MD5 Hash File type Added Source Yara Hits
80dd1344d788763f85cf034380b1111a ASCII 2018-03-07 04:10:39http://172.104.107.30/PowerSploit/Exfiltratio... CuckooSandbox/embedded_win_api FlorianRoth/Empire_Invoke_Mimikatz_Gen FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_PowerShell_Framework_Gen2 [+]
e55ce0a39308f104fa6a6b0f060a441a ASCII 2018-03-07 04:14:01http://52.53.132.25/v1.ps1 CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
fce31d7f7aa9f4c15267bb43afc8526f ASCII 2018-12-20 01:58:45https://pastebin.com/raw/UDJxdggR CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
3f50a58b4e4bdb16c9d0efc796e55d3a ASCII 2019-01-05 01:47:05https://pastebin.com/raw/FkyichTu CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
aaddd2378dad079904b58063f6b6bfe8 ASCII 2019-02-23 01:49:04http://pastebin.com/raw/jkBxauyv CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
5d6589c7ff58d89f08c6854b3794d178 ASCII 2019-05-05 03:34:44http://45.76.216.23/PowerShell/Invoke-Credent... CuckooSandbox/embedded_win_api FlorianRoth/Empire_Invoke_Mimikatz_Gen FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_PowerShell_Framework_Gen2 [+]
a08de44a9b17db1d4d4272e7daf1251e ASCII 2019-06-22 02:11:32https://pastebin.com/raw/1w6BLxha CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
1da978138d17115245f1b6fe9d26b678 ASCII 2019-07-09 14:15:56https://pastebin.com/raw/yJnNFtb9 CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
931778f778ea3257e61c1221f34422bb ASCII 2019-07-17 14:03:09https://pastebin.com/raw/CY2EEMJN CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
f579d8f8bac96123fd6d1adf7239a4c8 HTML 2019-08-06 14:50:11https://pastebin.com/gUJMLv20 CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
69ab6aa89a9ac6803f6d6a83118fdff1 HTML 2019-08-06 14:50:46https://pastebin.com/2q8dT2n3 CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
2401613d11276e67eae857826bd00337 ASCII 2019-12-04 01:18:46https://pastebin.com/raw/Ukz4qARy CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
1c844368d231ef1c7e9310d4a8b4549d ASCII 2019-12-20 12:25:58https://pastebin.com/raw/e8kSryaf CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
a1be5c533c0fa372fb376a8acab22e4f ASCII 2019-12-20 12:28:20https://pastebin.com/raw/vJrm3cs2 CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
badf243ffdaac060c91ead976eff0d59 ASCII 2019-12-25 12:00:51https://pastebin.com/raw/phS7sDeA CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Empire_Invoke_Gen [+]
d420b7594eb33790d12ad5e55f0329b0 ASCII 2020-01-10 18:22:37User Submission CuckooSandbox/embedded_win_api FlorianRoth/Empire_PowerShell_Framework_Gen1 FlorianRoth/Empire_PowerShell_Framework_Gen2 FlorianRoth/Empire_PowerShell_Framework_Gen3 [+]