Overview

overview

7

Static

static

3

ClientSetup.exe

windows7-x64

7

ClientSetup.exe

windows10-2004-x64

7

ServerSetup.exe

windows7-x64

7

ServerSetup.exe

windows10-2004-x64

7

Conn.asp

windows7-x64

3

Conn.asp

windows10-2004-x64

3

action.asp

windows7-x64

3

action.asp

windows10-2004-x64

3

bottom.asp

windows7-x64

3

bottom.asp

windows10-2004-x64

3

checkSys.asp

windows7-x64

3

checkSys.asp

windows10-2004-x64

3

chk.asp

windows7-x64

3

chk.asp

windows10-2004-x64

3

cxctl.asp

windows7-x64

3

cxctl.asp

windows10-2004-x64

3

default.asp

windows7-x64

3

default.asp

windows10-2004-x64

3

dt.asp

windows7-x64

3

dt.asp

windows10-2004-x64

3

getdata.asp

windows7-x64

3

getdata.asp

windows10-2004-x64

3

gfhcx.asp

windows7-x64

3

gfhcx.asp

windows10-2004-x64

3

groupset.asp

windows7-x64

3

groupset.asp

windows10-2004-x64

3

gscreencx.asp

windows7-x64

3

gscreencx.asp

windows10-2004-x64

3

gsysset.asp

windows7-x64

3

gsysset.asp

windows10-2004-x64

3

gurlset.asp

windows7-x64

3

gurlset.asp

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b946659d9ec704bd1cb8cc2a0bc3f86

  • Size

    5.3MB

  • MD5

    3b946659d9ec704bd1cb8cc2a0bc3f86

  • SHA1

    70772418261120906b395f9fe14b28573f3c91b5

  • SHA256

    e13c66ae1d4df6f6b364aa1ab9b305bff536c16701d18e0544d7498fa5fa90ab

  • SHA512

    ea8c579f0ccf359488b518d9a4cf9a1ede7d92c7ce9c5162b068f675b37d44dfad9f568063e0ae88940cae275ac84856e9c31bf52e35ebcbd8b6e70181b289f5

  • SSDEEP

    98304:DDRQfY1RygCRYJ2xuFMgQwKmLBdeSDexJLy4C++LQL4yWk73ySV1rhb:D9QyogCmJ24FIwKtSDev95+JFkbyErx

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b946659d9ec704bd1cb8cc2a0bc3f86
    .rar
  • ClientSetup.exe
    .exe windows:4 windows x86 arch:x86

    2f6203366bc5aa9ff8b6cf7753ead32d


    Headers

    Imports

    Sections

  • ServerSetup.exe
    .exe windows:4 windows x86 arch:x86

    2f6203366bc5aa9ff8b6cf7753ead32d


    Headers

    Imports

    Sections

  • readme.txt
  • tyweb.rar
    .rar
  • Conn.asp
  • action.asp
    .asp
  • bottom.asp
    .asp
  • checkSys.asp
  • chk.asp
  • cxctl.asp
    .asp .js polyglot
  • default.asp
    .asp
  • dt.asp
  • getdata.asp
    .asp
  • gfhcx.asp
    .asp
  • groupset.asp
    .asp
  • gscreencx.asp
    .asp
  • gsysset.asp
    .asp
  • gurlset.asp
    .asp
  • gusbset.asp
    .asp
  • help.asp
    .asp
  • images/1.swf
  • images/2.swf
  • images/3.swf
  • images/Thumbs.db
  • images/bar.jpg
    .jpg
  • images/bar1.jpg
    .jpg
  • images/bar2.jpg
    .jpg
  • images/bg.gif
  • images/bg001.jpg
    .jpg
  • images/bg01.gif
    .gif
  • images/bg02.gif
    .gif
  • images/bg02.jpg
    .jpg
  • images/bg03.gif
    .gif
  • images/bg03.jpg
    .jpg
  • images/bg04.jpg
    .jpg
  • images/bg05.gif
    .gif
  • images/bg05.jpg
    .jpg
  • images/bg1.gif
    .gif
  • images/bg1.jpg
    .jpg
  • images/blank.gif
  • images/bt1.gif
    .gif
  • images/bt2.gif
    .gif
  • images/but1.gif
    .gif
  • images/index.jpg
    .jpg
  • images/logo.gif
    .gif
  • images/logo.jpg
    .jpg
  • images/menu_bg.gif
    .gif
  • images/qq.gif
    .gif
  • images/ren1.gif
    .gif
  • images/ren2.gif
    .gif
  • images/ren3.gif
    .gif
  • images/ren4.gif
    .gif
  • images/set.gif
    .gif
  • includes/check.js
    .js
  • includes/styles.css
  • main.asp
    .asp
  • maincxset.asp
    .asp
  • mainscreenset.asp
    .asp
  • mainsysset.asp
    .asp
  • mainurlset.asp
    .asp
  • mainusbset.asp
    .asp
  • menu.asp
    .asp .js polyglot
  • menuses.asp
    .asp
  • ok.asp
  • pwd.asp
    .asp
  • quit.asp
    .asp
  • screenctl.asp
    .asp .js polyglot
  • setcomcz.asp
    .asp
  • setcomgroup.asp
    .asp
  • setcomni.asp
    .asp
  • setcomzcm.asp
    .asp
  • setdata.asp
    .asp
  • show.asp
    .asp .js polyglot
  • showMsg.asp
    .asp
  • showall.asp
    .asp .js polyglot
  • showbase.asp
    .asp
  • showpic.asp
    .asp
  • sysctl.asp
    .asp
  • tab/css/stab.css
  • tab/images/tab/spacer.gif
    .gif
  • tab/images/tab/tDown1.gif
    .gif
  • tab/images/tab/tDown2.gif
    .gif
  • tab/images/tab/tDown3.gif
    .gif
  • tab/images/tab/tUp1.gif
    .gif
  • tab/images/tab/tUp2.gif
    .gif
  • tab/images/tab/tUp3.gif
    .gif
  • tab/images/tab/tabBot.gif
    .gif
  • tab/images/tab/tabL.gif
    .gif
  • tab/images/tab/tabLBot.gif
    .gif
  • tab/images/tab/tabR.gif
    .gif
  • tab/images/tab/tabRBot.gif
    .gif
  • tab/images/tab/tableft1.gif
    .gif
  • tab/images/tab/tableft2.gif
    .gif
  • tab/images/tab/tlDown1.gif
    .gif
  • tab/images/tab/tlDown2.gif
    .gif
  • tab/images/tab/tlDown3.gif
    .gif
  • tab/images/tab/tlUp1.gif
    .gif
  • tab/images/tab/tlUp2.gif
    .gif
  • tab/images/tab/tlUp3.gif
    .gif
  • tab/images/tab/vssver.scc
  • tab/includes/tabstrip.htc
    .js
  • tmctl.asp
    .asp .js polyglot
  • top.asp
    .asp
  • upload.asp
    .asp
  • urlctl.asp
    .asp .js polyglot
  • usbctl.asp
    .asp
  • userset.asp
    .asp
  • usersetperm.asp
    .asp
  • 本软件用户使用许可协议.txt
  • 使用说明.chm
    .chm
  • 新云软件.url
    .url