SHA256 Hash File type Added Source Yara Hits
ASCII 2022-03-19 11:00:19http://14.55.65.217:8080/a/lr.ps1 YRP/powershell YRP/domain YRP/IP YRP/url [+]
UTF-8 2022-02-28 03:03:08User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/contentis_base64 [+]
PE32 2022-02-24 09:40:00User Submission CuckooSandbox/embedded_macho YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsConsole [+]
ASCII 2022-02-04 04:49:12http://185.201.47.157:8000/78787.bat YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2022-02-04 03:15:52http://13.236.74.237:8000/PowerSploit/ScriptM... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2022-02-04 03:07:57http://13.236.74.237:8000/PowerSploit/docs/Sc... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2022-02-04 02:58:18http://13.236.74.237:8000/PowerSploit/CodeExe... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
ASCII 2022-02-04 00:17:14http://23.95.137.162:80/invkbuild.ps1 YRP/powershell YRP/domain YRP/IP YRP/url [+]
Composite 2022-01-13 10:02:04User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number [+]
ASCII 2021-09-15 13:00:12User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-09-15 09:01:06User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-09-09 17:00:47User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
XML 2021-06-03 16:01:39User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-05-19 16:50:53User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2020-07-10 22:40:26User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2020-07-10 22:18:20User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2020-07-07 23:48:01User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
XML 2020-07-07 16:59:25User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
ASCII 2020-07-07 13:50:52User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2020-07-07 11:50:46User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
XML 2020-03-23 18:54:00User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland YRP/powershell [+]
data 2020-03-18 00:55:14User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions [+]
XML 2020-03-06 19:24:10User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions YRP/with_images [+]
ASCII 2019-12-29 11:00:19https://pastebin.com/raw/p74tenEd YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-25 11:11:55https://pastebin.com/raw/d8V3GC8H YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2019-12-17 11:13:56https://pastebin.com/raw/V6rBPiJm YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-04 00:20:00https://pastebin.com/raw/qaTw5Kyn YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-03 12:16:35https://pastebin.com/raw/mMP6kCjL YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
data 2019-11-06 21:00:55User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland [+]
ASCII 2019-10-26 12:41:03User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
ASCII 2019-10-26 12:40:57User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2019-10-25 20:22:55User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
ASCII 2019-10-25 20:22:39User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
data 2019-10-25 20:21:42User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 [+]
ASCII 2019-10-25 04:40:24User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+]
ASCII 2019-10-23 19:20:23User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/powershell YRP/domain [+]
ASCII 2019-06-28 17:43:42http://123.207.143.211/payload.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
Rich 2019-05-22 01:44:45User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
Composite 2019-05-21 17:35:31User Submission YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell [+]
Microsoft 2018-11-14 18:06:13User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
PE32+ 2018-09-01 00:46:51User Submission YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+]
ASCII 2018-08-20 10:53:55User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-07-24 10:44:08User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
HTML 2018-07-16 07:27:43http://down.cacheoffer.tk/d2/sp.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
Composite 2018-06-23 09:31:13User Submission YRP/powershell YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+]
XML 2018-06-01 19:28:18User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
PE32+ 2018-05-24 00:58:05User Submission CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
UTF-8 2018-03-07 03:19:54http://172.104.107.30/nishang/powerpreter/Pow... CuckooSandbox/vmdetect YRP/powershell YRP/domain YRP/IP [+]
ASCII 2018-03-07 03:16:19http://172.104.107.30/nishang/Client/Out-Word... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 03:16:07http://172.104.107.30/nishang/Client/Out-HTA.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 03:16:05http://172.104.107.30/nishang/Client/Out-Exce... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
UTF-8 2018-03-07 03:16:03http://172.104.107.30/nishang/Client/Out-CHM.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 03:15:56http://172.104.107.30/nishang/Backdoors/HTTP-... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 03:15:52http://172.104.107.30/nishang/Backdoors/Execu... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 03:15:50http://172.104.107.30/nishang/Backdoors/DNS_T... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 03:14:29http://172.104.107.30/PowerSploit/ScriptModif... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 03:08:04http://172.104.107.30/PowerSploit/CodeExecuti... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
ELF 2017-10-16 01:37:29User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 01:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 01:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]