Malicious
General
Structural Analysis
Config.1
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash | Hash Value |
---|---|
MD5 | c4e2710e4f71b9ad4076abeadd36ca3b
|
Sha1 | d76fc779b65c25cbd4fc4218f1af89d9eff13e7b
|
Sha256 | 44f8c1348b2cff123c5b0421fa69624d73b429f9825b86b629e09246fd543158
|
Sha384 | 2cfcf668d6686ff931505f7f3c3cd71a9fa4e7762b0d66adcfe72bf95b08f74c93acb96464cafb9d308adf622b8a03c0
|
Sha512 | 3b19234b2659d510fa2f9c65723deadb75fefdeb5c33b9ef31f4fdb72327359db9b15841a8da3dfc1f5faa6dafdb550bc16ec2d0d734a2d3940d130dc650b779
|
SSDeep | 384:VttuzeA2PJl6ahbTAaW8kw/O335BWVWQo1ZlI/+h1YS1IQT3PoKOG6E8osl5/ruw:Z/rOn7fXBFnS
|
TLSH | 9DB298530E38FD9002D8A934BD676192E2D3DFAE6195622305C347A927229F94FE47F3
|
File Structure
c4e2710e4f71b9ad4076abeadd36ca3b
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
c4e2710e4f71b9ad4076abeadd36ca3b.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
c4e2710e4f71b9ad4076abeadd36ca3b
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
c4e2710e4f71b9ad4076abeadd36ca3b (24.84 KB)
File Structure
c4e2710e4f71b9ad4076abeadd36ca3b
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
c4e2710e4f71b9ad4076abeadd36ca3b.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
c4e2710e4f71b9ad4076abeadd36ca3b
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.