Malicious
General
Structural Analysis
Config.1
Yara Rules12
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 6b196cbbfca45e3ccf90c04509b03580
|
| Sha1 | 23ec42cb169c6508f0e6a1bfbc72d97f53555394
|
| Sha256 | 548a2433c87a91b4d3bf864d067a3e21cf635f19b7d14856800efeed6c6918fd
|
| Sha384 | 788373509f0feeb39b22b79639530aeab9ea84bed8db7554faab586017e65c3f303bffd1650c944d2b97326894dff489
|
| Sha512 | eb1ddeb5c37d61a2fcf6ef2ccb53f761c01536acac9bbcd647675eba04d2e8351b1ce558e5f462ec41c40d5c39d253e94a7d92113a8e671f5f5fe489b0a8d3a9
|
| SSDeep | 24:wyDCc+0DtC5L+0DY4c5E+0DUYby0DdxCf0D9DV5Dfa7riD9RRVjAAoimxcySEA88:40xv+yPf6ySaySBDeySeQSgsC
|
| TLSH | E6C17E2C5A183A2291108B73B49EF58CAA1DFCCE14E19134DD80DC16BA138A7D6E7BCC
|
File Structure
6b196cbbfca45e3ccf90c04509b03580
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
6b196cbbfca45e3ccf90c04509b03580.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://nitrosoftwares.com/arquivo_930336fdc5014a86819147c8785df4e2.txt |
6b196cbbfca45e3ccf90c04509b03580 (5.63 KB)
File Structure
6b196cbbfca45e3ccf90c04509b03580
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
6b196cbbfca45e3ccf90c04509b03580.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
|
Config. Field0 | Value |
|---|---|
| URL #1 | http://nitrosoftwares.com/arquivo_930336fdc5014a86819147c8785df4e2.txt |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.