Overview

overview

7

Static

static

1

86164f8801...380.gz

windows7-x64

3

86164f8801...380.gz

windows10-2004-x64

7

.new/ascri...ce.vbs

windows7-x64

1

.new/ascri...ce.vbs

windows10-2004-x64

1

.new/ascri...er.vbs

windows7-x64

1

.new/ascri...er.vbs

windows10-2004-x64

1

.new/ascri..._N.ps1

windows7-x64

1

.new/ascri..._N.ps1

windows10-2004-x64

1

.new/ascri..._n.ps1

windows7-x64

1

.new/ascri..._n.ps1

windows10-2004-x64

1

.new/ascri..._s.vbs

windows7-x64

1

.new/ascri..._s.vbs

windows10-2004-x64

1

.new/ascri..._X.vbs

windows7-x64

1

.new/ascri..._X.vbs

windows10-2004-x64

1

.new/ascri..._m.ps1

windows7-x64

1

.new/ascri..._m.ps1

windows10-2004-x64

1

.new/ascri..._o.vbs

windows7-x64

1

.new/ascri..._o.vbs

windows10-2004-x64

1

.new/ascri..._l.vbs

windows7-x64

1

.new/ascri..._l.vbs

windows10-2004-x64

1

.new/ascri..._v.vbs

windows7-x64

1

.new/ascri..._v.vbs

windows10-2004-x64

1

.new/ascri..._q.vbs

windows7-x64

1

.new/ascri..._q.vbs

windows10-2004-x64

1

.new/auto

ubuntu-18.04-amd64

6

.new/auto

debian-9-armhf

1

.new/auto

debian-9-mips

1

.new/auto

debian-9-mipsel

1

.new/doc/TRICKS.vbs

windows7-x64

1

.new/doc/TRICKS.vbs

windows10-2004-x64

1

.new/doc/h...t.html

windows7-x64

1

.new/doc/h...t.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86164f88017462abb673ae5e56136380

  • Size

    2.1MB

  • MD5

    86164f88017462abb673ae5e56136380

  • SHA1

    85ee480c7c6c396459913f9d80c9dd876f932583

  • SHA256

    d7361457b9a5090057132219b1212d6fdee117069039df7baf757ba5b5d52d99

  • SHA512

    f351437c469573d32bdcdacf3856f281565d85909ecfe940fe64f7a36f026c752077c18ecc266c4f21131cd2dc53f3ea23b6dc962c84351b36f09e9c641a2e3b

  • SSDEEP

    49152:ak9ZSPKMvIFvn/PE9Zgn2SPjIDrhSqAPpBSIAa:VUBvIN/sI7PU3LAPpBtD

Score
1/10

Malware Config

Signatures

Files

  • 86164f88017462abb673ae5e56136380
    .gz .ps1 polyglot
  • sample
    .tar
  • .new/ascript/a&a_01_a_core.tcl
  • .new/ascript/a&a_02_a_binds.tcl
  • .new/ascript/a&a_03_a_xservice.tcl
    .vbs
  • .new/ascript/a&a_03_b_qservice.tcl
  • .new/ascript/a&a_03_c_noservice.tcl
  • .new/ascript/a&a_04_a_dict_en1.tcl
  • .new/ascript/a&a_04_b_dict_en.tcl
  • .new/ascript/a&a_10_a_owner.tcl
    .vbs
  • .new/ascript/a&a_11_a_global_N.tcl
    .ps1
  • .new/ascript/a&a_12_a_global_n.tcl
    .ps1
  • .new/ascript/a&a_13_a_global_m.tcl
  • .new/ascript/a&a_14_a_global_o.tcl
  • .new/ascript/a&a_15_a_global_l.tcl
  • .new/ascript/a&a_16_a_global_v.tcl
  • .new/ascript/a&a_17_a_global_s.tcl
    .vbs
  • .new/ascript/a&a_18_a_global_Q.tcl
  • .new/ascript/a&a_20_a_local_N.tcl
  • .new/ascript/a&a_21_a_local_X.tcl
    .vbs
  • .new/ascript/a&a_22_a_local_n.tcl
  • .new/ascript/a&a_23_a_local_m.tcl
    .ps1
  • .new/ascript/a&a_24_a_local_o.tcl
    .vbs
  • .new/ascript/a&a_25_a_local_l.tcl
    .vbs
  • .new/ascript/a&a_26_a_local_v.tcl
    .vbs
  • .new/ascript/a&a_27_a_local_q.tcl
    .vbs
  • .new/ascript/a&a_28_a_local_s.tcl
  • .new/ascript/a&a_40_a_stats.tcl
  • .new/ascript/a&a_41_a_seen.tcl
  • .new/ascript/a&a_42_a_botnet.tcl
  • .new/ascript/loader.tcl
  • .new/auto
    .sh linux
  • .new/bot
  • .new/doc/ABOUT
  • .new/doc/AUTHORS
  • .new/doc/BANS
  • .new/doc/BOTNET
  • .new/doc/BUG-REPORT
  • .new/doc/COMPILE-GUIDE
  • .new/doc/CONTENTS
  • .new/doc/FIRST-SCRIPT
  • .new/doc/KNOWN-PROBLEMS
  • .new/doc/MODULES
  • .new/doc/PARTYLINE
  • .new/doc/PATCH-HOWTO
  • .new/doc/TEXT-SUBSTITUTIONS
  • .new/doc/TRICKS
    .vbs
  • .new/doc/UPDATES1.6
  • .new/doc/USERS
  • .new/doc/html/about.html
    .html
  • .new/doc/html/app-problems.html
    .html
  • .new/doc/html/app-textsub.html
    .html
  • .new/doc/html/app-tricks.html
    .html
  • .new/doc/html/app-weird.html
    .html
  • .new/doc/html/authors.html
    .html
  • .new/doc/html/bans.html
    .html
  • .new/doc/html/botnet.html
    .html
  • .new/doc/html/compiling.html
    .html
  • .new/doc/html/egg-core.html
    .html
  • .new/doc/html/faqs.html
    .html
  • .new/doc/html/features.html
    .html
  • .new/doc/html/index.html
    .html
  • .new/doc/html/install.html
    .html
  • .new/doc/html/mod-assoc.html
    .html
  • .new/doc/html/mod-blowfish.html
    .html
  • .new/doc/html/mod-channels.html
    .html
  • .new/doc/html/mod-compress.html
    .html
  • .new/doc/html/mod-console.html
    .html
  • .new/doc/html/mod-ctcp.html
    .html
  • .new/doc/html/mod-dns.html
    .html
  • .new/doc/html/mod-filesys.html
    .html
  • .new/doc/html/mod-irc.html
    .html
  • .new/doc/html/mod-notes.html
    .html
  • .new/doc/html/mod-seen.html
    .html
  • .new/doc/html/mod-server.html
    .html
  • .new/doc/html/mod-share.html
    .html
  • .new/doc/html/mod-uptime.html
    .html
  • .new/doc/html/mod-wire.html
    .html
  • .new/doc/html/mod-woobie.html
    .html
  • .new/doc/html/news.html
    .html
  • .new/doc/html/party.html
    .html
  • .new/doc/html/patch-howto.html
    .html
  • .new/doc/html/readme.html
    .html
  • .new/doc/html/starting.html
    .html
  • .new/doc/html/tcl-commands.html
    .html
  • .new/doc/html/users.html
    .html
  • .new/doc/man1/eggdrop.1
  • .new/doc/settings/CONTENTS
  • .new/doc/settings/core.settings
    .vbs
  • .new/doc/settings/mod.assoc
  • .new/doc/settings/mod.blowfish
  • .new/doc/settings/mod.channels
  • .new/doc/settings/mod.compress
  • .new/doc/settings/mod.console
  • .new/doc/settings/mod.ctcp
  • .new/doc/settings/mod.dns
  • .new/doc/settings/mod.filesys
  • .new/doc/settings/mod.irc
  • .new/doc/settings/mod.notes
  • .new/doc/settings/mod.seen
  • .new/doc/settings/mod.server
    .vbs
  • .new/doc/settings/mod.share
  • .new/doc/settings/mod.transfer
  • .new/doc/settings/mod.uptime
  • .new/doc/settings/mod.wire
  • .new/doc/settings/mod.woobie
  • .new/doc/tcl-commands.doc
  • .new/eggdrop.conf
    .vbs
  • .new/eggdrop.specs
  • .new/fake
    .elf linux x64
  • .new/go
  • .new/help/assoc.help
  • .new/help/chaninfo.help
  • .new/help/channels.help
  • .new/help/cmd_resolve.help
  • .new/help/cmds1.help
  • .new/help/cmds2.help
  • .new/help/compress.help
  • .new/help/console.help
  • .new/help/core.help
    .vbs
  • .new/help/ctcp.help
  • .new/help/filesys.help
  • .new/help/irc.help
  • .new/help/msg/irc.help
  • .new/help/msg/notes.help
  • .new/help/msg/seen.help
  • .new/help/msg/userinfo.help
  • .new/help/notes.help
  • .new/help/seen.help
  • .new/help/server.help
  • .new/help/set/channels.help
  • .new/help/set/cmds1.help
  • .new/help/set/compress.help
  • .new/help/set/console.help
  • .new/help/set/ctcp.help
  • .new/help/set/filesys.help
  • .new/help/set/irc.help
  • .new/help/set/notes.help
  • .new/help/set/server.help
    .vbs
  • .new/help/set/share.help
  • .new/help/set/transfer.help
  • .new/help/share.help
  • .new/help/transfer.help
  • .new/help/uptime.help
  • .new/help/userinfo.help
  • .new/help/wire.help
  • .new/language/assoc.danish.lang
  • .new/language/assoc.english.lang
  • .new/language/assoc.finnish.lang
  • .new/language/assoc.french.lang
  • .new/language/assoc.german.lang
  • .new/language/console.danish.lang
  • .new/language/console.english.lang
  • .new/language/console.finnish.lang
  • .new/language/console.french.lang
  • .new/language/console.german.lang
  • .new/language/core.danish.lang
  • .new/language/core.english.lang
  • .new/language/core.finnish.lang
  • .new/language/core.french.lang
  • .new/language/core.german.lang
  • .new/language/filesys.danish.lang
  • .new/language/filesys.english.lang
  • .new/language/filesys.finnish.lang
  • .new/language/filesys.french.lang
  • .new/language/filesys.german.lang
  • .new/language/notes.danish.lang
  • .new/language/notes.english.lang
  • .new/language/notes.finnish.lang
  • .new/language/notes.french.lang
  • .new/language/notes.german.lang
  • .new/language/transfer.danish.lang
  • .new/language/transfer.english.lang
  • .new/language/transfer.finnish.lang
  • .new/language/transfer.french.lang
  • .new/language/transfer.german.lang
  • .new/language/wire.danish.lang
  • .new/language/wire.english.lang
  • .new/language/wire.finnish.lang
  • .new/language/wire.french.lang
  • .new/language/wire.german.lang
  • .new/modules/assoc.so
    .elf linux x64
  • .new/modules/blowfish.so
    .elf linux x64
  • .new/modules/channels.so
    .elf linux x64
  • .new/modules/compress.so
    .elf linux x64
  • .new/modules/console.so
    .elf linux x64
  • .new/modules/ctcp.so
    .elf linux x64
  • .new/modules/dns.so
    .elf linux x64
  • .new/modules/filesys.so
    .elf linux x64
  • .new/modules/irc.so
    .elf linux x64
  • .new/modules/notes.so
    .elf linux x64
  • .new/modules/seen.so
    .elf linux x64
  • .new/modules/server.so
    .elf linux x64
  • .new/modules/share.so
    .elf linux x64
  • .new/modules/transfer.so
    .elf linux x64
  • .new/modules/uptime.so
    .elf linux x64
  • .new/modules/wire.so
    .elf linux x64
  • .new/prg
    .elf linux x86
  • .new/scripts/BlackTools.tcl
  • .new/scripts/BlackTools/BT.Commands.tcl
    .vbs
  • .new/scripts/BlackTools/BT.Modules.tcl
    .vbs
  • .new/scripts/BlackTools/BT.Protection.tcl
    .vbs
  • .new/scripts/BlackTools/Changelog/BlackTools2.4.Changelog.txt
  • .new/scripts/BlackTools/lang/BlackTools.en.lang.tcl
  • .new/scripts/BlackTools/lang/BlackTools.ro.lang.tcl
  • .new/scripts/BlackTools/lang/CumSaAdaugi.txt
  • .new/scripts/BlackTools/lang/HowToAdd.txt
  • .new/scripts/BlackTools/lang/loader.tcl
  • .new/scripts/CONTENTS
  • .new/scripts/CloneScan.tcl
    .vbs
  • .new/scripts/README.txt
  • .new/scripts/RObomb.tcl
    .vbs
  • .new/scripts/SendMsg.tcl
    .vbs
  • .new/scripts/action.fix.tcl
  • .new/scripts/alltools.tcl
    .vbs
  • .new/scripts/antictcp.tcl
    .vbs
  • .new/scripts/antinotice.tcl
    .vbs
  • .new/scripts/antiswear.tcl
    .vbs
  • .new/scripts/antitake.tcl
    .vbs
  • .new/scripts/anunt.tcl
  • .new/scripts/auth.tcl
    .vbs
  • .new/scripts/autobotchk
    .vbs
  • .new/scripts/away.tcl
  • .new/scripts/banc.tcl
    .vbs
  • .new/scripts/blacklist.tcl
    .vbs
  • .new/scripts/botchk
  • .new/scripts/co.tcl
    .vbs
  • .new/scripts/compat.tcl
  • .new/scripts/csc.tcl
    .vbs
  • .new/scripts/data.tcl
  • .new/scripts/deopidle.tcl
  • .new/scripts/dns.tcl
    .vbs
  • .new/scripts/getops.tcl
    .vbs
  • .new/scripts/gline.tcl
    .vbs
  • .new/scripts/glume.tcl
    .vbs
  • .new/scripts/google.tcl
    .vbs
  • .new/scripts/greet.tcl
    .ps1
  • .new/scripts/horoscop.tcl
  • .new/scripts/http.tcl
    .vbs
  • .new/scripts/idle.tcl
    .vbs
  • .new/scripts/injura.tcl
  • .new/scripts/ip.tcl
    .vbs
  • .new/scripts/ipcheck.tcl
    .vbs
  • .new/scripts/joinpart.tcl
    .vbs
  • .new/scripts/klined.tcl
    .vbs
  • .new/scripts/learn.tcl
    .vbs
  • .new/scripts/leave.tcl
    .vbs
  • .new/scripts/limit.tcl
    .vbs
  • .new/scripts/login.tcl
    .vbs
  • .new/scripts/max.tcl
  • .new/scripts/meteo.tcl
    .vbs
  • .new/scripts/next.tcl
    .vbs
  • .new/scripts/nmap.tcl
  • .new/scripts/optools.tcl
  • .new/scripts/ping.tcl
  • .new/scripts/private.tcl
  • .new/scripts/putty.tcl
    .ps1
  • .new/scripts/ques5.tcl
    .vbs
  • .new/scripts/quotepass.tcl
  • .new/scripts/quotepong.tcl
    .vbs
  • .new/scripts/seen.tcl
    .ps1
  • .new/scripts/sentinel.tcl
    .vbs
  • .new/scripts/ssh.tcl
    .ps1
  • .new/scripts/stats.tcl
    .vbs
  • .new/scripts/strictop.tcl
  • .new/scripts/topusers.tcl
    .vbs
  • .new/scripts/userinfo.tcl
  • .new/scripts/vip.tcl
    .vbs
  • .new/scripts/voiceme.tcl
  • .new/scripts/weed
    .vbs
  • .new/scripts/welcome.tcl
  • .new/scripts/whois.tcl
    .vbs
  • .new/scripts/whoisd.tcl
  • .new/scripts/youtube.tcl
    .vbs
  • .new/settings.conf
  • .new/text/banner
  • .new/text/motd