MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
a0e874f05c2d6938c35d41e38e691b51 PE32 2018-03-06 19:57:34http://94.130.104.170/9c17f267f79597ee01515f5... YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
fcfcc8214e1eb40c484ec0ddfa1788c2 exported 2018-06-08 15:10:00 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
15afdeee0305fe50177ef18c32f2dd8c ELF 2018-06-22 13:34:57 CuckooSandbox/embedded_pe CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions YRP/domain [+]
cfdd16225e67471f5ef54cab9b3a5558 PE32 2018-06-22 19:10:59 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+]
8c3f90463c7c5bd6f8781567b7a4a024 Little-endian 2018-07-11 15:51:54 YRP/domain YRP/IP YRP/ccrewQAZ
c9fe31d55cde7608b773d1532c44e954 ASCII 2018-07-11 15:51:55 YRP/domain YRP/IP YRP/contentis_base64 YRP/ccrewQAZ
5002059941f0c9bd2709e9d88e7fe385 ASCII 2018-09-17 00:51:22 YRP/domain YRP/contentis_base64 YRP/ccrewQAZ
8cc6938f57f16b522016421906dd7b54 ASCII 2018-09-17 00:51:24 YRP/domain YRP/contentis_base64 YRP/ccrewQAZ
1608471090f281e690427e449975182b ISO-8859 2018-09-17 00:51:28 YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
104ecbc2746702fa6ecd4562a867e7fb PE32 2018-11-14 17:32:33 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+]