File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • www.getcedar.brightlightventures.com · api.zip

    /

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: 7423acf1dd492ed5759f40be419c49acf4917b8a
    SHA256: e7e98d028507e4c849855465b1520205b23be6ba42535c369385d5720ba5c71e
    application/zip
    21.72MB
    2017-08-10 09:19:28 +0000 UTC

  • shahadaadmin.elementlabsinc.com · web-001 (1).zip

    /

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

    SHA1: cb9f98f0e19593c3bf30032456ee83de4a38fbcf
    SHA256: 7e195d4f06597b3c6aa9ca7a95af0fc56b829aaa7085091597148b038e2c45f4
    application/zip
    2.24GB
    2024-07-23 09:33:05 +0000 UTC

  • cdn.szczurowsky.pl · testai.html

    /

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: 31ce218a9f82a247c2b6562a94e902abfc9075e7
    SHA256: 4a0d5d7c251e9aa46d0a301ef337ae9ba43c494837905922ad3b4cec083df8f3
    text/html
    50.00B
    2025-12-07 19:19:30 +0000 UTC

  • deb.parrot.sh · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /direct/parrot/pool/main/b/beef-xss/

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-06-30 13:21:30 +0000 UTC

  • mirror.parrot.sh · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /direct/parrot/pool/main/b/beef-xss/

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-06-30 13:21:30 +0000 UTC

  • speedtest.parrotsec.org · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /direct/parrot/pool/main/b/beef-xss/

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-06-30 13:21:30 +0000 UTC

  • speedtest.parrotsec.org · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /direct/parrot/pool/main/b/beef-xss/

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-06-30 13:21:30 +0000 UTC

  • mail.emarketing.pe · public_html_backup-19-08-2024.zip

    /

    ·

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

    SHA1: baf8183c4b10a856b2dd766b0fd6c16b349d9ee8
    SHA256: a4148a8a946420c2b6a7a3440143288940b0524d97b2c75ae7544ac155ab1d9d
    application/zip
    1.58GB
    2024-08-19 18:14:32 +0000 UTC

  • 109.107.140.76 · kidrek_VigilIntel.zip

    /2025-12-01_CVE/

    Japan · xTom Japan Corporation

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: 99f579c2c1f0c724be253b5b33b724c9f456c681
    SHA256: 91dbdad6d015b6fb8949f78fa6a6facd1e2bcbd0d7470c70a05afbd7c8681491
    application/zip
    5.04MB
    2025-12-01 07:40:31 +0000 UTC

  • 109.107.140.76 · arschlochnop_VulnWatchdog.zip

    /2025-12-01_CVE/

    Japan · xTom Japan Corporation

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: d24eb4e2f289b9dfbc44079890ca9bc34be1de71
    SHA256: e191ada3e21e3168e9302d1efc88f0a8477439fe257dc4ba292ea9685101aa66
    application/zip
    37.19MB
    2025-12-01 15:40:37 +0000 UTC

  • 109.107.140.76 · adminlove520_CVE-Poc_All_in_One.zip

    /2025-12-01_CVE/

    Japan · xTom Japan Corporation

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: ff7d142d1e79cca6b14ee1e931d10b2ebb6c241d
    SHA256: c168d06e8156c322e3cee21498651a4977d1bafd2216684f90658190acf2ef10
    application/zip
    12.31MB
    2025-12-01 02:20:35 +0000 UTC

  • 109.107.140.76 · Shumuy_VulnWatchdog.zip

    /2025-12-01_CVE/

    Japan · xTom Japan Corporation

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Download archived sample
    The password is "infected"

    SHA1: 6398f236bbfe89326513ca0e0fe610fdc64ae37a
    SHA256: 991580346789550ff6a7565d503f35144bfba516b02c0b3c73baf7a70216a0d9
    application/zip
    23.31MB
    2025-12-01 14:40:34 +0000 UTC

  • dl.rafelly.com · 5.3.11.zip

    /

    Indonesia · PT. Cloudata Indonesia

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

    SHA1: ba8c9a9f1be5594156c911dbf25199c02fca6d86
    SHA256: 1d828076fb676c743d37340e02bcd116f4ba0d8e217b89105d9f98d2554e2600
    application/zip
    126.02MB
    2025-08-30 16:10:20 +0000 UTC

  • dl.rafelly.com · 5.3.11.zip

    /

    Indonesia · PT. Cloudata Indonesia

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski

    SHA1: a37ffba584b6a586838960342087a28d5d38b7ab
    SHA256: a68434feb41fe51e6c35992207232de5898a58bd47ac2a5e7827d66436dafbdc
    application/zip
    126.02MB
    2025-08-30 16:10:20 +0000 UTC

  • hospitaldeolhosvilanova.com.br · wp-content.zip

    /

    Brazil · VirtuaServer Informatica Ltda

    Yara webshell_iMHaPFtp_2 From Florian Roth by Florian Roth (Nextron Systems)
    Yara webshell_itsec_itsecteam_shell_jHn From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara SUSP_Base64_Encoded_Hex_Encoded_Code From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 1f22dc7a5fd8dea27843fbf4a233bef0ee55553d
    SHA256: 0d5a03004f41b612e556f7ed3e3f7596d5b4d350944c39d19e8786c087463f81
    application/zip
    56.19MB
    2024-08-12 12:23:03 +0000 UTC

  • hospitaldeolhosvilanova.com.br · wp-content.zip

    /

    Brazil · VirtuaServer Informatica Ltda

    Yara webshell_iMHaPFtp_2 From Florian Roth by Florian Roth (Nextron Systems)
    Yara webshell_itsec_itsecteam_shell_jHn From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara SUSP_Base64_Encoded_Hex_Encoded_Code From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 1bd96e5b7469e754eeb814119ebc285e8d78e1d3
    SHA256: 77317d0520ee8834224baadc8e8dee3da042f302d7a1a24c52882fc92c831d0f
    application/zip
    56.19MB
    2024-08-12 12:23:03 +0000 UTC

  • hospitaldeolhosvilanova.com.br · wp-content.zip

    /

    Brazil · VirtuaServer Informatica Ltda

    Yara webshell_iMHaPFtp_2 From Florian Roth by Florian Roth (Nextron Systems)
    Yara webshell_itsec_itsecteam_shell_jHn From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara SUSP_Base64_Encoded_Hex_Encoded_Code From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 1f22dc7a5fd8dea27843fbf4a233bef0ee55553d
    SHA256: 0d5a03004f41b612e556f7ed3e3f7596d5b4d350944c39d19e8786c087463f81
    application/zip
    56.19MB
    2024-08-12 12:23:03 +0000 UTC

  • mirror.lc · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /kali/pool/main/b/beef-xss/

    · CLOUDFLARENET

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-04-30 13:22:28 +0000 UTC

  • mirror.lc · beef-xss_0.5.4.0+git20250422.orig.tar.gz

    /kali/pool/main/b/beef-xss/

    · CLOUDFLARENET

    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: ee987d9fa05fbbbb687a45e86e7ca5e799a9f623
    SHA256: 303f672421b08b4bfa59d926f9425343d8fd861b4eeeb6f8b4eaecb8b15f75a9
    application/octet-stream
    4.35MB
    2025-04-30 13:22:28 +0000 UTC

  • sysged.com.br · public_html.zip

    /

    Germany · Hetzner Online GmbH

    Yara webshell_iMHaPFtp_2 From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara webshell_itsec_itsecteam_shell_jHn From Florian Roth by Florian Roth (Nextron Systems)
    Yara php_alfa_team From AlienVault by Michael Taggart https://github.com/mednet-mtaggart

    SHA1: 79b1068328b78c7a8145b618828f64edef4705b9
    SHA256: 807a5be514ad605b38d9e39bf796b3b4a82e66203f031c10d5cb908f894a864a
    application/zip
    1.75GB
    2024-09-24 22:45:37 +0000 UTC