Malicious
Malicious

bebf3d938acab853635647e1faecc467

VBScript
|
MD5: bebf3d938acab853635647e1faecc467
|
Size: 7.81 KB
|
text/vbscript

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
bebf3d938acab853635647e1faecc467
Sha1
d2410998c002f5b1f445975fdd9a1ab376fd8537
Sha256
b236c1ec57b3f11adcc563cd324d4a3bfe0338cd4352e604d3af7cb07184b5c5
Sha384
d0d9a29ef9e8d2a343d411ea5e42e2882b0ec02912c9a4595923b33fce6eb3fcd1c5bf5f3e8bd4e9f6c0ee6e0b4bfb09
Sha512
e322486e7ea095c4910688f8d67d5c2c1819161f8287ad76597d73fb142826dd008a6b3ef44efe370b0e300b5bc551a143aad729c59718afbeb07051b87ab84f
SSDeep
192:olwqK/i/MN/qzd/WD8zc+RDecQywOBIWTwqiV:olr/TxbaNOBdk
TLSH
E0F15452FE278E210E73EB1550A7CD2DD654616B0031407F3B5CED881F3ABAA83D99E9
File Structure
bebf3d938acab853635647e1faecc467
Malicious
bebf3d938acab853635647e1faecc467.deobfuscated.vbs
Malicious
[Command #0]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #1]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #2]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #3]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #4]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
Artefacts
Name
 Value
Deobfuscated PowerShell

Set-MpPreference -DisableIntrusionPreventionSystem $true
Deobfuscated PowerShell

Set-MpPreference -DisableBehaviorMonitoring $true
Deobfuscated PowerShell

Set-MpPreference -DisableRealtimeMonitoring $true
Deobfuscated PowerShell

Set-MpPreference -DisableIOAVProtection $true
Deobfuscated PowerShell

Set-MpPreference -DisableScriptScanning $true
bebf3d938acab853635647e1faecc467 (7.81 KB)
File Structure
bebf3d938acab853635647e1faecc467
Malicious
bebf3d938acab853635647e1faecc467.deobfuscated.vbs
Malicious
[Command #0]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #1]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #2]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #3]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
[Command #4]
Malicious
[PowerShell Command]
Malicious
[Deobfuscated PS]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Deobfuscated PowerShell

Set-MpPreference -DisableIntrusionPreventionSystem $true

Malicious

bebf3d938acab853635647e1faecc467 > bebf3d938acab853635647e1faecc467.deobfuscated.vbs > [Command #4] > [PowerShell Command]
Deobfuscated PowerShell

Set-MpPreference -DisableBehaviorMonitoring $true

Malicious

bebf3d938acab853635647e1faecc467 > bebf3d938acab853635647e1faecc467.deobfuscated.vbs > [Command #3] > [PowerShell Command]
Deobfuscated PowerShell

Set-MpPreference -DisableRealtimeMonitoring $true

Malicious

bebf3d938acab853635647e1faecc467 > bebf3d938acab853635647e1faecc467.deobfuscated.vbs > [Command #0] > [PowerShell Command]
Deobfuscated PowerShell

Set-MpPreference -DisableIOAVProtection $true

Malicious

bebf3d938acab853635647e1faecc467 > bebf3d938acab853635647e1faecc467.deobfuscated.vbs > [Command #1] > [PowerShell Command]
Deobfuscated PowerShell

Set-MpPreference -DisableScriptScanning $true

Malicious

bebf3d938acab853635647e1faecc467 > bebf3d938acab853635647e1faecc467.deobfuscated.vbs > [Command #2] > [PowerShell Command]
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙