SHA256 Hash File type Added Source Yara Hits
ELF 2017-10-16 03:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:37:29User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
PE32 2018-02-24 05:22:05User Submission CuckooSandbox/vmdetect YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+]
PE32+ 2018-05-24 02:58:05User Submission CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
ASCII 2018-06-08 17:10:11User Submission YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
ELF 2018-07-11 17:47:47http://107.150.12.142/sg YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2018-09-22 03:20:45http://104.255.173.172:8080/adc YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-09-23 02:46:34http://115.231.217.142:8887/ls1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-09-29 04:06:43http://58.218.66.210:8080/cmss YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-09-29 14:52:57http://123.249.71.250:8080/2y6i YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-01 15:15:32http://123.249.13.21:1267/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-18 15:00:49http://204.44.96.11/tcpbbr YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-11-04 14:02:28http://47.106.199.150:6125/WOKAO YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2018-11-05 01:45:56http://107.161.80.24:8899/unix666 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-11-15 14:01:05http://182.16.29.107:3721/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
PE32 2018-11-17 01:46:18http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+]
ELF 2018-11-17 13:47:19http://182.16.29.107:3721/Linux-arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2018-11-17 14:38:28http://222.186.137.132:8070/chddos YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
PE32 2018-11-20 04:05:35http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50 YRP/IsPE32 YRP/IsWindowsGUI [+]
ELF 2018-11-29 13:54:25http://154.91.144.24:9988/120.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-01-22 14:58:22http://104.203.170.198:5522/Lin YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-01-24 14:11:30http://43.230.144.12:2222/linux-arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-01-29 14:04:24http://104.203.170.198:5522/lmips YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-01-29 14:04:27http://104.203.170.198:5522/Linarm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-02-13 09:28:40http://104.203.170.198:5522/Lin YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-02-14 03:04:15http://101.254.225.145:5910/ca2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-02-25 14:51:10http://154.85.12.111:8080/123.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-04-24 19:23:24http://222.186.133.196:54088/zhk233 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-04-24 22:32:33http://202.95.13.31:9690/darkyee YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-04-27 09:45:52http://122.114.246.145:444/lin6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-04-28 01:21:41User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-04-29 02:45:53http://61.160.213.150:13/tyu YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-01 16:55:08http://43.242.75.151/TF2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-12 16:15:12http://112.30.129.171:2014/Jetwork.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-12 16:16:00http://47.102.46.148:8080/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-13 16:23:56http://198.148.106.57:75/Linuu YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
tcpdump 2019-05-14 04:04:43User Submission CuckooSandbox/embedded_pe YRP/possible_includes_base64_packed_functions YRP/macrocheck YRP/domain [+]
ELF 2019-05-14 15:38:30http://58.218.67.161:82/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-14 16:29:54http://xxwl.kuaiyunds.com/xxwl/linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-17 15:56:30http://222.186.3.210:99/xiaofei777 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-18 14:47:26http://103.205.7.218:5847/3666.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-26 15:18:52http://194.55.187.4:8080/armiptraf YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-05-30 02:46:12http://download.nadns.info/crosss YRP/domain YRP/url YRP/contentis_base64 YRP/LinuxAESDDoS [+]
ELF 2019-06-05 14:25:52http://154.223.159.5:7777/arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-06-07 14:03:15http://98.159.110.79:789/ttffarm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-06-08 19:02:20http://154.223.159.5:7777/arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-06-10 17:48:42http://98.159.110.79:789/ttffarm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-06-14 21:04:33http://218.93.207.149:8899/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-06-17 15:00:16http://119.188.247.59:8080/777755 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-06-17 15:00:22http://119.188.246.240:8881/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-06-17 15:01:19http://27.148.157.80:2121/lsdd YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-06-21 07:53:58http://125.65.112.193:8080/qwe123 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-02 14:12:35http://58.218.66.92:520/mips54 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-03 02:30:13http://58.218.66.92:520/loog YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-03 07:20:15http://154.223.159.5:7777/arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-07 14:01:02http://58.218.66.92:1990/goog YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-07 14:01:11http://58.218.66.92:1990/mips456 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-10 14:18:27http://103.76.87.94/linux-a1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-10 14:18:39http://103.76.87.94/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-15 14:05:09http://42.159.113.74/wzodnehzs YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-15 14:05:18http://42.159.113.74/wzodnehzr YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-16 14:01:46http://103.255.177.206:10086/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-19 15:29:02http://xz.gexgz.com/Llinx525.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-23 14:19:35http://98.159.99.93:8899/loog YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-24 10:27:03User Submission YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-29 14:16:39http://101.201.76.232:8082/LinuxSYN YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-08-08 14:09:09http://218.61.16.142:8023/eeoo YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-08-12 02:21:32http://222.186.160.227:2211/12 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-08-12 02:22:02http://222.186.160.227:2211/12312 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-09-05 14:06:20http://123.207.153.77/Linux YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
PE32 2019-09-28 15:26:16User Submission YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
ELF 2019-12-19 02:22:13http://202.95.14.219:280/az2.4 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+]
ASCII 2020-02-24 12:24:33User Submission YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
ELF 2020-07-08 20:17:00User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2021-07-23 22:01:01User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2021-08-31 02:00:31User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2021-08-31 02:00:44User Submission YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]