Overview

overview

3

Static

static

3

ojw_sy\tem...min.js

windows7-x64

3

ojw_sy\tem...min.js

windows10-2004-x64

3

ojw_sy\tem...yer.js

windows7-x64

3

ojw_sy\tem...yer.js

windows10-2004-x64

3

ojw_sy\tem...yer.js

windows7-x64

3

ojw_sy\tem...yer.js

windows10-2004-x64

3

ojw_sy\tem...yui.js

windows7-x64

3

ojw_sy\tem...yui.js

windows10-2004-x64

3

ojw_sy\tem...ion.js

windows7-x64

3

ojw_sy\tem...ion.js

windows10-2004-x64

3

ojw_sy\tem...yin.js

windows7-x64

3

ojw_sy\tem...yin.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac109e412078d058ec4885eef7849d7fd0e260935738f252d4a0ed5fa155cbb5

  • Size

    1.3MB

  • MD5

    bbf48a9fe768ab923d3265ac9222617c

  • SHA1

    8367bb1509aad7240003a55e0fc8f9b9a79432d9

  • SHA256

    ac109e412078d058ec4885eef7849d7fd0e260935738f252d4a0ed5fa155cbb5

  • SHA512

    f917b3d696eefaa10fa830297b6bfc903a6025c9ac9a695e42d1fe6e31f65bfa50591f8a7072cdc9a4ca83e2a4c90f0db4742ba28094d2a62f593b8639e59c34

  • SSDEEP

    24576:7LFhAXSc/gix3PhAkhAxmwN3XZU4YW62+vDxiW7iJBgk:PGbx3hp4YlLEJak

Score
3/10
qrlink

Malware Config

Signatures

  • One or more HTTP URLs in qr code identified

    Detects presence of HTTP links in QR codes.

    qrlink

Files

  • ac109e412078d058ec4885eef7849d7fd0e260935738f252d4a0ed5fa155cbb5
    .zip
  • ojw_sy\OjwSyPlugin.php
  • ojw_sy\controller\AdminIndexController.php
  • ojw_sy\images\1.png
    .png
  • ojw_sy\images\2.png
    .png
  • ojw_sy\images\3.png
    .png
  • ojw_sy\images\4.png
    .png
  • ojw_sy\images\logo.png
    .png
  • ojw_sy\menu.php
  • ojw_sy\template\admin\error.tpl
  • ojw_sy\template\admin\index.tpl
  • ojw_sy\template\admin\record.tpl
  • ojw_sy\template\admin\set.tpl
    .html .js polyglot
  • ojw_sy\template\images\HZ.jpg
    .jpg
  • ojw_sy\template\images\ORG.jpg
    .jpg

    • http://gsxt.hnaic.gov.cn/notice/notice/view?uuid=rtfzOw93ki2p7mwrjEzx4CLZEJkEvCtF

  • ojw_sy\template\images\SFZ.jpg
    .jpg
  • ojw_sy\template\images\TXZ.jpg
    .jpg
  • ojw_sy\template\images\XYDM.jpg
    .jpg

    • http://gsxt.hnaic.gov.cn/notice/notice/view?uuid=rtfzOw93ki2p7mwrjEzx4CLZEJkEvCtF

  • ojw_sy\template\images\YYZZ.jpg
    .jpg

    • http://gsxt.hnaic.gov.cn/notice/notice/view?uuid=rtfzOw93ki2p7mwrjEzx4CLZEJkEvCtF

  • ojw_sy\template\js\echarts.min.js
    .js
  • ojw_sy\template\js\layer\layer.js
    .js
  • ojw_sy\template\js\layer\mobile\layer.js
    .js
  • ojw_sy\template\js\layer\mobile\need\layer.css
  • ojw_sy\template\js\layer\theme\default\icon-ext.png
    .png
  • ojw_sy\template\js\layer\theme\default\icon.png
    .png
  • ojw_sy\template\js\layer\theme\default\layer.css
  • ojw_sy\template\js\layer\theme\default\loading-0.gif
    .gif
  • ojw_sy\template\js\layer\theme\default\loading-1.gif
    .gif
  • ojw_sy\template\js\layer\theme\default\loading-2.gif
    .gif
  • ojw_sy\template\js\layui\css\layui.css
  • ojw_sy\template\js\layui\css\modules\code.css
  • ojw_sy\template\js\layui\css\modules\laydate\default\laydate.css
  • ojw_sy\template\js\layui\css\modules\layer\default\icon-ext.png
    .png
  • ojw_sy\template\js\layui\css\modules\layer\default\icon.png
    .png
  • ojw_sy\template\js\layui\css\modules\layer\default\layer.css
  • ojw_sy\template\js\layui\css\modules\layer\default\loading-0.gif
    .gif
  • ojw_sy\template\js\layui\css\modules\layer\default\loading-1.gif
    .gif
  • ojw_sy\template\js\layui\css\modules\layer\default\loading-2.gif
    .gif
  • ojw_sy\template\js\layui\font\iconfont.eot
  • ojw_sy\template\js\layui\font\iconfont.svg
    .xml
  • ojw_sy\template\js\layui\font\iconfont.ttf
  • ojw_sy\template\js\layui\font\iconfont.woff
  • ojw_sy\template\js\layui\font\iconfont.woff2
  • ojw_sy\template\js\layui\layui.js
    .js
  • ojw_sy\template\js\pagination.js
    .js
  • ojw_sy\template\js\pinyin.js
    .js