Try VMRay Platform
Malicious
Classifications

-

Threat Names

Mal/Generic-S

Dynamic Analysis Report

Created on 2024-04-27T09:32:41+00:00

powershell.lnk

PowerShell Script (Shell Link)
...
Filters:
File Name Category Type Verdict Actions
C:\Users\RDhJ0CNFevzX\Desktop\powershell.lnk Sample File Shortcut
Malicious
...
»
MIME Type application/x-ms-shortcut
File Size 1.83 KB
MD5 e8fa1645a2698af62050379684139317 Copy to Clipboard
SHA1 0cb8e75f2d858e3509a20188472efba781ae0ec5 Copy to Clipboard
SHA256 49cf9fe1a5b1c9f9027ecef5093396552e022e437042f9ed9cee7b6122fb2dee Copy to Clipboard
SSDeep 24:84hOjWNXl/KDXBLoWn1muknJOxWkp+/CWP2+/CwrXcOCxs/pK6+/CqU5SQFKq+/a:8OOU29Au0JO9KmeBCq4 Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Malicious
Names Mal/Generic-S
C:\Windows\Temp\MAS_15344413.cmd Dropped File Text
Clean
...
»
MIME Type text/plain
File Size 438.48 KB
MD5 980e88511f9e7824fa91f5ec60a45b57 Copy to Clipboard
SHA1 8fbdcb6cc25ea7279a514d3d560a022c063b2614 Copy to Clipboard
SHA256 af96f9cc8767566d7b69f37baf28c97322d6aeff9e905d71c7c7390bcd0a677e Copy to Clipboard
SSDeep 3072:zddR3S9mF2TJRMP0u+RciNiYFRd8nVFR3mP5sLtV7bJuAMTVFp6zGDNSCE2K0xOy:ZAnHu+R7VLo97bJu9p6zGDNS0KgOuCs Copy to Clipboard
ImpHash -
6a33a7755cea94bdc8527df33b1e5e238c26a478c50c294387ab603ce7544729 Downloaded File Text
Clean
...
»
MIME Type text/x-msdos-batch
File Size 438.46 KB
MD5 85d6b9f9cffa62fd7eb22954568a7d9a Copy to Clipboard
SHA1 8c871d7aae9430ae72aa091988e622f14dc31d59 Copy to Clipboard
SHA256 6a33a7755cea94bdc8527df33b1e5e238c26a478c50c294387ab603ce7544729 Copy to Clipboard
SSDeep 3072:ZddR3S9mF2TJRMP0u+RciNiYFRd8nVFR3mP5sLtV7bJuAMTVFp6zGDNSCE2K0xOn:XAnHu+R7VLo97bJu9p6zGDNS0KgOuCV Copy to Clipboard
ImpHash -
825fd2904145a765334671e018e98e55ec62f4d1691d562431a71df0e47d3c86 Downloaded File Text
Clean
...
»
MIME Type text/plain
File Size 1.77 KB
MD5 6185481735a459173f53a4c39bf05ced Copy to Clipboard
SHA1 73db56dcfb54cc4ed558f8e1ead3441b542a24e0 Copy to Clipboard
SHA256 825fd2904145a765334671e018e98e55ec62f4d1691d562431a71df0e47d3c86 Copy to Clipboard
SSDeep 48:yuX99jWi0zSwW7vzScme34igZst4JAwGqpfEzTcAAWW1pY/a:y6996JSh/ScxBEZGe8zTXWLY/a Copy to Clipboard
ImpHash -
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a Downloaded File HTML
Clean
Known to be clean.
...
»
MIME Type text/html
File Size 162 Bytes
MD5 4f8e702cc244ec5d4de32740c0ecbd97 Copy to Clipboard
SHA1 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Copy to Clipboard
SHA256 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a Copy to Clipboard
SSDeep 3:qVoB3tUROGclXqyvXboAcMBXqWSZUXqXlIVLLP61IwcWWGu:q43tISl6kXiMIWSU6XlI5LP8IpfGu Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.46 KB
MD5 89175dd218f0649ad24fb6321f1967fb Copy to Clipboard
SHA1 f86d699551b2efe6d8eab36fe16f5f7ae9e3488c Copy to Clipboard
SHA256 6faa81df8a1e2c39b95da69be572b042d6c2af18314e2557ef97c6b2d9074716 Copy to Clipboard
SSDeep 384:yEMLxFZsiaiLzS0ZxTkv/7Jj9TGpspRiuD/1Q6ToDxUesZgsKnRatmLvodCwshzU:Ld+BGYi Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.46 KB
MD5 9f57d5fc5c7be589e85d4db89969aa16 Copy to Clipboard
SHA1 f2dc8c194876fcf70246eea48ef1e6d7e083dd69 Copy to Clipboard
SHA256 087f5cafc423f0e4440a28016583eccd5b90b1987d35573e64f6eec8a6e80414 Copy to Clipboard
SSDeep 384:yEMLxFZsiaiLzSiZxTkv/7Jj9TGpspRiuD/1Q6ToDxUesZgsKnRatmLvodCwshzU:1d+BGYi Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.46 KB
MD5 78ec6f823dfcb87ddd4ede56ac94698f Copy to Clipboard
SHA1 4899ee952dacacec134eec461e5c103d6c0d4ca5 Copy to Clipboard
SHA256 f3dc512f9769dbc87ba2e7faa0cc0bae6bdf0f7f6bc76176918c587b98708ade Copy to Clipboard
SSDeep 384:yEMLxFZsiaiLaS0ZxTkv/7Jj9TGpspRiuD/1Q6ToDxUesZgsKnRatmLvodCwshzU:Qd+BGYi Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.46 KB
MD5 9afcf460e57fd33f0f94990a77260956 Copy to Clipboard
SHA1 37c939844888e46874498d943615b0baed6a0694 Copy to Clipboard
SHA256 ad39e13dac18ac7181c1468a1e4886813db9dc72c0088f2d702a600ad299846d Copy to Clipboard
SSDeep 384:yEMLxFZsia7LaS0ZxTkv/7Jj9TGpspRiuD/1Q6ToDxUesZgsKnRatmLvodCwshzU:zd+BGYi Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_67a2505d-bf00-4e2f-b010-406d32caddc3 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 8.73 KB
MD5 de26212a79e7c70ea65871ce7c0142bb Copy to Clipboard
SHA1 0ff4743454228ffabbad8cdacda16726baad110c Copy to Clipboard
SHA256 bff972df82ef871cff56b4093f6953a526992555c2913ecd6fede0d642b7cc0a Copy to Clipboard
SSDeep 192:ScPcWHBxheQYm2/ivkcBRc/hy2fZxy7GkiZ2HGjh1E4LQjNKZWLq5kbMyD41vLSe:ScPcWHBxheQYm2/ivkcBRc/hy2fZxy7U Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_6de40067-cd2a-4666-8cd9-870e0a588215 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 1.59 KB
MD5 5c8ce5ee94c705d5cf9c9f9ff4ba54a6 Copy to Clipboard
SHA1 6266e20e86de3b206706e66c108982166828c7f4 Copy to Clipboard
SHA256 b0ada1a5b9cd3c6c3c9fa895bf63665129ea3ac1be1391a2064296fdf950fe3a Copy to Clipboard
SSDeep 24:WM83yV+ty+hXpDXTX8XAX8X+XpZX4qXpoPXSJMeS+Z+Wz+q:BSy8Pppbr848Oph4ip2SJplgDq Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_01c28806-e5ae-41cc-b284-e627e1b02beb Modified File Stream
Clean
Known to be clean.
...
»
Also Known As C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_f9e52a2e-51b0-4ce6-9de0-3959d95ded6e (Accessed File)
MIME Type application/octet-stream
File Size 602 Bytes
MD5 0f67d493e524af85928b059770f45ee1 Copy to Clipboard
SHA1 dbb7a768710941631e09c9baae697a95dd5b2004 Copy to Clipboard
SHA256 9214d80f84cede2f6a2b72f617e0c6a54c75f589b00ff17d2858041e541f30b0 Copy to Clipboard
SSDeep 12:Whi8fvy8k+DF5NFk+DFQCf1fx5Elk+DFRck+DFMak+DFQ:WM83yV+ty+L15eS+Z+Wz+q Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image