MD5 Hash File type Added Source Yara Hits
84e3ad0d62d21739d632d2106864e79e ELF 2017-10-16 01:20:43 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
b3d26632c4077e731ef2da329974519d ELF 2017-10-16 01:33:40 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
24734ef952fe363415cd4c2f7322276f ELF 2017-10-16 01:37:29 CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+]
34409aba1f76045aa0255e49de16d586 PE32 2018-03-06 19:19:21http://94.130.104.170/0cfc34fa76228b1afc7ce63... YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
11b8142c08b1820420f8802f18cc2bc0 PE32 2018-03-06 19:28:33http://94.130.104.170/084a220ba90622cc223b93f... YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
6eb39bd2f4ae46101ed9782f3ff38e98 PE32 2018-03-06 19:59:14http://94.130.104.170/86bb737bd9a508be2ff9dc0... YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Installer_VISE_Custom_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+]
d076814db477d73051610386fae69fca HTML 2018-03-07 02:16:40http://94.130.104.170/WMIGhost//a3c930f64cbb4... YRP/domain YRP/url YRP/contentis_base64 YRP/WimmieStrings [+]
a5bd39bf17d389340b2d80d060860d7b PE32 2018-03-07 02:16:45http://94.130.104.170/WMIGhost//a38df3ec8b9fe... YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
bb49e068c25707c7149acff2834f89c9 PE32 2018-03-07 02:16:56http://94.130.104.170/WMIGhost//cff49c25b053f... YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+]
f901c645188f9c80afa8f49174f065ce PE32+ 2018-05-24 00:58:05 CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix [+]
3babd7a0a975ec23b37fbd26f407c7f1 PE32 2019-05-03 17:50:25 YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+]
3386b289289d70c9cc5c10f59360e50b exported 2019-06-02 17:28:05 CuckooSandbox/embedded_pe CuckooSandbox/vmdetect YRP/powershell YRP/domain [+]
14415fbf79e6e951a8240e5e3ffffeae exported 2019-09-18 21:05:26 CuckooSandbox/embedded_pe CuckooSandbox/vmdetect YRP/powershell YRP/domain [+]
e01e79ced4a70a6950d1d0267ab64642 PE32 2019-09-19 05:41:06http://workbigfinetonychuckgoodallarefinezyno... YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+]