Malicious
Malicious

792cb9ba2f8d2cc81f3563170c9337c5

MS Office Document
|
MD5: 792cb9ba2f8d2cc81f3563170c9337c5
|
Size: 1.8 MB
|
application/vnd.ms-office

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
792cb9ba2f8d2cc81f3563170c9337c5
Sha1
993381ec650dc98fe50f75899fa443c48a1dc377
Sha256
efcdd5a6e75a29d9cd332206373e1d9878be73da3c7eddf0c251f5750e9a3f9e
Sha384
1255c413bf742d4bdf50a26e6661fa44c0ed3fd03d611cf4249f0a707408c40e5b7ca1734b962b4f1c7bcff580cf23cd
Sha512
075f0310c83949a45d3552f8b6def3cc945bed982afe6da6f6fa52d26093d7a4cbd8432fae931a831c442952b9354bb9a2cdc9ec1722cc30f78d402ad4ca5952
SSDeep
24576:et9cpVDhUuW/wxRazJZ6X3Q1+w61Q7dRV:hpRhU//wTazJZ+6X61QnV
TLSH
138523D13784C127C95B09324E67C79E2769FCD0AE30B08B77A0BB5E5A38AD35D29742
File Structure
792cb9ba2f8d2cc81f3563170c9337c5
Malicious
Root Entry
Malicious
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䈛䌪䗶䜵
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
䡀䌍䈵䗦䕲䠼
䡀䒌䓰䑲䑨䠷
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䘌䗶䐲䆊䌷䑲
䡀䄕䑸䋦䒌䇱䗬䒬䠱
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
䌋䄱䜵䅾䞽䘌䗶䐲䆊䌷䑲䏍䠯
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0002
ID:1033
䌋䄱䜵䅾䞽䕠䓤䈳㼧䗨䓸䕙䊲䄵䠰
Malicious
1.js
Malicious
1.js.deobfuscated.vbs
Malicious
setup1.exe
[Authenticode]_e9372cff.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.00cfg
.tls
.voltbl
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
SummaryInformation
DocumentSummaryInformation
1.js
setup1.exe
792cb9ba2f8d2cc81f3563170c9337c5 (1.8 MB)
File Structure
792cb9ba2f8d2cc81f3563170c9337c5
Malicious
Root Entry
Malicious
䡀䈖䌧䠤
䡀䌋䄱䜵
䡀㬿䏲䐸䖱
䡀㽿䅤䈯䠶
䡀䈏䗤䕸䠨
䡀䈛䌪䗶䜵
䡀䓞䕪䇤䠨
䡀䕙䓲䕨䜷
䡀䌍䈵䗦䕲䠼
䡀䒌䓰䑲䑨䠷
䡀㼿䕷䑬㭪䗤䠤
䡀㼿䕷䑬㹪䒲䠯
䡀㿿䏤䇬䗤䒬䠱
䡀䘌䗶䐲䆊䌷䑲
䡀䄕䑸䋦䒌䇱䗬䒬䠱
䡀䇊䌰㾱㼒䔨䈸䆱䠨
䡀䈏䗤䕸㬨䐲䒳䈱䗱䠶
䡀䑒䗶䏤㾯㼒䔨䈸䆱䠨
䡀䇊䌰㮱䈻䘦䈷䈜䘴䑨䈦
䡀䇊䗹䛎䆨䗸㼨䔨䈸䆱䠨
䡀䑒䗶䏤㮯䈻䘦䈷䈜䘴䑨䈦
䌋䄱䜵䅾䞽䘌䗶䐲䆊䌷䑲䏍䠯
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0002
ID:1033
䌋䄱䜵䅾䞽䕠䓤䈳㼧䗨䓸䕙䊲䄵䠰
Malicious
1.js
Malicious
1.js.deobfuscated.vbs
Malicious
setup1.exe
[Authenticode]_e9372cff.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.00cfg
.tls
.voltbl
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0000
ID:0
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
SummaryInformation
DocumentSummaryInformation
1.js
setup1.exe
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙