Malicious
Malicious

472e7020a47515d55576a47874060b7a

PowerShell
|
MD5: 472e7020a47515d55576a47874060b7a
|
Size: 15.95 KB
|
application/x-powershell

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
472e7020a47515d55576a47874060b7a
Sha1
bce54d001687c0e94f1ddbb6436a5dd5c9dd9fe3
Sha256
dda3433c02851eb2a9c864ae8a4e58fc7a22ad3982dbfc92938a1d1b651feac5
Sha384
9ea9ad267f069dbf6c8b86e729acd07e00b810520841d9f71b5281d04836ce64e09514bff2f23a7d174a619a23c93491
Sha512
534d41fb1c47287a992aafa8e4d761bba64358ee5f7e8518f470a10ad3e68fbd6c8696fd91b06ea82b375b909bbc6d0cb40d4232a8b91a58fb897ab72f6f0ec7
SSDeep
384:DSwEA+ThVc1u7KXxhloPhqh6huYnv7uZncIQLRLRLRLuX:KAmIegtQuYnenoLRLRLRLuX
TLSH
5562D636C819FCC9277F3EA191243B551C9D282B97AC9E98FEC004A63591329DF358BC
File Structure
472e7020a47515d55576a47874060b7a
Malicious
[Base64-Block @0x000000CC]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
[Deobfuscated PS]
Malicious
[Deobfuscated PS]
Malicious
Artefacts
Name
 Value
Deobfuscated PowerShell

param([string] $TargetUrl = "https://benjaminbutton.ru", [int] $Threads = 200, [int] $Duration = 120, [int] $DelayMs = 10, [string] $ProxyFile = "") End

472e7020a47515d55576a47874060b7a (15.95 KB)
File Structure
472e7020a47515d55576a47874060b7a
Malicious
[Base64-Block @0x000000CC]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
[Deobfuscated PS]
Malicious
[Deobfuscated PS]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Deobfuscated PowerShell

param([string] $TargetUrl = "https://benjaminbutton.ru", [int] $Threads = 200, [int] $Duration = 120, [int] $DelayMs = 10, [string] $ProxyFile = "") End

Malicious

472e7020a47515d55576a47874060b7a > [Deobfuscated PS]
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙