SHA256 Hash File type Added Source Yara Hits
ELF 2017-10-16 03:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:37:29User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
PE32+ 2018-05-24 02:58:05User Submission CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
ELF 2018-06-13 15:03:11http://111.73.46.110:7717/Oiji YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-09-11 19:31:58http://117.50.48.15/hxcgs YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2018-09-23 14:48:44http://222.186.15.66:25000/skype YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-09-29 04:06:54http://222.186.15.66:60001/823508097 YRP/domain YRP/IP YRP/contentis_base64 YRP/android_meterpreter [+]
ELF 2018-09-30 14:58:20http://58.218.66.210:8080/test YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-13 15:17:49http://123.249.71.226:1111/xiyang YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-24 14:51:33http://27.155.87.166:1314/hgl YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-30 14:12:45http://111.231.233.51/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-10-31 13:46:20http://45.32.70.241/xm/htps-t YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-11-04 14:02:23http://47.106.199.150:6125/ddostianfa YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-11-07 05:45:39http://47.106.199.150:6125/WOKAO YRP/domain YRP/IP YRP/contentis_base64 YRP/android_meterpreter [+]
ELF 2018-11-15 13:59:19http://45.248.86.136:8080/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2018-11-22 14:00:36http://69.197.162.106:2222/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-01-23 14:44:27http://180.76.114.169:8081/Yuming YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-04-24 21:57:09http://111.67.196.202:28888/ldd YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-03 19:16:43http://106.13.96.196/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-06 20:17:45http://112.3.28.155:8080/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-10 21:50:37http://222.186.134.122:2580/123 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-14 16:29:39http://2019.jpbk.net/x/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-14 16:29:42http://2019.jpbk.net/x/MipsLinuxTF YRP/domain YRP/IP YRP/contentis_base64 YRP/android_meterpreter [+]
ELF 2019-05-14 16:29:46http://blogbak.xxwlt.cn/xxwl/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-14 16:29:58http://2019.jpbk.net/x/ARM6LinuxTF YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-05-14 16:30:01http://2019.jpbk.net/x/ARM4LinuxTF YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
ELF 2019-05-15 16:39:54http://blogbak.xxwlt.cn/xxwl/xxlinux YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-17 15:13:45http://47.100.253.223:7001/LinuxTF26 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-18 00:58:38http://132.232.61.21:3456/szx YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-21 16:02:18http://43.242.75.228/F YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-22 11:46:58User Submission YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-23 15:59:17http://110.42.0.151:8080/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-05-26 15:18:46http://119.3.2.156/app YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-06-20 14:17:46http://94.191.94.149:8080/1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-09 14:11:39http://111.231.142.229:9921/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-09 14:12:59http://154.221.23.39:9999/Linux YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-10 14:18:12http://103.76.87.94/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-10 14:18:18http://103.76.87.94/MipsLinuxTF YRP/domain YRP/IP YRP/contentis_base64 YRP/android_meterpreter [+]
ELF 2019-07-10 14:19:00http://103.76.87.94/ARM4LinuxTF YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
ELF 2019-07-10 14:20:18http://103.76.87.94/60001arm6 YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-16 14:01:51http://103.255.177.206:10086/ARM6LinuxTF YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+]
ELF 2019-07-16 14:01:57http://103.255.177.206:10086/ARM4LinuxTF YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings [+]
ELF 2019-07-16 14:02:05http://103.255.177.206:10086/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-20 03:34:10https://blogbak.xxwlt.cn/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-07-20 03:41:35http://103.118.221.190:38888/ldd YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]
ELF 2019-08-02 14:24:13http://218.60.67.17:5678/LinuxTF YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+]