Malicious
General
Structural Analysis
Config.0
Yara Rules4
Sync
Insights
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | b01e000fed46c6e960d5a4a1fc5aac90
|
| Sha1 | 5b49b7ffbe06ede256bdde9504800c96f1130f01
|
| Sha256 | 05479f42bb8e0d3c73afc46b3cfb92361be52aef8b8f4d5945abd14fd1f59604
|
| Sha384 | 6d20163535e8d9b9f42b1171595637e16e387eb6c8f53fe486a412db5304e5fe07e9b2a514cdc33fbd6d2ef3a7c22e83
|
| Sha512 | 169be8ff9753e34f5b25363432ffb086d57dd02cafbd00416fbc62efe721c2c074ef83a5f47983c2cf33c5a4683456044eab6f834d9d47e38e280ffc6ef55ddb
|
| SSDeep | 6:TMVBd/6nXT+q9NqhdF0ZbdF/z7fBhsUJMSyOAFbf2pyeSDzMeq:TMHdCXaqahH0JL1eQM7vx2TSDzMeq
|
| TLSH | 36E026026826C9412872D6224771D80CFA54D61304E0A84576CC9B1B5B616E14A025C9
|
File Structure
05479f42bb8e0d3c73afc46b3cfb92361be52aef8b8f4d5945abd14fd1f59604.wsf.bin
Html
WSF File
VBScript
T1059.005
PowerShell
Batch Command
PowerShell Call
WScript.Shell
DeObfuscated
Obfuscated
Malicious
[Job Id=No ID Name=No Name]
Malicious
[VBScript] #0
VBScript
T1059.005
PowerShell
Batch Command
PowerShell Call
WScript.Shell
DeObfuscated
Obfuscated
Malicious
[VBScript] #0.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
[Command #0]
PowerShell
Batch Command
PowerShell Call
Malicious
05479f42bb8e0d3c73afc46b3cfb92361be52aef8b8f4d5945abd14fd1f59604.wsf.bin (329 B)
File Structure
05479f42bb8e0d3c73afc46b3cfb92361be52aef8b8f4d5945abd14fd1f59604.wsf.bin
Html
WSF File
VBScript
T1059.005
PowerShell
Batch Command
PowerShell Call
WScript.Shell
DeObfuscated
Obfuscated
Malicious
[Job Id=No ID Name=No Name]
Malicious
[VBScript] #0
VBScript
T1059.005
PowerShell
Batch Command
PowerShell Call
WScript.Shell
DeObfuscated
Obfuscated
Malicious
[VBScript] #0.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
[Command #0]
PowerShell
Batch Command
PowerShell Call
Malicious
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.
You must be signed in to post a comment.