84e3ad0d62d21739d632d2106864e79e |
ELF |
2017-10-16 03:20:43 | User Submission | CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] |
b3d26632c4077e731ef2da329974519d |
ELF |
2017-10-16 03:33:40 | User Submission | CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] |
24734ef952fe363415cd4c2f7322276f |
ELF |
2017-10-16 03:37:29 | User Submission | CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] |
28e5f4f9eaad865788a038487667e181 |
ASCII |
2018-03-07 04:08:04 | http://172.104.107.30/PowerSploit/CodeExecuti... | YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+] |
0367157f4e32b07915cbaef702acded1 |
ASCII |
2018-03-07 04:14:29 | http://172.104.107.30/PowerSploit/ScriptModif... | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
b8a6d53b7c0857c759f071ebb78d9382 |
ASCII |
2018-03-07 04:15:50 | http://172.104.107.30/nishang/Backdoors/DNS_T... | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
ef4641bb140049fbd06ef8005f0139f4 |
ASCII |
2018-03-07 04:15:52 | http://172.104.107.30/nishang/Backdoors/Execu... | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
7444dfde1b5019bbe64c0789d6cb0179 |
ASCII |
2018-03-07 04:15:56 | http://172.104.107.30/nishang/Backdoors/HTTP-... | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
9f1b14e2010f06bd46c544e375a23ff5 |
UTF-8 |
2018-03-07 04:16:03 | http://172.104.107.30/nishang/Client/Out-CHM.... | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
05b8bec2cc458b773262a23b86c66689 |
ASCII |
2018-03-07 04:16:05 | http://172.104.107.30/nishang/Client/Out-Exce... | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
bfa9aad1689ecac5629b8fef02864878 |
ASCII |
2018-03-07 04:16:07 | http://172.104.107.30/nishang/Client/Out-HTA.... | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
475703077701240e459c8550b3599f36 |
ASCII |
2018-03-07 04:16:19 | http://172.104.107.30/nishang/Client/Out-Word... | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
735c6027f9cbc092618e10e6bd8629fd |
UTF-8 |
2018-03-07 04:19:54 | http://172.104.107.30/nishang/powerpreter/Pow... | CuckooSandbox/vmdetect YRP/powershell YRP/domain YRP/IP [+] |
f901c645188f9c80afa8f49174f065ce |
PE32+ |
2018-05-24 02:58:05 | User Submission | CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+] |
779f0d3e51365cb856806dbf33d4333f |
XML |
2018-06-01 21:28:18 | User Submission | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
f10fc4dd59a09f8deb6c74cc1962ebf8 |
Composite |
2018-06-23 11:31:13 | User Submission | YRP/powershell YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] |
f9f27da64943f751a68b93400e64d05b |
HTML |
2018-07-16 09:27:43 | http://down.cacheoffer.tk/d2/sp.txt | YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+] |
1cff7065348059660c3156713cd28cfe |
ASCII |
2018-07-24 12:44:08 | User Submission | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
6080e6a377a486753167b982e649cd13 |
ASCII |
2018-08-20 12:53:55 | User Submission | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
7e6fef45f6ba0eeaecc3feeb65a57cc0 |
PE32+ |
2018-09-01 02:46:51 | User Submission | YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+] |
34dc9a69f33ba93e631cd5048d9f2624 |
Microsoft |
2018-11-14 19:06:13 | User Submission | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
5074e705c0fc4ca3a998a1345e0fc5f2 |
Composite |
2019-05-21 19:35:31 | User Submission | YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell [+] |
cbb8738b3b77deba5f78761f11c4830a |
Rich |
2019-05-22 03:44:45 | User Submission | YRP/powershell YRP/domain YRP/IP YRP/url [+] |
762a724d4daa0b2da9323f53cd3e2a2d |
ASCII |
2019-06-28 19:43:42 | http://123.207.143.211/payload.txt | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
4a940dee2f725d88f7b7402c88ebdc34 |
ASCII |
2019-10-23 21:20:23 | User Submission | CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/powershell YRP/domain [+] |
d2149892c946e60abab264f5d8d236d3 |
ASCII |
2019-10-25 06:40:24 | User Submission | CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+] |
c86050690e0575e952a75840d815c0bf |
data |
2019-10-25 22:21:42 | User Submission | CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 [+] |
524ddd7c6931ad3ef4c1e34688fd33c4 |
ASCII |
2019-10-25 22:22:39 | User Submission | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
891f69afa325088443f63f7aa4e73500 |
ASCII |
2019-10-25 22:22:55 | User Submission | CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+] |
90c47788f506f94d1c30ae3284d8f21f |
ASCII |
2019-10-26 14:40:57 | User Submission | YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] |
0d85a577e831bb9eb332cebbe8660246 |
ASCII |
2019-10-26 14:41:03 | User Submission | CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+] |
6bfa9e102375e098fe886ffc026c45db |
data |
2019-11-06 22:00:55 | User Submission | CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland [+] |
26b2728e622bc5edd09ccbe44378f1f7 |
ASCII |
2019-12-03 13:16:35 | https://pastebin.com/raw/Hn0iW6jc | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
4498d9997c23b335a71653a94d27b758 |
ASCII |
2019-12-04 01:20:00 | https://pastebin.com/raw/qaTw5Kyn | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
d703853987e6219ced79e776d468135b |
ASCII |
2019-12-17 12:13:56 | https://pastebin.com/raw/V6rBPiJm | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
a78933f507e741f7aa9d025fcc005852 |
ASCII |
2019-12-25 12:11:55 | https://pastebin.com/raw/d8V3GC8H | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell |
413607c6764e90edef1acaeffde5bb6c |
ASCII |
2019-12-29 12:00:19 | https://pastebin.com/raw/p74tenEd | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
d0df14eec106fcca6bac238557026c5d |
XML |
2020-03-06 20:24:10 | User Submission | CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions YRP/with_images [+] |
fe8f17003018cf469f2b5d0bd19ba80e |
data |
2020-03-18 01:55:14 | User Submission | CuckooSandbox/shellcode CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions [+] |
24ad3d19618fb6a7b31d5f8d3fc5b2bc |
XML |
2020-03-23 19:54:00 | User Submission | CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland YRP/powershell [+] |
22cd66ab2d5b39a8c637110bc218caf9 |
ASCII |
2020-07-07 13:50:46 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+] |
4db5249cb0509fac3e49a71a734d7c08 |
ASCII |
2020-07-07 15:50:52 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell |
e74d4b639b3b8a49c6fce47b6febe27c |
XML |
2020-07-07 18:59:25 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+] |
973d61594acec0b1507bda78e71fca40 |
ASCII |
2020-07-08 01:48:01 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |
d8e7a1a9a6acee1cd11167c5f1ce0277 |
ASCII |
2020-07-11 00:18:20 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell |
0bdbf9736eed587c8b164ea0aa308a15 |
ASCII |
2020-07-11 00:40:26 | User Submission | YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+] |