MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 03:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 03:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
62cd9381e18d3991097ff5612f171327 C 2018-03-06 21:22:59http://173.199.71.172/dm.txt YRP/webshell_JspSpy_JspSpyJDK5_JspSpyJDK51_luci_jsp_spy2009_m_ma3_xxx YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_JspSpy_JspSpyJDK5_JspSpyJDK51_luci_jsp_xxx YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_xxx YRP/domain [+]
891f5fd5d09ea31df9a83449eae1500c PE32+ 2019-05-25 00:45:13User Submission YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+]
e0175eecf8d31a6f32da076d22ecbdff PE32+ 2019-05-25 00:46:24User Submission YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+]
39ae8ced52d5b7b93e79c8727b5dd51c PE32+ 2019-05-25 00:49:26User Submission YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+]
f5ef3b060fb476253f9a7638f82940d9 PE32+ 2019-05-25 00:51:16User Submission YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+]
591ca89a25f06cf01e4345f98a22845c HTML 2019-09-15 03:31:05http://112.74.42.175/dama.jsp YRP/webshell_config_myxx_zend YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_JspSpy_JspSpyJDK5_JspSpyJDK51_luci_jsp_xxx YRP/webshell_000_403_c5_config_myxx_queryDong_spyjsp2010_zend YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_xxx [+]
913637270d8c6b1e739838bcda735795 C 2019-09-15 03:31:16http://112.74.42.175/jspspy.jsp YRP/webshell_JspSpy_JspSpyJDK5_JspSpyJDK51_luci_jsp_spy2009_m_ma3_xxx YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_JspSpy_JspSpyJDK5_JspSpyJDK51_luci_jsp_xxx YRP/webshell_he1p_JspSpy_nogfw_ok_style_1_JspSpy1 YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_xxx [+]
e701345da296835eb3f0cd45c4eb9e86 ASCII 2019-11-05 14:50:35User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions YRP/powershell [+]
8f903f1c8b555cfc7da5d9440fdecece ASCII 2019-11-21 17:21:28User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
05089296b3d29883a38b94e98890c122 PE32 2019-11-24 14:54:46User Submission YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 YRP/Microsoft_Visual_Cpp_v50v60_MFC [+]
4b75a9cc54d4b7ca8f32e2eb743bb596 PE32 2020-06-26 20:28:47User Submission YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+]
b464cb29e9c2b66694bdd03518345d1e PE32 2020-06-27 09:57:32User Submission YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+]
ec7b81dfd5c89379d08c9d584fa8b9c6 PE32 2020-06-27 19:52:48User Submission YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+]
eac6cb2a4a60d7db2618acb63ba47bfe PE32 2020-06-28 21:19:54User Submission YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+]
3e7b05b31860574aea14dc7885237974 PE32 2020-06-29 13:22:39User Submission YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
128a05136b90677a479bf102964fb59c ASCII 2020-07-07 15:01:25User Submission YRP/domain YRP/contentis_base64 YRP/WMI_strings YRP/Big_Numbers1 [+]
c9607e4b6afcb4fce88187c9d6c7835c ASCII 2020-07-08 00:49:50User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]