7e1ef89600c9b7a49abe629b7f3237ecc9d5461c067e5854857f8d434ddee40e | Triage

Submit
Reports

Overview

overview

8

Static

static

CCC/aspRwW...il.vbs

windows7-x64

1

CCC/aspRwW...il.vbs

windows10-2004-x64

1

CCC/aspSpy.vbs

windows7-x64

1

CCC/aspSpy.vbs

windows10-2004-x64

1

CCC/aspx.js

windows7-x64

1

CCC/aspx.js

windows10-2004-x64

1

CCC/phpSpy.js

windows7-x64

1

CCC/phpSpy.js

windows10-2004-x64

1

Customize/...ze.vbs

windows7-x64

1

Customize/...ze.vbs

windows10-2004-x64

1

caidao.exe

windows7-x64

8

caidao.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

CCC/aspRwWithJMail.vbs

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

CCC/aspRwWithJMail.vbs

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

CCC/aspSpy.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

CCC/aspSpy.vbs

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

CCC/aspx.js

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

CCC/aspx.js

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

CCC/phpSpy.js

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

CCC/phpSpy.js

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Customize/Customize.vbs

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Customize/Customize.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

caidao.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral12

Sample

caidao.exe

Resource

win10v2004-20220901-en

persistence upx

windows10-2004-x64

14 signatures

150 seconds

General

Target

7e1ef89600c9b7a49abe629b7f3237ecc9d5461c067e5854857f8d434ddee40e
Size

605KB
MD5

60426515f079ad59b35e80f7e8588025
SHA1

8baea2209d4af6c49b6f104d8c60fa445aba750f
SHA256

7e1ef89600c9b7a49abe629b7f3237ecc9d5461c067e5854857f8d434ddee40e
SHA512

45cb27f104d1c02ecddc873278d6bbbe3b72f54c437bb26d2bfb0d90a4f491ba2a70dd1b3ca8331148536a3f968d79cdb4e5ceab4a3577366f8dee5afff8ca3e
SSDEEP

12288:oFZIyT7Q/VkkfNC1T8wlHgUfvJjTbirUJasiR8Yky0txPe+ORecwIl:V2gVkyMaoHgUfvp2Hkywde+WB7l

Score

N/A

Malware Config

Signatures

Files

7e1ef89600c9b7a49abe629b7f3237ecc9d5461c067e5854857f8d434ddee40e
.zip
CCC/aspRwWithJMail.ccc
.vbs
CCC/aspSpy.ccc
.vbs
CCC/aspx.ccc
.js
CCC/php.ccc
CCC/phpSpy.ccc
.js
Customize/Customize.aspx
.asp .js
Customize/Customize.cfm
.vbs
Customize/Customize.jsp
.asp .js
caidao.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Esp0
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Esp1
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Esp
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy