File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • 143.137.191.3 · agew.com.br-stats.tar.gz

    /migrado/

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 0a6d2db95124c6d04d24210762a79f5e31f0972d
    SHA256: ee2601726d6328eb412c49966c6f118aea7fb2ca39594d045da493d888686c0c
    application/x-tar
    2.05MB
    2024-08-21 01:48:03 +0000 UTC

  • mail.host1.dns2dns.com · test.tar.gz

    /

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: b39af61006d54daa128917166c6736d10a4a997e
    SHA256: 4fe0d2a7f8dfd0c881cd695e0c06005e7dfe604a74d5ec77a14722e6d6f815ba
    application/x-gzip
    5.23MB
    2025-08-11 11:11:01 +0000 UTC

  • www.host1.dns2dns.com · test.tar.gz

    /

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: b39af61006d54daa128917166c6736d10a4a997e
    SHA256: 4fe0d2a7f8dfd0c881cd695e0c06005e7dfe604a74d5ec77a14722e6d6f815ba
    application/x-gzip
    5.23MB
    2025-08-11 11:11:01 +0000 UTC

  • autoconfig.node7526.myfcloud.com · code_20082023.zip

    /

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: b09c593e97f066a7caac058be7e79ff9f7b1f457
    SHA256: 945673c2e7eec76b991527b3d9844a036a8d071177289dce8fc54d5ee10a6644
    application/zip
    2.70GB
    2023-09-20 14:52:13 +0000 UTC

  • www.node7526.myfcloud.com · code_20082023.zip

    /

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: 3995abc1905cd10a97a3c3b3bf4cb6b3695fdc40
    SHA256: 9fbfbbc8bcd2be5fca80c458be6ec98835c88a83abbb17802c2f29b459df766a
    application/zip
    2.70GB
    2023-09-20 14:52:13 +0000 UTC

  • mail.node7526.myfcloud.com · code_20082023.zip

    /

    ·

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: d4ffb2eb7b012d02879d022bfc166dbbe049557b
    SHA256: 040b8e1350883925bc342d14ce2c4033a24367202329444b8bf0e53b4a079727
    application/zip
    2.70GB
    2023-09-20 14:52:13 +0000 UTC

  • 91.121.154.22 · ovh-access_log-20250706.gz

    /log/httpd/

    France · OVH SAS

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 088b310d17824e083bb47fe482b5abacaf84154a
    SHA256: e2cdd16f1041434b9d0a6b7c7bec6d13fe6303918429359fe6a16ea6c831e3c8
    application/x-gzip
    625.51KB
    2025-07-13 01:31:21 +0000 UTC

  • 91.121.154.22 · ovh-access_log-20250216.gz

    /log/httpd/

    France · OVH SAS

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: aa7bc03177131bbd21a2cec0489fcefa3a4677d3
    SHA256: 895e4c637dc67cbd013ddad1390e8eac8f79d84d504e80b57177714a28e0c3db
    application/x-gzip
    376.46KB
    2025-02-23 02:50:27 +0000 UTC

  • 209.59.156.48 · backup-11.7.2024_01-47-33_biolinkes.tar.gz

    /

    United States · LIQUIDWEB

    Yara EXPL_Exchange_ProxyShell_Successful_Aug21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara EXPL_JNDI_Exploit_Patterns_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara EXPL_Log4j_CVE_2021_44228_Dec21_Soft From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: b420e16645686b75d45f80f59c046ff1f1d56459
    SHA256: 950d360f966be2b796d01eedcaa054acc646c36e06bdf51fc0282ad6d8aa4fe7
    application/x-gzip
    4.65MB
    2024-11-29 21:25:05 +0000 UTC

  • 143.42.154.174 · code_20082023.zip

    /

    United States · Akamai Connected Cloud

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: 77748771afcad757a28e700ec96db083c50a8758
    SHA256: 6992122e2f82a91d3f25c078bcdfca99cdec8d7ddfd0b5a190e3e9591c2edcaf
    application/zip
    2.70GB
    2023-09-20 14:52:13 +0000 UTC

  • 85.214.49.23 · access_log.processed.9.gz

    /html/cottonrope.de/logs/

    Germany · Strato GmbH

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: f98c5b7e93b5e564ce37ab777e1685680d054e30
    SHA256: 98f2c59ff912cc62c220244d62eee867fae3b58883d9c8338cfbceff4a255f4e
    application/x-gzip
    709.55KB
    2023-03-23 00:24:37 +0000 UTC

  • 103.235.104.224 · test.tar.gz

    /

    India · NTT COMMUNICATIONS INDIA NETWORK SERVICES PRIVATE LIMITED

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: b39af61006d54daa128917166c6736d10a4a997e
    SHA256: 4fe0d2a7f8dfd0c881cd695e0c06005e7dfe604a74d5ec77a14722e6d6f815ba
    application/x-gzip
    5.23MB
    2025-08-11 11:11:01 +0000 UTC

  • 51.254.136.103 · ovh-access_log-20250706.gz

    /log/httpd/

    France · OVH SAS

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 853bb3c998d29acac95c90e0354c8054b058f6d0
    SHA256: fab2f2b4856b3f868ef8ffa4d6d6731de95a262b682d5340da6171b3e788d956
    application/x-gzip
    317.55KB
    2025-07-13 01:19:28 +0000 UTC

  • 51.254.136.103 · ovh-access_log-20250216.gz

    /log/httpd/

    France · OVH SAS

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: cfbb27975b044bbfb5905883b32c76d65f39f404
    SHA256: 4d56d83f7ed46ad671cec1d5a07b318759956515e961651823d6548cf3551f2b
    application/x-gzip
    301.77KB
    2025-02-23 02:18:45 +0000 UTC

  • amuulai.myasustor.com · previous.sql.gz

    /xibo-docker/shared/backup/db/

    Mongolia · Mobinet LLC. AS Mobinet Internet Service Provider

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 3897b1812f17265484bf5f64f343204bfdd74173
    SHA256: ffa9f9c73a864247368d646d0517f53a2f6aa8e810817c85142c251a2d0534e3
    application/x-gzip
    206.83KB
    2025-12-05 00:45:02 +0000 UTC

  • amuulai.myasustor.com · latest.sql.gz

    /xibo-docker/shared/backup/db/

    Mongolia · Mobinet LLC. AS Mobinet Internet Service Provider

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 1e9d4724d6e0e51242be9827cd5c8518aaa14dc6
    SHA256: c9834e15161307396c354edac2e1d2518754ed4ceb31efd169c930066b454764
    application/x-gzip
    211.01KB
    2025-12-06 01:00:02 +0000 UTC

  • 95.211.91.87 · well-known.zip

    /SMA/25 01 2022/

    The Netherlands · LeaseWeb Netherlands B.V.

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: efd6017a17e5f7816e9254c077762045ccd59370
    SHA256: c6bfb836f2bfa57d55b5a5321c2145d0ddcbcadb17cb29ebc988881ed14ea210
    application/zip
    1.77GB
    2022-01-31 14:48:17 +0000 UTC

  • www.espacoeventosefestas.com · agew.com.br-stats.tar.gz

    /migrado/

    Brazil · Metaweb Internet Ltda

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 0a6d2db95124c6d04d24210762a79f5e31f0972d
    SHA256: ee2601726d6328eb412c49966c6f118aea7fb2ca39594d045da493d888686c0c
    application/x-tar
    2.05MB
    2024-08-21 01:48:03 +0000 UTC

  • nordea-netbank.mails-com.net · Nordea Bank_files.zip

    /

    · CLOUDFLARENET

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 50966bbfc6875fcaabcc6ed751f21fa208f43022
    SHA256: 66ab829c918d5d2f275caf6ddc3bd60b60bcabf7ad105f7dd6f956f96f62da6f
    application/zip
    9.15MB
    2025-12-02 17:11:13 +0000 UTC

  • nordea-netbank.mails-com.net · Nordea Bank_files.zip

    /

    · CLOUDFLARENET

    Yara EXPL_Log4j_CallBackDomain_IOCs_Dec21_1 From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 50966bbfc6875fcaabcc6ed751f21fa208f43022
    SHA256: 66ab829c918d5d2f275caf6ddc3bd60b60bcabf7ad105f7dd6f956f96f62da6f
    application/zip
    9.15MB
    2025-12-02 17:11:13 +0000 UTC