1ef841ae49ebb896b0bbcf311767095ec8b07f178032345b96840d4c668b1434 | Triage

Submit
Reports

Overview

overview

1

Static

static

御剑后�...��.exe

windows7-x64

1

御剑后�...��.exe

windows10-2004-x64

1

御剑后�...SP.vbs

windows7-x64

1

御剑后�...SP.vbs

windows10-2004-x64

1

御剑后�...IR.vbs

windows7-x64

1

御剑后�...IR.vbs

windows10-2004-x64

1

御剑后�...SP.vbs

windows7-x64

1

御剑后�...SP.vbs

windows10-2004-x64

1

御剑后�...DB.vbs

windows7-x64

1

御剑后�...DB.vbs

windows10-2004-x64

1

御剑后�...HP.vbs

windows7-x64

1

御剑后�...HP.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

御剑后台扫描珍藏版/御剑后台扫描工具.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

御剑后台扫描珍藏版/御剑后台扫描工具.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

御剑后台扫描珍藏版/御剑配置文件/ASP.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

御剑后台扫描珍藏版/御剑配置文件/ASP.vbs

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

御剑后台扫描珍藏版/御剑配置文件/DIR.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

御剑后台扫描珍藏版/御剑配置文件/DIR.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

御剑后台扫描珍藏版/御剑配置文件/JSP.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

御剑后台扫描珍藏版/御剑配置文件/JSP.vbs

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

御剑后台扫描珍藏版/御剑配置文件/MDB.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

御剑后台扫描珍藏版/御剑配置文件/MDB.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

御剑后台扫描珍藏版/御剑配置文件/PHP.vbs

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

御剑后台扫描珍藏版/御剑配置文件/PHP.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1ef841ae49ebb896b0bbcf311767095ec8b07f178032345b96840d4c668b1434
Size

2.6MB
MD5

354bf94d4b95da13de6758226dd26bd3
SHA1

6cbf7995dff97ab9cfe9c9024ffda1bd352ee969
SHA256

1ef841ae49ebb896b0bbcf311767095ec8b07f178032345b96840d4c668b1434
SHA512

450560c8aa781d03d54a879c164e4e2b47d806aa2924995d6a4c85b208befc9974c1c12759d41091c18fb957f3b9eec9bfb1f9516f8b168426e40f4781f18a8e
SSDEEP

49152:7+x20dZ3w/lNpXoSjzClF7D19mR2ms65MA7v1qmULbY82AgKTRFQY:qdZANNJUpsvF5MA7v1DvAgiRiY

Score

N/A

Malware Config

Signatures

Files

1ef841ae49ebb896b0bbcf311767095ec8b07f178032345b96840d4c668b1434
.rar
御剑后台扫描珍藏版/御剑后台扫描工具.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
御剑后台扫描珍藏版/御剑配置文件/ASP.TXT
.vbs
御剑后台扫描珍藏版/御剑配置文件/ASPX.TXT
御剑后台扫描珍藏版/御剑配置文件/DIR.txt
.vbs
御剑后台扫描珍藏版/御剑配置文件/JSP.TXT
.vbs
御剑后台扫描珍藏版/御剑配置文件/MDB.txt
.vbs
御剑后台扫描珍藏版/御剑配置文件/PHP.txt
.vbs

© 2018-2025

Terms | Privacy