MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
f0f4435c2f3c08f1a2519b8dc636150b PE32 2018-02-24 04:22:05 CuckooSandbox/vmdetect YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
d7a8bd8b8b3583072d07d25b96f10f6b ASCII 2018-06-08 15:10:11 YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
1e6e104cc3ee5f23bf47a1e3790df313 ELF 2018-07-11 15:47:47http://107.150.12.142/sg YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
86f38dd20e6aacb8b266aeba040a23ff ELF 2018-09-22 01:20:45http://104.255.173.172:8080/adc YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
77dd09d92653844300ac85d2e5c9fd6e ELF 2018-09-23 00:46:34http://115.231.217.142:8887/ls1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
df6f8fb958b0cffc110e7a72b48a3fa0 ELF 2018-09-29 02:06:43http://58.218.66.210:8080/cmss YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
d91c4948c7443269713611c5cbc7c558 ELF 2018-09-29 12:52:57http://123.249.71.250:8080/2y6i YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
95a8aea96b4b036ea38fa1d60716976e ELF 2018-10-01 13:15:32http://123.249.13.21:1267/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
79c5ecc9bdffaa869e737b4b11826d4c ELF 2018-10-18 13:00:49http://204.44.96.11/tcpbbr YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
35e76a89e1bf38c5d23c87d3e0cb3a1f ELF 2018-11-04 13:02:28http://47.106.199.150:6125/WOKAO YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
c2180890b71ec473cc2f5a3a56f2e224 ELF 2018-11-05 00:45:56http://107.161.80.24:8899/unix666 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
47ab5d9d1119f9095e55de3a808adde4 ELF 2018-11-15 13:01:05http://182.16.29.107:3721/Linux2.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
a426086db6350c4f6a4ad8ab14782464 PE32 2018-11-17 00:46:18http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+]
e50d0e39cac5b6b9e8b8ce3f3ec3e866 ELF 2018-11-17 12:47:19http://182.16.29.107:3721/Linux-arm YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
d0bc04501ccc161808d733e85d7e5f81 ELF 2018-11-17 13:38:28http://222.186.137.132:8070/chddos YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ba428ab5d11bb5fe72228764a7412bf3 PE32 2018-11-20 03:05:35http://182.16.29.107:3721/ttff.exe CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50 YRP/IsPE32 YRP/IsWindowsGUI [+]
613cbf2673196f1679419b54a4a49a2d ELF 2018-11-29 12:54:25http://154.91.144.24:9988/120.6 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]