Overview

overview

10

Static

static

10

Shells/A/Ajan.asp.vbs

windows7-x64

1

Shells/A/Ajan.asp.vbs

windows10-2004-x64

1

Shells/A/A...ell.js

windows7-x64

1

Shells/A/A...ell.js

windows10-2004-x64

1

Shells/A/A...pl.txt

ubuntu-18.04-amd64

5

Shells/A/A...pl.txt

debian-9-armhf

5

Shells/A/A...pl.txt

debian-9-mips

5

Shells/A/A...pl.txt

debian-9-mipsel

5

Shells/B/backdoor1.js

windows7-x64

1

Shells/B/backdoor1.js

windows10-2004-x64

1

Shells/B/b...rfr.js

windows7-x64

1

Shells/B/b...rfr.js

windows10-2004-x64

1

Shells/C/C...sp.vbs

windows7-x64

1

Shells/C/C...sp.vbs

windows10-2004-x64

1

Shells/C/C...sp.asp

windows7-x64

3

Shells/C/C...sp.asp

windows10-2004-x64

3

Shells/C/c...hp.ps1

windows7-x64

1

Shells/C/c...hp.ps1

windows10-2004-x64

1

Shells/C/c...hp.ps1

windows7-x64

1

Shells/C/c...hp.ps1

windows10-2004-x64

1

Shells/C/c99.ps1

windows7-x64

1

Shells/C/c99.ps1

windows10-2004-x64

1

Shells/C/c...py.txt

ubuntu-18.04-amd64

Shells/C/c...py.txt

debian-9-armhf

Shells/C/c...py.txt

debian-9-mips

Shells/C/c...py.txt

debian-9-mipsel

Shells/C/c...pl.txt

ubuntu-18.04-amd64

5

Shells/C/c...pl.txt

debian-9-armhf

1

Shells/C/c...pl.txt

debian-9-mips

5

Shells/C/c...pl.txt

debian-9-mipsel

5

Shells/C/c...hp.ps1

windows7-x64

1

Shells/C/c...hp.ps1

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    182881e1969b8e5562fbf42c2b0493ebb24553985a27d7fe00936e935cde947f

  • Size

    1.5MB

  • MD5

    07aa2605bec1ad614488b6df6655331f

  • SHA1

    1840e9dcfc5384a8e9e493ddf2bc898837917741

  • SHA256

    182881e1969b8e5562fbf42c2b0493ebb24553985a27d7fe00936e935cde947f

  • SHA512

    e12d6d5b0f80ac6a29afb3d85ac8a7529d92767f3a6d6b17f7867046af057da9cbd64f59a7139f201e40a60a2fedc58b770a5c9734df949c2607910b8984d8f8

  • SSDEEP

    24576:fRXmmYlChUuYBuYWrh0htzXPLsLSCKocfkukTfxMrhgCkpfxeIpYp48T+EWk:nQw7sztcuUMrePfhu4zO

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://netjackal.by.ru/backdoor

Signatures

Files

  • 182881e1969b8e5562fbf42c2b0493ebb24553985a27d7fe00936e935cde947f
    .zip
  • Shells/A/Ajan.asp.txt
    .vbs
  • Shells/A/Ajax_PHP Command Shell.txt
    .js
  • Shells/A/Antichat Shell v1.3.txt
  • Shells/A/Asmodeus v0.1.pl.txt
    .sh linux
  • Shells/A/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
    .html .js
  • Shells/A/aZRaiLPhp v1.0.txt
  • Shells/A/accept_language.txt
  • Shells/B/Blind Shell.cpp.txt
  • Shells/B/backdoor1.txt
    .js
  • Shells/B/backdoorfr.txt
    .js
  • Shells/B/backup.php.txt
  • Shells/B/backupsql.php.txt
  • Shells/B/backupsql.txt
  • Shells/C/CMD.asp.txt
    .asp .vbs
  • Shells/C/Casus15.php.txt
  • Shells/C/CmdAsp.asp.txt
    .vbs
  • Shells/C/Crystal.txt
  • Shells/C/CyberSpy5.Asp.txt
    .asp
  • Shells/C/c100.txt
  • Shells/C/c2007.php.txt
    .ps1
  • Shells/C/c99(1).php.txt
    .ps1
  • Shells/C/c99.txt
    .ps1
  • Shells/C/cgi-python.py.txt
    .sh linux
  • Shells/C/connectback2.pl.txt
    .sh linux
  • Shells/C/ctt_sh.php.txt
    .ps1
  • Shells/C/ctt_sh.txt
    .ps1
  • Shells/C/cybershell.php.txt
    .ps1
  • Shells/C/cybershell.txt
    .ps1
  • Shells/D/DTool Pro.txt
    .js
  • Shells/D/Dive Shell 1.0 - Emperor Hacking Team.txt
    .js
  • Shells/D/Dx.php.txt
    .js
  • Shells/D/Dx.txt
    .js
  • Shells/D/DxShell_hk.php.txt
    .js
  • Shells/D/dC3 Security Crew Shell PRiV.txt
    .js
  • Shells/E/EFSO_2.asp.txt
    .asp .js
  • Shells/E/Elmali Seker.asp.txt
    .vbs
  • Shells/E/elmaliseker.asp.txt
    .vbs
  • Shells/F/Fatalshell.php.txt
  • Shells/F/fuckphpshell.txt
  • Shells/G/GFS web-shell ver 3.1.7 - PRiV8.txt
    .ps1
  • Shells/G/gfs_sh.php.txt
    .js
  • Shells/G/gfs_sh.txt
    .js
  • Shells/H/h4ntu shell [powered by tsoi].txt
  • Shells/I/Inderxer.asp.txt
    .asp .js
  • Shells/I/iMHaPFtp.php.txt
  • Shells/I/iMHaPFtp.txt
  • Shells/I/img.php.txt
    .gif .js
  • Shells/I/indexer.asp.txt
    .asp .js
  • Shells/I/ironshell.txt
    .js
  • Shells/J/Java Shell.js.txt
    .js
  • Shells/J/JspWebshell 1.2.txt
    .asp .js
  • Shells/K/KAdot Universal Shell v0.1.6.html.txt
  • Shells/K/Klasvayv.asp.txt
    .html .vbs
  • Shells/L/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt
  • Shells/L/lamashell.txt
  • Shells/L/load_shell.php.txt
  • Shells/L/load_shell.txt
  • Shells/L/lurm_safemod_on.cgi.txt
    .sh linux
  • Shells/M/Moroccan Spamers Ma-EditioN By GhOsT.txt
  • Shells/M/MySQL Web Interface Version 0.8.txt
  • Shells/M/Mysql interface v1.0.txt
  • Shells/M/mailer3.php.txt
  • Shells/M/matamu.txt
  • Shells/M/myshell.php.txt
  • Shells/M/mysql.php.txt
    .js
  • Shells/M/mysql_shell.txt
  • Shells/M/mysql_tool.php.txt
    .js
  • Shells/N/NCC-Shell.txt
  • Shells/N/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt
    .ps1
  • Shells/N/NT Addy.asp.txt
    .vbs
  • Shells/N/NetworkFileManagerPHP.txt
  • Shells/N/Nshell (1).php.txt
  • Shells/N/network.php.txt
  • Shells/N/nshell.php.txt
  • Shells/N/nstview.php.txt
    .js
  • Shells/N/ntdaddy.asp.txt
    .vbs
  • Shells/P/PH Vayv.php.txt
  • Shells/P/PHANTASMA.txt
  • Shells/P/PHP Backdoor Connect.pl.txt
    .sh linux
  • Shells/P/PHP Shell.php.txt
  • Shells/P/PHPRemoteView.txt
    .ps1
  • Shells/P/Phyton Shell.py.txt
    .sh .js linux
  • Shells/P/Private-i3lue.txt
  • Shells/P/pHpINJ.php.txt
  • Shells/P/perlbot.pl.txt
    .sh .ps1 linux
  • Shells/P/php-backdoor.txt
  • Shells/P/php-include-w-shell.txt
    .js
  • Shells/P/phpbackdoor15.txt
  • Shells/P/phpjackal.txt
    .ps1
  • Shells/P/phpshell17.txt
  • Shells/P/phvayv.php.txt
  • Shells/P/pws.php.txt
    .html
  • Shells/P/pws.txt
    .html
  • Shells/P/ru24_post_sh.txt
  • Shells/R/Rader.asp.txt
    .asp
  • Shells/R/Rem Exp.asp.txt
    .asp .vbs
  • Shells/R/Rem View.php.txt
    .ps1
  • Shells/R/Russian.php.txt
  • Shells/R/r57 Shell.php.txt
    .js
  • Shells/R/r57.php.txt
    .js
  • Shells/R/r577.php.txt
    .js
  • Shells/R/rootshell.txt
  • Shells/R/ru24_post_sh.php.txt
  • Shells/S/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt
    .js
  • Shells/S/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt
  • Shells/S/Server Variables.asp.txt
  • Shells/S/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt
  • Shells/S/SimShell 1.0 - Simorgh Security MGZ.txt
    .js
  • Shells/S/Sincap.php.txt
    .html .ps1
  • Shells/S/SnIpEr_SA Shell.txt
    .js
  • Shells/S/s.php.txt
    .js
  • Shells/S/s72 Shell v1.1 Coding.txt
    .html
  • Shells/S/shell.php.txt
  • Shells/S/shellbot.pl.txt
    .sh .ps1 linux
  • Shells/S/simple-backdoor.txt
  • Shells/S/simple_cmd.txt
    .html
  • Shells/S/smtpd.py.txt
    .sh linux
  • Shells/S/spy.php.txt
    .js
  • Shells/S/sql.php.txt
  • Shells/T/Test.php.txt
  • Shells/T/Tool.asp.txt
    .asp .vbs
  • Shells/T/telnet.cgi.txt
    .sh .ps1 linux
  • Shells/T/telnet.pl.txt
    .sh .ps1 linux
  • Shells/T/telnetd.pl.txt
    .sh linux
  • Shells/U/Uploader.php.txt
  • Shells/W/WebShell.cgi.txt
    .sh .js linux
  • Shells/W/WinX Shell.txt
    .html
  • Shells/W/Worse Linux Shell.txt
  • Shells/W/w.php.txt
    .ps1
  • Shells/W/w3d.php.txt
    .ps1
  • Shells/W/w4k.php.txt
    .ps1
  • Shells/W/wacking.php.txt
    .ps1
  • Shells/W/webshell.txt
  • Shells/X/xinfo.php.txt
  • Shells/Z/Zehir 4.asp.txt
    .vbs
  • Shells/Z/zacosmall.php.txt
  • Shells/Z/zacosmall.txt
  • Shells/Z/zehir4.asp.txt
    .vbs