MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
28e5f4f9eaad865788a038487667e181 ASCII 2018-03-07 03:08:04http://172.104.107.30/PowerSploit/CodeExecuti... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
0367157f4e32b07915cbaef702acded1 ASCII 2018-03-07 03:14:29http://172.104.107.30/PowerSploit/ScriptModif... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
b8a6d53b7c0857c759f071ebb78d9382 ASCII 2018-03-07 03:15:50http://172.104.107.30/nishang/Backdoors/DNS_T... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ef4641bb140049fbd06ef8005f0139f4 ASCII 2018-03-07 03:15:52http://172.104.107.30/nishang/Backdoors/Execu... YRP/powershell YRP/domain YRP/IP YRP/url [+]
7444dfde1b5019bbe64c0789d6cb0179 ASCII 2018-03-07 03:15:56http://172.104.107.30/nishang/Backdoors/HTTP-... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
9f1b14e2010f06bd46c544e375a23ff5 UTF-8 2018-03-07 03:16:03http://172.104.107.30/nishang/Client/Out-CHM.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
05b8bec2cc458b773262a23b86c66689 ASCII 2018-03-07 03:16:05http://172.104.107.30/nishang/Client/Out-Exce... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
bfa9aad1689ecac5629b8fef02864878 ASCII 2018-03-07 03:16:07http://172.104.107.30/nishang/Client/Out-HTA.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
475703077701240e459c8550b3599f36 ASCII 2018-03-07 03:16:19http://172.104.107.30/nishang/Client/Out-Word... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
735c6027f9cbc092618e10e6bd8629fd UTF-8 2018-03-07 03:19:54http://172.104.107.30/nishang/powerpreter/Pow... CuckooSandbox/vmdetect YRP/powershell YRP/domain YRP/IP [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
779f0d3e51365cb856806dbf33d4333f XML 2018-06-01 19:28:18 YRP/powershell YRP/domain YRP/IP YRP/url [+]
f10fc4dd59a09f8deb6c74cc1962ebf8 Composite 2018-06-23 09:31:13 YRP/powershell YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+]
f9f27da64943f751a68b93400e64d05b HTML 2018-07-16 07:27:43http://down.cacheoffer.tk/d2/sp.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
1cff7065348059660c3156713cd28cfe ASCII 2018-07-24 10:44:08 YRP/powershell YRP/domain YRP/IP YRP/url [+]
6080e6a377a486753167b982e649cd13 ASCII 2018-08-20 10:53:55 YRP/powershell YRP/domain YRP/IP YRP/url [+]
7e6fef45f6ba0eeaecc3feeb65a57cc0 PE32+ 2018-09-01 00:46:51 YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+]
34dc9a69f33ba93e631cd5048d9f2624 Microsoft 2018-11-14 18:06:13 YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]