deepin.c3sl.ufpr.br · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/deepin/apricot/pool/main/b/backdoor-factory/

Brazil · Fundacao da UFPR para o DCTC

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.lc · beef-xss_0.5.4.0+git20250422.orig.tar.gz

/kali/pool/main/b/beef-xss/

· CLOUDFLARENET

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

mirror.lc · beef-xss_0.5.4.0+git20250422.orig.tar.gz

/kali/pool/main/b/beef-xss/

· CLOUDFLARENET

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

mirror.lc · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/kali/pool/main/b/backdoor-factory/

· CLOUDFLARENET

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.lc · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/kali/pool/main/b/backdoor-factory/

· CLOUDFLARENET

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

pypi.corp.tevian.ru · pocsuite3-1.3.2.zip

/packages/00/25/0ef5ca7e960f1395d827c3a6f20ab3424fb09555bd1dc986cef2afccb488/

Russia · PVimpelCom

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

repo.puri.sm · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/pureos/pool/main/b/backdoor-factory/

Germany · Hetzner Online GmbH

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.raspbian.ikoula.com · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/pool/main/b/backdoor-factory/

France · Ikoula Net SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.raspbian.ikoula.com · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/pool/main/b/backdoor-factory/

France · Ikoula Net SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

archive-4.kali.org · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/kali/pool/main/b/backdoor-factory/

France · OVH SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

archive-4.kali.org · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/kali/pool/main/b/backdoor-factory/

France · OVH SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

archive-4.kali.org · beef-xss_0.5.4.0+git20250422.orig.tar.gz

/kali/pool/main/b/beef-xss/

France · OVH SAS

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

archive-4.kali.org · beef-xss_0.5.4.0+git20250422.orig.tar.gz

/kali/pool/main/b/beef-xss/

France · OVH SAS

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"

raspbian.mirror.axinja.net · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/raspbian/pool/main/b/backdoor-factory/

France · OVH SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

raspbian.mirror.axinja.net · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/raspbian/pool/main/b/backdoor-factory/

France · OVH SAS

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.ibice.ru · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/deb.freexian.com/extended-lts/pool/main/b/backdoor-factory/

Switzerland · ASNET

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

1885124929.rsc.cdn77.org · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/deepin/apricot/pool/main/b/backdoor-factory/

United Kingdom · Datacamp Limited

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

mirror.deepines.com · backdoor-factory_3.4.2+dfsg.orig.tar.gz

/deepin/apricot/pool/main/b/backdoor-factory/

United Kingdom · Datacamp Limited

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Download archived sample

The password is "infected"

dllcodacker.ir · TheFatRat.zip

//tools/

Iran · NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

Yara Suspicious_PowerShell_WebDownload_1 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Empire_PowerShell_Framework_Gen1 From Florian Roth by Florian Roth (Nextron Systems)

Yara APT_APT29_Win_FlipFlop_LDR From Florian Roth by threatintel@volexity.com

Yara CobaltStrike_Unmodifed_Beacon From Florian Roth by yara@s3c.za.net

Yara Empire_Invoke_MetasploitPayload From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_ShellcodeMSIL From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_DllInjection From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Install_SSP From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_SecurityPackages From Florian Roth by Florian Roth (Nextron Systems)

Yara Mimikatz_Memory_Rule_1 From Florian Roth by Florian Roth

Yara Empire_Invoke_Portscan_Gen From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_SMBAutoBrute From Florian Roth by Florian Roth (Nextron Systems)

Yara Invoke_SMBExec_Invoke_WMIExec_1 From Florian Roth by Florian Roth (Nextron Systems)

Yara TA17_293A_malware_1 From Florian Roth by US-CERT Code Analysis Team (modified by Florian Roth)

Yara Empire_Invoke_SSHCommand From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_PsExec From Florian Roth by Florian Roth (Nextron Systems)

Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_GPPPassword From Florian Roth by Florian Roth (Nextron Systems)

Yara p0wnedPotato From Florian Roth by Florian Roth (Nextron Systems)

Yara NTLM_Dump_Output From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_dumpCredStore From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_PS1_PowerCat_Mar21 From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_KeePassConfig From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Get_Keystrokes From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Out_Minidump From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Exploit_JBoss From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Exploit_Jenkins From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_PostExfil From Florian Roth by Florian Roth (Nextron Systems)

Yara Empire_Invoke_EgressCheck From Florian Roth by Florian Roth (Nextron Systems)

Yara HKTL_NET_GUID_UnmanagedPowerShell From Florian Roth by Arnim Rupp (https://github.com/ruppde)

Yara SUSP_NET_NAME_ConfuserEx From Florian Roth by Arnim Rupp

Yara Disable_Defender From AbuseCH by iam-py-test

Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)

kali.itsec.am · beef-xss_0.5.4.0+git20250422.orig.tar.gz

/kali/pool/main/b/beef-xss/

Armenia · GNC-Alfa CJSC

Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team

Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)

Download archived sample

The password is "infected"