Overview
overview
1Static
static
1qux/action/load.ps1
windows7-x64
1qux/action/load.ps1
windows10-2004-x64
1qux/error.html
windows7-x64
1qux/error.html
windows10-2004-x64
1qux/footer.js
windows7-x64
1qux/footer.js
windows10-2004-x64
1qux/func/forum.ps1
windows7-x64
1qux/func/forum.ps1
windows10-2004-x64
1qux/func/f...min.js
windows7-x64
1qux/func/f...min.js
windows10-2004-x64
1qux/func/functions.js
windows7-x64
1qux/func/functions.js
windows10-2004-x64
1qux/func/ip2c/ip2c.js
windows7-x64
1qux/func/ip2c/ip2c.js
windows10-2004-x64
1qux/func/p...ode.js
windows7-x64
1qux/func/p...ode.js
windows10-2004-x64
1qux/func/shop.ps1
windows7-x64
1qux/func/shop.ps1
windows10-2004-x64
1qux/func/timthumb.ps1
windows7-x64
1qux/func/timthumb.ps1
windows10-2004-x64
1qux/func/t...ike.js
windows7-x64
1qux/func/t...ike.js
windows10-2004-x64
1qux/func/t...ror.js
windows7-x64
1qux/func/t...ror.js
windows10-2004-x64
1qux/func/t...css.js
windows7-x64
1qux/func/t...css.js
windows10-2004-x64
1qux/func/t...xed.js
windows7-x64
1qux/func/t...xed.js
windows10-2004-x64
1qux/func/t...ipt.js
windows7-x64
1qux/func/t...ipt.js
windows10-2004-x64
1qux/func/t...php.js
windows7-x64
1qux/func/t...php.js
windows10-2004-x64
1General
-
Target
2c65ba1fa394cf4d125f535d66fb6a15c7efe6dcf40ac6853306a90dc2f83efb
-
Size
6.4MB
-
Sample
231127-yr6ltacf29
-
MD5
babd15d464b2c8ca287a198ee64b9ccc
-
SHA1
3464752830d146a1ab3ffb173815441f9e2bef8f
-
SHA256
2c65ba1fa394cf4d125f535d66fb6a15c7efe6dcf40ac6853306a90dc2f83efb
-
SHA512
4a8b92f4eed59f15f5cf58b80caef28bf9c55a96dbd1dd600d2e86682aee3537c1078c35bb99ca2ec9dd6b8723072aa7275b7db6a9896ee6261a944757e5729e
-
SSDEEP
196608:WH+DxTVIHjxWL70Pd/QiGNUbxmup//AeWCUvm:w+DxIV67Wd5G+bxmAWRvm
Static task
static1
Behavioral task
behavioral1
Sample
qux/action/load.ps1
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
qux/action/load.ps1
Resource
win10v2004-20231127-en
Behavioral task
behavioral3
Sample
qux/error.html
Resource
win7-20231020-en
Behavioral task
behavioral4
Sample
qux/error.html
Resource
win10v2004-20231127-en
Behavioral task
behavioral5
Sample
qux/footer.js
Resource
win7-20231020-en
Behavioral task
behavioral6
Sample
qux/footer.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral7
Sample
qux/func/forum.ps1
Resource
win7-20231023-en
Behavioral task
behavioral8
Sample
qux/func/forum.ps1
Resource
win10v2004-20231127-en
Behavioral task
behavioral9
Sample
qux/func/functions-admin.js
Resource
win7-20231020-en
Behavioral task
behavioral10
Sample
qux/func/functions-admin.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral11
Sample
qux/func/functions.js
Resource
win7-20231020-en
Behavioral task
behavioral12
Sample
qux/func/functions.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral13
Sample
qux/func/ip2c/ip2c.js
Resource
win7-20231023-en
Behavioral task
behavioral14
Sample
qux/func/ip2c/ip2c.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral15
Sample
qux/func/phpqrcode/phpqrcode.js
Resource
win7-20231023-en
Behavioral task
behavioral16
Sample
qux/func/phpqrcode/phpqrcode.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral17
Sample
qux/func/shop.ps1
Resource
win7-20231023-en
Behavioral task
behavioral18
Sample
qux/func/shop.ps1
Resource
win10v2004-20231127-en
Behavioral task
behavioral19
Sample
qux/func/timthumb.ps1
Resource
win7-20231020-en
Behavioral task
behavioral20
Sample
qux/func/timthumb.ps1
Resource
win10v2004-20231127-en
Behavioral task
behavioral21
Sample
qux/func/tools/codemirror_js/clike.js
Resource
win7-20231020-en
Behavioral task
behavioral22
Sample
qux/func/tools/codemirror_js/clike.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral23
Sample
qux/func/tools/codemirror_js/codemirror.js
Resource
win7-20231023-en
Behavioral task
behavioral24
Sample
qux/func/tools/codemirror_js/codemirror.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral25
Sample
qux/func/tools/codemirror_js/css.js
Resource
win7-20231023-en
Behavioral task
behavioral26
Sample
qux/func/tools/codemirror_js/css.js
Resource
win10v2004-20231023-en
Behavioral task
behavioral27
Sample
qux/func/tools/codemirror_js/htmlmixed.js
Resource
win7-20231025-en
Behavioral task
behavioral28
Sample
qux/func/tools/codemirror_js/htmlmixed.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral29
Sample
qux/func/tools/codemirror_js/javascript.js
Resource
win7-20231023-en
Behavioral task
behavioral30
Sample
qux/func/tools/codemirror_js/javascript.js
Resource
win10v2004-20231127-en
Behavioral task
behavioral31
Sample
qux/func/tools/codemirror_js/php.js
Resource
win7-20231020-en
Behavioral task
behavioral32
Sample
qux/func/tools/codemirror_js/php.js
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
qux/action/load.php
-
Size
1KB
-
MD5
b7899c1a4870ddf932bd04dd98285f48
-
SHA1
32d03b116f7aa4e7b69886e145d36ea5bcaf407e
-
SHA256
8fbd34b43e2474ed5bc86103d6e0cdef1fb649f74f8abddc9cf9afa9c2a970a9
-
SHA512
3bffca4aecb7c852a469d81e4b7b7444d0a229543dd3ba81cf7f8232fcb2fe6aaefd498c5768700864f594af25051f0d901710165ce02bf7e346968116cb4237
Score1/10 -
-
-
Target
qux/error.php
-
Size
2KB
-
MD5
30440266daed5be35f56056061ae25c7
-
SHA1
33a4260589e4aacb0bf931af93d2715d90b9eeb4
-
SHA256
d245b8911a421a5406acda037aee5762e4fdb09b5e7c2b8fb4c386304995840e
-
SHA512
dc76f70784305ffd208f5ec90677d3e441ccbd3e9fcd06de2208b5b31f0e665e1c29f43b5351b7da55ca93fb8628cf5a7813a7654a7c4f023113d2d28eafb533
Score1/10 -
-
-
Target
qux/footer.php
-
Size
7KB
-
MD5
ecb82e1b4d30b7ac5d4403778cb610d7
-
SHA1
693d52ac95de2ecf8c62f16f42911a3d3807e5fa
-
SHA256
916cb5729cce09ebc4bb49ddd5ad5c87b8d814161dd10dd7e173585827a6f64f
-
SHA512
7474bd787444c572285ecf5fbbd2c284f02845a65a5913cab3b6705ec39bb156f2caa8b42a05332b59fa29b1c5e84cefff6a06aede53b117defae6fa1763e702
-
SSDEEP
96:d1c9EWalQFFEEOEb0fzZ7Rbx8i9ip8XGsPbra/F0WbOTWkQNLK/7nQbnMn/PADbb:dw4k90fzw6g/K/T/e8gm0gvWTEk9Jz
Score1/10 -
-
-
Target
qux/func/forum.php
-
Size
19KB
-
MD5
7e630c1ea899a61039baa262d1c50376
-
SHA1
9d1e7d91c51ae2735b7a71930aeba0345455e89b
-
SHA256
a8039646ee6d2f489c21d5de7c0ff7223912a8190591b56f6843fa4ad710ce48
-
SHA512
e6f9dadf3fe5d980647370978fca788e099d07b3c3271bde22cb97d533d2cb9e34b5614993b3c5f28f5b8db41c1b79c74b6a857c0c15a1d2b3ab179c0cf68ee4
-
SSDEEP
384:G0PfFp0F/dCqtQ56pDMDGBAGS5wOAQm6LU2Oefk:G0PdGtQ56pwDGBAoRp
Score1/10 -
-
-
Target
qux/func/functions-admin.php
-
Size
24KB
-
MD5
e38e59f15c82cd9f156086815aa7f368
-
SHA1
09b6d2b86093df639f954c3b857f4ce667234add
-
SHA256
0114dd0a3fd38630cd956c6fa709fd763f5ba868adc4d137eae71dacf0ca387b
-
SHA512
12e3be947d65a5032b13fd9f54945c826eb32ed217c00c3808577fca4771029031a165fdac8e70c34b56caaf3a9a73298333202fbff1e1b475e7c383042c9096
-
SSDEEP
384:1NbIgFS2cDspWejg9P2nDspWeJgRPFcDspWeHywEYktpccDspWePEYktJinDspWW:1NbBFo9qRvy/YktZYktfYks3K
Score1/10 -
-
-
Target
qux/func/functions.php
-
Size
89KB
-
MD5
161e897be48e7e9ebfa24ce6b674a030
-
SHA1
79eadf482f52aba96d36d5494e14dfaa84fcfd59
-
SHA256
90237d7f47c046c436405cb503d3cc30311826806a795665b013b54b82e0f617
-
SHA512
3f6d4d3c2d83028a13a2b9b23bd07dce2ea25c552059ec1c8a125063b6d4658964ae26c2330f84dbee839933945a1a09e02048bf0bcb1fcf8f045d17830cc41f
-
SSDEEP
1536:/m6mbd0i2mTIEydgDj2814C5CUfAe6RnbER1jyNcjK6y6cLbqMZ0dO/OEem+1+n4:/m6mZ0i9MEydgDj2J9e6RnbER1jyNcmg
Score1/10 -
-
-
Target
qux/func/ip2c/ip2c.php
-
Size
7KB
-
MD5
6046e2065c175949a3e937dcdc5c0be5
-
SHA1
fa2eaa5291ab51056baf50b11f5cdaa2ee1044bf
-
SHA256
bae293e48ed9044427dae3deed76bd0f7adf5b38c7ae9e21eeedcae176f27eeb
-
SHA512
2e45fcac033b761c5352a360d57587ec07e0174512918d62fff2d7aff4e9c940a67315f1813b397591dcac48390b2ce4effae47734430d8b239b937b1f567c00
-
SSDEEP
192:4sF7psh0D1DQZqylZDO6uGW+2rCRrV16DtOzc8DCzp:4sFMZBn6ZS1up
Score1/10 -
-
-
Target
qux/func/phpqrcode/phpqrcode.php
-
Size
118KB
-
MD5
5d6fa18048ed122bc94aec4f88b173d0
-
SHA1
1a6c460c0421f2deb5a787efac907f748912e27d
-
SHA256
291332fcc8d67e1bddb4253a7c26042d98250f0966af07b77cdc7f4d56b7bc36
-
SHA512
27c458834c569c2e9a4d6209eec50354b15fd3a5df4e7d7286226c6188f080a4c92e600aad331e940ef887b40d69e1211652fb93c0382e8727514f8d92a52fb4
-
SSDEEP
1536:Zwckp9Dxf0/0/0/3CwE/FoQ0vpm2vKUvP4k/vej3Sewbg9RgvDpD:vkIv3/63SewbbZ
Score1/10 -
-
-
Target
qux/func/shop.php
-
Size
53KB
-
MD5
7ffd0fb640007f4625f1e3ba735521b3
-
SHA1
64f54d1e0a6f279a7f7858c5408b75ff15fb07f7
-
SHA256
f241a83818703c69584495719b152dea916abd9e6941fcb30610ad7a4f8881b1
-
SHA512
1e6cead0455c9f5cde50b5e7b958c526543e619d3c2c63c2363f2dca3a30cebb0e85a0efa3c223cc7b8d7ae7e56a2fc65fc6a3297fc2ec650a8f9544b64ab892
-
SSDEEP
768:BUKefArwUzvl3TVkYOJltjkrq4GRupV/eBQlmQE8eNO9z7lNmGc2+ySs:RJwUzhTVkYIltjkfh/ek7dlNmG7+ySs
Score1/10 -
-
-
Target
qux/func/timthumb.php
-
Size
50KB
-
MD5
5fbcea5fbfedb96c06f9fab6a0aff8a5
-
SHA1
7297ae424d0a1ca0e67957fe2c90c5f198e43736
-
SHA256
d7e70b8fbbfec89ff0de17eab55c8796a24bfb5069e6be4a138b35d7d5bb3d3a
-
SHA512
254ce05b66016212f302b06da6e3dcc2eec9c1ba067f4a3a0b359a71cbb5dcc90d8a98a0f171b972b35779de7e60f08117b3ed7fcf5d55e5d6c51625faa92d8d
-
SSDEEP
768:j5S596ip2M7+57/4SzF3+N9Rt8zQAPmNS92GE2L9j7xsgR+wD:j5O9L7m7/4FN9RtwQA+Ng7xsS+wD
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/clike.js
-
Size
9KB
-
MD5
8a8d603f106c1e8b6ea08aead595225a
-
SHA1
d5bf828fd238e1bf9be81ff43b1575318b39d677
-
SHA256
f23b10db1d1995b8a811fc394a113af0c15eb9b54721ed1feb099ce675e1816d
-
SHA512
ad86bc1c26bf1b13fdfcba55647168f7c47fd90de068b4598c5ccd3ef011298eacc667ca959e7c8fc9334733568bd306a09e4b653f312e98d5dacb1b76a3c043
-
SSDEEP
192:vGGkk3Llt7+e5jKF1xT9DHJqePcJgp6bgX/9E9AJE2/HYEQp:vIOlpZqjqHJgp6bgX/9E9Ae2/HYEQp
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/codemirror.js
-
Size
89KB
-
MD5
3d700758315aa9e8d03f734249d85976
-
SHA1
196cf6d1342d13f75966dfebdb2a4e0c7e2a0691
-
SHA256
2ebfa5b5ae0ba3c644f363c83ea17aa760cf717d642dbb0ddc6641e29da93a6f
-
SHA512
81d338af969ceb8fd36030abd1dc3a6045fd3f1c85949074f77c0db91a8482a98d8ebbfa2a44d9e76cdcbf283d2d12280d039515562624e17d7800cbe853388d
-
SSDEEP
768:66CyXfgHj5U38RomQ22T6gyfm3UjedRW2x0StCG6TUtsWS6m4MBrzC5uVW6zPyqW:8HL1AKXWS6mCVJWX311dRp6+76W9BJu
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/css.js
-
Size
3KB
-
MD5
bcaf15be111bdac95b06dc51fa853d17
-
SHA1
ac1beef4e0e3201944af235fafeab0c3f8c3b69c
-
SHA256
9226ddac9e399d80e5ba129d168595332559140cb2b69b8ae88f13ac08d504b2
-
SHA512
c4afc4e2d6fbf8dc529606aceb375e2ea705dac17fd684840a64192328e0a4f1a7b92f38d7c224c5d675cd9df6a62484eef41eccdeece88074a6f03bd27b367b
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/htmlmixed.js
-
Size
2KB
-
MD5
e47a7e4cfdaa70dcedb6fb424dc66be7
-
SHA1
17c73f98c80c4e3a063f7c31794195ea866a0300
-
SHA256
46f084aba13dea68a1fa702821caefbf260d171a6e9927b36c5f8aad5b9a207a
-
SHA512
eaddacb4e512466f67d38e13282db2abbee31f546b30c889f6d18bd4faa0179748257e5c9b237a638a1b5c36fabc249b2f6dd420c6ff8c67e823ff88c411d55a
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/javascript.js
-
Size
12KB
-
MD5
5221f388883371e41daeafd05d532ad3
-
SHA1
8e32590581000bf403c052d25b3e27fbef3f0b71
-
SHA256
42e099ff8effd2d2b74a71c30e6c3973350c8716b9a7dddc69962eda93059401
-
SHA512
417090145d0ea09a252bd1632c16c5145730eec62ff517d735111aca2fa4b76745dc6999a178c1f1cca93f89989612ec5f4477afc6e57e014b2574ff718248ff
-
SSDEEP
192:jXToNbv+Qq2YF7YgCXLzCeDr7pCwPngUmu9eN4LUY1AY9+Q6IaWki0XdXD4XTBWX:jeTQnF7EW7UD2WQXiXg5C7IMo
Score1/10 -
-
-
Target
qux/func/tools/codemirror_js/php.js
-
Size
4KB
-
MD5
553824953eb41779ebf8404362b00a6b
-
SHA1
5c92d2063a8cc5c08fd50fc63be1f625c90d8874
-
SHA256
3ea5649b8f8099f2b1be0288ea33a7736c5f4531e32808f85bf1e6774255366a
-
SHA512
ed7473728f8edeb8957b1a7ccec73506d55948a71f02fb3720779852648c35088b41574df6495db9d99a2f765ec43034e65efea9207257f7d4c4a08fad9b76d7
-
SSDEEP
96:xMxeL0Q5s0sbBV64ioPK0doSk/t9FYqpAtZ54Op2tr5mJGtfmlgHkeZbKNbpeIPM:xmeL0Q5s0IBV64iAK0doSk/t9uqpAtZM
Score1/10 -