Malicious
bb4857fc87176130f9d2a461d490f289
ZIP Archive | MD5: bb4857fc87176130f9d2a461d490f289 | Size: 1.17 MB | application/zip
ZIP Archive
MD5: bb4857fc87176130f9d2a461d490f289
Size: 1.17 MB
application/zip
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | bb4857fc87176130f9d2a461d490f289
|
| Sha1 | 890114b61a936c9b23f1ea37740413fad04463fb
|
| Sha256 | 6315cd0cfddc8711e3bcddb2ac8d9e027f4eaf8360ecc74ac25be6ffde08154b
|
| Sha384 | 587b7598d9720d4078761958c29d37e15989b513e4892d1070b6603f7b29a27d02e1aab03b05ed3231a6d20c14b3e200
|
| Sha512 | c718196c277df7d487cd1f37856f14ff472f03fd784d798de703172bef3a926e5ad74cda4368d23f5218b68bcb4959c1e089f77b459e2fcbd48eb4f9e048983f
|
| SSDeep | 24576:dUhcIbKXH1wpw/Y8SRDMgUVnnwKP7L9EofobVeUl+:+hcIbKXAr3RanwKDhEofobVbl+
|
| TLSH | 2045332181C87616CC6BC3B2F134EE4EE7670680210F06CEDF754B8B5DB2A59521FB9A
|
File Structure
bb4857fc87176130f9d2a461d490f289
Malicious
.Cleanmger
Malicious
jianli.pdf
Text (Preview)
Page #1
#Stream {6}
#Stream {119}
#Stream {117}
#Stream {118}
#Stream {123}
#Stream {122}
#Stream {124}
#Stream {127}
#Stream {131}
#Stream {129}
#Stream {130}
#Stream {140}
#Stream {134}
#Stream {135}
#Stream {136}
#Stream {137}
#Stream {138}
#Stream {139}
#Stream {148}
#Stream {142}
#Stream {143}
#Stream {144}
#Stream {145}
#Stream {146}
#Stream {147}
#Stream {156}
#Stream {150}
#Stream {151}
#Stream {152}
#Stream {153}
#Stream {154}
#Stream {155}
#Stream {164}
#Stream {158}
#Stream {159}
#Stream {160}
#Stream {161}
#Stream {162}
#Stream {163}
#Stream {168}
#Stream {166}
#Stream {167}
#Stream {172}
#Stream {170}
#Stream {171}
#Stream {179}
#Stream {174}
#Stream {175}
#Stream {176}
#Stream {177}
#Stream {178}
#Stream {189}
#Stream {181}
#Stream {182}
#Stream {183}
#Stream {184}
#Stream {185}
#Stream {186}
#Stream {187}
#Stream {188}
#Stream {192}
#Stream {191}
#Stream {197}
#Stream {196}
#Stream {200}
#Stream {199}
#Stream {204}
#Stream {202}
#Stream {203}
#Stream {209}
#Stream {206}
#Stream {208}
#Stream {212}
#Stream {211}
#Stream {215}
#Stream {214}
#Stream {220}
#Stream {217}
#Stream {218}
#Stream {219}
#Stream {237}
#Stream {222}
#Stream {223}
#Stream {224}
#Stream {225}
#Stream {226}
#Stream {227}
#Stream {228}
#Stream {229}
#Stream {230}
#Stream {231}
#Stream {232}
#Stream {233}
#Stream {234}
#Stream {235}
#Stream {236}
#Stream {241}
#Stream {239}
#Stream {240}
#Stream {251}
#Stream {243}
#Stream {244}
#Stream {245}
#Stream {246}
#Stream {247}
#Stream {248}
#Stream {249}
#Stream {250}
#Stream {267}
#Stream {256}
#Stream {257}
#Stream {258}
#Stream {259}
#Stream {260}
#Stream {261}
#Stream {262}
#Stream {263}
#Stream {264}
#Stream {265}
#Stream {275}
#Stream {269}
#Stream {270}
#Stream {271}
#Stream {272}
#Stream {273}
#Stream {274}
#Stream {278}
#Stream {277}
#Stream {282}
#Stream {280}
#Stream {281}
#Stream {290}
#Stream {284}
#Stream {285}
#Stream {286}
#Stream {287}
#Stream {288}
#Stream {289}
#Stream {296}
#Stream {292}
#Stream {293}
#Stream {294}
#Stream {295}
#Stream {301}
#Stream {298}
#Stream {299}
#Stream {300}
#Stream {307}
#Stream {303}
#Stream {304}
#Stream {305}
#Stream {306}
#Stream {310}
#Stream {309}
#Stream {314}
#Stream {312}
#Stream {313}
#Stream {321}
#Stream {316}
#Stream {317}
#Stream {318}
#Stream {319}
#Stream {320}
#Stream {326}
#Stream {323}
#Stream {324}
#Stream {325}
#Stream {332}
#Stream {328}
#Stream {329}
#Stream {330}
#Stream {331}
#Stream {335}
#Stream {334}
#Stream {338}
#Stream {341}
#Stream {344}
#Stream {343}
#Stream {352}
#Stream {346}
#Stream {347}
#Stream {348}
#Stream {349}
#Stream {350}
#Stream {351}
#Stream {359}
#Stream {354}
#Stream {355}
#Stream {356}
#Stream {357}
#Stream {358}
#Stream {364}
#Stream {361}
#Stream {362}
#Stream {363}
#Stream {371}
#Stream {366}
#Stream {367}
#Stream {368}
#Stream {369}
#Stream {370}
#Stream {377}
#Stream {373}
#Stream {374}
#Stream {375}
#Stream {376}
#Stream {386}
#Stream {379}
#Stream {380}
#Stream {381}
#Stream {382}
#Stream {383}
#Stream {384}
#Stream {385}
#Stream {390}
#Stream {388}
#Stream {389}
#Stream {395}
#Stream {392}
#Stream {393}
#Stream {394}
#Stream {398}
#Stream {397}
#Stream {401}
#Stream {400}
#Stream {408}
#Stream {403}
#Stream {404}
#Stream {405}
#Stream {406}
#Stream {407}
#Stream {411}
#Stream {410}
#Stream {419}
#Stream {413}
#Stream {414}
#Stream {415}
#Stream {416}
#Stream {417}
#Stream {418}
#Stream {423}
#Stream {421}
#Stream {422}
#Stream {432}
#Stream {425}
#Stream {426}
#Stream {427}
#Stream {428}
#Stream {429}
#Stream {430}
#Stream {431}
#Stream {439}
#Stream {434}
#Stream {435}
#Stream {436}
#Stream {437}
#Stream {438}
#Stream {443}
#Stream {441}
#Stream {442}
#Stream {447}
#Stream {445}
#Stream {446}
#Stream {452}
#Stream {449}
#Stream {450}
#Stream {451}
#Stream {456}
#Stream {454}
#Stream {455}
#Stream {459}
#Stream {458}
#Stream {465}
#Stream {461}
#Stream {462}
#Stream {463}
#Stream {464}
#Stream {473}
#Stream {467}
#Stream {468}
#Stream {469}
#Stream {470}
#Stream {471}
#Stream {472}
#Stream {478}
#Stream {475}
#Stream {476}
#Stream {477}
#Stream {484}
#Stream {480}
#Stream {481}
#Stream {482}
#Stream {483}
#Stream {488}
#Stream {486}
#Stream {487}
#Stream {492}
#Stream {490}
#Stream {491}
#Stream {497}
#Stream {494}
#Stream {495}
#Stream {496}
#Stream {503}
#Stream {499}
#Stream {500}
#Stream {501}
#Stream {502}
#Stream {506}
#Stream {505}
#Stream {512}
#Stream {508}
#Stream {509}
#Stream {510}
#Stream {511}
#Stream {516}
#Stream {514}
#Stream {515}
#Stream {520}
#Stream {518}
#Stream {519}
#Stream {523}
#Stream {522}
#Stream {528}
#Stream {525}
#Stream {526}
#Stream {527}
#Stream {531}
#Stream {530}
#Stream {534}
#Stream {533}
#Stream {537}
#Stream {536}
#Stream {539}
#Stream {543}
#Stream {542}
#Stream {549}
#Stream {545}
#Stream {546}
#Stream {547}
#Stream {548}
#Stream {553}
#Stream {551}
#Stream {552}
#Stream {557}
#Stream {555}
#Stream {556}
#Stream {560}
#Stream {559}
#Stream {563}
#Stream {562}
#Stream {566}
#Stream {565}
#Stream {569}
#Stream {568}
#Stream {572}
#Stream {571}
#Stream {576}
#Stream {574}
#Stream {575}
#Stream {580}
#Stream {578}
#Stream {579}
#Stream {583}
#Stream {582}
#Stream {586}
#Stream {585}
#Stream {589}
#Stream {592}
#Stream {595}
#Stream {594}
#Stream {599}
#Stream {597}
#Stream {598}
#Stream {603}
#Stream {601}
#Stream {602}
#Stream {606}
#Stream {605}
#Stream {609}
#Stream {608}
#Stream {612}
#Stream {611}
#Stream {616}
#Stream {614}
#Stream {615}
#Stream {619}
#Stream {618}
#Stream {622}
#Stream {621}
#Stream {625}
#Stream {624}
#Stream {628}
#Stream {627}
#Stream {114}
Structure
Overlay_b9d5ffb6.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.rdata
.pdata
.xdata
.bss
.edata
.idata
.tls
.reloc
4
19
31
45
57
70
81
97
113
update.tmp
[Authenticode]_a720dd2a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Lnk Summary]
Malicious
Informations
|
Name0 | Value |
|---|---|
| jianli.pdf | 1.4 |
| jianli.pdf | D:20260429043225+00'00' |
| jianli.pdf | Chromium |
| jianli.pdf | D:20260429043225+00'00' |
| jianli.pdf | Skia/PDF m80 |
| jianli.pdf | Chromium |
| jianli.pdf | Skia/PDF m80 |
| jianli.pdf | D:20260429043225+00'00' |
| jianli.pdf | D:20260429043225+00'00' |
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Script Execution | wscript.exe .Cleanmger\cleaner.vbs |
bb4857fc87176130f9d2a461d490f289 (1.17 MB)
File Structure
bb4857fc87176130f9d2a461d490f289
Malicious
.Cleanmger
Malicious
jianli.pdf
Text (Preview)
Page #1
#Stream {6}
#Stream {119}
#Stream {117}
#Stream {118}
#Stream {123}
#Stream {122}
#Stream {124}
#Stream {127}
#Stream {131}
#Stream {129}
#Stream {130}
#Stream {140}
#Stream {134}
#Stream {135}
#Stream {136}
#Stream {137}
#Stream {138}
#Stream {139}
#Stream {148}
#Stream {142}
#Stream {143}
#Stream {144}
#Stream {145}
#Stream {146}
#Stream {147}
#Stream {156}
#Stream {150}
#Stream {151}
#Stream {152}
#Stream {153}
#Stream {154}
#Stream {155}
#Stream {164}
#Stream {158}
#Stream {159}
#Stream {160}
#Stream {161}
#Stream {162}
#Stream {163}
#Stream {168}
#Stream {166}
#Stream {167}
#Stream {172}
#Stream {170}
#Stream {171}
#Stream {179}
#Stream {174}
#Stream {175}
#Stream {176}
#Stream {177}
#Stream {178}
#Stream {189}
#Stream {181}
#Stream {182}
#Stream {183}
#Stream {184}
#Stream {185}
#Stream {186}
#Stream {187}
#Stream {188}
#Stream {192}
#Stream {191}
#Stream {197}
#Stream {196}
#Stream {200}
#Stream {199}
#Stream {204}
#Stream {202}
#Stream {203}
#Stream {209}
#Stream {206}
#Stream {208}
#Stream {212}
#Stream {211}
#Stream {215}
#Stream {214}
#Stream {220}
#Stream {217}
#Stream {218}
#Stream {219}
#Stream {237}
#Stream {222}
#Stream {223}
#Stream {224}
#Stream {225}
#Stream {226}
#Stream {227}
#Stream {228}
#Stream {229}
#Stream {230}
#Stream {231}
#Stream {232}
#Stream {233}
#Stream {234}
#Stream {235}
#Stream {236}
#Stream {241}
#Stream {239}
#Stream {240}
#Stream {251}
#Stream {243}
#Stream {244}
#Stream {245}
#Stream {246}
#Stream {247}
#Stream {248}
#Stream {249}
#Stream {250}
#Stream {267}
#Stream {256}
#Stream {257}
#Stream {258}
#Stream {259}
#Stream {260}
#Stream {261}
#Stream {262}
#Stream {263}
#Stream {264}
#Stream {265}
#Stream {275}
#Stream {269}
#Stream {270}
#Stream {271}
#Stream {272}
#Stream {273}
#Stream {274}
#Stream {278}
#Stream {277}
#Stream {282}
#Stream {280}
#Stream {281}
#Stream {290}
#Stream {284}
#Stream {285}
#Stream {286}
#Stream {287}
#Stream {288}
#Stream {289}
#Stream {296}
#Stream {292}
#Stream {293}
#Stream {294}
#Stream {295}
#Stream {301}
#Stream {298}
#Stream {299}
#Stream {300}
#Stream {307}
#Stream {303}
#Stream {304}
#Stream {305}
#Stream {306}
#Stream {310}
#Stream {309}
#Stream {314}
#Stream {312}
#Stream {313}
#Stream {321}
#Stream {316}
#Stream {317}
#Stream {318}
#Stream {319}
#Stream {320}
#Stream {326}
#Stream {323}
#Stream {324}
#Stream {325}
#Stream {332}
#Stream {328}
#Stream {329}
#Stream {330}
#Stream {331}
#Stream {335}
#Stream {334}
#Stream {338}
#Stream {341}
#Stream {344}
#Stream {343}
#Stream {352}
#Stream {346}
#Stream {347}
#Stream {348}
#Stream {349}
#Stream {350}
#Stream {351}
#Stream {359}
#Stream {354}
#Stream {355}
#Stream {356}
#Stream {357}
#Stream {358}
#Stream {364}
#Stream {361}
#Stream {362}
#Stream {363}
#Stream {371}
#Stream {366}
#Stream {367}
#Stream {368}
#Stream {369}
#Stream {370}
#Stream {377}
#Stream {373}
#Stream {374}
#Stream {375}
#Stream {376}
#Stream {386}
#Stream {379}
#Stream {380}
#Stream {381}
#Stream {382}
#Stream {383}
#Stream {384}
#Stream {385}
#Stream {390}
#Stream {388}
#Stream {389}
#Stream {395}
#Stream {392}
#Stream {393}
#Stream {394}
#Stream {398}
#Stream {397}
#Stream {401}
#Stream {400}
#Stream {408}
#Stream {403}
#Stream {404}
#Stream {405}
#Stream {406}
#Stream {407}
#Stream {411}
#Stream {410}
#Stream {419}
#Stream {413}
#Stream {414}
#Stream {415}
#Stream {416}
#Stream {417}
#Stream {418}
#Stream {423}
#Stream {421}
#Stream {422}
#Stream {432}
#Stream {425}
#Stream {426}
#Stream {427}
#Stream {428}
#Stream {429}
#Stream {430}
#Stream {431}
#Stream {439}
#Stream {434}
#Stream {435}
#Stream {436}
#Stream {437}
#Stream {438}
#Stream {443}
#Stream {441}
#Stream {442}
#Stream {447}
#Stream {445}
#Stream {446}
#Stream {452}
#Stream {449}
#Stream {450}
#Stream {451}
#Stream {456}
#Stream {454}
#Stream {455}
#Stream {459}
#Stream {458}
#Stream {465}
#Stream {461}
#Stream {462}
#Stream {463}
#Stream {464}
#Stream {473}
#Stream {467}
#Stream {468}
#Stream {469}
#Stream {470}
#Stream {471}
#Stream {472}
#Stream {478}
#Stream {475}
#Stream {476}
#Stream {477}
#Stream {484}
#Stream {480}
#Stream {481}
#Stream {482}
#Stream {483}
#Stream {488}
#Stream {486}
#Stream {487}
#Stream {492}
#Stream {490}
#Stream {491}
#Stream {497}
#Stream {494}
#Stream {495}
#Stream {496}
#Stream {503}
#Stream {499}
#Stream {500}
#Stream {501}
#Stream {502}
#Stream {506}
#Stream {505}
#Stream {512}
#Stream {508}
#Stream {509}
#Stream {510}
#Stream {511}
#Stream {516}
#Stream {514}
#Stream {515}
#Stream {520}
#Stream {518}
#Stream {519}
#Stream {523}
#Stream {522}
#Stream {528}
#Stream {525}
#Stream {526}
#Stream {527}
#Stream {531}
#Stream {530}
#Stream {534}
#Stream {533}
#Stream {537}
#Stream {536}
#Stream {539}
#Stream {543}
#Stream {542}
#Stream {549}
#Stream {545}
#Stream {546}
#Stream {547}
#Stream {548}
#Stream {553}
#Stream {551}
#Stream {552}
#Stream {557}
#Stream {555}
#Stream {556}
#Stream {560}
#Stream {559}
#Stream {563}
#Stream {562}
#Stream {566}
#Stream {565}
#Stream {569}
#Stream {568}
#Stream {572}
#Stream {571}
#Stream {576}
#Stream {574}
#Stream {575}
#Stream {580}
#Stream {578}
#Stream {579}
#Stream {583}
#Stream {582}
#Stream {586}
#Stream {585}
#Stream {589}
#Stream {592}
#Stream {595}
#Stream {594}
#Stream {599}
#Stream {597}
#Stream {598}
#Stream {603}
#Stream {601}
#Stream {602}
#Stream {606}
#Stream {605}
#Stream {609}
#Stream {608}
#Stream {612}
#Stream {611}
#Stream {616}
#Stream {614}
#Stream {615}
#Stream {619}
#Stream {618}
#Stream {622}
#Stream {621}
#Stream {625}
#Stream {624}
#Stream {628}
#Stream {627}
#Stream {114}
Structure
Overlay_b9d5ffb6.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.data
.rdata
.pdata
.xdata
.bss
.edata
.idata
.tls
.reloc
4
19
31
45
57
70
81
97
113
update.tmp
[Authenticode]_a720dd2a.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.fptable
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Script Execution | wscript.exe .Cleanmger\cleaner.vbs Malicious |
bb4857fc87176130f9d2a461d490f289 > 吴源简历.pdf.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.