Malicious
General
Structural Analysis
Config.1
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash | Hash Value |
---|---|
MD5 | 4de288f515757c1aeb7bdf72e8cbaf09
|
Sha1 | 300c152cfeba760add968a22b219a96223bef6ed
|
Sha256 | cca61e2e303872de6f97292e2d72c098fca87f2cade5202407d00500dd7b36db
|
Sha384 | c3896f2669fed0fc4a1431113d2418d948811135076737468a567dba459e091ad1b9339038c76d728804e5a1bb28f262
|
Sha512 | 086398e4fd5b98cfca073d168a9e6c2ea82c2419febc0cbaefc9202f25f822d3a34874bffbcdf8645175c6067937389db8a4a9aa809db245bc6f971c1f6012fa
|
SSDeep | 384:8/xOm68hMTkyK+H6Hc45btIITSUp7bSB443EKW3g/UYeQD9Ki9sNa1tuLMvki5cj:8bJIIT5dIpkXpj
|
TLSH | B6B287930E39FD8401D8A930BD67A092E2E3DF6E6195622305C347A927229F54FE47F3
|
File Structure
4de288f515757c1aeb7bdf72e8cbaf09
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
4de288f515757c1aeb7bdf72e8cbaf09.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
4de288f515757c1aeb7bdf72e8cbaf09
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
4de288f515757c1aeb7bdf72e8cbaf09 (23.48 KB)
File Structure
4de288f515757c1aeb7bdf72e8cbaf09
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
4de288f515757c1aeb7bdf72e8cbaf09.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
4de288f515757c1aeb7bdf72e8cbaf09
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.