MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
2ac6921981cd2c57b4ffd1a91b881f15 PE32 2018-01-13 10:55:38 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+]
992eb8ea5ecce32532e39ecc99ba53d1 PE32 2018-03-06 19:40:50http://122.114.166.61/ff887.exe CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
1eeccf5961584ecda2bb7a3a662f51c1 PE32+ 2018-06-20 15:29:22 YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+]
9cb3057e116941401d0dec6571dc272a PE32 2018-06-20 15:29:22 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+]
d17b63854ecf144875ee69f7266b18e6 PE32 2018-06-22 23:57:38 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+]
2d5143fe8a47925863ee537fd158683d PE32 2018-06-25 06:55:06 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+]
e1df71c38cea61397e713d6e580e9051 PE32 2018-07-24 13:13:26 CuckooSandbox/embedded_macho YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+]
b2a0f90e87e7316797747a171b4d4fbc PE32 2018-10-03 00:47:38 CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+]
dc5411208273a8123957f816b41315df PE32 2018-11-14 23:20:04 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+]
9db23b32b4b18798b6e8318a80cad7d8 PE32 2018-11-24 09:54:48http://111.90.158.225/d/srv.exe YRP/IsPE32 YRP/IsConsole YRP/IsPacked YRP/IsBeyondImageSize [+]
dafa5789d3ff3cf2e9f3307b3cf12ede PE32 2018-11-24 09:54:51 YRP/IsPE32 YRP/IsConsole YRP/IsBeyondImageSize YRP/domain [+]
161090cac8c73b249e8b9a939ab4b665 PE32 2018-11-26 00:08:59http://111.90.158.225/d/srv.exe YRP/IsPE32 YRP/IsConsole YRP/IsPacked YRP/IsBeyondImageSize [+]
e7897629ba5b2d74418d9a9b6157ae80 PE32 2018-11-26 00:09:01 YRP/IsPE32 YRP/IsConsole YRP/IsBeyondImageSize YRP/domain [+]