Details

_id 5e7be2f411acca7063dbbc7f
reference ['https://www.virustotal.com/gui/file/945a20cc6a6fc97d4682c5049464f13853561b8d52d4a3a96a4f225cafcb8e00/detection', 'https://app.any.run/tasks/cb289dfd-50c4-485d-8bcb-a1db7d1fd6ac']
md5 ['b708fa359468d0cc5b993add37444222']
sha1 ['e4b869005545dddc1f6bfa771e7d29321c026082']
sha256 ['945a20cc6a6fc97d4682c5049464f13853561b8d52d4a3a96a4f225cafcb8e00']
mail []
ip []
domain []
url []
user gorimpthon
tweet Excel -> mshta -> schtasks -> mshta -> powershell -> msbuild Observed utilization of several pastebin urls to download the final payload https://www.virustotal.com/gui/file/945a20cc6a6fc97d4682c5049464f13853561b8d52d4a3a96a4f225cafcb8e00/detection … https://app.any.run/tasks/cb289dfd-50c4-485d-8bcb-a1db7d1fd6ac …
id 1242822222588325888
retweets 3
favorites 11
link https://twitter.com/gorimpthon/status/1242822222588325888
mentions []
hashtags []
timestamp 1585146883
date 2020-03-25 15:34:43

Tweet