Overview
overview
8Static
static
8CCC/aspRwW...il.vbs
windows7-x64
1CCC/aspRwW...il.vbs
windows10-2004-x64
1CCC/aspSpy.vbs
windows7-x64
1CCC/aspSpy.vbs
windows10-2004-x64
1CCC/aspx.js
windows7-x64
1CCC/aspx.js
windows10-2004-x64
1CCC/phpSpy.js
windows7-x64
1CCC/phpSpy.js
windows10-2004-x64
1Customize/...ze.vbs
windows7-x64
1Customize/...ze.vbs
windows10-2004-x64
1caidao.exe
windows7-x64
8caidao.exe
windows10-2004-x64
8db.dll
windows7-x64
8db.dll
windows10-2004-x64
8readme.vbs
windows7-x64
1readme.vbs
windows10-2004-x64
1General
-
Target
676776431fd9c95d10ffc1744598eb2ca0c63f372b9b5d005d704ed7c0880914
-
Size
342KB
-
Sample
221127-xepbbsec61
-
MD5
9311b609782cb1ca1888797121883e8a
-
SHA1
7f13dcc464264b8173d9a606cb696e79173dcaed
-
SHA256
676776431fd9c95d10ffc1744598eb2ca0c63f372b9b5d005d704ed7c0880914
-
SHA512
809d158b64832ba6c8baccd5e0a458b37f0358a9999f6be39a5323abcd7512222d322ef450d7c9d11969a8fdb05fb1e3d41a509a6ea0bde4c9ed983a53c4adde
-
SSDEEP
6144:3rUxT5Y/SRitAdoyPvpuSlQcwfhUbSzPNfGVWP2mUEC3cS3n:3rUxT5GS0tAd5uSlQVhUkfoEC3Jn
Behavioral task
behavioral1
Sample
CCC/aspRwWithJMail.vbs
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
CCC/aspRwWithJMail.vbs
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
CCC/aspSpy.vbs
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
CCC/aspSpy.vbs
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
CCC/aspx.js
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
CCC/aspx.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
CCC/phpSpy.js
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
CCC/phpSpy.js
Resource
win10v2004-20221111-en
Behavioral task
behavioral9
Sample
Customize/Customize.vbs
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
Customize/Customize.vbs
Resource
win10v2004-20220901-en
Behavioral task
behavioral11
Sample
caidao.exe
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
caidao.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
db.dll
Resource
win7-20220901-en
Behavioral task
behavioral14
Sample
db.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral15
Sample
readme.vbs
Resource
win7-20220901-en
Behavioral task
behavioral16
Sample
readme.vbs
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
CCC/aspRwWithJMail.ccc
-
Size
668B
-
MD5
a6d6cbfa2ead1d0e8a6735aa49b963ff
-
SHA1
4ab46b9d97521d870d204bd5d2e6feb11f88138b
-
SHA256
9548e6bfa3f499e912ec687030cb40b88e12671191457a5c3746815b2ce548fc
-
SHA512
d929c2a163c98b351f2ff6a2043a1356c3ec235a702888dc5aa80afeef1af81a8daf5c1a7f3113817b80ee2510ab777507c0bec2514f982c4898041b38929319
Score1/10 -
-
-
Target
CCC/aspSpy.ccc
-
Size
5KB
-
MD5
be207c46105c38571ae958ae2da47297
-
SHA1
a17a16159b71739d8557ba3d612dac2ee0b9d143
-
SHA256
379d9193a223e44cd58489177ae569e5314be0a6a39e559883ca3eebc73a2d43
-
SHA512
708edb75e515487129aef271b783d24728f1e79aaca024170766162f65aeef8a6df5af18c552f01650043f0f38141da5c227b48478bf114e283a55e5ffe73611
-
SSDEEP
96:R6A8eMvG9rHPnaJAm5iUHSMs9vK/qfg0ypd2ZpHlLkKaiecUereqIgep3Dmvt4+N:kzvx0vvI0y4JJkHinUisgB9
Score1/10 -
-
-
Target
CCC/aspx.ccc
-
Size
564B
-
MD5
cc07ac4caef188334fc330f62e0a574a
-
SHA1
51b24241668fffa49bcf07afa116b38ea7fe3105
-
SHA256
47be59faf05c06d8a00a76fe533d0bc71a29d267750d6415aa21b5d82dcb0d4f
-
SHA512
b2abbcd79ed6ef27979293a423fd4a4b5fcddcc7956185aae4f150d257fed2fb995ec526062948c664125a41fea16a05873659f6c1748d7feff4e83ce62beb55
Score1/10 -
-
-
Target
CCC/phpSpy.ccc
-
Size
148KB
-
MD5
ce1a9fc93040d5c94f789b579fe1c106
-
SHA1
5e1fe6cad5a4523a463f760ab38dbb18db6ce669
-
SHA256
d21797e95b0003d5f1b41a155cced54a45cd22eec3f997e867c11f6173ee7337
-
SHA512
dcf8efeccfcd222b996a238b70562a54f27b1231bd283075156d1013aa744cf78f2fe847a3d119d49e73e5a4bfacb9c10bf5b93ecc500ba976985771d7e106f9
-
SSDEEP
3072:y8rNsBNX8uFxv6pXoz7LXt20Nav0CutfwImM/9g2B3WYGpSuugeZzbWutPWaBAGK:jkj9BE
Score1/10 -
-
-
Target
Customize/Customize.cfm
-
Size
3KB
-
MD5
ad8288227240477a95fb023551773c84
-
SHA1
1f8cae9d0ac976c991ac2588f14f4b793df382bb
-
SHA256
44c1c5c92771c0384182f72e9866d5fed4fda896d90c931fe8de363ed81106cf
-
SHA512
fbe0ef988cdd219000a55d158d291d09f9d48258e50d3ff503acd8480940aa3c2b73004da1d04cf301ee4a2eb721552017abf023f11936b74d94fc33b145890f
Score1/10 -
-
-
Target
caidao.exe
-
Size
684KB
-
MD5
7cd5b85045f9da3f0211c1b5f4e88bc6
-
SHA1
ea6c08ae2b56b70d04a2083ab974b834fff00a06
-
SHA256
fe596c9a614fa48a6c740f595a245878a1c0710c4205272c02e4325283f57481
-
SHA512
2aa8cda8c37d074ed53c8e0ce06f0230efdea295b9a42f7a33de7feb6be4843accbdef9ac737780fb32cb840b576ffe16729c45be2746951f69c45fb6a2b75f2
-
SSDEEP
12288:SOQHGMEAAb7O718w6wKk4gKN3BAdMdLmpoMunR:SOQHGvAG7OOw6wFdMdI8nR
Score8/10 -
-
-
Target
db.tmp
-
Size
101KB
-
MD5
bcda36d95b2500908993f446f174f0e4
-
SHA1
ea35726df90010fb86e86c57c6c9267304df759c
-
SHA256
ef17c3fe7f1dbd32436937f68a7b1a3ba0e8c3e85e0ae2441adc4b9bf09fc4e0
-
SHA512
446116a9261be0518b01450d35e9c66cd46f6d38f9552d45aaa34218aea1b70e17c2f11459a0b584fbf5956fffc0acebec6b9dcf06215660c2eefd9aba0e1478
-
SSDEEP
3072:9nJV8z7bcC52M0fHwYvp865IsgFmT9TP4j:zV8ncCkFfZp86+gC
Score8/10 -
-
-
Target
readme.txt
-
Size
9KB
-
MD5
006fed02ff27849fca161c2ba2402d88
-
SHA1
68e00cf33a4d2d587002d876c29509b28a0119fe
-
SHA256
7441019669cc1c043cc380cbebd24274eb5c16645c6d1ba983966b1e6492f7b2
-
SHA512
9f1b2f30c8c9720ecf7af78ee4cac7a3d630c07be18841c8bff9a74db37bf30695fe4981a28a9184fc7e29a9649e2821e0efba354cdac6400deb42d46004798b
-
SSDEEP
192:OsAGume8kuhW1HBQnJEw5az8WtczVFA8fJej1n1ZPKGtU7Sw7U9C8+x0lc:OsAGume8kcCBQnJtaz8UczVJejnZPKn5
Score1/10 -