China Chopper Webshell - the 4KB that Owns your Web Server
Tags
country: China
attack-pattern: Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 9d9e16e3-cc40-41f1-8e56-fecb053ab41a
Fingerprint b6b9dd57cd073f90
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 16, 2012, 3 p.m.
Added to db Jan. 18, 2023, 7:55 p.m.
Last updated Sept. 28, 2024, 6:26 p.m.
Headline Information on Security
Title China Chopper Webshell - the 4KB that Owns your Web Server
Detected Hints/Tags/Attributes 20/2/18
Source URLs
Redirection Url
Details Source http://informationonsecurity.blogspot.com/2012/11/china-chopper-webshell.html
Details Source https://informationonsecurity.blogspot.com/2012/11/china-chopper-webshell.html
URL Provider
Details Provider Source level domain
Details blogspot.com informationonsecurity.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
maicaidao.com
Details File 2 
caidao.exe
Details File 2 
customize.aspx
Details File 2 
customize.cfm
Details File 2 
customize.jsp
Details File 5 
webshell.aspx
Details File 9 
webshell.php
Details md5 2 
5001ef50c7e869253a7c152a638eab8a
Details md5 1 
a6d6cbfa2ead1d0e8a6735aa49b963ff
Details md5 1 
be207c46105c38571ae958ae2da47297
Details md5 1 
cc07ac4caef188334fc330f62e0a574a
Details md5 1 
9100b18660f3a1eeca7ea801b357b8ce
Details md5 1 
ce1a9fc93040d5c94f789b579fe1c106
Details md5 2 
8aa603ee2454da64f4c70f24cc0b5e08
Details md5 2 
ad8288227240477a95fb023551773c84
Details md5 2 
acba8115d027529763ea5c7ed6621499
Details IPv4 1 
172.16.192.137
Details IPv4 1 
172.16.192.140