SHA256 Hash File type Added Source Yara Hits
ASCII 2022-03-19 12:00:19http://14.55.65.217:8080/a/lr.ps1 YRP/powershell YRP/domain YRP/IP YRP/url [+]
UTF-8 2022-02-28 04:03:08User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/contentis_base64 [+]
PE32 2022-02-24 10:40:00User Submission CuckooSandbox/embedded_macho YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsConsole [+]
ASCII 2022-02-04 05:49:12http://185.201.47.157:8000/78787.bat YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2022-02-04 04:15:52http://13.236.74.237:8000/PowerSploit/ScriptM... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2022-02-04 04:07:57http://13.236.74.237:8000/PowerSploit/docs/Sc... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2022-02-04 03:58:18http://13.236.74.237:8000/PowerSploit/CodeExe... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
ASCII 2022-02-04 01:17:14http://23.95.137.162:80/invkbuild.ps1 YRP/powershell YRP/domain YRP/IP YRP/url [+]
Composite 2022-01-13 11:02:04User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number [+]
ASCII 2021-09-15 15:00:12User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-09-15 11:01:06User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-09-09 19:00:47User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
XML 2021-06-03 18:01:39User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2021-05-19 18:50:53User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2020-07-11 00:40:26User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2020-07-11 00:18:20User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2020-07-08 01:48:01User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
XML 2020-07-07 18:59:25User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
ASCII 2020-07-07 15:50:52User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2020-07-07 13:50:46User Submission YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
XML 2020-03-23 19:54:00User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland YRP/powershell [+]
data 2020-03-18 01:55:14User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions [+]
XML 2020-03-06 20:24:10User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/possible_includes_base64_packed_functions YRP/with_images [+]
ASCII 2019-12-29 12:00:19https://pastebin.com/raw/p74tenEd YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-25 12:11:55https://pastebin.com/raw/d8V3GC8H YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell
ASCII 2019-12-17 12:13:56https://pastebin.com/raw/V6rBPiJm YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-04 01:20:00https://pastebin.com/raw/qaTw5Kyn YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
ASCII 2019-12-03 13:16:35https://pastebin.com/raw/mMP6kCjL YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
data 2019-11-06 22:00:55User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/Borland [+]
ASCII 2019-10-26 14:41:03User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
ASCII 2019-10-26 14:40:57User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2019-10-25 22:22:55User Submission CuckooSandbox/embedded_win_api YRP/powershell YRP/domain YRP/url [+]
ASCII 2019-10-25 22:22:39User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
data 2019-10-25 22:21:42User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 [+]
ASCII 2019-10-25 06:40:24User Submission CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+]
ASCII 2019-10-23 21:20:23User Submission CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/powershell YRP/domain [+]
ASCII 2019-06-28 19:43:42http://123.207.143.211/payload.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/GEN_PowerShell [+]
Rich 2019-05-22 03:44:45User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
Composite 2019-05-21 19:35:31User Submission YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell [+]
Microsoft 2018-11-14 19:06:13User Submission YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
PE32+ 2018-09-01 02:46:51User Submission YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+]
ASCII 2018-08-20 12:53:55User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-07-24 12:44:08User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
HTML 2018-07-16 09:27:43http://down.cacheoffer.tk/d2/sp.txt YRP/powershell YRP/domain YRP/contentis_base64 YRP/Antivirus [+]
Composite 2018-06-23 11:31:13User Submission YRP/powershell YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+]
XML 2018-06-01 21:28:18User Submission YRP/powershell YRP/domain YRP/IP YRP/url [+]
PE32+ 2018-05-24 02:58:05User Submission CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
UTF-8 2018-03-07 04:19:54http://172.104.107.30/nishang/powerpreter/Pow... CuckooSandbox/vmdetect YRP/powershell YRP/domain YRP/IP [+]
ASCII 2018-03-07 04:16:19http://172.104.107.30/nishang/Client/Out-Word... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 04:16:07http://172.104.107.30/nishang/Client/Out-HTA.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 04:16:05http://172.104.107.30/nishang/Client/Out-Exce... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
UTF-8 2018-03-07 04:16:03http://172.104.107.30/nishang/Client/Out-CHM.... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 04:15:56http://172.104.107.30/nishang/Backdoors/HTTP-... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 04:15:52http://172.104.107.30/nishang/Backdoors/Execu... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 04:15:50http://172.104.107.30/nishang/Backdoors/DNS_T... YRP/powershell YRP/domain YRP/IP YRP/url [+]
ASCII 2018-03-07 04:14:29http://172.104.107.30/PowerSploit/ScriptModif... YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+]
ASCII 2018-03-07 04:08:04http://172.104.107.30/PowerSploit/CodeExecuti... YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+]
ELF 2017-10-16 03:37:29User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:33:40User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
ELF 2017-10-16 03:20:43User Submission CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]