Try VMRay Platform
Malicious
Classifications

Backdoor

Threat Names

-

Dynamic Analysis Report

Created on 2025-03-28T06:26:00+00:00

Flight Route and Commodity details.vbs

VBScript
...

Remarks (1/1)

(0x0200003A): A task was rescheduled ahead of time to reveal dormant functionality.

Filters:
File Name Category Type Verdict Actions
C:\Users\Public\WG9R6E.vbs Sample File Text
Malicious
...
»
Also Known As C:\Users\RDHJ0C~1\Desktop\Flight Route and Commodity details.vbs (Accessed File)
C:\Users\RDhJ0CNFevzX\Desktop\Flight Route and Commodity details.vbs (VM File, Sample File, Accessed File)
MIME Type text/x-vbscript
File Size 1.65 KB
MD5 2076b9dc252178a4385e81d7de7a3631 Copy to Clipboard
SHA1 a6e5155b05b5e66e3c7412926943e61a06773fa1 Copy to Clipboard
SHA256 6a7659149cd1bd947ab76dbb4ab97d19d23b4e9239b6a389bfffde73feea4511 Copy to Clipboard
SSDeep 48:1Df5Mx+R6VMeAYNqG2jeF0/iChTZr2TK99Vvi:1DxU+YieAY0aFgWTK9G Copy to Clipboard
ImpHash -
C:\Users\Public\WindowsUpdateWG9R6E.vbs Dropped File Text
Clean
...
»
MIME Type text/plain
File Size 186 Bytes
MD5 300df25f52d191761e44d2ae297c166b Copy to Clipboard
SHA1 d714c4a14a4ced7699b015ffc3d15b5f8a1d9e89 Copy to Clipboard
SHA256 f63c6e8ca01bdf13a506b964c25724bb713dce3ad8d42ad614075c0804dacc60 Copy to Clipboard
SSDeep 3:NWDoA8x7D/ecwOYMrHIDaHF5y/ap59w8n0eFHlGXI4PaHF5y/aixpv:8DoA+7y9MTIaH4apAqlFHlVUaH4as Copy to Clipboard
ImpHash -
a3f36a9a46bcbb31060ccee4bd46e2cf6733a84682d91003af3f01fdd669b583 Downloaded File Text
Clean
...
»
MIME Type text/plain
File Size 4.88 KB
MD5 60c91a402f7d84fdd40579d69b51302a Copy to Clipboard
SHA1 7a736ac367a39f6f092622ac9747e3d5e1d0f92c Copy to Clipboard
SHA256 a3f36a9a46bcbb31060ccee4bd46e2cf6733a84682d91003af3f01fdd669b583 Copy to Clipboard
SSDeep 96:/7aPY3cBdbsJs2q87nvjFnPl+4DyKGbDhLxDLhgSrMFxm:/ePjBdb2smnx9yblLhLhvKm Copy to Clipboard
ImpHash -
d22def68129b595d656b5c0e52786864ef37f5663a91577154767b30ef149e33 Downloaded File HTML
Clean
...
»
MIME Type text/html
File Size 151 Bytes
MD5 5643613415f56d9df95bb79632fe59ab Copy to Clipboard
SHA1 4855561878eb577c7ed0246ae0f1bb2dcf778dcc Copy to Clipboard
SHA256 d22def68129b595d656b5c0e52786864ef37f5663a91577154767b30ef149e33 Copy to Clipboard
SSDeep 3:qVoB3tUROGYqHXboAcMBXqWSVjaGklIVLKqInLeKawcWWGu:q43tIjHXiMIWiklI5ALVapfGu Copy to Clipboard
ImpHash -
110756eba53beecc7101db67beca7c6697ed0f815dc1fb926f11d434e1cd9252 Downloaded File Text
Clean
...
»
MIME Type text/plain
File Size 25 Bytes
MD5 6780641503866552ca76aefaffa2889a Copy to Clipboard
SHA1 144e05c4f2cb2608da4ff4d37b0c13b7e90632cf Copy to Clipboard
SHA256 110756eba53beecc7101db67beca7c6697ed0f815dc1fb926f11d434e1cd9252 Copy to Clipboard
SSDeep 3:NSwpQDhxgT:RuhxW Copy to Clipboard
ImpHash -
d21678d411aa5dc8912103242c63e40626d23428c763791fa6fde9fcda082610 Downloaded File Text
Clean
...
»
MIME Type text/plain
File Size 12 Bytes
MD5 6e730a84522c3a5bd1710ab9181c38c8 Copy to Clipboard
SHA1 c9ee3e71635d0c12405e0204c21bb61e1f4f09cd Copy to Clipboard
SHA256 d21678d411aa5dc8912103242c63e40626d23428c763791fa6fde9fcda082610 Copy to Clipboard
SSDeep 3:EQglmn:EQg0n Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 0f7395a98cfc4801ffa83a96554a40e4 Copy to Clipboard
SHA1 18102ca4cc9f7b1122e24335973c02684f4f6065 Copy to Clipboard
SHA256 4fdd6bc64b02d5bd41a720d103599750629776922bbb345b5f2669046613fa10 Copy to Clipboard
SSDeep 384:yEMLxFZsia7LaS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:FqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 81bb63768f351b44fd6e331f93e11974 Copy to Clipboard
SHA1 b3ffc2f6e1b2b81f616d4f1876c858513f790a9a Copy to Clipboard
SHA256 2a4bb48b61ee2425c0798f8db60133f1196e9cb08bcd5c92029d4a6bff769b99 Copy to Clipboard
SSDeep 384:yEjLaFIsFa7LaS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:5qZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 03596c683982dde6263293a64acc0e69 Copy to Clipboard
SHA1 8429e92e663b81658feba18a84d2f4e0fbccaf12 Copy to Clipboard
SHA256 6311572cd94155828ece3b37ada3760706a2aa4b28b8e3844e3b38c34476f2c5 Copy to Clipboard
SSDeep 384:yEMLxFZsiaiLzS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:dqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 9194c3fdff8b00bd21fa2aef97ff0917 Copy to Clipboard
SHA1 9f26cb04cf94dbaf1ef145c3b619f2594c96e6ff Copy to Clipboard
SHA256 21dfadbe1fee375bd85c72c4030d88d189cf809ba5f80d6dbebaa2b62e098ea0 Copy to Clipboard
SSDeep 384:yEMLxFZsiaiLzSiZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:zqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 fcbd7ac8823b61781336bb97b1504de1 Copy to Clipboard
SHA1 891a6f82c4b1f0a74fff26d2fc7c726c46825ae2 Copy to Clipboard
SHA256 8e26425d63ad5fde39c0ca8a002556f9f295dc37c4369dddd41149f4c36244d9 Copy to Clipboard
SSDeep 384:yEMLxFIsFa7LaS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:dqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 162869e6a8526dbb01542ebbf49a3363 Copy to Clipboard
SHA1 4a3c14a13ff3b06ac04c1bd6e5e406cb1c559a99 Copy to Clipboard
SHA256 3cc98865cee8bf3f63a733b6b4f156534b9c9c39374646fb59a6b4bb9a0f4f0a Copy to Clipboard
SSDeep 384:yEMLxFZsFa7LaS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:aqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheIndex Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 19.23 KB
MD5 61f16f282064623a9f35eb1bb03149f2 Copy to Clipboard
SHA1 813c6f284c83f4f69d70ded74df5b6f306ffdd8b Copy to Clipboard
SHA256 f8c62c2b5ad350eabb6fa68a42568d6ee986e8869a68ecaeb87f865bb4b4a55e Copy to Clipboard
SSDeep 384:yEMLaFIsFa7LaS0ZxAkb/nJZu9lG2VtPlk0l/0OpdIAsWs5REuX1365oZxMerZlc:MqZn+NR Copy to Clipboard
ImpHash -
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_da21122d-ae44-4f93-ba1d-c9a978ca5b20 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 10.75 KB
MD5 8845f276e426accd51223008b6aed4bf Copy to Clipboard
SHA1 c9fa81aa57e7c32c4bcefd33788967cc3170fe91 Copy to Clipboard
SHA256 72831bc6962c8017ea71abc038a8f60e79976ebaf05d363c80f32c975a55d0d9 Copy to Clipboard
SSDeep 192:8wUOJGqwAf5CBbXuQuxs0B8HX64MnENxUyrTEAsr9jQ0uwm/CgGZYySo0nbSRNNo:8wUOJGqwARCBbXxss0B8364MnENxUyr3 Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_67a2505d-bf00-4e2f-b010-406d32caddc3 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 8.73 KB
MD5 de26212a79e7c70ea65871ce7c0142bb Copy to Clipboard
SHA1 0ff4743454228ffabbad8cdacda16726baad110c Copy to Clipboard
SHA256 bff972df82ef871cff56b4093f6953a526992555c2913ecd6fede0d642b7cc0a Copy to Clipboard
SSDeep 192:ScPcWHBxheQYm2/ivkcBRc/hy2fZxy7GkiZ2HGjh1E4LQjNKZWLq5kbMyD41vLSe:ScPcWHBxheQYm2/ivkcBRc/hy2fZxy7U Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_cc38888a-7080-4220-9b7d-de7a9b2167ba Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 1.77 KB
MD5 c9fa9488f8854802c6f5eff3234d8a8a Copy to Clipboard
SHA1 8b9029e83008d74b8c5414a2ef064629a340c9ae Copy to Clipboard
SHA256 12bd362291f72f2c2e7756742b7377549d13d5bf231455d23ef250c5bdf18121 Copy to Clipboard
SSDeep 24:WM83yV+ty+ZcnPZcMGcZcFc7Vc4vcEvcXc6c4ncSZncJ5S+Z+Wz+q:BSy8PiPiMLim64EEEM34cYcJ5lgDq Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_6de40067-cd2a-4666-8cd9-870e0a588215 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 1.59 KB
MD5 5c8ce5ee94c705d5cf9c9f9ff4ba54a6 Copy to Clipboard
SHA1 6266e20e86de3b206706e66c108982166828c7f4 Copy to Clipboard
SHA256 b0ada1a5b9cd3c6c3c9fa895bf63665129ea3ac1be1391a2064296fdf950fe3a Copy to Clipboard
SSDeep 24:WM83yV+ty+hXpDXTX8XAX8X+XpZX4qXpoPXSJMeS+Z+Wz+q:BSy8Pppbr848Oph4ip2SJplgDq Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_6fe77092-4798-42ae-bda5-e7f822b580e9 Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 1.15 KB
MD5 9832b59b183bb6318e62f1385d345c6d Copy to Clipboard
SHA1 54b856a180fb3723403f9aad24ca548de63dc376 Copy to Clipboard
SHA256 bfd60204585f1603ee9faac7c44adb9fcd6fa56b7748f03ecb1a9beaa7c56ea1 Copy to Clipboard
SSDeep 24:WM83yV+ty+qXlIZXxf/DXdQXPZX3X6S+Z+Wz+q:BSy8PilIhNTWPhn6lgDq Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
C:\Users\RDhJ0CNFevzX\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\PowerShell_AnalysisCacheEntry_01c28806-e5ae-41cc-b284-e627e1b02beb Modified File Stream
Clean
Known to be clean.
...
»
MIME Type application/octet-stream
File Size 602 Bytes
MD5 0f67d493e524af85928b059770f45ee1 Copy to Clipboard
SHA1 dbb7a768710941631e09c9baae697a95dd5b2004 Copy to Clipboard
SHA256 9214d80f84cede2f6a2b72f617e0c6a54c75f589b00ff17d2858041e541f30b0 Copy to Clipboard
SSDeep 12:Whi8fvy8k+DF5NFk+DFQCf1fx5Elk+DFRck+DFMak+DFQ:WM83yV+ty+L15eS+Z+Wz+q Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Clean
Known to be clean.
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image