Malicious
Malicious

[Base64-Block-Decoded]

VBScript
|
MD5: 8f235f4138a3362a67caee9ff82a4fc4
|
Size: 93.63 KB
|
text/vbscript

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
8f235f4138a3362a67caee9ff82a4fc4
Sha1
eb2c18ca27cf1395a5c7eb174c5064357c9106bb
Sha256
7f467084343ca7986a188108390c1de3c98bb211e304cc4bc700125c1ea495f6
Sha384
f92a6183d55bcf7f6590db74b5dc88aed0737511a0bd00f14ac39ddb5078371f13936ade481e5c3ee6f23ea41b06e38c
Sha512
30dd6d9a951d64ffb944cea39cc0061d89f79ca6ab327fae5f472149bc7278ef07198a34d11525c7ada855d10585da097d2ece6e55d5fe92b137fea52e274c2a
SSDeep
1536:4Khmo2ewfPpcf1JltcSk5rRKspUiUd9lGneYeOKVq8j1SKg553NqgXh886jh67wG:ElpWJlIaZlGnrGI8j1s553NOh67n
TLSH
7D933B17F80312E4971A7293C2C7228BDEE4C4757A361491F13598AB251BC79EB8FA3D
File Structure
[Base64-Block-Decoded]
Malicious
Artefacts
Name
 Value
URLs in VB Code - #1

http://5.181.2.158
URLs in VB Code - #2

https://long-king-02b7.5ekz2z6pjk.workers.dev
URLs in VB Code - #3

https://che
URLs in VB Code - #4

https://check-ho
URLs in VB Code - #5

https://check-host
URLs in VB Code - #6

https://check-host.net/
URLs in VB Code - #7

https://check-host.net/ip
URLs in VB Code - #8

https://check-host.net/ip-in
URLs in VB Code - #9

https://check-host.net/ip-info
URLs in VB Code - #10

https://check-host.net/ip-info?ho
URLs in VB Code - #11

https://check-host.net/ip-info?host=
URLs in VB Code - #12

https://check-host.net/ip-info?host=tillthesunrise.sytes.net
[Base64-Block-Decoded] (93.63 KB)
File Structure
[Base64-Block-Decoded]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
URLs in VB Code - #1

http://5.181.2.158

[Base64-Block-Decoded]
URLs in VB Code - #2

https://long-king-02b7.5ekz2z6pjk.workers.dev

[Base64-Block-Decoded]
URLs in VB Code - #3

https://che

[Base64-Block-Decoded]
URLs in VB Code - #4

https://check-ho

[Base64-Block-Decoded]
URLs in VB Code - #5

https://check-host

[Base64-Block-Decoded]
URLs in VB Code - #6

https://check-host.net/

[Base64-Block-Decoded]
URLs in VB Code - #7

https://check-host.net/ip

[Base64-Block-Decoded]
URLs in VB Code - #8

https://check-host.net/ip-in

[Base64-Block-Decoded]
URLs in VB Code - #9

https://check-host.net/ip-info

[Base64-Block-Decoded]
URLs in VB Code - #10

https://check-host.net/ip-info?ho

[Base64-Block-Decoded]
URLs in VB Code - #11

https://check-host.net/ip-info?host=

[Base64-Block-Decoded]
URLs in VB Code - #12

https://check-host.net/ip-info?host=tillthesunrise.sytes.net

[Base64-Block-Decoded]
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙