6e3e8b4ffb1f9ebbb0c0d44474ff7b8c73bfa71a6823695e5c38a12cc71865bc | Triage

Submit
Reports

Overview

overview

1

Static

static

XShell ...��.htm

windows7-x64

1

XShell ...��.htm

windows10-2004-x64

1

XShell ...ld.exe

windows7-x64

1

XShell ...ld.exe

windows10-2004-x64

1

XShell ...��.url

windows7-x64

1

XShell ...��.url

windows10-2004-x64

1

XShell ...��.url

windows7-x64

1

XShell ...��.url

windows10-2004-x64

1

XShell ...��.url

windows7-x64

1

XShell ...��.url

windows10-2004-x64

1

XShell ...��.url

windows7-x64

1

XShell ...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

XShell Ǽܳ 1.5/77169.org˵.htm

Resource

win7-20221111-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

XShell Ǽܳ 1.5/77169.org˵.htm

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

XShell Ǽܳ 1.5/XShield.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

XShell Ǽܳ 1.5/XShield.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

XShell Ǽܳ 1.5/ĺڿͬ˽ѧѵ.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

XShell Ǽܳ 1.5/ĺڿͬ˽ѧѵ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

XShell Ǽܳ 1.5/ĺڿͬ.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

XShell Ǽܳ 1.5/ĺڿͬ.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

XShell Ǽܳ 1.5/¿ƼIDC˾.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

XShell Ǽܳ 1.5/¿ƼIDC˾.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

XShell Ǽܳ 1.5/¿Ƽȫά.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

XShell Ǽܳ 1.5/¿Ƽȫά.url

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6e3e8b4ffb1f9ebbb0c0d44474ff7b8c73bfa71a6823695e5c38a12cc71865bc
Size

55KB
MD5

151c803e027a055c7b1ac047aa7c4cfc
SHA1

135ec2fb841cc5121cfb817170092090e7b87423
SHA256

6e3e8b4ffb1f9ebbb0c0d44474ff7b8c73bfa71a6823695e5c38a12cc71865bc
SHA512

0bacc0aa4f7a74cfd3ce2c00a540681757daf8cc32d1b5c90bce8c2e922f0e50d429dcae71226c1421e79001ecf3ad31800bb74f07ca518b2187daf46402cf0f
SSDEEP

1536:gZJhGajZUzvtaoN22eHnVXXWVWP1XGp1RstmeEgrqrmXKqEfAA6:gHJjZbEleHiStmeEgrqrm6ip

Score

N/A

Malware Config

Signatures

Files

6e3e8b4ffb1f9ebbb0c0d44474ff7b8c73bfa71a6823695e5c38a12cc71865bc
.zip
XShell Ǽܳ 1.5/##ע##.txt
XShell Ǽܳ 1.5/77169.orgʹð˵.txt
XShell Ǽܳ 1.5/77169.org˵.htm
.html
XShell Ǽܳ 1.5/XShield.exe
.exe windows x86

aa1ca832e28e2c6a63685365c58b52b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadModule

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XShell Ǽܳ 1.5/ ##ע##.txt
XShell Ǽܳ 1.5/ĺڿͬ˽ѧѵ.url
.url
XShell Ǽܳ 1.5/ĺڿͬ.url
.url
XShell Ǽܳ 1.5/¿ƼIDC˾.url
.url
XShell Ǽܳ 1.5/¿Ƽȫά.url
.url

© 2018-2025

Terms | Privacy