Malicious
Malicious

c4120c50690a44fb51972992e011ee01

ZIP Archive
|
MD5: c4120c50690a44fb51972992e011ee01
|
Size: 751.58 KB
|
application/zip

Zip Archive
Office Document
Corrupted
Blacklist VBA
DeObfuscated
VBScript
T1059.005
Obfuscated

Print
General
Structural Analysis
Config.1
Yara Rules19
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
Hash Value
MD5
c4120c50690a44fb51972992e011ee01
Sha1
1b0c6fde0c3e94deaeb67fd99620d39efa9452b5
Sha256
f9935b1b62b64857ef6534c06c5298065802397d99c9168c22d2fbd3849eaf04
Sha384
aa9a00b161c747afdd51331b61314280f305e49bce96ce972c3136d419ce8e58cc7639139d92b732588276a01065abfc
Sha512
dc69fe8061833902b3ea4224469075a71f9797684c1a7c52e1bfddacadeeb6613342214969cf436e9dedc003ea2f13ffc456d8e0d8667427f1e1435c0f42af52
SSDeep
12288:a5c9+FAzix12b2euqYwepVgaiWIuq1bkPoa/EjaPhbmCCVicaZi3iAI9Wm6Wej+O:DiAn2euD3PQuqSz4uDCcZi3iAIJ6WCv
TLSH
9BF4235B3B5DA6C4CAD719B1856B365F78F28937882C8F71E0174A7E04279D02E0FA9C
File Structure
c4120c50690a44fb51972992e011ee01
Zip Archive
Office Document
Corrupted
Blacklist VBA
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
Godrej_One_Mahalaxmi_Site_Salary_JUNE-2025
Malicious
error_2025070260352966701.txt
Archive Entry
EXECLFORMATFORDIRECTSALARY_ONE MAHALAXMI1.CSV
Archive Entry
Godrej_One_Mahalaxmi_Site_Salary_JUNE-2025.xlsx
Archive Entry
Office Document
[Content_Types].xml
Xml
_rels
.rels
Xml
xl
_rels
workbook.xml.rels
Xml
workbook.xml
Xml
worksheets
sheet4.xml
Xml
sheet37.xml
Xml
sheet36.xml
Xml
sheet35.xml
Xml
sheet34.xml
Xml
sheet33.xml
Xml
sheet32.xml
Xml
sheet1.xml
Xml
sheet30.xml
Xml
sheet29.xml
Xml
sheet38.xml
Xml
sheet39.xml
Xml
_rels
sheet39.xml.rels
Xml
sheet38.xml.rels
Xml
sheet23.xml.rels
Xml
sheet21.xml.rels
Xml
sheet10.xml.rels
Xml
sheet2.xml
Xml
sheet3.xml
Xml
sheet28.xml
Xml
sheet31.xml
Xml
sheet26.xml
Xml
sheet13.xml
Xml
sheet12.xml
Xml
sheet11.xml
Xml
sheet10.xml
Xml
sheet9.xml
Xml
sheet8.xml
Xml
sheet7.xml
Xml
sheet6.xml
Xml
sheet5.xml
Xml
sheet14.xml
Xml
sheet27.xml
Xml
sheet16.xml
Xml
sheet20.xml
Xml
sheet21.xml
Xml
sheet22.xml
Xml
sheet23.xml
Xml
sheet24.xml
Xml
sheet25.xml
Xml
sheet19.xml
Xml
sheet15.xml
Xml
sheet17.xml
Xml
sheet18.xml
Xml
theme
theme1.xml
Xml
sharedStrings.xml
Xml
styles.xml
Xml
printerSettings
printerSettings1.bin
printerSettings2.bin
printerSettings3.bin
printerSettings4.bin
calcChain.xml
Xml
docProps
core.xml
Xml
app.xml
Xml
Head_Count_-_June-25.xlsx
Archive Entry
Office Document
[Content_Types].xml
Xml
xl
_rels
workbook.xml.rels
Xml
workbook.xml
Xml
worksheets
sheet4.xml
Xml
_rels
sheet6.xml.rels
Xml
sheet5.xml.rels
Xml
sheet4.xml.rels
Xml
sheet3.xml.rels
Xml
sheet2.xml.rels
Xml
sheet1.xml.rels
Xml
sheet7.xml.rels
Xml
sheet8.xml.rels
Xml
sheet9.xml.rels
Xml
sheet16.xml.rels
Xml
sheet15.xml.rels
Xml
sheet14.xml.rels
Xml
sheet13.xml.rels
Xml
sheet12.xml.rels
Xml
sheet11.xml.rels
Xml
sheet10.xml.rels
Xml
sheet2.xml
Xml
sheet3.xml
Xml
sheet1.xml
Xml
sheet7.xml
Xml
sheet12.xml
Xml
sheet11.xml
Xml
sheet10.xml
Xml
sheet9.xml
Xml
sheet8.xml
Xml
sheet13.xml
Xml
sheet14.xml
Xml
sheet15.xml
Xml
sheet5.xml
Xml
sheet16.xml
Xml
sheet6.xml
Xml
sharedStrings.xml
Xml
styles.xml
Xml
theme
theme1.xml
Xml
calcChain.xml
Xml
docProps
core.xml
Xml
app.xml
Xml
PF.xlsx
Archive Entry
Office Document
[Content_Types].xml
Xml
xl
_rels
workbook.xml.rels
Xml
workbook.xml
Xml
styles.xml
Xml
worksheets
sheet2.xml
Xml
sheet1.xml
Xml
sharedStrings.xml
Xml
calcChain.xml
Xml
docProps
app.xml
Xml
core.xml
Xml
UAN.pdf
Archive Entry
Text (Preview)
Page #1
PDF Text Preview (generated)
Page #2
PDF Text Preview (generated)
Page #3
PDF Text Preview (generated)
Page #4
PDF Text Preview (generated)
Page #5
PDF Text Preview (generated)
Page #6
PDF Text Preview (generated)
Page #7
PDF Text Preview (generated)
Page #8
PDF Text Preview (generated)
Page #9
PDF Text Preview (generated)
Page #10
PDF Text Preview (generated)
Page #11
PDF Text Preview (generated)
Page #12
PDF Text Preview (generated)
Page #13
PDF Text Preview (generated)
Page #14
PDF Text Preview (generated)
Page #15
PDF Text Preview (generated)
Page #16
PDF Text Preview (generated)
Page #17
PDF Text Preview (generated)
Page #18
PDF Text Preview (generated)
Page #19
PDF Text Preview (generated)
Page #20
PDF Text Preview (generated)
Page #21
PDF Text Preview (generated)
Page #22
PDF Text Preview (generated)
Page #23
PDF Text Preview (generated)
Page #24
PDF Text Preview (generated)
Page #25
PDF Text Preview (generated)
Page #26
PDF Text Preview (generated)
Page #27
PDF Text Preview (generated)
Page #28
PDF Text Preview (generated)
Page #29
PDF Text Preview (generated)
#Stream {5}
#Stream {95}
#Stream {6}
#Stream {98}
#Stream {99}
#Stream {101}
#Stream {58}
#Stream {103}
#Stream {4}
#Stream {105}
#Stream {60}
#Stream {107}
#Stream {48}
#Stream {109}
#Stream {54}
#Stream {111}
#Stream {16}
#Stream {113}
#Stream {46}
#Stream {115}
#Stream {44}
#Stream {117}
#Stream {8}
#Stream {119}
#Stream {32}
#Stream {121}
#Stream {52}
#Stream {123}
#Stream {56}
#Stream {125}
#Stream {10}
#Stream {127}
#Stream {50}
#Stream {129}
#Stream {26}
#Stream {131}
#Stream {12}
#Stream {133}
#Stream {36}
#Stream {135}
#Stream {28}
#Stream {137}
#Stream {30}
#Stream {139}
#Stream {20}
#Stream {141}
#Stream {40}
#Stream {143}
#Stream {38}
#Stream {145}
#Stream {42}
#Stream {147}
#Stream {34}
#Stream {149}
#Stream {18}
#Stream {151}
#Stream {24}
#Stream {153}
#Stream {22}
#Stream {157}
#Stream {14}
Structure
UAN_GENERATION.xls
Archive Entry
Office Document
Corrupted
Blacklist VBA
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
[Repaired @0x0000CD39]
Office Document
Corrupted
Malicious
.
Malicious
Root Entry
Malicious
CompObj
Workbook
Office Document
Corrupted
Malicious
[Repaired @0x0000C739]
Office Document
Corrupted
Malicious
[Content_Types].xml
Xml
_rels
.rels
Xml
drs
shapexml.xml
Xml
downrev.xml
Xml
_VBA_PROJECT_CUR
VBA
dir
Module1
Blacklist VBA
VBA Macro
[Stored VBA]
Blacklist VBA
VBA Macro
Visual Basic
DeObfuscated
VBScript
T1059.005
Obfuscated
[Stored VBA].deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
[PCode]
Blacklist VBA
VBA Macro
VBA P-Code
Disassembly
__SRP_0
__SRP_1
__SRP_2
__SRP_3
__SRP_4
__SRP_5
__SRP_6
__SRP_7
ThisWorkbook
VBA Macro
[Stored VBA]
VBA Macro
Visual Basic
DeObfuscated
VBScript
T1059.005
Obfuscated
[Stored VBA].deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
[PCode]
VBA Macro
VBA P-Code
Disassembly
[Decompiled VBA]
VBA Macro
Visual Basic
Decompiled
DeObfuscated
VBScript
T1059.005
Obfuscated
[Decompiled VBA].deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
_VBA_PROJECT
PROJECT
PROJECTwm
SummaryInformation
DocumentSummaryInformation
Malware Configuration - URLs in PDF
Config. Field
Value
URL #1

https://unifiedportal-emp.epfindia.gov.in/epfo

Informations
Name
Value
UAN.pdf

1.4

UAN.pdf

D:20250703130330+05'30'

UAN.pdf

JasperReports Library version 6.20.5-3efcf2e67f959db3888d79f73dde2dbd7acb4f8e

UAN.pdf

D:20250703130330+05'30'

UAN.pdf

OpenPDF 1.3.30; modified using iText® 5.5.13.3 ©2000-2022 iText Group NV (AGPL-version)

UAN.pdf

D:20250703130330+05'30'

UAN.pdf

JasperReports Library version 6.20.5-3efcf2e67f959db3888d79f73dde2dbd7acb4f8e

UAN.pdf

D:20250703130330+05'30'

UAN.pdf

OpenPDF 1.3.30; modified using iText® 5.5.13.3 ©2000-2022 iText Group NV (AGPL-version)

c4120c50690a44fb51972992e011ee01 (751.58 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙