f937375a859357eb8d8f4db7995cc0029f3ae7d06c2286c62aca3e318e12d
|
| Sha512 | 7730e3753358867257f618d0a37caad5f319e6c7766d952ab32a8fabe765594dd58071ccb9bc371a72430b4e61abdab81e67bfef5cdd1cc9f79c47b114b918bd
|
| SSDeep | 49152:09wZdtRFraOjgzhBfQuLv2jtaj+GLSUiDJI9EJ1D4M:hjtSllBfQuCjtO+GLfb6bEM
|
| TLSH | BEA533168C864C152EAE86B00EBF75CA8E01AF6F57CB3CC715F8D489275E99D27F5208
|
File Structure
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.zip
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs.deobfuscated.vbs
Malicious
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://schemas.microsoft.com/SMI/2005/WindowsSettings |
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.zip (2.16 MB)
File Structure
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.zip
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.didat
.rsrc
.reloc
Resources
PNG
ID:0065
ID:1033
ID:1033-preview.png
ID:0066
ID:1033
ID:1033-preview.png
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
RT_DIALOG
ID:0000
ID:1033
RT_STRING
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
ID:000D
ID:1033
ID:000E
ID:1033
ID:000F
ID:1033
ID:0010
ID:1033
RT_GROUP_CURSOR4
ID:0064
ID:1033
RT_MANIFEST
ID:0001
ID:1033
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs
Malicious
bbd72c3c688c454beaa2305f36132e1ffab50eacfc33aee3038c1b2e742fcac1.exe.decoded.vbs.deobfuscated.vbs
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://schemas.microsoft.com/SMI/2005/WindowsSettings |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.