Malicious
General
Structural Analysis
Config.1
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash | Hash Value |
---|---|
MD5 | ca882fb8890586b7ca0769a44c7f7990
|
Sha1 | 4d4de1e0cea4b766dc37526296af15d003ee46e5
|
Sha256 | 6006525142cf33d9d7c7d65403e93f759df359d8ff58f82b3e713ca18efe8cb2
|
Sha384 | 72374081899168d607bef5ad6368f45262aec2a6f2d69eff02d52685034a5c27411aaf165fa60fe60a5125c0641d1aba
|
Sha512 | f81bbfd84a989d73b8898a85cc00e34b4d9374527596c8c49a0af7d0a997729f6f8fd7485f065a45f8519ee9067fa34d30df9dc5cc05cea1433323a5e7e030d0
|
SSDeep | 384:+oSwzveEFDBmYSov/S2zSE191ILLm5EbzeDDXAkuV4mqyEoEUs9:1iqvtjKMyk
|
TLSH | 2EB2A9930E79FC900198B935BD67A091E2D3DFAE6195522305C34BA927228F94FE47F3
|
File Structure
ca882fb8890586b7ca0769a44c7f7990
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
ca882fb8890586b7ca0769a44c7f7990.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
ca882fb8890586b7ca0769a44c7f7990
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
ca882fb8890586b7ca0769a44c7f7990 (25.25 KB)
File Structure
ca882fb8890586b7ca0769a44c7f7990
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
ca882fb8890586b7ca0769a44c7f7990.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
ca882fb8890586b7ca0769a44c7f7990
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.