MD5 Hash File type Added Source Yara Hits
a22382e90c3b6f2bc6b7ba3e460c6df5 Composite 2018-05-09 09:57:13User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
52c7a36e5ca4ef535f3004aaf7f37d09 Composite 2018-05-11 15:37:14User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
779f0d3e51365cb856806dbf33d4333f XML 2018-06-01 21:28:18User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
551c03c7b157f1f491bf0bb640a1a30b XML 2018-07-04 07:48:22User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
814643f1dbe35f71e0bb5bfc1116efc8 XML 2018-08-18 07:49:26User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
f20328b49ec605fd425ed101ff31f14b Composite 2018-09-07 11:54:44User Submission YRP/powershell YRP/office_document_vba YRP/Contains_VBA_macro_code YRP/domain [+]
9c690164bc2eb6aeb232b96669d82860 Composite 2018-11-13 13:45:17User Submission YRP/powershell YRP/office_document_vba YRP/Contains_VBA_macro_code YRP/domain [+]
b695f33eaf15d8b32c7e019b8ade831b ASCII 2018-11-14 03:56:16User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
34dc9a69f33ba93e631cd5048d9f2624 Microsoft 2018-11-14 19:06:13User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
b7ac7ea2f6df96965bd98e0e9e305277 ASCII 2018-11-14 23:26:49User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
e9b7c488189f0776781768d6acab27b0 XML 2018-11-24 23:41:23User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
d60990878472faa50f4c030485f02004 XML 2018-11-29 23:41:32User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
e82681f847baa3b663b48998364740fe ASCII 2019-03-17 09:20:12User Submission YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/Suspicious_PowerShell_WebDownload_1
8c4ae3e9930229daa7a8185b9194ba09 ASCII 2019-03-17 09:24:19User Submission YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/Suspicious_PowerShell_WebDownload_1
0b9f1b5c782944d39d8693aa171e3c43 ASCII 2019-03-17 17:17:09User Submission YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/Suspicious_PowerShell_WebDownload_1
4896b4ffbd901fb50e0aa9f1585ae881 XML 2019-04-11 12:17:02User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
5074e705c0fc4ca3a998a1345e0fc5f2 Composite 2019-05-21 19:35:31User Submission YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell [+]
75d0b41913dd7cd8c03a7f38c8e5d2b4 UTF-8 2019-05-22 03:35:03User Submission FlorianRoth/Suspicious_PowerShell_WebDownload_1
cbb8738b3b77deba5f78761f11c4830a Rich 2019-05-22 03:44:45User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
0bee7ddb917804fdfc83ec7a84421830 Microsoft 2019-07-06 20:37:42User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
6bfa9e102375e098fe886ffc026c45db data 2019-11-06 22:00:55User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland [+]
a10a27c13e8eb3a920832c53c18e7411 Composite 2019-12-03 01:08:34http://49.233.203.146:8787/zero.msi YRP/powershell YRP/domain YRP/IP YRP/url [+]