Malicious
General
Structural Analysis
Config.1
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash | Hash Value |
---|---|
MD5 | d1b512cae496d24422e6cf5241460cf7
|
Sha1 | fb11d64242776c20458237a1517b0f5873d10fba
|
Sha256 | 80b0e01b1756f26b118abd730d433e4537b4826e56d5a1267ed93fe5e730358d
|
Sha384 | 474c687c761b0cfd10a465f1e5ee5d0dd02d5c6324cabcb5443e7f299e6c45eae847ab077977fbcb79c57d33e820419e
|
Sha512 | 2ca3d443eca9ebdf0db7ff859b8fd11a99fff6f72beceef733fc3081f7ddfd1f3ae5fcc7d5af351d344006468b634ce85be7cbf7c6ec8b58f60b20ce30e831e7
|
SSDeep | 384:IzJ7soGInOOHOOzDwhqVZTc4wt0FMybrkbmbz6XVOrFHXwOyu4P6B9ydwjdh3XRM:ISof2Oref7b
|
TLSH | 09B288930E79FD5001D8A934BD67A192E2D3DFAE6195622301C34BA927228F54FE47F3
|
File Structure
d1b512cae496d24422e6cf5241460cf7
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
d1b512cae496d24422e6cf5241460cf7.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
d1b512cae496d24422e6cf5241460cf7
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
d1b512cae496d24422e6cf5241460cf7 (23.56 KB)
File Structure
d1b512cae496d24422e6cf5241460cf7
DeObfuscated
VBScript
T1059.005
VBS Execute Sub-Script
Obfuscated
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
Malicious
d1b512cae496d24422e6cf5241460cf7.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
d1b512cae496d24422e6cf5241460cf7
Malicious
.executed
Malicious
.subscript.vbs
VBS Execute Sub-Script
VBScript
T1059.005
WScript.Shell
MSXML2.ServerXMLHTTP.6.0
DeObfuscated
Obfuscated
Malicious
.subscript.vbs.deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
Characteristics
Malware Configuration - URLs in VBA/VBS Code
Config. Field0 | Value |
---|---|
URL #1 | https://gxsearch.club/loja/arquivos/download/base.php |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.