General
Structural Analysis
Config.0
Yara Rules19
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 6b6da94ad95b375727cfc2e2f1583164
|
| Sha1 | f4c93e8f9191b80875f0bc66437a184f092ef3d3
|
| Sha256 | 0f00c411430e2bc93bd4949653c29efa305ea75f7071f43cae050672095f0dce
|
| Sha384 | 932aa3f9d80dba1adb8ef8bc26062b30dbcc6ad0a8eb739bf6c8a81bdbd7122f0f9e6bc870ace976b3315fd2baec416a
|
| Sha512 | e68e626f01492ede89efbfee1681096aec57ddd3b0ce531b3ee28e752356248650e7f887635126d65c1afb5bea1bf3342149e664d84ed955f2db158942b97937
|
| SSDeep | 24:GAsOMAs2ubmqywfex7P0SG5AI9O9lAsQF:l/ubvyZ/Glc9c
|
| TLSH | 85212C8E2221E1B8E57935FC88F1CE11967A6CD4D08A28131FCD4CAEE171239DF0AAC5
|
File Structure
6b6da94ad95b375727cfc2e2f1583164
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS.deobfuscated.vbs
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | https://careersconnect.work//Assessment-Instructions.pdf |
| URLs in VB Code - #2 | https://careersconnect.work/MYPHOTOMSI.JPG |
6b6da94ad95b375727cfc2e2f1583164 (1.13 KB)
File Structure
6b6da94ad95b375727cfc2e2f1583164
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS
Malicious
ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS.deobfuscated.vbs
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | https://careersconnect.work//Assessment-Instructions.pdf |
6b6da94ad95b375727cfc2e2f1583164 > ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64 > ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS |
| URLs in VB Code - #2 | https://careersconnect.work/MYPHOTOMSI.JPG |
6b6da94ad95b375727cfc2e2f1583164 > ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64 > ZoomWorkplaceDesktopClientAutoUpdate_7.0.0_33767_x64.VBS |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.