Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Phpcms2008...�.html

windows7-x64

3

Phpcms2008...�.html

windows10-2004-x64

3

Phpcms2008...�.html

windows7-x64

3

Phpcms2008...�.html

windows10-2004-x64

3

doc/新云软件.url

windows7-x64

1

doc/新云软件.url

windows10-2004-x64

1

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...inc.js

windows7-x64

3

phpcms/adm...inc.js

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...ex.htm

windows7-x64

3

phpcms/adm...ex.htm

windows10-2004-x64

3

phpcms/adm...inc.js

windows7-x64

3

phpcms/adm...inc.js

windows10-2004-x64

3

phpcms/adm...inc.js

windows7-x64

3

phpcms/adm...inc.js

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...nc.ps1

windows7-x64

3

phpcms/adm...nc.ps1

windows10-2004-x64

3

phpcms/adm...inc.js

windows7-x64

3

phpcms/adm...inc.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d4896710afaffe27c363a045647ffd4520e060b40fc78788f96db24399262d12

  • Size

    4.3MB

  • Sample

    240811-xdck5swgrd

  • MD5

    8b770d961aab663e8b1907c031d37b21

  • SHA1

    eaf6aadfb64ea39ae8414efe5b0b875338630b1e

  • SHA256

    d4896710afaffe27c363a045647ffd4520e060b40fc78788f96db24399262d12

  • SHA512

    f4c7db229df7fcb8a82872278e2154ef91f2de10eaddd6ea7750b1ec69076e5e5ab8fcf8ab309a9056abd9b13e8b8be847100508540ffccd596c9086d0855276

  • SSDEEP

    98304:8TwTzuIFQyHPlcgL67xr6Fck4YC5erPvqdlZtkViHTR5NsNrK5pmR4AXzbX:8TwXQUlcgLOxQBBCYqd1kViz7mdipmR5

Score
10/10
discoveryexecution

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://v.ku6vms.com/phpvms/api/upLoad/

Extracted

Language
ps1
Source
URLs
exe.dropper

http://v.ku6vms.com/phpvms/api/upLoad/

Targets

    • Target

      Phpcms2008 产品介绍.html

    • Size

      5KB

    • MD5

      0d444b10ba1486177370d5903e2025ba

    • SHA1

      d56cc84e5aa6fb3d9ce0d98a5a08ff88cb92da8e

    • SHA256

      d5d015685342d9efea4ce8f6d6bee69ab0aabf9c370795381804de9c837673ac

    • SHA512

      36b1198c10cc121c2b91d32a0d8b3f495e18527a81aa7d1a0acf26369c2c3c661ba46662faaa66a52fd4afc5d497168b4f886a5261c6280d09f382ed60e158ce

    • SSDEEP

      96:SIkTOnTeblvVniseU9Ubzv3eGzwIiQifk+NdXjyPJaQHmGClgF7QJy9kclyXIdD:SIkTsTeL2HuswzQifk+DXMglgFeukRXW

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Phpcms2008 安装说明.html

    • Size

      2KB

    • MD5

      07fe78e1384e66f7cb5ad3a91df05479

    • SHA1

      6dd82adcfd24de4d950a1d8275f09ef90edc9878

    • SHA256

      8372d4889eaa16f3e82443c7f41aa9fea64e39a9e95e2e2c413f1098b2c5784c

    • SHA512

      9d5f671f7a3afbb732ab3d92691b05542c1c5b0898768b8869848e0b80f4f437d9cbf900d990ccfff9d342f8c70c64c41123d8bc83bcf08336d90f1c376d363a

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      doc/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral5behavioral6

    • Target

      phpcms/admin/category.inc.php

    • Size

      13KB

    • MD5

      51f3e48dbd990f204613c48149873391

    • SHA1

      bd64e73a9cf81c09003e3ca6ef92889dd12378af

    • SHA256

      2473f280bd73bef9e52f7366339cb05d6b1cfbe2dc51d3dd0c482406de141ba7

    • SHA512

      23ae93d8d5e0dacdc1a5956598a0747e67a7fbd22a3e5363b08d8c207b6a2aff6e5d35364d14de8ffa274bf83e3c6253d88d9d78967910289171cb0adbe3b9b2

    • SSDEEP

      192:acEcjOtLx5/1FoCx2b0LYD7jqcr/QQW4v9su:QLxZ1FoCU0qjqtW

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      phpcms/admin/content.inc.php

    • Size

      16KB

    • MD5

      28a5ee2c4d52161201cb5548ea7e83b9

    • SHA1

      c29b39b8fe63d5b301bea2e4e47910cdf8ce891b

    • SHA256

      4269f90b4e17b63414b01c33410e3560551e8b56ee8955de4256a603fb54b0e9

    • SHA512

      0e2b3acebf977728deccd103a3d4ecc7df9c46b9ebd52ffcd1ec848326daabda90eb9cb1a584ede169ba02e8792ca8b149cdfc6a0a057f2d1f0f6625719cefd2

    • SSDEEP

      192:9735ARL2X6Vb00p7mBv7ASXUPAAQB57iF05wkDYM0MoCD:9735m2X6BBp7Mv7ASsg5+F0FcM0MoA

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      phpcms/admin/database.inc.php

    • Size

      5KB

    • MD5

      4eb69f44bcb949b87ac4610e36b55a02

    • SHA1

      ca9aa8cfff0cce334f93eba4f5861d44d430d756

    • SHA256

      88a9f6fd4f307c6b38b2b80e63916b9cf2bc6440386e4fef37b166bccb7b7e41

    • SHA512

      2799cd2552db1a2b60838aa51e1c791ce85237b81ddcdf1ebf9c421deaf0e53eaf6a9988a2504131d2d4276353a9a1416ae5a2d3539f0f9941edf0f4f78da7ba

    • SSDEEP

      96:y4bEsn8jXeA1DYOeZqEBKbdm7L2floKIDuqby0HvJMC05Cr8JhQ:yOEG8XH1DY2Es8L26qOTMm

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      phpcms/admin/downfiles.inc.php

    • Size

      1KB

    • MD5

      7c1be1baf5334ec9f02a20d7338950e4

    • SHA1

      bf53dbd5c5d25f8069cde4603b40a4baf313d596

    • SHA256

      de30c8ecce8171a0119c907495a7c80cb5811f0dab64ef93a80bb26dfbe71825

    • SHA512

      19cd9d4d596c79f3626171b9b00dbdd3df658da15221b129b861429b661f88a7b05bd0f9f640cba87be56551be618c16bccad59aa2375edb27a37c8242eac255

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      phpcms/admin/file_select.inc.php

    • Size

      2KB

    • MD5

      9ab3403d984e09de29aeab0136495661

    • SHA1

      4cd2b476302da2e1df0449fe0ac8b53660dd2f18

    • SHA256

      156f0dd267732cab924151f2cfc83a1ce8a15de710596a9136155a726ec52a1a

    • SHA512

      0508aad4c75b761181f651b288657a8e6370a96aa242985e3c0ffdc5cbdb6070158480760009d88d1245ba430f829fbf6936c6febb950c5c69fc6280d30817dc

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      phpcms/admin/html.inc.php

    • Size

      5KB

    • MD5

      e8159387959c6f2683e5c3607861dd10

    • SHA1

      28a634600322f34b37abb1400487347d61017660

    • SHA256

      9bda9df32e4fcb22de76f10f573ae3f9dc02074bf398b8963febcf2ce4e2f763

    • SHA512

      13b48638138cbf2687fddb456d2123108da8fc3c9d7266d33cd8de5b7ced964e632a9a98e9a84196bcf934f3d16dfad2539177ddb6eb5bd615167d6d96a9c07d

    • SSDEEP

      96:aSUbEUkfWYLrZfTD425A1QVNBe5CpISg161D91YGLiRb7+tS9:/mEUkL17D42lBe4pILKGuA

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      phpcms/admin/import.inc.php

    • Size

      5KB

    • MD5

      ec4d813a075635c416311a89b3d39ba8

    • SHA1

      e7478e3670ffe56ba724a0a3af0e494777ff5158

    • SHA256

      e31ef08a33f878055b44add1d04edad96b6b19e332d553783b503b06b9885f30

    • SHA512

      c01bf470ad479d868da04612d7974ad43991a63f89572d06e93b349dae0af16a70e7bd16e4a0612d068e8b1f52e70ca1c9164095fabca22f63e11967bec1458a

    • SSDEEP

      96:gNsHP0+qASn48ZknCki6IgjzBgCNEFk6teUlFrOvsdds3BbobibDHv63GYwfwp/s:mC0+qJzaIgjzBgCNGZ4U3Ywbiben/LY

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      phpcms/admin/index.htm

    • Size

      152B

    • MD5

      74a2eac9f7e210cba07b8fb08551fc91

    • SHA1

      08b1ca5df7662a33648ac501e981f2db2e64a0da

    • SHA256

      0f2bde3d82f53c91f604f940a1f987e5c2d4faa02abc33b6a296d260e8cfd919

    • SHA512

      56f7a469c612f94d8112ae7ea5208049fec3d97f5cd2fa84231b6be1b6fde69035f19388e517659506dde8ffba0c758e359716006f17640422695215e33ea83c

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      phpcms/admin/model.inc.php

    • Size

      4KB

    • MD5

      57a94d64c18de54817c40df9856c5829

    • SHA1

      e894038c1e06938a74a37358e17b174bc75082a0

    • SHA256

      c6ef2bd89e7b56b937486329788ac836bf37b8a9693b5ec13be61b1d5c7bbba1

    • SHA512

      86479fcba37d5d1a65c24eccdc79bce49d78252569267625deb1c720fd249ba6c51a0a349ab822e32dc0c04b204ab9653696a42cc95bcc8c7321a4945d959a18

    • SSDEEP

      96:VkUHgf9hu72OO3x0KETXIi4yNOpFG4Dzm682TFmFQF:mUAfO7qxlE1po/m92TFmFy

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      phpcms/admin/model_field.inc.php

    • Size

      7KB

    • MD5

      982c6f3a0bf2c0e7d20848a9279ea082

    • SHA1

      2f48103176760a8a45570cc978882415a55a8449

    • SHA256

      52969d79753a69e7b04f772795be90caeaf980591fb4239dc8a82d900fc83b5f

    • SHA512

      c870a63f639507f5b77841347fa0c99f767a0a73d5a1c649348f587896a51acc25024627fa9232d48b9b8185ddc1fb6ad5e3415fffb3e00fd3831dc4c4aee36e

    • SSDEEP

      96:6vFGfzOVLUpwIrFLg2NbLUpwIr0LkOLLKUzwBz2LKuoTY3xH6u6K7Jb7WmiTZquh:mFcCduy2tu0ZWUMAzoslDptPiTZ/

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      phpcms/admin/more_pic_select.inc.php

    • Size

      2KB

    • MD5

      3826b4d33431463a495edba8397dcabb

    • SHA1

      8c111c521b1783254922cc99b5ef23df18546595

    • SHA256

      0c6c954f47c340204840eb6ea023490fdfb3f37e4a02bb738b656ce5fbf7ff9e

    • SHA512

      2374dc7ac0d0e5293eba61c8e2fe38b11436c5ffc5dcbf48e9372c5e228eee43155e0aeba60379e292a60617c642f9741bd79dbff10aa67374b282ac1c6bb65d

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      phpcms/admin/safe.inc.php

    • Size

      4KB

    • MD5

      af9a0f41197687558acc9c91d6c769a8

    • SHA1

      b17dafb96762bdda006639554f02937bcd11ca26

    • SHA256

      c10a98fa6ed7a6a5e2291736a065bb97e81fccaae067730c7045a6c0862da0d4

    • SHA512

      04d674fa1c6c6277fbcae885a95fe919314795ea9c7ec53584d85642a39ddf2b9a60a8f690699521587b029019fca00884e0631a5a3c2a4f31a7c797c42232a3

    • SSDEEP

      96:/Ue77qI5TszgF4le9l4lHqkBziVNeQBe/S/jDmU03eRaDhSVh:cqT/4kl4gmGkK6SNwRA

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      phpcms/admin/tag.inc.php

    • Size

      13KB

    • MD5

      582fe4d62b36207ae92c486ec728757e

    • SHA1

      cca078b6a72922e7579683d89cba115190800188

    • SHA256

      c86c80fb32a9a6b91030ab588602896e3c310ae372625331f6f932486a884786

    • SHA512

      3fc0e15dc1f1d879475fb511360727fd327e6dce2f32bac20fbe15c2d51ebc151980a9ae6f012fbeab4eb939a9d6e5b07c42bb7c6cab199c19e5613a7917f4af

    • SSDEEP

      384:zoJccZNUSVPNUSV720UkUPREaO7k4hf/HfzjMYUQlnqgEgR7IYuPUUnt81oJ9:zoJ5NDVPNDV720UkSREaO7k4ZLjMYLly

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
10/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10