MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
28e5f4f9eaad865788a038487667e181 ASCII 2018-03-07 03:08:04http://172.104.107.30/PowerSploit/CodeExecuti... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
0367157f4e32b07915cbaef702acded1 ASCII 2018-03-07 03:14:29http://172.104.107.30/PowerSploit/ScriptModif... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
b8a6d53b7c0857c759f071ebb78d9382 ASCII 2018-03-07 03:15:50http://172.104.107.30/nishang/Backdoors/DNS_T... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ef4641bb140049fbd06ef8005f0139f4 ASCII 2018-03-07 03:15:52http://172.104.107.30/nishang/Backdoors/Execu... YRP/powershell YRP/domain YRP/IP YRP/url [+]
7444dfde1b5019bbe64c0789d6cb0179 ASCII 2018-03-07 03:15:56http://172.104.107.30/nishang/Backdoors/HTTP-... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
9f1b14e2010f06bd46c544e375a23ff5 UTF-8 2018-03-07 03:16:03http://172.104.107.30/nishang/Client/Out-CHM.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
05b8bec2cc458b773262a23b86c66689 ASCII 2018-03-07 03:16:05http://172.104.107.30/nishang/Client/Out-Exce... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
bfa9aad1689ecac5629b8fef02864878 ASCII 2018-03-07 03:16:07http://172.104.107.30/nishang/Client/Out-HTA.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
475703077701240e459c8550b3599f36 ASCII 2018-03-07 03:16:19http://172.104.107.30/nishang/Client/Out-Word... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
735c6027f9cbc092618e10e6bd8629fd UTF-8 2018-03-07 03:19:54http://172.104.107.30/nishang/powerpreter/Pow... CuckooSandbox/vmdetect YRP/powershell YRP/domain YRP/IP [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05User Submission CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
779f0d3e51365cb856806dbf33d4333f XML 2018-06-01 19:28:18User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
f10fc4dd59a09f8deb6c74cc1962ebf8 Composite 2018-06-23 09:31:13User Submission YRP/powershell YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+]
f9f27da64943f751a68b93400e64d05b HTML 2018-07-16 07:27:43http://down.cacheoffer.tk/d2/sp.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
1cff7065348059660c3156713cd28cfe ASCII 2018-07-24 10:44:08User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
6080e6a377a486753167b982e649cd13 ASCII 2018-08-20 10:53:55User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
7e6fef45f6ba0eeaecc3feeb65a57cc0 PE32+ 2018-09-01 00:46:51User Submission YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+]
34dc9a69f33ba93e631cd5048d9f2624 Microsoft 2018-11-14 18:06:13User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
5074e705c0fc4ca3a998a1345e0fc5f2 Composite 2019-05-21 17:35:31User Submission YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell [+]
cbb8738b3b77deba5f78761f11c4830a Rich 2019-05-22 01:44:45User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
762a724d4daa0b2da9323f53cd3e2a2d ASCII 2019-06-28 17:43:42http://123.207.143.211/payload.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
4a940dee2f725d88f7b7402c88ebdc34 ASCII 2019-10-23 19:20:23User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/powershell YRP/domain [+]
d2149892c946e60abab264f5d8d236d3 ASCII 2019-10-25 04:40:24User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+]
c86050690e0575e952a75840d815c0bf data 2019-10-25 20:21:42User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 [+]
524ddd7c6931ad3ef4c1e34688fd33c4 ASCII 2019-10-25 20:22:39User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
891f69afa325088443f63f7aa4e73500 ASCII 2019-10-25 20:22:55User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
90c47788f506f94d1c30ae3284d8f21f ASCII 2019-10-26 12:40:57User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
0d85a577e831bb9eb332cebbe8660246 ASCII 2019-10-26 12:41:03User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
6bfa9e102375e098fe886ffc026c45db data 2019-11-06 21:00:55User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland [+]