Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.MSIL.Webshell.CB

Trojan.MSIL.Webshell.CB

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 5,596
Threat Level: 80 % (High)
Infected Computers: 293
First Seen: July 10, 2023
Last Seen: April 10, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.MSIL.Webshell.CB
Signature status: No Signature

Known Samples

MD5: 94c3a8b294f883a6d24c75c1232cca8b
SHA1: 56a0d2dd49c6ce110abe4774941ade18ead2d8c2
SHA256: 297BC0F3EA02B9A9A608E02B51BE616EFBD6DF6D9508890E7D2CFD8F06E9E304
File Size: 128.00 KB, 128000 bytes
MD5: f2996d7f78dd4c3188d8ecb35ebe0325
SHA1: 426296b211adca74bcf5c63de6826c059b48c179
SHA256: E8C9FDB2CDA86E76D65AC2F4557E9514AAD3F55E79CF29C9AB4F6BB5AEE96637
File Size: 104.45 KB, 104448 bytes
MD5: 242c4e47e265eab3c5bdbbbab38907f9
SHA1: b8d3d93c8410a454e729338ed9ab8abfc81de8d9
SHA256: AA37388F3204232E50627285970978E938BA501F991C261CADCFF87383F2D872
File Size: 123.39 KB, 123392 bytes
MD5: c4e2da4a1528228f5e2717454b71192b
SHA1: 26052564b78de4f12edf491ef8803bddb4738db0
SHA256: 549A0A78A0684D28327375214000EEFC6AEA7DFB71962E5D77FFA9C6371BF68C
File Size: 123.39 KB, 123392 bytes
MD5: 89174cee09005e88fa710aff7d280acd
SHA1: 3387a9f6caf3859ab64d2b14ceb8c6372e6d9a73
SHA256: 8D80829D64A1ECE70DE18FCCE3F9B5DBF925E352E0654161D5070F9A66E97844
File Size: 22.02 KB, 22016 bytes
Show More
MD5: 138342903121f4b5d83040d8d2c6491e
SHA1: e79f3df89b5106e1e3662e603d296c732350ba22
SHA256: 9B090ABF6358E5955099B3590DA95DAD05A788256AB152A5D719EA951DE9C7CB
File Size: 73.22 KB, 73216 bytes
MD5: db0e7a7ed1c13fd477446592057bb0bb
SHA1: 8171a6a03d7d5a5ca96d1945e9034fa3a6c16c1f
SHA256: 12B9F0486A37C710F761D0B1DE957CA4E0253F48CDC1A412FC1979F07280C045
File Size: 123.39 KB, 123392 bytes
MD5: 01fa1235da48dba2a33ac8d40f592f7a
SHA1: 87a9b7dc486117ededf7ff015c24fb6c3e8e202a
SHA256: 806CF6D63BB058978C927088650F03867587E4D6A317092BAFCE457A254C106F
File Size: 25.60 KB, 25600 bytes
MD5: 968e05b1810b09b5c0402745534b4219
SHA1: 9ee2ef4394753d094767ab2ffb7c7db7ff4cdec9
SHA256: 9E9BDCA6EE4FCB03FDE2A7F5B309181F63FD18AA8736A2651BD14511884FE033
File Size: 36.86 KB, 36864 bytes
MD5: f317f698f18c1f63bca993b26d623a5a
SHA1: 571ada547636f41ae639bb59a63525fd93b6d4f0
SHA256: E4E954D8B5DEB41844FE0A250AC062A8FAA29F422840D064E1490DEFD85C5C9B
File Size: 36.86 KB, 36864 bytes
MD5: 24fb750274edee185745f00e5f00442f
SHA1: 462b2b3775ef5741f88c72bf9fcbfa7ee4c4c677
SHA256: 5217774903A0DB7C2F558B7AD9F7EE4D0BE6A90148A8CB1D199AF80A1A6F408B
File Size: 36.86 KB, 36864 bytes
MD5: d53c619c668f2eadbde8c561648556f2
SHA1: a544861bf297aa674237961133ef5e592f7c0cc8
SHA256: 6A7C32BB22EE2FFFF5A6320CB31CCE8CD5566BEDE656D74BEC891EDB825EEE73
File Size: 36.86 KB, 36864 bytes
MD5: b71077dd3497090c1b7cf8b73ef7abbf
SHA1: 55bc0e0ccd64309ea5155fe45e7ac7c1bff2cb84
SHA256: F2B269109A9EEB1852C801BFEF6B3BAE570667B675FC9F78EEBB0ACB4D43C1C8
File Size: 21.50 KB, 21504 bytes
MD5: 32ef6b822635132c8d46562302ae7e7e
SHA1: f1d9da43a0d225fc8d72a8cd5f725135d25c2ce3
SHA256: CF3FF3BFE74DF346F8E4EC91497D997F087458E7C856BA761F4C48DB0DA8290E
File Size: 48.13 KB, 48128 bytes
MD5: f0300123554d9a80f72b8add1aea5138
SHA1: 982ac846da08db01869b3ac2f14ded4a98c93599
SHA256: 11D269E4C347F3C757EB86CE98EAE9F4AD1725D792CF39BBB9D8B447B64D2B69
File Size: 36.86 KB, 36864 bytes
MD5: 4f07b1bcd06d028d6019f67aa39f217d
SHA1: 38587a83f4268ea243d2a6429dc91fa08efb11af
SHA256: 239C8BB065DB6D55BCA8F1B18949FF85BCC7107D754FF9DC2DAF5912DD17C8C2
File Size: 36.86 KB, 36864 bytes
MD5: 73f23031b3f99df886fb34d049434499
SHA1: 3d4dcc0a8c97ade9bdf0a5c20e457c8a78b2ac00
SHA256: 2524AC9BEB5606A9650E6FAE52B53B7DE947FA72540342036EC66AFE14F9BC53
File Size: 120.83 KB, 120832 bytes
MD5: 4a7d01cf87ed1ec7a312f2b933ad154c
SHA1: 2253534c0e4c74da814fa649031bd8775bf88105
SHA256: 1847852D290D380530AB66B317AA8D932491502AC14AF592554A30D7009E28BE
File Size: 36.86 KB, 36864 bytes
MD5: d0e6e48e8da6f32882510e17d0adacd5
SHA1: 64547cbaf91797ed1f7a4e95cfc272ac7ee2376e
SHA256: B8603EF1F1BBC2078B29B0ECA370ED09710D3E2E4D38AD9AD3AC476247036920
File Size: 123.39 KB, 123392 bytes
MD5: 33be6f35baecdff5dee7d3d38661735a
SHA1: f4dcf2c5bf9727194e2b3c5ac94e4b0031e5b177
SHA256: A738594A9BDDE818F673DBE1DB3F89140AB2286E6811A8483025E5E04A943B7D
File Size: 290.82 KB, 290816 bytes
MD5: ce267c901da53fcaeaf0e93300fffa15
SHA1: 6c69dc587596a7c01b5a92a2532ca257b35c3a86
SHA256: 8FC37A409ED13A8098BAD79A336891926068F1F21A7FA0C5801A948840EC2FC4
File Size: 120.32 KB, 120320 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

  • .NET
  • dll
  • x86

Block Information

Total Blocks: 185
Potentially Malicious Blocks: 41
Whitelisted Blocks: 64
Unknown Blocks: 80

Visual Map

0 0 0 0 0 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 x 0 x x 0 x x x x x x x x x x ? ? x x x x x ? ? x ? x 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? 0 x 0 ? ? 0 0 x ? ? ? ? 0 ? ? 0 0 ? ? 0 x ? ? ? 0 ? ? ? ? ? ? 0 ? 0 0 ? 0 0 ? ? 0 ? ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x x x 0 0 0 x x x x x x x x x ? ? x x ? ? ? ? x ? ? x ? x ? x 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
Show More
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • UNKNOWN
  • win32u.dll!NtGdiBitBlt
  • win32u.dll!NtGdiCreateBitmap
  • win32u.dll!NtGdiCreateCompatibleDC
  • win32u.dll!NtGdiCreateDIBitmapInternal
  • win32u.dll!NtGdiCreateSolidBrush
  • win32u.dll!NtGdiDeleteObjectApp
  • win32u.dll!NtGdiExtGetObjectW
  • win32u.dll!NtGdiGetDCforBitmap
  • win32u.dll!NtGdiGetDCObject
  • win32u.dll!NtGdiGetDeviceCaps
  • win32u.dll!NtGdiRestoreDC
  • win32u.dll!NtGdiSaveDC
  • win32u.dll!NtGdiSelectBitmap
  • win32u.dll!NtGdiSetDIBitsToDeviceInternal
  • win32u.dll!NtUserBuildHwndList
  • win32u.dll!NtUserCallTwoParam
  • win32u.dll!NtUserCreateEmptyCursorObject
  • win32u.dll!NtUserCreateWindowEx
  • win32u.dll!NtUserDestroyWindow
  • win32u.dll!NtUserFindExistingCursorIcon
  • win32u.dll!NtUserGetAncestor
  • win32u.dll!NtUserGetClassInfoEx
  • win32u.dll!NtUserGetClassName
  • win32u.dll!NtUserGetDC
  • win32u.dll!NtUserGetGUIThreadInfo
  • win32u.dll!NtUserGetIconInfo
  • win32u.dll!NtUserGetIconSize
  • win32u.dll!NtUserGetImeInfoEx
  • win32u.dll!NtUserGetKeyboardLayout
  • win32u.dll!NtUserGetObjectInformation
  • win32u.dll!NtUserGetProcessWindowStation
  • win32u.dll!NtUserGetProp
  • win32u.dll!NtUserGetThreadDesktop
  • win32u.dll!NtUserGetThreadState
  • win32u.dll!NtUserGetWindowCompositionAttribute
  • win32u.dll!NtUserIsNonClientDpiScalingEnabled
  • win32u.dll!NtUserIsTopLevelWindow
  • win32u.dll!NtUserMessageCall
  • win32u.dll!NtUserRegisterClassExWOW
  • win32u.dll!NtUserRegisterWindowMessage
  • win32u.dll!NtUserReleaseDC
  • win32u.dll!NtUserRemoveProp
  • win32u.dll!NtUserSelectPalette
  • win32u.dll!NtUserSetCursorIconData
  • win32u.dll!NtUserSetWindowFNID
  • win32u.dll!NtUserSetWindowLongPtr
  • win32u.dll!NtUserSetWindowPos
  • win32u.dll!NtUserUpdateInputContext

Trending

Most Viewed

Loading...