Warning! We are currently in recovery mode. The complete archive is not available.
MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
f0f4435c2f3c08f1a2519b8dc636150b PE32 2018-02-24 04:22:05 CuckooSandbox/vmdetect YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
d7a8bd8b8b3583072d07d25b96f10f6b ASCII 2018-06-08 15:10:11 YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
1e6e104cc3ee5f23bf47a1e3790df313 ELF 2018-07-11 15:47:47http://107.150.12.142/sg YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
86f38dd20e6aacb8b266aeba040a23ff ELF 2018-09-22 01:20:45http://104.255.173.172:8080/adc YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
77dd09d92653844300ac85d2e5c9fd6e ELF 2018-09-23 00:46:34http://115.231.217.142:8887/ls1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
df6f8fb958b0cffc110e7a72b48a3fa0 ELF 2018-09-29 02:06:43http://58.218.66.210:8080/cmss YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
d91c4948c7443269713611c5cbc7c558 ELF 2018-09-29 12:52:57http://123.249.71.250:8080/2y6i YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
95a8aea96b4b036ea38fa1d60716976e ELF 2018-10-01 13:15:32http://123.249.13.21:1267/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
79c5ecc9bdffaa869e737b4b11826d4c ELF 2018-10-18 13:00:49http://204.44.96.11/tcpbbr YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
35e76a89e1bf38c5d23c87d3e0cb3a1f ELF 2018-11-04 13:02:28http://47.106.199.150:6125/WOKAO YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
c2180890b71ec473cc2f5a3a56f2e224 ELF 2018-11-05 00:45:56http://107.161.80.24:8899/unix666 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
47ab5d9d1119f9095e55de3a808adde4 ELF 2018-11-15 13:01:05http://182.16.29.107:3721/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
a426086db6350c4f6a4ad8ab14782464 PE32 2018-11-17 00:46:18http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+]
e50d0e39cac5b6b9e8b8ce3f3ec3e866 ELF 2018-11-17 12:47:19http://182.16.29.107:3721/Linux-arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
d0bc04501ccc161808d733e85d7e5f81 ELF 2018-11-17 13:38:28http://222.186.137.132:8070/chddos YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ba428ab5d11bb5fe72228764a7412bf3 PE32 2018-11-20 03:05:35http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50 YRP/IsPE32 YRP/IsWindowsGUI [+]
613cbf2673196f1679419b54a4a49a2d ELF 2018-11-29 12:54:25http://154.91.144.24:9988/120.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
4073a64d4dafd0c2e8d7a1f724544a29 ELF 2019-01-22 13:58:22http://104.203.170.198:5522/Lin YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
d6ad262fe361159ec6bcf3b2adb1f883 ELF 2019-01-24 13:11:30http://43.230.144.12:2222/linux-arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
fbcd2061c05c06e9746ece2598c83c18 ELF 2019-01-29 13:04:24http://104.203.170.198:5522/lmips YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
74033908a04d2e99603afc957601d273 ELF 2019-01-29 13:04:27http://104.203.170.198:5522/Linarm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
eaa8c0806bba343428eea0e7cfc3c336 ELF 2019-02-13 08:28:40http://104.203.170.198:5522/Lin YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
58bebc0ebb1818f6fe5f881c99782766 ELF 2019-02-14 02:04:15http://101.254.225.145:5910/ca2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
916e511ad6cde14be028372b28b3e9b2 ELF 2019-02-25 13:51:10http://154.85.12.111:8080/123.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
3bc69d3a9bd494d19911c279483fd626 ELF 2019-04-24 17:23:24http://222.186.133.196:54088/zhk233 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
a90bd312122579c2453bd6c115e923a5 ELF 2019-04-24 20:32:33http://202.95.13.31:9690/darkyee YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
35e7b91cff611708bbe969c6aa9f1fa0 ELF 2019-04-27 07:45:52http://122.114.246.145:444/lin6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
fd56c5ca74683a036a7fccf09ff989ca ELF 2019-04-27 23:21:41 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
0e26f8d0c2a9bc3f10b619beeb962211 ELF 2019-04-29 00:45:53http://61.160.213.150:13/tyu YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
e6ff78b09f6f2b9ff078a355e9e1775a ELF 2019-05-01 14:55:08http://43.242.75.151/TF2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
c71748d96d336578b53985dd49c70610 ELF 2019-05-12 14:15:12http://112.30.129.171:2014/Jetwork.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
51e0143bd6933fa0d398f686765f9115 ELF 2019-05-12 14:16:00http://47.102.46.148:8080/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
80ad080286f3b62f4491ee1f5495d7a7 ELF 2019-05-13 14:23:56http://198.148.106.57:75/Linuu YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
aba7aa16baf59fd8ebfee3a7852b9af7 tcpdump 2019-05-14 02:04:43 CuckooSandbox/embedded_pe YRP/possible_includes_base64_packed_functions YRP/macrocheck YRP/domain [+]
693f0c4ac136f4cbbb45e7e988a8222b ELF 2019-05-14 13:38:30http://58.218.67.161:82/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
9cb8215ca8827cc3f35924002130b20a ELF 2019-05-14 14:29:54http://xxwl.kuaiyunds.com/xxwl/linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
f8f9cb7a9f5b80fca552b66c8c65d6dd ELF 2019-05-17 13:56:30http://222.186.3.210:99/xiaofei777 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
707b25d5efb51f62a031870e34410a52 ELF 2019-05-18 12:47:26http://103.205.7.218:5847/3666.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
a62d48c910e30f3497df85543714f344 ELF 2019-05-26 13:18:52http://194.55.187.4:8080/armiptraf YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]