Overview

overview

3

Static

static

1

2.vbs

windows7-x64

1

2.vbs

windows10-2004-x64

1

admin/DELE.vbs

windows7-x64

1

admin/DELE.vbs

windows10-2004-x64

1

admin/Edit...tor.js

windows7-x64

1

admin/Edit...tor.js

windows10-2004-x64

1

admin/Edit...nd.asp

windows7-x64

3

admin/Edit...nd.asp

windows10-2004-x64

3

admin/Edit...rm.htm

windows7-x64

1

admin/Edit...rm.htm

windows10-2004-x64

1

admin/Edit...r.html

windows7-x64

1

admin/Edit...r.html

windows10-2004-x64

1

admin/Edit...wf.htm

windows7-x64

1

admin/Edit...wf.htm

windows10-2004-x64

1

admin/Edit...e.html

windows7-x64

1

admin/Edit...e.html

windows10-2004-x64

1

admin/Edit...mv.htm

windows7-x64

1

admin/Edit...mv.htm

windows10-2004-x64

1

admin/adduser.asp

windows7-x64

3

admin/adduser.asp

windows10-2004-x64

3

admin/admin_ad.vbs

windows7-x64

1

admin/admin_ad.vbs

windows10-2004-x64

1

admin/admin_login.vbs

windows7-x64

1

admin/admin_login.vbs

windows10-2004-x64

1

admin/admin_wzxx.vbs

windows7-x64

1

admin/admin_wzxx.vbs

windows10-2004-x64

1

admin/adminuser.vbs

windows7-x64

1

admin/adminuser.vbs

windows10-2004-x64

1

admin/conn.vbs

windows7-x64

1

admin/conn.vbs

windows10-2004-x64

1

admin/creak.vbs

windows7-x64

1

admin/creak.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b9330af73968b45363ac56c296764c2

  • Size

    1.1MB

  • MD5

    7b9330af73968b45363ac56c296764c2

  • SHA1

    2466ca3bb7a503a39c0434fd4a39e341c3e53309

  • SHA256

    fc43103c4844d99134aaeb2ddc0ae2c8f8eb165834b977e7a0a1bd20f368737d

  • SHA512

    3cf24e85c13d3445d22504df8c3d2612295ae38664defb931aedee558f88f6379e8e1a9cdfa0fedd77d5653c26e7b7657a7914a6513690f000a607f652a0a230

  • SSDEEP

    24576:ymJ4v41OcagCdnrfk40nJ+lOcagu4/Uopd/2WGmMOkU:/JX81gCFI42/1gX/77/1

Score
1/10

Malware Config

Signatures

Files

  • 7b9330af73968b45363ac56c296764c2
    .rar
  • 2.asp
    .vbs
  • admin/DELE.ASP
    .vbs
  • admin/Editor/Editor.js
    .js
  • admin/Editor/images/Rect.gif
    .gif
  • admin/Editor/images/ad.gif
    .gif
  • admin/Editor/images/aleft.gif
    .gif
  • admin/Editor/images/aright.gif
    .gif
  • admin/Editor/images/bold.gif
    .gif
  • admin/Editor/images/bullist.gif
    .gif
  • admin/Editor/images/center.gif
    .gif
  • admin/Editor/images/cleancode.gif
    .gif
  • admin/Editor/images/code.gif
    .gif
  • admin/Editor/images/copy.gif
    .gif
  • admin/Editor/images/cut.gif
    .gif
  • admin/Editor/images/delete.gif
    .gif
  • admin/Editor/images/deletecolumn.gif
    .gif
  • admin/Editor/images/deleterow.gif
    .gif
  • admin/Editor/images/fbcolor.gif
    .gif
  • admin/Editor/images/fgcolor.gif
    .gif
  • admin/Editor/images/hr.gif
    .gif
  • admin/Editor/images/img.gif
    .gif
  • admin/Editor/images/insertcolumn.gif
    .gif
  • admin/Editor/images/insertpage.gif
    .gif
  • admin/Editor/images/insertrow.gif
    .gif
  • admin/Editor/images/italic.gif
    .gif
  • admin/Editor/images/numlist.gif
    .gif
  • admin/Editor/images/outdent.gif
    .gif
  • admin/Editor/images/paste.gif
    .gif
  • admin/Editor/images/quote.gif
    .gif
  • admin/Editor/images/redo.gif
    .gif
  • admin/Editor/images/removeFormat.gif
    .gif
  • admin/Editor/images/replace.gif
    .gif
  • admin/Editor/images/rm.gif
    .gif
  • admin/Editor/images/selectAll.gif
    .gif
  • admin/Editor/images/specialchar.gif
    .gif
  • admin/Editor/images/strikethrough.gif
    .gif
  • admin/Editor/images/subscript.gif
    .gif
  • admin/Editor/images/superscript.gif
    .gif
  • admin/Editor/images/swf.gif
    .gif
  • admin/Editor/images/table.gif
    .gif
  • admin/Editor/images/underline.gif
    .gif
  • admin/Editor/images/undo.gif
    .gif
  • admin/Editor/images/unlink.gif
    .gif
  • admin/Editor/images/wlink.gif
    .gif
  • admin/Editor/images/wmv.gif
    .gif
  • admin/Editor/include/end.asp
  • admin/Editor/include/img.htm
    .html .js polyglot
  • admin/Editor/include/inputbg.gif
    .gif
  • admin/Editor/include/pop.css
  • admin/Editor/include/rm.htm
    .html
  • admin/Editor/include/selcolor.htm
    .html .js polyglot
  • admin/Editor/include/selcolor.html
    .html .js polyglot
  • admin/Editor/include/swf.htm
    .html
  • admin/Editor/include/table.html
    .html .js polyglot
  • admin/Editor/include/wmv.htm
    .html
  • admin/Editor/说明.txt
  • admin/adduser.asp
  • admin/admin_ad.asp
    .vbs
  • admin/admin_index.asp
    .html .js polyglot
  • admin/admin_login.asp
    .vbs
  • admin/admin_wzxx.asp
    .vbs
  • admin/adminuser.asp
    .vbs
  • admin/conn.asp
    .vbs
  • admin/creak.asp
    .vbs
  • admin/css.css
  • admin/dv.htm
    .html .vbs polyglot
  • admin/dv1.htm
    .html
  • admin/edit.asp
    .vbs
  • admin/gl.asp
    .vbs
  • admin/haoys/1_01.jpg
    .jpg
  • admin/haoys/1_02.jpg
    .jpg
  • admin/haoys/1_03.jpg
    .jpg
  • admin/haoys/1_04.jpg
    .jpg
  • admin/haoys/1_05.jpg
    .jpg
  • admin/haoys/1_06.jpg
    .jpg
  • admin/haoys/1_08.gif
    .gif
  • admin/haoys/doc.gif
    .gif
  • admin/haoys/index_01.jpg
    .jpg
  • admin/haoys/rar.gif
    .gif
  • admin/haoys/xls.gif
    .gif
  • admin/haoysconn.asp
    .vbs
  • admin/haoysgl.asp
    .vbs
  • admin/hf.asp
    .vbs
  • admin/imgaddarticle.asp
    .vbs
  • admin/imgnews.asp
    .vbs
  • admin/imgsavearticle.asp
    .vbs
  • admin/inc/char.asp
    .vbs
  • admin/inc/functions.asp
    .vbs
  • admin/inc/md5.asp
    .vbs
  • admin/inc_upload.asp
    .html .vbs polyglot
  • admin/indeximg.asp
    .js
  • admin/k1.asp
  • admin/k2.asp
  • admin/lmchk.asp
    .vbs
  • admin/logout.asp
  • admin/md5.asp
    .vbs
  • admin/myaddarticle.asp
    .vbs
  • admin/mysavearticle.asp
    .vbs
  • admin/newschk.asp
    .vbs
  • admin/pt.asp
    .vbs
  • admin/putong.asp
    .vbs
  • admin/savead.asp
    .vbs
  • admin/saveedit.asp
    .vbs
  • admin/saveindextj.asp
    .vbs
  • admin/saveupload.asp
    .html .vbs polyglot
  • admin/saveupload2_.asp
    .html .vbs polyglot
  • admin/saveuser.asp
    .vbs
  • admin/saveuser1.asp
    .vbs
  • admin/savewzxx.asp
    .vbs
  • admin/saveyqlj.asp
    .vbs
  • admin/saveyqlj1.asp
    .vbs
  • admin/shenghe.asp
    .vbs
  • admin/style.css
  • admin/typefrom.asp
    .vbs
  • admin/upload.asp
    .vbs
  • admin/upload2.asp
    .vbs
  • admin/uploadchk.asp
    .vbs
  • admin/uploaddele.asp
    .vbs
  • admin/view.asp
    .vbs
  • admin/yqlj.asp
    .vbs
  • backup/bjzxx.mdb
  • conn.asp
    .vbs
  • count.txt
  • css.css
  • data/bjzxx.mdb
  • end.asp
    .vbs
  • feedback.asp
    .vbs
  • hljy.asp
    .js
  • hljys.asp
    .vbs
  • images/1.png
    .png
  • images/1/2_05.png
    .png
  • images/1/2_08.png
    .png
  • images/1/css.css
  • images/1/haoys1_03.png
    .png
  • images/1/haoys1_04.png
    .png
  • images/1/haoys1_06.png
    .png
  • images/1/haoys1_08.png
    .png
  • images/1_03.gif
    .gif
  • images/1_04.gif
    .gif
  • images/1_06.gif
    .gif
  • images/1_10.gif
    .gif
  • images/2/2_05.png
    .png
  • images/2/2_08.png
    .png
  • images/2/css.css
  • images/2/haoys1_03.png
    .png
  • images/2/haoys1_04.png
    .png
  • images/2/haoys1_06.png
    .png
  • images/2_03.gif
    .gif
  • images/2_05.gif
    .gif
  • images/2_06.gif
    .gif
  • images/2_08.gif
    .gif
  • images/2_10.gif
    .gif
  • images/2_12.gif
    .gif
  • images/2_20.gif
    .gif
  • images/2_21.gif
    .gif
  • images/2_24.gif
    .gif
  • images/3/2_05.png
    .png
  • images/3/2_08.png
    .png
  • images/3/css.css
  • images/3/haoys1_03.png
    .png
  • images/3/haoys1_04.png
    .png
  • images/3/haoys1_06.png
    .png
  • images/4/2_05.png
    .png
  • images/4/2_08.png
    .png
  • images/4/css.css
  • images/4/haoys1_03.png
    .png
  • images/4/haoys1_04.png
    .png
  • images/4/haoys1_06.png
    .png
  • images/4_03.gif
    .gif
  • images/4_05.gif
    .gif
  • images/4_07.gif
    .gif
  • images/4_08.gif
    .gif
  • images/5-02.gif
    .gif
  • images/5-03.gif
    .gif
  • images/5-04.gif
    .gif
  • images/5-05.gif
    .gif
  • images/5/2_05.png
    .png
  • images/5/2_08.png
    .png
  • images/5/css.css
  • images/5/haoys1_03.png
    .png
  • images/5/haoys1_04.png
    .png
  • images/5/haoys1_06.png
    .png
  • images/6/2_05.png
    .png
  • images/6/2_08.png
    .png
  • images/6/css.css
  • images/6/haoys1_03.png
    .png
  • images/6/haoys1_04.png
    .png
  • images/6/haoys1_06.png
    .png
  • images/7/2_05.png
    .png
  • images/7/2_08.png
    .png
  • images/7/css.css
  • images/7/haoys1_03.png
    .png
  • images/7/haoys1_04.png
    .png
  • images/7/haoys1_06.png
    .png
  • images/8/2_05.png
    .png
  • images/8/2_08.png
    .png
  • images/8/css.css
  • images/8/haoys1_03.png
    .png
  • images/8/haoys1_04.png
    .png
  • images/8/haoys1_06.png
    .png
  • images/bj_02.gif
    .gif
  • images/bj_05.gif
    .gif
  • images/jiaoyu2_01.jpg
    .jpg
  • images/jiaoyu2_02.jpg
    .jpg
  • images/logo_01.png
    .png
  • images/logo_02.png
    .png
  • images/logo_03.png
    .png
  • images/more.gif
    .gif
  • images/picviewer.swf
  • images/sxbjedu.jpg
    .jpg
  • img.asp
    .vbs
  • imgnews.asp
    .vbs
  • index.asp
    .vbs
  • index7.asp
    .vbs
  • indeximg.asp
    .js
  • indextj.asp
    .html .vbs polyglot
  • sc/haoys1_08.png
    .png
  • sc/logo.gif
    .gif
  • sc/xt.gif
    .gif
  • show.asp
    .vbs
  • so.asp
    .vbs
  • tjnews.asp
    .vbs
  • top.asp
    .html .vbs polyglot
  • type.asp
    .vbs
  • upload/2006117121825347.jpg
    .jpg
  • upload/20061171343760277.jpg
    .jpg
  • upload/200611713463881487.jpg
    .jpg
  • upload/200611713493128903.jpg
    .jpg
  • upload/200611713521888082.jpg
    .jpg
  • upload/20061171354387197.jpg
    .jpg
  • upload/2006117951231337.jpg
    .jpg
  • upload/20071181571192126.gif
    .gif
  • upload/200711911485373430.gif
    .gif
  • upload/20071191156316028.gif
    .gif
  • upload/200711912241241438.gif
    .gif
  • upload/200711915412884958.gif
    .gif
  • upload/200711915414737859.gif
    .gif
  • upload/20071191542264138.gif
    .gif
  • upload/200711915442346276.gif
    .gif
  • upload/20071191723972895.gif
    .gif
  • upload/200772015181543571.gif
    .gif
  • xxjs.asp
    .vbs
  • 下载说明.txt
  • 新云软件.url
    .url
  • 说明.txt