Malicious
Malicious

f308215cc6b4586d48ccc791947c437d

VBScript
|
MD5: f308215cc6b4586d48ccc791947c437d
|
Size: 173.32 KB
|
text/vbscript

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
f308215cc6b4586d48ccc791947c437d
Sha1
546fe4df4e2fc95a88716e472b37a89821fdd50e
Sha256
1f8a3ec047e0f44f1f21e1e3f8af5ea32749ecac3e2bef4fc2ba1a2006934581
Sha384
31c49e69fc178ed1ce59b8ac91a4d50be286f18cb1243bd89074287ac409b980c4f00861167f5d312808480784460c25
Sha512
69725809ee320bd01ddd12a3d3308360761c7f3545f38fddc61b92d39563026c534fa426f53f111fc254e40527e9f7dc4adedc2cd7646a09d9b6d6119baf0f6f
SSDeep
3072:aALnsl6ItI/J0E0Rxz3zZOPkgVXf/8ptbq/AYboQSlxwZht:aasl6ItI/J0E0PzdOPkhptsAYqwx
TLSH
96047D669E8932248BBA570295DF3C8167D6530BB9721C8EB50C90CD82FF5E4E6CD0BD
File Structure
f308215cc6b4586d48ccc791947c437d
Malicious
[Base64-Block@0x00004994]
[Base64-Block-Decoded]
Malicious
Artefacts
Name
 Value
URLs in VB Code - #1

http://172.86.105.200
URLs in VB Code - #2

https://long-king-02b7.5ekz2z6pjk.workers.dev
URLs in VB Code - #3

https://che
URLs in VB Code - #4

https://check-ho
URLs in VB Code - #5

https://check-host
URLs in VB Code - #6

https://check-host.net/
URLs in VB Code - #7

https://check-host.net/ip
URLs in VB Code - #8

https://check-host.net/ip-in
URLs in VB Code - #9

https://check-host.net/ip-info
URLs in VB Code - #10

https://check-host.net/ip-info?ho
URLs in VB Code - #11

https://check-host.net/ip-info?host=
URLs in VB Code - #12

https://check-host.net/ip-info?host=vaporblue.ddnsking.com
f308215cc6b4586d48ccc791947c437d (173.32 KB)
File Structure
f308215cc6b4586d48ccc791947c437d
Malicious
[Base64-Block@0x00004994]
[Base64-Block-Decoded]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
URLs in VB Code - #1

http://172.86.105.200

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #2

https://long-king-02b7.5ekz2z6pjk.workers.dev

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #3

https://che

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #4

https://check-ho

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #5

https://check-host

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #6

https://check-host.net/

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #7

https://check-host.net/ip

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #8

https://check-host.net/ip-in

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #9

https://check-host.net/ip-info

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #10

https://check-host.net/ip-info?ho

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #11

https://check-host.net/ip-info?host=

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
URLs in VB Code - #12

https://check-host.net/ip-info?host=vaporblue.ddnsking.com

f308215cc6b4586d48ccc791947c437d > [Base64-Block@0x00004994] > [Base64-Block-Decoded]
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙