Overview
overview
8Static
static
revslider/up.gif
windows7_x64
1revslider/up.gif
windows10-2004_x64
1Tools/Havi... ].exe
windows7_x64
8Tools/Havi... ].exe
windows10-2004_x64
8Tools/dbkiss.ps1
windows7_x64
1Tools/dbkiss.ps1
windows10-2004_x64
1Tools/index.html
windows7_x64
1Tools/index.html
windows10-2004_x64
1Tools/jce/MSINET.dll
windows7_x64
1Tools/jce/MSINET.dll
windows10-2004_x64
1Tools/leafmailer.js
windows7_x64
1Tools/leafmailer.js
windows10-2004_x64
1Tools/letter.html
windows7_x64
1Tools/letter.html
windows10-2004_x64
1Tools/lol.py
linux_amd64
Tools/lol.py
linux_armhf
Tools/lol.py
linux_mips
Tools/lol.py
linux_mipsel
Tools/sqlm...AQ.pdf
windows7_x64
1Tools/sqlm...AQ.pdf
windows10-2004_x64
1Tools/sqlm...ME.pdf
windows7_x64
1Tools/sqlm...ME.pdf
windows10-2004_x64
1Tools/sqlm...t__.py
linux_amd64
Tools/sqlm...t__.py
linux_armhf
Tools/sqlm...t__.py
linux_mips
Tools/sqlm...t__.py
linux_mipsel
Tools/sqlm...t__.py
linux_amd64
Tools/sqlm...t__.py
linux_armhf
Tools/sqlm...t__.py
linux_mips
Tools/sqlm...t__.py
linux_mipsel
Tools/sqlm...eep.py
linux_amd64
Tools/sqlm...eep.py
linux_armhf
General
-
Target
434418d5340303195e208d73a3c0d7584a6348b63a46c3ed057b019a70a9bef1
-
Size
12.3MB
-
Sample
220520-p6ay1sceg4
-
MD5
44bc8347e5d0d7d551de3a3403a9cc40
-
SHA1
d00a3d4148ec4c3d53212445f6060fd3f49a70e0
-
SHA256
434418d5340303195e208d73a3c0d7584a6348b63a46c3ed057b019a70a9bef1
-
SHA512
07170d6330d2f58670cb1d4caa800f4055b25b0983df2e9c6a93a0981dcd128fa60f0c6bf68492db86da6d6faeab18b959df4794012a4ad92975334de2b4a0c6
Static task
static1
Behavioral task
behavioral1
Sample
revslider/up.gif
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
revslider/up.gif
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
Tools/Havij v1.16 Pro Portable Cracked by Service Manual [ AoRE Team ].exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
Tools/Havij v1.16 Pro Portable Cracked by Service Manual [ AoRE Team ].exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Tools/dbkiss.ps1
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Tools/dbkiss.ps1
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Tools/index.html
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Tools/index.html
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
Tools/jce/MSINET.dll
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
Tools/jce/MSINET.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral11
Sample
Tools/leafmailer.js
Resource
win7-20220414-en
Behavioral task
behavioral12
Sample
Tools/leafmailer.js
Resource
win10v2004-20220414-en
Behavioral task
behavioral13
Sample
Tools/letter.html
Resource
win7-20220414-en
Behavioral task
behavioral14
Sample
Tools/letter.html
Resource
win10v2004-20220414-en
Behavioral task
behavioral15
Sample
Tools/lol.py
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral16
Sample
Tools/lol.py
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral17
Sample
Tools/lol.py
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral18
Sample
Tools/lol.py
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral19
Sample
Tools/sqlmap/doc/FAQ.pdf
Resource
win7-20220414-en
Behavioral task
behavioral20
Sample
Tools/sqlmap/doc/FAQ.pdf
Resource
win10v2004-20220414-en
Behavioral task
behavioral21
Sample
Tools/sqlmap/doc/README.pdf
Resource
win7-20220414-en
Behavioral task
behavioral22
Sample
Tools/sqlmap/doc/README.pdf
Resource
win10v2004-20220414-en
Behavioral task
behavioral23
Sample
Tools/sqlmap/extra/__init__.py
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral24
Sample
Tools/sqlmap/extra/__init__.py
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral25
Sample
Tools/sqlmap/extra/__init__.py
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral26
Sample
Tools/sqlmap/extra/__init__.py
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral27
Sample
Tools/sqlmap/extra/beep/__init__.py
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral28
Sample
Tools/sqlmap/extra/beep/__init__.py
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral29
Sample
Tools/sqlmap/extra/beep/__init__.py
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral30
Sample
Tools/sqlmap/extra/beep/__init__.py
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral31
Sample
Tools/sqlmap/extra/beep/beep.py
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral32
Sample
Tools/sqlmap/extra/beep/beep.py
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
revslider/up.php
-
Size
499B
-
MD5
b2218e2189a210da081b495850a908a7
-
SHA1
a24ae81090aeb43807d13a54426b76a65aeefcd0
-
SHA256
7471b132c955e08f7072d9a3f5676b4642e33d14837aac9412e3e265f4baf37b
-
SHA512
9f0fbdea091e03633f489bd9ede5b70aa30758a52364cb586d78f82e62f98637c23d59759718a66bb95ae4be06fd938f521b3ada6b68cf0b480d6972aa0c244a
Score1/10 -
-
-
Target
Tools/Havij v1.16 Pro Portable Cracked by Service Manual [ AoRE Team ].exe
-
Size
5.0MB
-
MD5
984e28e70d1000272a2ab61e34d12d6e
-
SHA1
35f4fa8d9e8779504300aa449b862ff119ceee49
-
SHA256
bfea6b1ba80a8b663c54dba0aa6e45ad3a4e8ff005a82adfed88aab78b2ffb85
-
SHA512
2f22420c2d697932337ac990afccbfbb0bc6b9946845b6eac8ec8ed88e3150ccde211b3b10fe78747683540d6f4696b36545a324c3d55cf56873623530c55c8b
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Tools/dbkiss.php
-
Size
147KB
-
MD5
94aaed9bb1f5ce18e6dc2f3ac1ea89ee
-
SHA1
8dd41e80a0920ff6feed4fbf98a6aac47afc25a6
-
SHA256
71c6768fc20fc36b95f84af22cbfb9d6297fe89e0b3b0aeabdddce51fbfc7488
-
SHA512
540cfdd49c8a4c44355854a9ca7e1e268423bd11539c5dc2783bf158b183f93da566c3be71639657dcb41db4582be41beec735fe88e5b5d8deafc12de2c483a4
Score1/10 -
-
-
Target
Tools/index.html
-
Size
216B
-
MD5
10a144bb507a2c13d57bcdfcce1afdff
-
SHA1
4204bed987a394859d55745066599beff45dbbcc
-
SHA256
715e50a3b287803f794e50357b51ff4d716da983ba312971d48d7d0471679e58
-
SHA512
0b21345b1989421c4869caa4d82e305181ab8326c335533c158814ce459b0bc5186b39eb472a87b0afa928e4f2f759211cb300c3c39f50fa848dc878d389d859
Score1/10 -
-
-
Target
Tools/jce/MSINET.OCX
-
Size
170KB
-
MD5
07f7242c593fd99e8589600bb2691cd3
-
SHA1
e655e586c4606373831bb81fb2dc391799cfb942
-
SHA256
2c29130e637aac9b2ea53544a3194d1e637e8a37ead769f0737afae60b52785b
-
SHA512
2868d70b93afb81bc8584d8d1ae8310a9d4c877981ce0042b3f43f4684e321fef40bf45f0cf01302a548aa713ee63ad6d39a54f4c65a0a04722d2e58a579e9f9
Score1/10 -
-
-
Target
Tools/leafmailer.php
-
Size
144KB
-
MD5
9caecb84363b93c0a394bd2ab7df891e
-
SHA1
88b7943773cd186f7022a58af10fe464c21d9e42
-
SHA256
8ecccb3fc959a9c257adf776488dd8b91c8626f97260a315fdb9f5cb914e7eb5
-
SHA512
774789a757be3c1b1797232304e6e04e175d2c44aeb05e297d6cb9d3595bceae708898712cf99dc15a6a904a72813ccad28dafc55a81d86f8630c664ac567135
Score1/10 -
-
-
Target
Tools/letter.html
-
Size
17KB
-
MD5
d688c0ef5dc5f9ab902ce5fd964e8de0
-
SHA1
eb4312bab5410c176bedf5b6a1ac6346eedb7201
-
SHA256
bff78a0395db26fe4218c03c60b0e6b86816e92ec939c3e8a7726a689c699bb9
-
SHA512
d31ea2dc713e2afc66a03a1b6c5db3eac30a557bed0416d1e2ea5ef93dcd76081612a7abb182ff2e3300acf41f48184a6a5a3518f8db64112471c15eab162bff
Score1/10 -
-
-
Target
Tools/lol.py
-
Size
1KB
-
MD5
09671677c4239c1a08891d57a0203c3a
-
SHA1
95cd61b8721cdae7a61190882a546c630a23cdad
-
SHA256
c5edfecca82fc5a0d9ae9052402d625689ec04796052b94d3faa42585b01f75d
-
SHA512
68505892cada436168e55e0edc71d1c859c8d3545cd54cd28762fb37161745d270668f1e049d4aac78c5e0ca87a30a4c368eefcb610e83272ec0bfadc23425ab
Score1/10 -
-
-
Target
Tools/sqlmap/doc/FAQ.pdf
-
Size
304KB
-
MD5
49c4b1884e95860c331e39e6fdf1a522
-
SHA1
d1de0070816bdcecb4681f1ac6910fec87c5e5bc
-
SHA256
da0f7469664ceb99267b7e37314217494dbd4ca142d67e234f43c6cfa3686054
-
SHA512
1a665a0cf9b2386bab46c6d6f1fd2ff2581ad05e28503a036d053d4d76d82daf89921a5091fe6c8a4447d47bc81a8403b42abb27281e959196262c2ca1afa6c8
Score1/10 -
-
-
Target
Tools/sqlmap/doc/README.pdf
-
Size
482KB
-
MD5
5755dce255abb114e6d626d9b30e0fa4
-
SHA1
af5ce62bfcff9a88b20be403e22b24aac40f3f5f
-
SHA256
41356dbd3899b8de9f9b0bff176a17a0c6b9e89409ff390fbaf7eba4d9f175bb
-
SHA512
e2e9d9b1280ebf0365b1b2fc4efd7036e18b6113527ceea4b3ad4e26f74683111be8965f1e1a119634bc1668c7548c322c6998bb06effc640300812e837549fb
Score1/10 -
-
-
Target
Tools/sqlmap/extra/__init__.py
-
Size
150B
-
MD5
cc9c82cfffd8ee9b25ba3af6284f057e
-
SHA1
e2d0459aac0f7c653f62ea7e6175b32dabd37581
-
SHA256
b5b0a56179f4dfe84e20785c18987e7f53b8a41efda17e3b274c416662c9443e
-
SHA512
e401dbcf2d330ecc145a88b8de96df878faa45a3b6ddd9b0115107d1f6b5681e17fd0d432b1e4f4112bc3a3098c3698d2061107c0d23ad9cc218cd3970512fee
Score1/10 -
-
-
Target
Tools/sqlmap/extra/beep/__init__.py
-
Size
150B
-
MD5
cc9c82cfffd8ee9b25ba3af6284f057e
-
SHA1
e2d0459aac0f7c653f62ea7e6175b32dabd37581
-
SHA256
b5b0a56179f4dfe84e20785c18987e7f53b8a41efda17e3b274c416662c9443e
-
SHA512
e401dbcf2d330ecc145a88b8de96df878faa45a3b6ddd9b0115107d1f6b5681e17fd0d432b1e4f4112bc3a3098c3698d2061107c0d23ad9cc218cd3970512fee
Score1/10 -
-
-
Target
Tools/sqlmap/extra/beep/beep.py
-
Size
2KB
-
MD5
c981335b0035fe8d5667d1c952e641e4
-
SHA1
21d8e3f53cd076bd732d393ab83374a3ad095e02
-
SHA256
5df18eee028e1d89700f7a243a88112e3809739c8710ec0c3a5a0c5aa8b8ffa3
-
SHA512
ae7b0c1e16edb1c0a6801e74d7d60f313cb01c9d33527b6f3901b37760fd96832bfdc5dd48dbb14ce1e7b807f17ca72e2b9f4761c3428748d5d7598315f61aa1
Score1/10 -